Risky Business #423 -- ShadowBrokers PLUS how2pwn Apple's Secure Enclave

What a time to be alive...
18 Aug 2016 » Risky Business

This week's feature interview is incredible. We're speaking with David Wang from Azimuth Security. He, his colleague Tarjei Mandt and Mat Solnik of OffCell Research delivered an absolutely blockbuster talk at Black Hat. I didn't see the talk at the time but I got a chance to review the slides and oh-my-god I can't believe this one got so little attention.

While everyone was running around talking about hackable lightbulbs, jeeps and trucks, these three guys basically dropped a how2pwn guide for Apple's Secure Enclave Processor. So, you know, you can basically take their slide deck, add a couple of little tweaks and you're unlocking an iPhone 6s and messing around with a thing you're really not supposed to be messing around with. It's really, really good reversing work and you need to hear this interview.

This week's show is brought to you by Bugcrowd, outsourced bug bounty programs. Bugcrowd founder and CEO Casey Ellis is along this week to talk about Apple's newly launched bounty program. Even though other software companies already have bounty programs, the large rewards involved in this one make it a big deal. We'll get his thoughts on that.

Adam Boileau joins us in this week's news segment to discuss the NSA's shiny toys being all over teh torrentz, as well as other assorted infosec news.

Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

What We Know About the Exploits Dumped in NSA-Linked Hack | Motherboard
http://motherboard.vice.com/read/what-we-know-about-the-exploits-dumped-...

The Equation Giveaway - Securelist
https://securelist.com/blog/incidents/75812/the-equation-giveaway/

\u200bWhy Github Removed Links to Alleged NSA Data | Motherboard
http://motherboard.vice.com/read/why-github-removed-links-to-alleged-nsa...

Former NSA Staffers: Rogue Insider Could Be Behind NSA Data Dump | Motherboard
http://motherboard.vice.com/read/former-nsa-staffers-rogue-insider-shado...

The Current Highest Bid for Alleged NSA Data is 999,998.371 Bitcoin Short | Motherboard
http://motherboard.vice.com/read/the-shadow-brokers-auction-nsa-data-bit...

Hack of NSA-Linked Group Signals a Cyber Cold War | Motherboard
http://motherboard.vice.com/read/hack-nsa-linked-equation-group-cyber-co...

Why Did Guccifer 2.0 Evolve from Sloppy Hacktivist to Professional Leaker? | Motherboard
http://motherboard.vice.com/read/guccifer-20-evolution-sloppy-hacktivist...

Patrick Gray on Twitter: "Well this basically confirms it's Russia, right? Trolololol-lolol-lolol-lalalalaaaaa!!! https://t.co/YZ4etnZgO3"
https://twitter.com/riskybusiness/status/765347661587238916

Snowden speculates leak of NSA spying tools is tied to Russian DNC hack | Ars Technica
http://arstechnica.com/tech-policy/2016/08/snowden-speculates-leak-of-ns...

Shadow Brokers NSA exploits: doubts about Edward Snowden's tweets | The Cold War Daily
https://coldwardaily.com/2016/08/17/shadow-brokers-nsa-exploits-doubts-a...

Guccifer 2.0 doxes hundreds of House Democrats with massive document dump | Ars Technica
http://arstechnica.com/tech-policy/2016/08/guccifer-2-0-doxes-hundreds-o...

Democratic, GOP leaders got a secret briefing on DNC hack last year | Ars Technica
http://arstechnica.com/tech-policy/2016/08/democrat-gop-leaders-got-a-se...

Court Rules to Extradite Suspected Silk Road Admin From Ireland to the US | Motherboard
http://motherboard.vice.com/read/court-rules-to-extradite-suspected-silk...

\u200bAustralian Authorities Hacked Computers in the US | Motherboard
http://motherboard.vice.com/read/australian-authorities-hacked-computers...

How Researchers Exposed Iranian Cyberattacks Against Hundreds of Activists | Motherboard
http://motherboard.vice.com/read/iran-cyberattacks-against-activists

Wave of Spoofed Encryption Keys Shows Weakness in PGP Implementation | Motherboard
http://motherboard.vice.com/read/wave-of-spoofed-encryption-keys-shows-w...

Linux bug leaves 1.4 billion Android users vulnerable to hijacking attacks | Ars Technica
http://arstechnica.com/security/2016/08/linux-bug-leaves-1-4-billion-and...

Almost every Volkswagen sold since 1995 can be unlocked with an Arduino | Ars Technica
http://arstechnica.com/cars/2016/08/hackers-use-arduino-to-unlock-100-mi...

Security Fuckup Megathread - v12.1.4 - i need tp-link for my security hole - The Something Awful Forums
https://forums.somethingawful.com/showthread.php?threadid=3771497&pagenu...

Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open | Ars Technica
http://arstechnica.com/security/2016/08/microsoft-secure-boot-firmware-s...

Adobe Patches Experience Manager; No Flash Update | Threatpost | The first stop for security news
https://threatpost.com/a-month-without-adobe-flash-player-patches/119770/

Cisco confirms NSA-linked zeroday targeted its firewalls for years | Ars Technica
http://arstechnica.com/security/2016/08/cisco-confirms-nsa-linked-zeroda...

Cisco Patches ASA Zero Day Exposed by ShadowBrokers | Threatpost | The first stop for security news
https://threatpost.com/cisco-patches-asa-zero-day-exposed-by-shadowbroke...

us-16-Mandt-Demystifying-The-Secure-Enclave-Processor.pdf
https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-Demystifying-T...

SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: