Risky Business #489 -- (Deep) Fake News

Seeing isn't believing anymore...
07 Mar 2018 » Risky Business

On this week’s show we’re chatting with Professor of Law at the University of Maryland Danielle Citron about an article she co-authored on so-called “deep fake” videos. Citron and Bobby Chesney wrote a fascinating piece about the privacy and national security implications of this latest trend and we’ll be talking to her about that a little bit later on.

In this week’s sponsor interview we’re chatting with Julian Fay, CTO of this week’s sponsor Senetas. We talk to him about how encryption hardware industry is responding to the looming spectre of quantum computing.

As you’ll hear, standards bodies are already rolling out draft implementations of quantum-resistant algorithms that companies like Senetas will be baking into their kit as additional layers of protection.

Adam Boileau, as usual, is this week’s news guest.

We cover:

  • Massive memcached DDoS attacks
  • Trustico having a bad week
  • Reported flaws in 4G/LTE
  • Uber breach lawsuit
  • …and more!

The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Show notes

NETSCOUT Arbor Confirms 1.7 Tbps DDoS Attack; The Terabit Attack Era Is Upon Us
A 1.3-Tbs DDoS Hit GitHub, the Largest Yet Recorded | WIRED
Trustico website goes dark after someone drops critical flaw on Twitter | Ars Technica
23,000 HTTPS certificates axed after CEO emails private keys | Ars Technica
How do you handle mass revocation requests? - Google Groups
LTE security flaws could be used for spying, spreading chaos | Ars Technica
Angry Coinbase users sue over claimed security failings, insider trading | Ars Technica
Chrome's WebUSB Feature Leaves Some Yubikeys Vulnerable to Attack | WIRED
Pennsylvania Sues Uber Over Data Breach Disclosure | WIRED
Infamous Russian Cyber-Espionage Group Hacks German Government
Nuance Communications says NotPetya attack has cost it $92 million since June
China’s Cyber Militias | The Diplomat
the grugq on Twitter: "What happens when 80% of the reporter’s of Android bugs and half the MSFT top 100 researchers go radio silent? This will be interesting. VEP that...… https://t.co/NSh8a878Gt"
Big banks want to weaken the internet’s underlying security protocol
Vulnerability Affects Half of the Internet's Email Servers
Researchers Find 34,200 Vulnerable Ethereum Smart Contracts
POS Malware Found at 160 Applebee's Restaurant Locations | Threatpost | The first stop for security news
Thomas Rid on Twitter: "Today DHS published a remarkable 2016 FOUO document: network infrastructure devices *in US gov federal agencies* (ie Cisco routers) have been "the attack-vector of choice for advanced threat actors"—for several years. And between the lines: the attackers sometimes succeeded. https://t.co/lMdK6MUTsV"
Mobile Security Updates: Understanding the Issues
Deep Fakes: A Looming Crisis for National Security, Democracy and Privacy? - Lawfare
Google Unveils Largest Quantum Computer Yet, but So What?
A Methodology for Quantum Risk Assessment - Global Risk Institute : Global Risk Institute
Get Hands on with VMRay Analyzer | VMRay
Bringing agility to cryptography - Senetas