Risky Business Podcast
August 01, 2014
Risky Business #332 -- Evading IDS with Multipath TCP
Presented by
CEO and Publisher
Technology Editor
In this week's feature interview we're chat with Catherine Pearce of Neohapsis about some research she'll be presenting at BlackHat next week with her colleague Patrick Thomas. They're doing a talk all about Multipath TCP, and yes, it's exactly what it sounds like and yes, it's great for doing stuff like IDS evasion and confusing firewalls.
In this week's sponsor interview we speak with Senetas CTO Julian Fay about the so-called BADA55 paper. Senetas is about to ship elliptic curve algos with its gear -- is it reconsidering now we know that elliptic curves can be subverted? No way! Tune in to find out why.
Show notes
WikiLeaks publishes court suppression order over what Julian Assange calls 'unprecedented' case of censorship | News.com.au
http://www.news.com.au/technology/online/wikileaks-publishes-court-suppr...
Tor security advisory: "relay early" traffic confirmation attack | The Tor Blog
https://blog.torproject.org/blog/tor-security-advisory-relay-early-traff...
Tor hidden services attacks deanonymize users | Threatpost | The first stop for security news
http://threatpost.com/tor-sniffs-out-attacks-trying-to-deanonymize-hidde...
Russia publicly joins war on Tor privacy with $111,000 bounty | Ars Technica
http://arstechnica.com/security/2014/07/russia-publicly-joins-war-on-tor...
Why the Security of USB Is Fundamentally Broken | Threat Level | WIRED
http://www.wired.com/2014/07/usb-security/
Dark Reading Radio: Data Loss Prevention (DLP) Fail
http://www.darkreading.com/perimeter/dark-reading-radio-data-loss-prevention-(dlp)-fail/a/d-id/1297650?
Your iPhone Can Finally Make Free, Encrypted Calls | Threat Level | WIRED
http://www.wired.com/2014/07/free-encrypted-calling-finally-comes-to-the...
arxiv.org/pdf/1407.4923v1.pdf
http://arxiv.org/pdf/1407.4923v1.pdf
Instasheep: Coder builds tool to hijack Instagram accounts over Wi-Fi | Ars Technica
http://arstechnica.com/security/2014/07/instasheep-coder-builds-tool-to-...
seL4 Secure Microkernel Made Open Source | Threatpost | The first stop for security news
http://threatpost.com/secure-microkernel-sel4-code-goes-open-source/107506
Hackers Plundered Israeli Defense Firms that Built 'Iron Dome' Missile Defense System - Krebs on Security
http://krebsonsecurity.com/2014/07/hackers-plundered-israeli-defense-fir...
CIA admits to spying on Senate committee - CNET
http://www.cnet.com/au/news/cia-admits-to-spying-on-senate-computers/
China rebuffs Canada for 'irresponsible' hacking claims - CNET
http://www.cnet.com/au/news/china-rebuffs-canada-for-irresponsible-hacki...
Service Drains Competitors' Online Ad Budget - Krebs on Security
http://krebsonsecurity.com/2014/07/service-drains-competitors-online-ad-...
The App I Used to Break Into My Neighbor's Home | Threat Level | WIRED
http://www.wired.com/2014/07/keyme-let-me-break-in/
Microsoft Releases EMET 5.0 Exploit Mitigation Tool | Threatpost | The first stop for security news
http://threatpost.com/microsoft-releases-new-version-of-emet-exploit-mit...
Crouching Yeti APT Campaign Stretches Back Four Years | Threatpost | The first stop for security news
http://threatpost.com/crouching-yeti-apt-campaign-stretches-back-four-ye...
New Backoff PoS Malware Identified in Several Attacks | Threatpost | The first stop for security news
http://threatpost.com/new-backoff-pos-malware-identified-in-several-atta...
Neohapsis Labs | Multipath TCP - BlackHat Briefings Teaser
http://labs.neohapsis.com/2014/07/29/multipath-tcp-blackhat-briefings-te...
We Never Change | Every Day Carry
http://everydaycarry.bandcamp.com/track/we-never-change