Summary of 2600 Summer 2014 (31:2)
Written by Angelo Castigliola   
Jul 09, 2014 at 12:49 PM

Despite having heartbleed branding logo all over the cover, in typical 2600 fashion, heartbleed is not mention once, even in the letters.

2600 Summer 2014 The following is a summary of the 2600 Summer 2014 volume 31, number 2:
  • Snowden love..
  • cDc liked heavy metal
  • Tprophet fires some poor guy and raises a Bell CO style “carrier hotel” temperature to 130 degrees because of AZ (true story)
  • Half of an exploit for connecting to Minuteman III nuclear missile silos by broadcasting DTMF tones over UHF frequencies
  • Compression before encryption
  • A 14 line python script to view a web page safely, if lynx is too easy for you
  • The deepest psycho analysis of the movie diehard you will ever read
  • Raspberry pi home lighting
  • Summary of Mandiant APT report
  • 16 year old I'm a hacker now story
  • Homeless computer repair guy stories
  • Apple gets unasked for security audit lulz
  • SanDisk Connect Wireless root password (sqn1351)
  • A way too long story about a standard toilet
  • Ransomware 101 security tips
  • Si-Fi authors who write about Hackinh/Future
  • Standard White hat/Black hat ranting
  • Some fictional story about botnets and raids of virtual worlds wearing  VR helmets

Authors: Emmanuel Goldstein, Bob Hardy, Dabu Ch’wald, D.B. LeCone-Spink, Brett Stevens, The Prophet, Bab Bobby’s Basement Bandits, Spacedawg, Sh0kwave, Gregory Porter, Michael Post, Jim L, Tyler Frisbee, eyenot, lg0p89( two articles), ook, Toilet Fixer 555C, Jason Sherman, the Piano Guy, Andy Kaiser.

Letters submitted by: Yuval Nativ, RP, Daniel, Kevin, A curious person, The Professor, Estragon, Wolf Bronski, Bill Miller, Sol, J Thompson, Dave, Robert, Jerry listening on WBAI, Tyler Frisbee, //j, Oliver, Chris, Brad, Richard Cheshire Phreak & Hacker, Scott, David, zenlunatic, Stacy, Mike, Will(NameBrand), Budo, Seymour, Name Deleted, Jared, John, Shocked998, Hunter, Darwin, 3, Variable Rush, Chris, Sh0kwave, David, Screamer Chaotix, Pic0o, ghostguard, Margaret, nico, Julia Wunder Cybertron Software, Nick Grey, Charlotte & Jess

Write Comment (0 comments)
Last Updated ( Jul 10, 2014 at 01:51 PM )

Open Source NSA Spy Gadgets
Written by Angelo Castigliola   
Jun 10, 2014 at 10:02 AM

Michael Ossmann, the researcher behind the radio testing tool HackRF, and the Bluetooth testing tool Ubertooth, is now working on research to recreate the NSA spying devices, from the ANT Catalog, as open source projects.  Michael presented his research at the Hack In The Box security conference in the Netherlands.

Write Comment (0 comments)

Vulnerability Finders Taxonomy
Written by Angelo Castigliola   
Jun 09, 2014 at 04:53 AM

Infosec researcher Bruce Schneier recently wrote the essay “The Human Side of Heartbleed,”  which outlines the process of responsible vulnerability disclosure, that took place for Heartbleed.   This is nothing new.  The process of responsible vulnerability disclosure, was formalized by researchers and self-policed by members of InfoSec new groups that would discuss these vulnerabilities in great detail.  There is actually a draft standard of the “Responsible Vulnerability Disclosure Process” submitted to the Internet Engineering Task Force (IETF) by Chris Wysopal, former l0pht researcher and co-founder of the information security company Veracode and Steve Christey, Principal at Mitre (the company who currently maintains the CVE/CWE compatibility program.)  The interesting part of Bruce Scherer’s essay is the taxonomy of people that find vulnerabilities:

What happens when a vulnerability is found depends on who finds it. If the vendor finds it, it quietly fixes it. If a researcher finds it, he or she alerts the vendor and then reports it to the public. If a national intelligence agency finds the vulnerability, it either quietly uses it to spy on others or -- if we're lucky -- alerts the vendor. If criminals and hackers find it, they use it until a security company notices and alerts the vendor, and then it gets fixed -- usually within a month.

Write Comment (0 comments)
Last Updated ( Jun 09, 2014 at 01:03 PM )

Netflix Pays for Direct Access to Comcast’s Broadband Network
Written by Angelo Castigliola   
Feb 22, 2014 at 08:00 PM

The Wall Street Journal is reporting that Netflix has entered into a paid agreement with Comcast, to increase the bandwidth to customers.  This is in direct response to the recent U.S. Court of Appeals ruling against the FCC to Enforce Net Neutrality.  No one is sure how the FCC will respond to this ruling, and now this recent deal between Netflix and Comcast.  The deal between Netflix and Comcast has been in negotiations for the past year.  Verizon is also accused of slowing traffic, and probably wants a deal for increased bandwidth to their customers also.

Write Comment (0 comments)

Noam Chomsky Calls Cryptocurrency a Fad
Written by Angelo Castigliola   
Feb 24, 2014 at 03:00 PM

Speaking at the Third Boston Symposium on Economics on February 10th 2014, sponsored by the Northeastern University Economics Society in Boston, MA, Noam Chomsky was asked what his thoughts were on cryptocurrency.  Noam Chomsky’s response “I know nothing about it.  I suspect that it is a fad that will leads to some crisis and collapse.”

Write Comment (0 comments)
Last Updated ( Jul 10, 2014 at 12:58 PM )

<< Start < Previous 1 2 3 4 5 6 7 8 9 10 Next > End >>

Angelo Castigliola     View Photos of Angelo (8)
    Send Angelo a Message
Sec and Sec-Tech Newsletter

Upcoming Events