Risky Business Podcast
July 15, 2016
Risky Business #418 -- The rise of the crypto-Taliban
Presented by
CEO and Publisher
Technology Editor
On this week's show we're chatting with The Grugq about secure messaging. Facebook has announced it's rolling out an end-to-end encryption feature and the reaction to this wonderful announcement has been somewhat bizarre. We'll be talking to Grugq about why crypto absolutists are hating on companies that are rolling out non-default e2e features. We'll also talk about a couple of interesting case studies in which e2e encryption did absolutely nothing for the people using it.
This week's show is brought to you by Sensepost, an absolutely fantastic security firm that operates in England and South Africa. Sensepost has been an academy for security luminaries over the years. Haroon Meer of Thinkst was an early stage employee, Maltego creator Roelof Temmingh was a co-founder.
So, they're smart. And one of the things SensePost does is security training at BlackHat in Las Vegas. They've been doing this for 15 years and Sensepost's Daniel Cuthbert will be joining us in this week's sponsor interview to talk about what courses they're offering and who winds up actually taking them. The really interesting part is it's not always security professionals in those courses.
Adam Boileau, as usual, joins us to discuss the week's security news headlines.
Oh, and do add Patrick and Adam on Twitter if that's your thing.
Show notes
iOS version of Pok\xe9mon Go is a possible privacy trainwreck [Updated] | Ars Technica
http://arstechnica.com/gaming/2016/07/pokemon-go-on-ios-gets-full-access...
Malicious Pok\xe9mon Go Features Backdoor, RAT | Threatpost | The first stop for security news
https://threatpost.com/malicious-pokemon-go-app-installs-backdoor-on-and...
Chrysler Launches Detroit's First 'Bug Bounty' for Hackers | WIRED
https://www.wired.com/2016/07/chrysler-launches-detroits-first-bug-bount...
Paint it black: Revisiting the Blackphone and its cloudy future | Ars Technica
http://arstechnica.com/information-technology/2016/07/paint-it-black-rev...
Tor Project, a Digital Privacy Group, Reboots With New Board - The New York Times
http://www.nytimes.com/2016/07/14/technology/tor-project-a-digital-priva...
MIT Anonymity Network Riffle Promises Efficiency, Security | Threatpost | The first stop for security news
https://threatpost.com/mit-anonymity-network-riffle-promises-efficiency-...
Putin signs new anti-terror law in Russia. Edward Snowden is upset. - The Washington Post
https://www.washingtonpost.com/world/europe/putin-signs-law-to-bolster-r...
VPN Company Claims Russian Government Seized Its Servers | Motherboard
http://motherboard.vice.com/read/vpn-company-private-internet-access-cla...
Google Tests New Crypto in Chrome to Fend Off Quantum Attacks | WIRED
https://www.wired.com/2016/07/google-tests-new-crypto-chrome-fend-off-qu...
Now it's easy to see if leaked passwords work on other sites | Ars Technica
http://arstechnica.com/security/2016/07/password-reuse-tool-makes-it-eas...
Florida U boffins think they've defeated all ransomware \u2022 The Register
http://www.theregister.co.uk/2016/07/12/ransomware_defeated/
Nation-backed malware that infected energy firm is 1 of 2016's sneakiest | Ars Technica
http://arstechnica.com/security/2016/07/nation-backed-malware-that-infec...
Criminal Forums Ban Hacker Linked to Myspace, LinkedIn Breaches | Motherboard
http://motherboard.vice.com/read/criminal-forums-ban-hacker-linked-to-my...
Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks st...
https://www.finextra.com/newsarticle/29161/taiwan-banks-suspend-wincor-n...
Hacker Finds Bug to Edit or Delete Any Medium Post | Motherboard
http://motherboard.vice.com/read/hacker-finds-bug-to-edit-or-delete-any-...
20-year-old Windows bug lets printers install malware-patch now | Ars Technica
http://arstechnica.com/security/2016/07/20-year-old-windows-bug-lets-pri...
D-Link Wi-Fi Camera Flaw Extends to 120 Products | Threatpost | The first stop for security news
https://threatpost.com/d-link-wi-fi-camera-flaw-extends-to-120-products/...
TP-Link forgets to register domain name, leaves config pages open to hijack | Ars Technica
http://arstechnica.com/security/2016/07/tp-link-forgets-to-register-doma...
July 2016 Adobe Flash Player Patches | Threatpost | The first stop for security news
https://threatpost.com/adobe-patches-52-vulnerabilities-in-flash-player/...
Facebook Messenger End-to-End Encryption Not On By Default | Threatpost | The first stop for security news
https://threatpost.com/facebook-messenger-end-to-end-encryption-not-on-b...
'Secret Conversations:' End-to-End Encryption Comes to Facebook Messenger | WIRED
https://www.wired.com/2016/07/secret-conversations-end-end-encryption-fa...
Kylie Auldist - Sensational - YouTube
https://www.youtube.com/watch?v=MqDDceJleh0
SensePost | Sensepost at blackhat & defcon 2016
https://www.sensepost.com/blog/2016/sensepost-at-blackhat-defcon-2016/