Obit watch: August 8, 2017.

August 8th, 2017

For the historical record: NYT obit for Mark White.

Ernst Zündel, scummy Nazi Holocaust denier and the center of two criminal trials in Canada.

Richard Dudman passed away at the age of 99, surprisingly. I say “surprisingly” because, as a journalist for the St. Louis Post-Dispatch he led an interesting and dangerous life:

Mr. Dudman’s career in journalism lasted more than three quarters of a century. He was in Dallas when President John F. Kennedy was assassinated and, after oversleeping and missing a flight back to Washington, dropped by the police station where Lee Harvey Oswald was being held and watched as he was gunned down by Jack Ruby.

He covered other wars all over the world, including Vietman. He was responsible for the P-D publishing part of the Pentagon Papers. In 1970, he and two other journalists were taken hostage by the Vietcong and spent 40 days as prisoners before being released.

In 1978, he and two other journalists got an “interview” with Pol Pot (though the “interview” was more like Pol Pot haranguing them through translators for several hours). Then someone tried to kill the three journalists.

He had a motto: “Reporter who sits on hot story gets ass burned.”

David E. H. Jones passed away a few weeks ago. That name may ring a small bell for some of you: he was a chemist and professor, as well as a professional writer.

Dr. Jones, who died at 79 on July 19 in Newcastle upon Tyne in northeastern England, wrote hundreds of irreverent columns about Daedalus for two sacrosanct journals: New Scientist, in a column named for Ariadne, the mistress of the labyrinth, and Nature, in a column called Daedalus.

Back in the old days, I used to spend time in the university library reading New Scientist, and Dr. Jones’s column was always the first thing I flipped to.

Obit watch: August 5, 2017.

August 5th, 2017

Mark White, former Texas governor.

Headline of the day.

August 3rd, 2017

Restaurant caught serving steaks ‘unsafe for humans’

Mostly so I can use this:

DEFCON 25 update: August 3, 2017.

August 3rd, 2017

Mike the Musicologist tipped me off to this:

Marcus Hutchins, the guy who was in the news earlier this year for defusing the WCry malware, was detained in Las Vegas after DEFCON.

This is still an evolving story, but what I’ve seen from reliable sources (and CNN) is that Hutchins is under federal indictment and charged with creating another piece of malware: Kronos, described as a “banking Trojan”.

The best coverage I’ve seen of this so far is from TechDirt and ArsTechnica. I would keep an eye on those two sites for updates, as this story is still evolving.

I, for one, welcome our New World Order overlords.

August 1st, 2017

See, I knew the NWO was good for something.

“We were chanting, ‘Death to the New World Order’ about 10 years ago after watching all of your documentaries, and then about a week later, we were no longer on television and haven’t had a consistent TV gig since then,” Pratt said. “So if the New World Order is watching, you know, we still will not accept chips, but, you know, we will take a gig in the established media because we have a baby and we have some bills to pay so, you know, New World Order, we’re available.”

DEFCON 25 updates: July 31, 2017.

July 31st, 2017

Things are going to be a little busy this week, but I do plan to keep an eye out for updates. In the meantime, please enjoy this latest set:

  • TJ Horner has a nice blog post up about his experiences hacking voting machines in DEFCON 25’s “Voting Village”.
  • “The Adventures of AV and the Leaky Sandbox” (Itzik Kotler and Amit Klein) didn’t catch my attention the first time around, but the abstract sounds intriguing: “In this presentation, we describe and demonstrate a novel technique for exfiltrating data from highly secure enterprises whose endpoints have no direct Internet connection, or whose endpoints’ connection to the Internet is restricted to hosts used by their legitimately installed software. Assuming the endpoint has a cloud-enhanced antivirus product installed, we show that if the anti-virus product employs an Internet-connected sandbox in its cloud, it in fact facilitates such exfiltration.” Slides. White paper. GitHub repo.
  • GitHub repo (including slides and white paper) for the Marc Newlin/Logan Lamb/Chris Grayson presentation, “CableTap: Wirelessly Tapping Your Home Network”.
  • Here’s some stuff from “Tracking Spies in the Skies” (Jason Hernandez, Sam Richards, Jerod MacDonald-Evoy): North Star Post summary of their presentation. GitHub repo.
  • Slides from the David Robinson talk, “Using GPS Spoofing to control time”, are here. Slides contain links to code, per Mr. Robinson. I’ve only had a chance to take a quick look at this, but I’m fascinated.

Obit watch part II.

July 31st, 2017

Sam Shepard obits: NYT. A/V Club.

I really don’t have much more to say, other than that he was great in “The Right Stuff”, and ALS is a horrible disease.

Obit watch: July 31, 2017.

July 31st, 2017

Jeanne Moreau, noted French New Wave actress.

(I did not know that she was briefly married to William Friedkin.)

DEFCON 25 updates: July 29, 2017.

July 29th, 2017

Third round. I’m not proud. Or tired.

Obit watch: July 28, 2017.

July 28th, 2017

John Kelso, columnist for the Austin American-Statesman since Jesus was a corporal, passed away earlier today.

The staff of WCD extends our condolences to his family and friends.

DEFCON 25/Black Hat updates: July 28, 2017.

July 28th, 2017

Round 2:

  • The white paper for “Free-Fall: Hacking Tesla from Wireless to CAN Bus” (Ling Liu, Sen Nie, Yuefeng Du) is here. Slides here.
  • Slides for “Exploiting Network Printers” (Jens Müller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk) are here.
  • Found slides for “Breaking Electronic Door Locks Like You’re on CSI: Cyber” here. (I called this one wrong: no Bluetooth. Not a complaint, just an observation.)
  • This is one that I saw, overlooked, and now am intrigued by: “All Your SMS & Contacts Belong to ADUPS & Others“. “Our research has identified several models of Android mobile devices that contained firmware that collected sensitive personal data about their users and transmitted this sensitive data to third-party servers in China – without disclosure or the users’ consent.” Slides. White paper.
  • Slides for Vlad Gostomelsky’s “Hunting GPS Jammers”. I think this is one that really needs video, too.
  • “Intercepting iCloud Keychain” (Alex Radocea) slides.
  • And “The Future of ApplePwn – How to Save Your Money” (Timur Yunusov) slides.
  • And (hattip to Mr. Yunusov) “Jailbreaking Apple Watch” (Max Bazaliy). I haven’t compared these slides to the onea on the presentations server, just FYI.

Okay, lunch time is almost over, and I feel like I’ve done enough damage to the security community today. I’ll try to have more updates later today or tonight.

DEFCON 25/Black Hat updates: July 27, 2017.

July 27th, 2017

Round 1:

Edited to add more:

  • Karla Burnett’s “Ichthyology: Phishing as a Science” is actually relevant to my professional life. White paper.
  • Slides and the white paper for “Hacking Hardware with a $10 SD Card Reader” (Amir Etemadieh, CJ Heres, and Khoa Hoang) are here.