Risky Business #594 -- How ESNIs will change censorship and NDR

Wave goodbye to destination metadata and say hello to network monitoring hell...
12 Aug 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • WeChat joins TikTok in the naughty corner
  • TLS 1.3 with ESNI will have a massive impact on censorship AND security
  • Belarus goes dark after dodgy election
  • Capital One fined $80m
  • Much, much more

We’ll be hearing from Dan Guido of Trail of Bits in this week’s sponsor interview. They’ve developed a generic macOS EDR package that you, dear vendor, should absolutely license from them. Dan joins us to explain why.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

America's clean path is slippery - Risky Business
Trump issues executive orders that will ban TikTok, WeChat in 45 days - CyberScoop
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI | ZDNet
Cat and mouse: Privacy advocates fight back after China tightens surveillance controls | The Daily Swig
DEF CON: New tool brings back 'domain fronting' as 'domain hiding' | ZDNet
Belarus Has Shut Down the Internet Amid a Controversial Election | WIRED
Ohio becomes first state to release vulnerability policy for election-related websites
Top voting vendor ES&S publishes vulnerability disclosure policy
Microsoft bug bounty payouts trebled to reach nearly $14 million in the last year | The Daily Swig
US offers $10 million reward for hackers meddling in US elections | ZDNet
Mozilla lays off 250 employees while it refocuses on commercial products | ZDNet
US financial regulator fines Capital One $80 million over data breach
FBI says an Iranian hacking group is attacking F5 networking devices | ZDNet
Citrix releases fix for software bug that hackers ‘will move quickly to exploit’
Hacker leaks passwords for 900+ enterprise VPN servers | ZDNet
Hacking group has hit Taiwan's prized semiconductor industry, Taiwanese firm says
A mysterious group has hijacked Tor exit nodes to perform SSL stripping attacks | ZDNet
FBI issues warning over Windows 7 end-of-life | ZDNet
Anti-encryption laws yet to be used by Asio or AFP to compel tech firms' help, inquiry told | Australian security and counter-terrorism | The Guardian
WordPress 5.5 rolls out with auto-updates for plugins, themes | The Daily Swig
Snapdragon chip flaws put >1 billion Android phones at risk of data theft | Ars Technica
Researchers found another way to hack Android cellphones via Bluetooth
Insecure satellite Internet is threatening ship and plane safety | Ars Technica
When TLS hacks you: Security friend becomes a foe | The Daily Swig
Top hacks from Black Hat and DEF CON 2020 | The Daily Swig
Security bugs let these car hackers remotely control a Mercedes-Benz | TechCrunch
Black Hat 2020: New HTTP request smuggling variants levied against modern web servers | The Daily Swig
Black Hat 2020: Web cache poisoning offers fresh ways to smash through the web stack | The Daily Swig
(12) Dan Guido on Twitter: "Last Thursday, I was locked out of my cloud MDM, my data was deleted, and MDM agents for every device @trailofbits were silently removed by the vendor, leaving the entire company unmanaged. There was no advance notice and no explanation. This is a warning: Never use Kandji. https://t.co/0zIPZKpCC8" / Twitter
Sinter: New user-mode security enforcement for macOS | Trail of Bits Blog