Risky Business #483 -- Internet censorship in Iran, China

Collin Anderson joins the show to talk about the politics of 'net censorship...
17 Jan 2018 » Risky Business

On this week’s show we chat with Collin Anderson about Iranian internet censorship, as well as how sanctions on Iran led Google to block app engine access within Iran.

That’s a problem for Signal users there, because when the primary Signal servers are blocked, the software falls back to a domain-fronting approach that uses… drum roll please.. Google App Engine.

That’s a pretty wide ranging discussion of ‘net censorship in Iran and ‘net censorship generally and that’s coming up after the news.

This week’s show is brought to you by Bugcrowd, big thanks to them for that. In this week’s sponsor interview we’ll chat with Bugcrowd trust and security engineer Keith Hoodlet about some work they’ve been doing on producing detailed remediation information for their clients.

Adam Boileau is also along, as always, to discuss the week’s security news. The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Show notes

Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes - The Washington Post
Russian hacking group Fancy Bear prepares to attack Winter Olympics, U.S. Senate
Experts link Shadow Brokers and Russia
Did Twitter engineers just admit to shadow-banning conservatives? Nope | Ars Technica
Twitter Says No, Hundreds Of Twitter Employees Are Not Reading Your DMs
Apple hands Chinese iCloud to Guizhou-Cloud Big Data Industry • The Register
Bitcoin, Ethereum and almost every other cryptocurrency is plunging | TechCrunch
Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience — Krebs on Security
Trisis has the security world spooked, stumped and searching for answers
Skygofree: Following in the footsteps of HackingTeam - Securelist
Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter — Krebs on Security
Canadian Police Charge Operator of Hacked Password Service Leakedsource.com — Krebs on Security
Who Ran Leakedsource.com? — Krebs on Security
FBI Director Calls Smartphone Encryption an 'Urgent Public Safety Issue' | Threatpost | The first stop for security news
Microsoft adopts Signal's encryption protocol for new private conversation mode
Flaw in WhatsApp and Signal exposes group chats to 'extremely difficult' hacks
Alliance aims to thwart nosy Wi-Fi spies with new security standards
Fourth Fappening Hacker Caught by the FBI
Senators introduce bill to counter bad cybersecurity practices in credit reporting industry
Facebook Knows How To Track You Using The Dust On Your Camera Lens | Gizmodo Australia
VirusTotal's new graph feature maps malware
House Votes to Reauthorize Controversial Spy Provision, Section 702 | Threatpost | The first stop for security news
Intel AMT Loophole Allows Hackers to Gain Control of Some PCs in Under a Minute | Threatpost | The first stop for security news
Lenovo Patches Networking OS Vulnerability Dating Back to 2004 | Threatpost | The first stop for security news
VMware Issues 3 Critical Patches for vSphere Data Protection | Threatpost | The first stop for security news
EMC, VMware security bugs throw gasoline on cloud security fire | Ars Technica
BitTorrent users beware: Flaw lets hackers control your computer | Ars Technica
2018.01.09 Issue with TLS-SNI-01 and Shared Hosting Infrastructure - Incidents - Let's Encrypt Community Support
Graham Cluley on Twitter: "They are clearly never going to have any problems with that Hawaiian missile alert menu ever again... https://t.co/9x5zqXRRwq"
Microsoft and Amazon Enable Censorship Circumvention Tools in Iran. Why Doesn’t Google? - Motherboard
Iran unblocks Telegram messenger service shut down during country-wide protests | News | DW | 14.01.2018