On this week’s show we chat with Collin Anderson about Iranian internet censorship, as well as how sanctions on Iran led Google to block app engine access within Iran.
That’s a problem for Signal users there, because when the primary Signal servers are blocked, the software falls back to a domain-fronting approach that uses… drum roll please.. Google App Engine.
That’s a pretty wide ranging discussion of ‘net censorship in Iran and ‘net censorship generally and that’s coming up after the news.
This week’s show is brought to you by Bugcrowd, big thanks to them for that. In this week’s sponsor interview we’ll chat with Bugcrowd trust and security engineer Keith Hoodlet about some work they’ve been doing on producing detailed remediation information for their clients.
Adam Boileau is also along, as always, to discuss the week’s security news. The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.
Show notes
- Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes - The Washington Post
- Russian hacking group Fancy Bear prepares to attack Winter Olympics, U.S. Senate
- Experts link Shadow Brokers and Russia
- Did Twitter engineers just admit to shadow-banning conservatives? Nope | Ars Technica
- Twitter Says No, Hundreds Of Twitter Employees Are Not Reading Your DMs
- Apple hands Chinese iCloud to Guizhou-Cloud Big Data Industry • The Register
- Bitcoin, Ethereum and almost every other cryptocurrency is plunging | TechCrunch
- Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience — Krebs on Security
- Trisis has the security world spooked, stumped and searching for answers
- Skygofree: Following in the footsteps of HackingTeam - Securelist
- Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter — Krebs on Security
- Canadian Police Charge Operator of Hacked Password Service Leakedsource.com — Krebs on Security
- Who Ran Leakedsource.com? — Krebs on Security
- FBI Director Calls Smartphone Encryption an 'Urgent Public Safety Issue' | Threatpost | The first stop for security news
- Microsoft adopts Signal's encryption protocol for new private conversation mode
- Flaw in WhatsApp and Signal exposes group chats to 'extremely difficult' hacks
- Alliance aims to thwart nosy Wi-Fi spies with new security standards
- Fourth Fappening Hacker Caught by the FBI
- Senators introduce bill to counter bad cybersecurity practices in credit reporting industry
- Facebook Knows How To Track You Using The Dust On Your Camera Lens | Gizmodo Australia
- VirusTotal's new graph feature maps malware
- House Votes to Reauthorize Controversial Spy Provision, Section 702 | Threatpost | The first stop for security news
- Intel AMT Loophole Allows Hackers to Gain Control of Some PCs in Under a Minute | Threatpost | The first stop for security news
- Lenovo Patches Networking OS Vulnerability Dating Back to 2004 | Threatpost | The first stop for security news
- VMware Issues 3 Critical Patches for vSphere Data Protection | Threatpost | The first stop for security news
- EMC, VMware security bugs throw gasoline on cloud security fire | Ars Technica
- BitTorrent users beware: Flaw lets hackers control your computer | Ars Technica
- 2018.01.09 Issue with TLS-SNI-01 and Shared Hosting Infrastructure - Incidents - Let's Encrypt Community Support
- Graham Cluley on Twitter: "They are clearly never going to have any problems with that Hawaiian missile alert menu ever again... https://t.co/9x5zqXRRwq"
- Microsoft and Amazon Enable Censorship Circumvention Tools in Iran. Why Doesn’t Google? - Motherboard
- Iran unblocks Telegram messenger service shut down during country-wide protests | News | DW | 14.01.2018