Risky Business #399 -- Apple vs the Government of the United States

Oops. This is going to get... tricky...
18 Feb 2016 » Risky Business

On this week's show we chat with Dan Guido from Trail of Bits about the stoush between Apple and the US department of justice.

In this week's sponsor interview we speak with Cris Thomas, a.k.a. Space Rogue. Cris works for Tenable Network Security, this week's sponsor, and he joins us in this week's podcast to talk about NIST's cyber security framework.

Adam Boileau joins the show to discuss the week's security news.

Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

Customer Letter - Apple
http://www.apple.com/customer-letter/

SB-Shooter-Order-Compelling-Apple-Asst-iPhone
https://www.documentcloud.org/documents/2714001-SB-Shooter-Order-Compell...

New report contends mandatory crypto backdoors would be futile | Ars Technica
http://arstechnica.com/tech-policy/2016/02/new-report-contends-mandatory...

Apple can comply with the FBI court order - Trail of Bits Blog
http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-cou...

Magnitude of glibc Vulnerability Coming to Light | Threatpost | The first stop for security news
https://threatpost.com/magnitude-of-glibc-vulnerability-coming-to-light/...

glibc Linux remote code execution vulnerability | Threatpost | The first stop for security news
https://threatpost.com/critical-glibc-vulnerability-puts-all-linux-machi...

Extremely severe bug leaves dizzying number of software and devices vulnerable | Ars Technica
http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizz...

#6886 (uClibc segfault in getaddrinfo() when receiving long IPv6 DNS responses (probably stack corruption)) - OpenWrt
https://dev.openwrt.org/ticket/6886

U.S. Had Cyberattack Plan if Iran Nuclear Dispute Led to Conflict - The New York Times
http://www.nytimes.com/2016/02/17/world/middleeast/us-had-cyberattack-pl...

Password cracking attacks on Bitcoin wallets net $103,000 | Ars Technica
http://arstechnica.com/security/2016/02/password-cracking-attacks-on-bit...

Warning: Bug in Adobe Creative Cloud deletes Mac user data without warning | Ars Technica
http://arstechnica.com/apple/2016/02/warning-bug-in-adobe-creative-cloud...

Opsec fail: Baltimore teen car thieves paired phones with Jeep UConnect | Ars Technica
http://arstechnica.com/security/2016/02/opsec-fail-baltimore-teen-car-th...

Patients diverted to other hospitals after ransomware locks down key software | Ars Technica
http://arstechnica.com/security/2016/02/la-hospital-latest-victim-of-tar...

LA hospital coughs up $17,000 to free PCs held to ransom by hackers \u2022 The Register
http://www.theregister.co.uk/2016/02/18/la_hospital_bitcoins/?mt=1455761...

Honeypots Help Illustrate Scores of Vulnerabilities in Medical Devices | Threatpost | The first stop for security news
https://threatpost.com/honeypots-illustrate-scores-of-vulnerabilities-in...

'Ricochet', the Messenger That Beats Metadata, Passes Security Audit | Motherboard
http://motherboard.vice.com/read/ricochet-encrypted-messenger-tackles-me...

ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs
http://eprint.iacr.org/2016/129.pdf

Apple can comply with the FBI court order - Trail of Bits Blog
http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-cou...