Risky Business #449 -- Machine Learning: Woot or woo?

PLUS: Dan Guido talks mcsema and control flow integrity...
29 Mar 2017 » Risky Business

On this week’s show I’ll be playing part two of my interview with In-Q-Tel’s chief security officer Dan Geer. That’s all about machine learning in infosec. Is it actually going to turn into something? Or is it just another infosec thought bubble?

This week’s sponsor interview is with Dan Guido of Trail of Bits.

Trail of Bits is a New York-based security engineering and testing company that does very interesting work. They don’t just break apps, they actually work on securing them. With that in mind, Dan’s team has been looking at implementing control flow integrity protections to various software projects. So we speak to him about the llvm versus Microsoft control flow guard approach, which is achievable. We also speak to him about mcsema, a tool they developed for reversing binaries into an intermediate language.

Adam Boileau, as always, joins us to talk about the week’s security news.

Links to items discussed in this week’s show have moved – they’re now included in this post, below.

Oh, and do add Patrick, or Adam on Twitter if that’s your thing.

Show notes

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs [updated] | Ars Technica
Here’s the Data Republicans Just Allowed ISPs to Sell Without Your Consent - Motherboard
Did China Just Help North Korea Steal $81M From The Fed?
New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs | Ars Technica
WikiLeaks Dark Matter Release Shows CIA Interdiction of iPhone Supply Chain | Threatpost | The first stop for security news
Think Tank: Cyber Firm at Center of Russian Hacking Charges Misread Data
Cyber Firm Rewrites Part of Disputed Russian Hacking Report
Michael Koziarski on Twitter: "FedEx’s web tech is so old they’re offering you $5 to enable flash… https://t.co/HRAj1Qgrjq cc @riskybusiness"
eBay Asks Users to Downgrade Security — Krebs on Security
Doxed by Microsoft’s Docs.com: Users unwittingly shared sensitive docs publicly | Ars Technica
Android Security Is Better But Still Has a Long Way to Go | WIRED
Shielding MAC addresses from stalkers is hard and Android fails miserably at it | Ars Technica
Ransomware scammers exploited Safari bug to extort porn-viewing iOS users | Ars Technica
Potent LastPass exploit underscores the dark side of password managers | Ars Technica
APT29 Used Domain Fronting, Tor to Execute Backdoor | Threatpost | The first stop for security news
Experts Doubt Hacker’s Claim Of Millions Of Breached Apple Credentials | Threatpost | The first stop for security news
Whoops: The DOJ May Have Confirmed Some of the Wikileaks CIA Dump - Motherboard
Apple Just Banned the App That Tracks US Drone Strikes, Again - Motherboard
A Hackable Dishwasher Is Connecting Hospitals to the Internet of Shit - Motherboard
McSema: I’m liftin’ it | Trail of Bits Blog
The Challenges of Deploying Security Mitigations | Trail of Bits Blog