Unsupervised Learning

[ NOTE: There are spoilers below, not just for this episode but for the show in general. ] Enough people have asked me to start doing reviews of Mr. Robot episodes that I’m going to have a go at it. The deciding factor was the fact that I had such a strong desire to write during the third episode. I’m going to start here with thoughts on the show in general, not just on episode 3. Mr. Robot in general The character The main protagonist is an interesting character. He is what the writer evidently wants to capture, or actually believes to be, the template for a true hacker, which is highly damaged. I am quite struck with the focus that is placed on how truly messed up he is. He has major drama with the way his father was killed. He largely hates society. He has deep personal depression. And he’s a user of narcotics. I’m left thinking along the lines of a Hemingway type of artist, where the best creativity (in this case hacking) comes from those wo are the most tortured internally. Painters, musicians, etc. We’re familiar with the template. This redeeming qualities, which the writers take equal efforts to highlight, are the desire to protect people, his love for the blonde girl, and a general but understated willingness to fight back against the soul-crushing force of our modern, consumerist society. I really enjoy how he is only actually going to see his psychiatrist because he’s trying to help her, and if she’s actually going to help him it’ll kind of be on accident. He deeply analyzes people and sees if they’re good, or weak, or in need of help, and then if they are he kind of hates them less because of this. And he is willing to use his superpowers to help them as a result, like when he pushed that guy out of his psychiatrist’s life. The tech Before going into the various problems, it must be said that the information security writing has been exemplary. I’d say definitely the best we’ve seen in either movies or “television” (whatever that is). That said, there are a number of missing links in the armor. On one of the first episodes, possibly the first, I noticed an IP address with a final octet in the 300’s. That’s just an editing miss, but it did take me out of the fantasy. In Episode 2, which I generally didn’t like, I was quite bothered by the destruction scene. Here’s what I think happened there. They wanted to do a destruction scene, they had it all rigged up, and they wrote the story so that he’d do a quick hack and then get spooked enough to do it. Then they show the infosec writer(s) the story component and they’re like, Um, no. There’s no way anyone of this skill level would be hacking from his actual IP address. And they’re like, Well, we need to do this scene. Most people will miss that, and the scene will be cool enough to make up for it. So the writer stomps out of the room mumbling about how they shouldn’t have hired him for authenticity if they were going to make such obvious mistakes, and they go with it. Who knows if that really happened, but that’s how I imagine it. Comments on modern society I also find the comments on modern society to be quite interesting. I think it’s a big part of the whole hacker feel. Hackers have always had this component to their mystique. Being counter-culture. Being underground. Fighting against the man. So the idea that everything is a conspiracy with the rich exploiting the poor, the strong exploiting the weak, and everything being about selling advertising and the dominance o...Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Topics for this episode: Announcements * [ ] New desk, new mic setup News * [ ] SSL vuln spoofing issue, requires mitm * [ ] Sleepy puppy XSS Payload Management Framework * [ ] Troy Hunt on tech presentations * [ ] Stock market attacked and taken down. Anonymous warned about it beforehand * [ ] OPM goes to 21.5 million cards; director steps down * [ ] People need to get fired for this stuff; it’s the only way anyone will care enough to do anything * [ ] National Guard announces data breach Commentary * [ ] Mr. Robot * [ ] Splunk buys Caspida * [ ] Securing web session ids, by Eran Hammer Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Topics for this episode: * [ ] Hacking Team Hacked, show which oppressive governments bought their software * [ ] No exploits for non-jailbroken iPhone * [ ] The FBI spent 775K on Hacking Team software * [ ] Citi creating a digital currency, called Citicoin * [ ] Clinton attacking China on hacking, “Said they’re trying to hack into everything that doesn’t move.” * [ ] Eric Holder suggests that Snowden had a positive impact, and that an agreement could be reached * [ ] Critical bug in node.js patched that could lead to DoS * [ ] MasterCard looking to do facial scanning to authenticate purchases * [ ] FBI is offering 4.3 million for help finding top hackers * [ ] A petition for Ellen Pao to leave Reddit has topped 150K signatures Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Topics for this episode: * iOS flaw * The Chinese hacking campaign against the US * Breach at Recorded future * Hacking cars through key fobs * NSA/GCHQ hacking of people through security software * Snowden’s documents in the hands of the Chinese and Russians * Samsung re-enabling Windows Update * Mr. Robot * Blackhat/DEFCON Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Play Podcast START CONTENT * Singtel buys Trustwave * Snowden does interview with John Oliver * CheckPoint buys Lacoon * Everyone’s trying to do everything, which gives the big people a major advantage * China melted GitHub * MiTM’d Baidu traffic and modified its analytics JavaScript to make constant requests to GitHub * They did it because GitHub was hosting two mirror repos for content that is banned in China * Also highlights the need for encryption, so that the JS couldn’t have been injected * Obama just came out and said that if you attack us, we’ll sanction you * How does that work exactly, when China makes everything we use? * Then we just found out Russia hacked us through the State Department issue * A major vulnerability was revealed in Inngate routers used in the US and Europe. * It allows attackers to browse and write to the root file system of the devices, changing configuration, distributing malware, etc. * Mostly used in US and European hotels * Attackers are compromising IRS accounts in large numbers. Claim yours to avoid it happening to you * Featuring Brooks Garrett * He’s a friend and co-worker going back 8 years * He’s the smartest IT guy I’ve ever known: sick programmer, Linux ninja, database, networking, everything. Full stack, real deal. * He’s a volunteer firefighter * He blogs at http://brooksgarrett.com: latest posts are Remote Streaming with Pi and MPD, Nagios SMS alerts with Amazon SNS, Cleaning Passwords from Logs, Fixing OhMyZSH prompts in PuTTY * His Twitter is @brooksgarrett * If you’re not following his stuff, you should be END CONTENT Notes * Intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Play Podcast START CONTENT * Twitch, a game streaming service owned by Amazon, was hacked last week * Passwords, emails, usernames, addresses, phone numbers, dates of birth * Amazon bought them last year for almost 1 billion dollars * Bar Mitzvah attack on TLS * Requires that you can sniff traffic * Basically an RC4 problem * Solution is to remove it from your supported algorithms * GitHub Has been hit by a massive DDoS attack * Apparently from China * CSRF vulnerability found in a wind turbine * Allowed you to pull usernames and passwords * Also allowed the password to be changed for the default user, which had admin access * CSRF vulnerability exposes Hilton customer accounts * There was an account rotation issue where you could gain access to their account as long as you could guess their 9-digit username * Snowden says IT workers now the targets of spies * They’re not going after their information, but to use them for access to networks * Premera hacked on same day as Blue Cross (January 29th) * Same story: encryption, know your network, etc. * Also same story: health data is harder to clean up from because it involves PII that cannot easily be changed * More speculation around these attacks is that they’re data gathering for larger attacks on government networks * Apple Acquires FoundationDB * Fast NoSQL database probably to be used for its increasing entry into the services market * Researchers use heat to breach air-gapped systems * Everyone knows that an airgap is the best defense * Ben-Gurion University came out with BitWhisper * Now bidirectional using malware on both systems that controlled heat creation and detection * Only 8-bits per hour * BioCatch, Zumigo, Alibaba release tools to identify users * I used to work with a technology called BioPass * Uses what you do with your mouse, scrolling, how you smile via selfie, compares habits, your current location, etc. Similar to existing fraud detection just with more data points * Really cool tech, needs to be used with the right authentication level * Korea investing 5B in IoT and Smart Cars * Bring Your Own IoT * Recording audio and video are getting increasingly easy * Sensitive meetings might become dead zones soon, and perhaps even sensitive work areas * Some people will say that we already have this risk, but they key is the ease with which it can be done END CONTENT Play Podcast Notes * I skipped a week due to travel in Asia. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Play Podcast START CONTENT * There was another SQL Injection bug found in SEO by Yoast * It required admins to click a malicious link * Was patched quickly * It’s the plugins that make WordPress vulnerable * Attackers are targeting gamers for ransomware * Virlock is one version of ransomware that not only locks the screen, but infects files * It’s also polymorphic, so it changes itself every time it runs * TeslaCrypt goes after gamers, which seems super smart because they are often addicted * The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition * I get asked a lot about what to do about this kind of stuff * Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them * Assume the worst, even though it’s probably not that bad * US industrial systems attacked 245 times between October 2013 and September 2014 * Most attacks were against Critical Manufacturing and Energy * Biggest vectors were spear phishing and port scanning * CloudFlare aims to defeat DDoS with Virtual DNS * They want to proxy DNS before it hits customer name server * The CIA supposedly tried to hack Apple hardware * The article has come under extreme scrutiny * Going to be on the Security Weekly podcast with Pau * Hillary Clinton’s email account dram * OpenSSL is getting an audit * Bout time * Wikimedia is suing the NSA over surveillance * Spoofing the boss is the best way to phish someone, evidently * Had a great time at CactusCon in Phoenix * Did a talk with Jason and saw Dave’s keynote * Dave’s keynote was about struggling with the basics, not APT * He asked when a major breach was NOT a dumb mistake * Someone’s looking to make a Snowden Phone * Looks like I’ll be on the Security Weekly podcast with Paul * Going to talk about IoT security and my our OWASP project END CONTENT Play Podcast Notes * Comments welcome on content and format, as usual. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

START CONTENT * Sorry about the audio last week; wireless headsets don’t compare to the Yeti * The CIA is focusing on cyberespionage in its new management * Anthem is refusing an audit by the OIG office–an org that audits health care groups that provide services to federal employees * Nothing says I’m guilty like refusing an audit * Reminds me of the Russians refusing the crash investigation in Game of Cards * There’s been a possible credit card breach at the Mandarin Oriental hotel chain * The incident was reported by Brian Krebs * Three people were indicted in the Epsilon hack * Resulted in around 1 billion email addresses being stolen * Dave Aitel thinks junk hacking is a waste * Basically hacking your blender or whatever * In my opinion he’s missing the point that most conferences are like this * I think there’s a hierarchy of talks * Create new defense tool based on new defense idea * Create new defense idea * Create new attack tool based on new attack idea * Create new attack idea * Create new tool for existing attack or defense idea * Describe existing attack or defense idea * Microsoft has reported it’s vulnerable to FREAK as well, making it even more serious * FREAK has proved to be less alarming than previous SSL vulns simply because of the difficulty of attack END CONTENT Play Podcast Notes * I think I’m going to standardize the intro and outro so that I only end up recording the actual story content each week. * Any recommendations on what else you’d like to see would be appreciated. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.