Risky Business #492 -- Thomas Rid on sloppy active measures

PLUS: All the news in another crazy week...
29 Mar 2018 » Risky Business

Sorry this week’s show is late – I found myself taking an unexpected and unavoidable trip. But I’m back on deck and we’ve got a great show for you this week.

This week we hear from Thomas Rid, Professor of Strategic Studies at Johns Hopkins University’s School of Advanced International Studies. We’re having a conversation inspired by the latest spectacular Russian intelligence blunder: a Russian SIGINT operator exposing their GRU headquarters’ IP address because they forgot to fire up their VPN when logging in to their Guccifer 2.0 persona accounts. Oops.

It’s hilarious stuff, but it’s brought out the conspiracy types who are saying hey, as if they’d make this mistake. Something’s fishy! Well, as you’ll hear, these types of agencies make similar mistakes on a pretty routine basis. Thomas joins us to talk about that, and also about how mistakes like this don’t really matter in the broad scheme of things. They’re a bit of a distraction.

This week’s show is brought to you by Bugcrowd, the managed bug bounty company. Bugcrowd’s founder and CTO Casey Ellis will be dropping by to talk about a few things. They’ve raised a stack of cash since we last spoke and they plan to spend it on a bunch of stuff – they’re working on doing more efficient triage and they’re also looking at creating better legal agreements between their customers and their researchers. That’s all interesting stuff, and it’s coming up later.

The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Show notes

A cyberattack hobbles Atlanta, and security experts shudder
City of Atlanta still crippled six days after ransomware attack - CNN
Boeing hit by WannaCry virus, fears it could cripple some jet production | The Seattle Times
EXCLUSIVE: ‘Lone DNC Hacker’ Guccifer 2.0 Slipped Up and Revealed He Was a Russian Intelligence Officer
Guccifer 2.0 Was Always Sloppy - Motherboard
Facebook denies it collects call and SMS data from phones without permission | TechCrunch
Facebook Wants Security Researchers to Hunt Down Apps That Misuse User Data
Report: Kaspersky Lab to open new data center in Switzerland to curb espionage suspicions
Eugene Kaspersky defends publishing 'Slingshot' report
US Charges Nine Iranians With Hacking Over 300 Universities
Iranian Hackers Charged Last Week Were Actually Pretty Damn Good Phishers
US Congress Passes CLOUD Act Hidden in Budget Spending Bill
CLOUD Act, Tucked Into Omnibus, Likely To Derail Supreme Court Tech Privacy Case : NPR
Four Alleged Associates of Sinaloa Cartel-Linked Encrypted Phone Company Are On the Run - Motherboard
Secure Phone Companies Clamp Down After Sinaloa Cartel-Linked Arrest - Motherboard
UK police mobile device extraction tech raises eyebrows, study
FBI Barely Tried to Hack San Bernardino iPhone Before Going to Court With Apple - Motherboard
FBI has a unit solely devoted to its 'going dark' problem
zeynep tufekci on Twitter: "That @theintercept story about Facebook used by ICE to track immigrants that went pretty viral? It wasn't an immigrant. It was a legal subpoena on a child exploitation/abuse case. (Incredible correction at the end!!!) Motivated reasoning isn't just a right-wing phenomenon. 1/x… https://t.co/dxYOPznkrA"
Minneapolis FBI agent charged with leaking classified information to reporter | Minnesota Public Radio News
How security alerts are keeping your code safer | The GitHub Blog
Ecuador Cut Off Julian Assange’s Internet For His Political Tirades on Twitter - Motherboard
Reddit Bans Subreddits Dedicated to Dark Web Drug Markets and Selling Guns - Motherboard
NSA has been tracking bitcoin users since 2013
Angry Users Donate $120K to Cancer Research After Brian Krebs' Coinhive Article
With cryptojacking rising, exploit kits rapidly decline - CyberScoop
IETF Approves TLS 1.3 as Internet Standard
Chrome Extension Detects URL Homograph (Unicode) Attacks
Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites
Many VPN Providers Leak Customer's IP Address via WebRTC Bug
Microsoft's Meltdown patches introduced a whole new vulnerability
Cisco IOS XE Software Static Credential Vulnerability
Digital arms merchants selling products to Australian police forces? – Digital Rights Watch
pariscid.pl: fix nasty typo in CRYPTO_memcmp. · openssl/openssl@56d5a4b · GitHub