Risky Business Podcast

August 16, 2017

Risky Business #465 -- Charlie Miller on autonomous car security

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show we chat with Charlie Miller all about the security of autonomous vehicles. As you’ll hear, he says autonomous vehicle security all comes down to some security fundamentals that are, in fact, being taken seriously by carmakers.

We’ve got an absolutely fantastic sponsor interview for you this week. This week’s show is brought to you by Senrio. They make an IoT network monitoring solution that’s actually really good. Stephen Ridley is the founder and head honcho at Senrio. He’s a very well known researcher and he joins us this week to talk about a few things.

First up he recaps the gSOAP library bugs the Senrio team found. They were a big deal in July, but as you’ll hear, people kinda missed the point. The affected gSOAP library is absolutely everywhere, including in, ahem, browsers. So yeaaaaah. There’s that.

Then we move on to the more sponsor-y part of the sponsor interview, talking about Senrio’s experience running the IoT hacking village at DEFCON. It was a great time for them, throwing their product at the most hostile IoT network the world has ever seen. To round out the Stephen Ridley omnibus experience we’ll also hear about a few training courses he’s offering on Android hacking and software exploitation via hardware exploitation.

Adam Boileau joins the show to talk about the week’s security news, links to everything are below.

Oh, and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #465 -- Charlie Miller on autonomous car security
0:00 / 0:00

Show notes

The U.S. Is Trying to Seize 1.3 Million Visitor Logs, DreamHost Says - The Atlantic

We Fight for the Users - DreamHost.blog

After Shutdown, Daily Stormer Users Are Moving to a Dark Web Version of Site - Motherboard

Someone Appears to Be DDoSing the Dark Web Version of The Daily Stormer - Motherboard

Researcher Who Stopped WannaCry Pleads Not Guilty to Creating Banking Malware - Motherboard

Top Security Firm May Be Leaking 'Terabytes' Of Confidential Data From Fortune 100 Companies | Gizmodo Australia

Beware of Security by Press Release — Krebs on Security

The Shadow Brokers Have Made Almost $90,000 Selling Hacking Tools by Subscription, Researcher Says - Motherboard

HBO offered hackers $250,000 'bug bounty', leaked email claims | Technology | The Guardian

Russian Hackers Are Targeting Hotels Across Europe, Researchers Say - Motherboard

Attackers Backdoor NetSarang Software Update Mechanism | Threatpost | The first stop for security news

Seven More Chrome Extensions Compromised | Threatpost | The first stop for security news

Blizzard Entertainment Hit With Weekend DDoS Attack | Threatpost | The first stop for security news

Cyberattack leaves millions without mobile phone service in Venezuela — Technology — The Guardian Nigeria Newspaper – Nigeria and World News

Smart Locks Bricked by Bad Update | Threatpost | The first stop for security news

IMSI Catcher Detection Apps Might Not Be All That Good, Research Suggests - Motherboard

Ukrainian Man Arrested, Charged in NotPetya Distribution | Threatpost | The first stop for security news

Juniper Issues Security Alert Tied to Routers and Switches | Threatpost | The first stop for security news

slides_bh_pdf

From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks | USENIX

Legal Hacking Tools Can Be Useful for Journalists, Too - Motherboard

Experts in Lather Over ‘gSOAP’ Security Flaw — Krebs on Security

Devil's Ivy - Senrio

Senrio

Training