gmane.comp.security.dailydave

Iron Man, nukes, vogon poetry.

Dave Aitel — 2012-05-25T17:34:44

So now that Max is six, I get to read comic books while pretending
they're for him. And one thing you learn quickly is that the comic books
people revere - the old-school Stan Lee era comic books - are godawful.
They're just terrible. The art is terrible. The writing is campy and
flowless and just basically as nauseating as possible describing
characters without motivation, depth or charm. It's Vogon-poetry level
stuff.

That said, it's "age-appropriate" for a six year old. And because these
characters are still relentlessly marketed today, their 60's era
original cardboard cutouts are still "cool" to modern kids.

You can get good comics as well, but they tend to give a six year old
nightmares. The best
<http://www.amazon.com/Astonishing-X-Men-Omnibus-Joss-Whedon/dp/0785138013/ref=ntt_at_ep_dpt_2>,
obviously, is an X-Men comic written by Joss Whedon, who wrote Buffy and
the new Avengers movie. But if your six year old is anything like mine,
he wants to dress up as Iron Man all the time (cause why not if you're
six?). So then you get to explain how Iron Man is not named that because
his suit is made from iron (because iron is heavy and very vulnerable to
the first rent-a-cop with a taser, etc. Most likely his suit is made
from custom ceramics, no?) But of course, it's the man inside that's
Iron - refusing to give up even when your heart is broken and the system
you live in wants to crush you and your alcohol-soaked brain like an egg.

And the modern comics have a nicely subtle examination of the ethical
issues surrounding building weapons systems, using them, and how
technological advancements in weapons change society as a whole. Iron
Man's job is to face these difficult issues with gravitas, sacrifice,
and occasionally humor (which is usually at his own expense).

These comics connect nicely to Richard Rhodes's book "Building the
Nuclear Bomb
<http://www.amazon.com/Making-Atomic-Bomb-Richard-Rhodes/dp/0684813785/ref=sr_1_2?s=books&ie=UTF8&qid=1337959246&sr=1-2>",
which is the Pulitzer winning exploration of the issues that surrounded
building atomic bombs but also apply nicely to modern cyber-warfare (as
Michael Gross
<http://www.vanityfair.com/contributors/michael-joseph-gross> pointed
out over mojitos at INFILTRATE 2012).

For example compare this tract
<http://crossroads.alexanderpiela.com/files/Fussell_Thank_God_AB.pdf>
(not from the book, but in the same vein):

When the A-bombs were dropped, van der Post recalls, "This
cataclysm I was certain would make the Japanese feel that they
could withdraw from the war without dishonor, because it would
strike them, as it had us in the silence of our prison night, as
something supernatural."

Contrast that to modern chairman of the joint chiefs General Martin
Dempsey
<http://www.youtube.com/watch?feature=player_detailpage&v=r8vYas46HTo#t=370s>'s
comments about cyberwar
<http://defense.aol.com/2012/05/17/humans-not-hardware-will-get-military-through-tough-budget-tim/>:

"We have some pretty amazing materiel capabilities coming
online," Dempsey went on -- he cited cyberwarfare in particular
as "one of those areas where our actual capabilities are
beginning to resemble science fiction" -- "but actually the
non-materiel changes we make will matter more."

It is as science fiction or as supernatural in some senses as Iron Man's
suit and in other senses, as real as splitting the atom, and you can see
Schneier
<http://www.schneier.com/blog/archives/2012/04/jcs_chairman_so.html>
arguing that it nothing more than a scare tactic to raise more funds.
But Martin Dempsey is not only very smart, but also very well informed,
I would argue, and it's more likely that he's right.

Every science has a weapon of mass destruction. Physics had nukes,
chemistry had gas, biology has the unspoken terrors that we've so far
avoided unleashing upon ourselves. And computer science, of course, has
its own demon whom we've yet to fully face. We can only hope that on
both sides, we find people using these things more like an Iron Man than
a Vogon.

-dave

Hack Cup 2012

Nicolas Waisman — 2012-05-24T15:28:19

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We have only three slot left for the Hack Cup tournament. Whether you
are good at soccer or not, it's a good excuse to getaway for the Vegas
noise, play a team sport and just have fun.

Sign up today as a team or a free player here:
https://www.hack-cup.com/add-your-team

Cheers
Nico

- -- 
Nico Waisman
Immunity, Inc.
nicolas< at >immunityinc.com
(+54) 11-4833-3205.
Malabia 2162 2nd floor
Buenos Aires, Argentina

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk++U5MACgkQnx8KWzmcRsGf1QCeN1RbGIp9opV3YLv8CHzY0XMX
Td8AnitooMpD0TYp1pamoO4auvPW79bX
=tKII
-----END PGP SIGNATURE-----

Hacking the tribal websites, scuba divers, and lilacs.

Dave Aitel — 2012-05-24T14:47:59

http://www.washingtonpost.com/national/clinton-state-department-hacked-al-qaida-sites-in-yemen-part-of-covert-war-on-terror/2012/05/23/gJQAKFOdlU_story.html

So you know how when you're at a stoplight, and you see flashing lights
from a fire truck behind you, and you'll carefully maneuver to pull over
into a nook on the side of the road? But sometimes the person behind you
will just scoot forward to claim your space, blocking the firetruck and
ruining the whole point of your moving aside. Then like, at the very
next block, they'll do the exact same thing to the little SUV that
follows the fire truck? And at that point you'll look back, trying to
figure out who they are, and what it is exactly about the situation here
they're not getting, while making certain culturally appropriate yet not
too violent (Miami has liberal concealed carry laws) gestures?

In a nutshell, that's how operators feel when policy makers ask them to
deface websites. On the surface, removing Al Qaeda propaganda may SEEM
like a step forwards. You can see the policy brain working like this:

1. Our opponent has moved their PR and recruitment to web sites
2. I have people who can hack web sites
3. What if we do something super clever to their web sites? TAKE THAT
AL QAEDA!

Your basic operator team is thinking of a few other things:

1. What parts of our toolchain are going to be exposed by hacking into a
tribal website?
1a. A rootkit of some kind that we've tested, possible modified from
open sources <http://immunityinc.com/products-hydrogen.shtml>, but
regardless, something fairly valuable.
1b. An exploit signature. Even if the Yemenis don't necessarily store
all their traffic and analyze it afterwards, perhaps the nice Indian
folks of Tata Communications
<http://www.tatacommunications.com/about/history.asp> (which is how you
got your SQLi to Yemen in the first place) checked their satellite
traffic logs after the event, and now whatever cool technique you used
to get in is burnt, along with everything unencrypted you did (recon,
trojan listening post, etc.). So then the Indian government goes through
their logs of their own satellites and checks out what you're doing
there, or in Pakistan, or whatever. This causes an attribution problem
of hilarious proportions.
1c. It's no doubt that if this sort of thing gets positive news in
the Washington Post, that someone's going to want to do it again but on
harder targets. So now you face the dilemma - do you burn the strategic
resources (exploits, rootkits, methodologies and techniques) that you've
been using on "real things" for short lived PR stunts?
1d. Those ads are just going to come out on some other website in
about fifteen minutes, and people who never would have looked at them
are going to go check out what the Americans didn't want them to see. On
a "stern warning" to "hellfire missile" scale, you're looking a lot more
like a shaken finger and a cross look here.

A decent operator is a bit like a scuba diver. In their head (or a
logbook) is a long list of possible OPSEC weaknesses, which are checked
and maintained like blood-nitrogen content to get a "feel" for their
exposure over time (which influences their actions in complex ways that
would make Jacques Cousteau confused). In the original unethical hacking
class we would do this exercise where we would randomly pull the plug on
a students network cable, and ask them "what did you leave exposed". The
goal was to instill a fear, like the old gas trainings. "Smell a lilac?
Run for the hills!
<http://www.slate.com/articles/news_and_politics/explainer/2006/08/does_poison_gas_smell_good.html>"
That sort of thing.

In any case, with "hacking of tribal websites" or "cupcake recipe
promotion
<http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/8553366/MI6-attacks-al-Qaeda-in-Operation-Cupcake.html>"
generally your operator team is smelling lilacs, and not in a good way.

-dave

"Jailbreaking"

Dave Aitel — 2012-05-23T20:42:21

So for those of you who do not follow the twitters...IntevyDis released
a new version of VulnDisco Mobile, which includes an "untethered"
jaibreak for the latest iOS.
http://www.idownloadblog.com/2012/05/22/new-jailbreak-vulndisco-mobile/

You can watch the movie to see a CANVAS node pop up as usual.

And for those of you who love movies, I'm going to be on Fox Live
tomorrow to discuss this one:
http://www.nextgov.com/cybersecurity/2012/05/al-qaeda-video-calls-electronic-jihad-government-computers/55886/?oref=ng-dropdown

Will there be buffy quotes? Who knows unless you tune in? :>

-dave

zeus plug-in

2012-05-22T04:11:45

Has anyone here analyzed the Leprechaun(sp?) plug-in for Zeus?

--dan

Tool of the day!

Dave Aitel — 2012-05-21T19:13:02

So every sub-genre of hacker has their own set of specialized knowledge.
And in the sub-genre that "sees a lot of mailspools" (which you could
label "Unix Hackers") you often have this problem where you have a lot
of email, and you want to quickly distill it down to "files that are
interesting". Of course, emails come in all shapes and sizes and are all
decoded differently and it's a bit annoying to figure out how to decode
them all.

The best tool in my experience for this is Frank Pilhofer's UUDeview
(http://www.fpx.de/fp/Software/UUDeview/) . You just point it at a
directory of mail, and "it does the right thing", offering prompts up
when it needs to. Simple, easy, and effective.


-dave

Howard Schmidt

Dave Aitel — 2012-05-18T14:01:26

"As for getting into the power grid, I can't see that that's realistic,"
Schmidt said. <http://www.wired.com/threatlevel/2010/03/schmidt-cyberwar/>

Likewise as that Threat Point article from the start of his time in the
White House points out:

"People have to recognize that when we close the door and go home, we
are just normal netizens like anyone else," Schmidt said. "I've been in
the internet from the very beginning. We don't want to see it changed to
where it is no longer available and we don't have the ability to do
things *anonymously* as we choose to in certain realms."

Also in that article you can see the initial tension between the NSA and
the office of the Cyber Security Coordinator. And the last few weeks
have been dominated by the NSA and White House togethertrying (and
failing)
<http://www.whitehouse.gov/blog/2012/01/26/legislation-address-growing-danger-cyber-threats?utm_source=related>to
push forward legislation that regulates the security of critical
infrastructure (such as the power grid).

But Schmidt's dream was always elsewhere - in the role of human identity
and the internet. And you can see it in his trusted identities strategy
<http://www.whitehouse.gov/blog/2010/06/25/national-strategy-trusted-identities-cyberspace>.
This also is where I see the largest influence from his Microsoft days,
from the days the technologies Passport and CardSpace (remember them?)
looked "promising".

But trusted identities is not necessarily where people want to go, even
if it helps security in some way (or enables rather revolutionary things
like Internet voting). And aside from a few favored vendors who wanted
to make money implementing an identity scheme for every American, you
don't see a groundswell of support.

Keep in mind that we have Aurora and the associated rise of "APT",
Wikileaks, and the public hacking of various water utilities
<http://news.cnet.com/8301-27080_3-57330029-245/dhs-denies-report-of-water-utility-hack/>
during his time in office. Also during his time America and Russia and
China
<http://www.huffingtonpost.com/2012/05/07/china-us-vow-cooperation-cybersecurity_n_1498245.html>
have connected on CyberSecurity more than you may have thought they
would. Most of what a Cyber Security Czar does is shrouded in secrecy,
so it's hard to truly say what Howard's legacy will be, but it's
probably safe to say a new identity management policy for the entire
country will not be it.

-dave

Ten years.

Dave Aitel — 2012-05-17T14:28:51

Immunity is ten years old now - and like any ten year old, it is
interested mostly in shiny things that bleep and bloop. :>

But also like any ten year old we are growing and always hungry, and so
if you're interested in working in the new DC office or Miami Beach HQ,
please let me know. We only have one perk and that is this: We'll keep
you entirely focused on breaking into things in one way or another.

-dave

New INFILTRATE 2012 Movie is up! With surpriseintroduction by Halvar!

Dave Aitel — 2012-05-14T19:07:39

OH: "So....static analysis! Let's talk about it!" (Long pause follows.)

That's pretty much straight out of most parties I go to! Luckily, there
are a few people who can go into static analysis to great levels of
depth, and some of them give talks at INFILTRATE. :>

http://www.immunityinc.com/infiltratemovies/movies/JulienVanegue.mp4

-dave

With a real team, it's not about the numbers

Dave Aitel — 2012-05-01T14:05:41

I find articles like the recent one in Forbes <http://www.forbes.com/sites/andygreenberg/2012/03/21/meet-the-hackers-who-sell-spies-the-tools-to-crack-your-pc-and-get-paid-six-figure-fees/> quite funny in a way - and likewise talks about "rootite" and bug mining and so forth. Part of this is because philosophically I know that teams who focus on the money tend to lose. Obviously you need a lot of money to get things done in this industry, but I think it's a slippery slope from that to looking for where the money really is, which is defense <http://immunityinc.com/infiltratemovies/movies/andrewcushman_keynote.mp4>.

And when you're doing defense, you're not writing exploits, you're creating "security tests". You're not as concerned with "where will this exploit get me" so much as meeting this month's exploit quota. "How many checks do you have?" is the kind of customer you're competing for.

This month CANVAS released one exploit. And that one exploit in Samba is worth more to me than a hundred "security tests" in random bits of Microsoft software no one interesting has ever installed. [1]

You can see it in action here, or if you have CANVAS, you can download it as of last night.
http://partners.immunityinc.com/movies/CANVAS-SambaNDR.mov

-dave
[1] As a side note, you'll notice none of the static analysis companies can find this bug.
[2] Also you should read Kostya's blog post <http://expertmiami.blogspot.com/2012/05/skype-does-away-with-random-supernodes.html> today just because it's in English.

72 hours

Shari Bermudez — 2012-04-26T20:49:24

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Just a reminder that there are only 72 business hours remaining before
registration closes for the WebHacking and Master training classes.
Sign up today. Call 786-220-0600 or email training< at >immunityinc.com.
The 20% discount offer for re-tweeting still stands.

http://immunityinc.com/education-currentschedule.shtml

- --
INFILTRATE 2013 is being held at the famous Fontainebleau Hotel in
Miami Beach, FL from April 11-12, 2013.  Do not miss out.  Early
registration is now open.
http://infiltratecon.com/


Shari Bermudez
Project Manager
Immunity Services LLC-a division of Immunity Inc.
1130 Washington Ave.8th FL
Miami Beach, FL 33139
(p) 786-220-0600 (f) 786-513-8100
(e) shari< at >immunityinc.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk+ZtNQACgkQTAtnp8341PUF0wCgx5GDKoCAQtxJaqV2zqoCPDfM
lewAniLlntYAHhO1LDpTNjvI1UP7exli
=O6Pe
-----END PGP SIGNATURE-----

Spooked at RSA 2012

Dave Aitel — 2012-04-26T13:55:11

So we put my RSA 2012 talk up, along with the comments from the viewers that RSA collected. 

I 100% agree with every comment in the feedback form, which include such bon mots such as "You reek of pride". Frankly, I am quite proud of what the offensive community has been able to do over the last ten years. And I was a bit hurried during the actual talk (the one below is from my 6am-dry-run-in-hotel-room since they didn't record the talk itself) - I got spooked by the 20-minutes-left sign like a novice.  
 
http://partners.immunityinc.com/movies/RSA2012.mov
https://immunityinc.com/downloads/RSA2012.pdf

What's happening at SyScan'12 Singapore

Thomas Lim — 2012-04-19T05:36:32

Dear Dailydave readers

Do you know what's going to happen at SyScan'12 Singapore next week?

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....

13 AWESOME SPEAKERS:
a. Stefan Esser (i0n1c)
b. Chris Valasek (nudeaberdasher)
c. Tarjei Mandt (kernelpool)
d. Alex Ionescu
e. Edgar Barbosa (0pC0de)
f. Jon Oberheide
g. Brett Moore (antic0de)
h. James Burton (Jayji)
i. Seung Jin Lee (Beist)
j. Ryan MacArthur (Backpacker)
k. Loukas (snare)
l. Aaron LeMasters (AaXon)
m. Paul Craig

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....

11 INCREDIBLE PRESENTATIONS, 7 BRAND NEW ONES:
a. Heaps of Doom (Brand NEW)
b. De Mysteriis Dom Jobsivs (Sub New)
c. Owning entire organisations with regional software..(Brand NEW)
d. I/O, You own (Brand NEW)
e. Entomology: A case study of rare and interesting bugs
f. Exploiting the Linux Kernel
g. ACPI 5.0 Rootkit Attacks against Windows 8 (Brand NEW)
h. iOS Kernel Heap Armageddon (Brand NEW)
i. Post Exploitation Process Continuation
k. iOS Applications - Different Developers, Same Mistakes (Brand NEW)
l. Automating the Identification of Data Structures (Brand NEW)

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....

SECURE CODING COMPETITION WITH $10,000, $7,000 AND $3,000 CASH

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....

PHONES4PWN WITH $15,000 CASH

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....BEER, BEER, BEER,
BEER, BEER, BEER, BEER, BEER....BEER, BEER, BEER, BEER, BEER, BEER,
BEER, BEER....

SHACK< at >PATTAYA

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....LADYBOYS, LADYBOYS,
LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS...BEER, BEER,
BEER, BEER, CHAMPAGNE, CIGARS, BEER, BEER....LADYBOYS, LADYBOYS,
LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS...BEER, BEER,
BEER, BEER, BEER, BEER, BEER, BEER....LADYBOYS, LADYBOYS, LADYBOYS,
LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS, LADYBOYS...

Save yourself 20% by tweeting

Shari Bermudez — 2012-04-23T19:16:16

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Want to come to our June Master or WebHacking class but do not want to
pay full price?  You can save yourself 20% in ~5 minutes by following
these simple steps:

(1) If you are not already doing so, follow us on Twitter < at >immunityinc
and/or < at >infiltratecon.

(2) ReTweet this tweet from today: "RT and receive 20% off June
training classes when you sign up before 4/27! ow.ly/asvSG e-mail
admin< at >immunityinc for info!"

(3) Email training< at >immunityinc.com to sign up for your class at 20%
off of the listed price!

- --
INFILTRATE 2013 is being held at the famous Fontainebleau Hotel in
Miami Beach, FL from April 11-12, 2013.  Do not miss out.  Early
registration is now open.
http://infiltratecon.com/


Shari Bermudez
Project Manager
Immunity Services LLC-a division of Immunity Inc.
1130 Washington Ave.8th FL
Miami Beach, FL 33139
(p) 786-220-0600 (f) 786-513-8100
(e) shari< at >immunityinc.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk+VqoAACgkQTAtnp8341PXT/QCfSWJKgh/78RK8r8Iws56yUO5G
vKEAnjXG/QhWY47///2mMVV5fJwFxvu/
=0K8p
-----END PGP SIGNATURE-----

TIME IS RUNNING OUT

Shari Bermudez — 2012-04-20T14:19:53

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Time is running out to sign up for our June WebHacking and Master
Training Classes.   If you are thinking about reserving your seat but
have not done so, the time to sign up is now.

_June 4-6, 2012 - WebHacking Class:  _
Immunity's WebHacking course focuses on understanding common web
hacking techniques by having students exploit vulnerable systems.
Security professionals with some hands on web hacking experience will
get the most out of this course.
_
June 4-8, 2012 - Master Class:_
The Master class focuses on SMT, kernel exploitation and vulnerability
findings. Intermediate to advanced exploit development skills are
recommended for students wishing to take the Master class.

Please email training< at >immunityinc.com to sign up, obtain a copy of the
prerequisite test or for additional information.

We hope to see you in Miami Beach soon!

- --
INFILTRATE 2013 is being held at the famous Fontainebleau Hotel in
Miami Beach, FL from April 11-12, 2013.  Do not miss out.  Early
registration is now open.
http://infiltratecon.com/


Shari Bermudez
Project Manager
Immunity Services LLC-a division of Immunity Inc.
1130 Washington Ave.8th FL
Miami Beach, FL 33139
(p) 786-220-0600 (f) 786-513-8100
(e) shari< at >immunityinc.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk+RcIgACgkQTAtnp8341PWvogCgjMeh85VBaea5/anVxs26e3HI
9MwAoIL/OPPMPWr7xc++vNk0u2XoMtEC
=lUyj
-----END PGP SIGNATURE-----

RIT!

Dave Aitel — 2012-04-18T16:12:14

Chris and Miguel are heading up to RIT today and will be around tomorrow
recruiting for Immunity. If you're at or near RIT and you want to hear
about the fun stuff they're working (which you can help work on!) then
send admin< at >immunityinc.com <mailto:admin< at >immunityinc.com> a quick email
and they'll vector you in! I hear there will be real wings served the
way only upstate NY knows how. I miss those wings, I have to say.

Down here in Miami Beach, Shuckers <http://shuckersbarandgrill.com/> has
the best wings. And it's reachable by boat!

-dave

Hack Cup 2012

Nicolas Waisman — 2012-04-18T13:33:25

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Immunity is excited to announce our third annual Hack Cup this year in
Las Vegas! As always, it will be held on the first day of DefCon (July,
27th).

Anyone interested in playing indoor soccer is welcome to join! The
dynamic will be the same as previous years:

 o The tournament will go from 9:00-13:00.

 o We will have 12 teams of five players each, playing 15-minute matches
in four different groups. We recommend that you have at least 2-5
substitutes as it's a very fast field and you may have had a few beers
the night before. Last year, several teams absorbed people who came
without a team, so if you don't know five other soccer players, all is
not lost. You'll make new friends!

Last year the Spanish team FOCA won the tournament.  Can they defend
their victory title or will another team cause an upset?

We just opened the team subscription page which can be found here:
http://www.hack-cup.com/add-your-team

Keep in mind that there are only 12 spots and it's first come, first
serve!

For more information or pictures of last year, please visit our
stunningly attractive and highly scalable website:
http://www.hack-cup.com/

Thanks,
Team Hack Cup!

PS: Almost forgot about the mandatory Buffy quote:

DAWN:    Whatcha doin'?
BUFFY:  (Reading a magazine) Playing soccer.

- -- 
Nico Waisman
Immunity, Inc.
nicolas< at >immunityinc.com
(+54) 11-4833-3205.
Malabia 2162 2nd floor
Buenos Aires, Argentina

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+OwqUACgkQnx8KWzmcRsEi8ACgnn23HNF4dLbRtIXsj0TFOcMd
fF4Ani/mqWhBd3SSooeIqcKh5Z75dhlk
=rhwp
-----END PGP SIGNATURE-----

DC Saturday night drinks!

Dave Aitel — 2012-04-17T19:55:48

So Justine and I will be bar hopping somewhere near Dupont Circle
Saturday night (possibly for only one hop :>). If you want to hang out
and discuss the intricate details of Buffy the Vampire Slayer, then
catch me on Twitter (< at >daveaitel) and I'll vector you in.

    *Oz*: We should figure out what kinda deal this is. I mean, is it
    a-a gathering, a shindig or a hootenanny?
    *Cordelia*: What's the difference?
    *Oz*: Well, a gathering is brie, mellow song stylings; shindig, dip,
    less mellow song stylings, perhaps a large amount of malt beverage;
    and hootenanny, well, it's chock full of hoot, just a little bit of
    nanny.

CISPA == MAPP

Dave Aitel — 2012-04-17T17:34:50

So votes are coming up for CISPA
<http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act>
and I think it's a good time to look into the state of the "Cyber
Politico Arena". In other words, Lieberman had a bill that actually
SOLVED A PROBLEM. It was focused on critical infrastructure protection,
gave DHS the ball, and told everyone to help them run with it.

That said, it was one of those "immensely expensive" things, and people
don't really have much faith in DHS to carry technical balls around, so
it failed completely. Probably also worth mentioning that the
Republicans are going to vote on an administration bill only at gunpoint
this year. McCain in particular took a bee in his bonnet about how it
didn't give the NSA enough power.

Now we're left with CISPA, which is essentially Microsoft MAPP
<http://www.microsoft.com/security/msrc/collaboration/mapp.aspx> for the
US Government. That's it. It's pretty simple, and the reason Symantec
dropped their Huawei partnership
<http://www.nytimes.com/2012/03/27/technology/symantec-dissolves-alliance-with-huawei-of-china.html>.
There are some interesting clauses in it relating to the government
being able to give US Companies information about ongoing attacks even
disregarding clearance requirements it seems. But overall, it's "DNI
<http://twitter.com/#%21/daveaitel/statuses/165260367323336704> - please
go set up MAPP for us!" and that's it.

It goes both directions of course - the US Government will also be able
to take in information, and this probably includes information about US
Citizens and network traffic. It gets trickier here to figure out what
will and won't be allowed, but the general theme is "The Chinese and
Russians are owning every company - and we have information that can
help, so let's coordinate on that."

But they're selling it terribly. It's not SOPA. ACTA
<http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement> is
much more like SOPA - and it's interesting that Hilary Rosen
<http://www.washingtonpost.com/blogs/the-fix/post/who-is-hilary-rosen/2012/04/12/gIQA2zFHDT_blog.html>
(who was the RIAA CEO when they were suing kids and trying to shut down
Napster) is in the news for controversy as a democratic strategist, but
it's not controversial how close the Obama administration is to the RIAA
and MPAA. There's an opening here team Romney if they decide to go for
"digital rights" among the demographic that shares files (aka, everyone
under 30).

-dave

Rooted in darkness.

Dave Aitel — 2012-04-13T21:02:47

    Buffy: Yeah, I prefer the term Slayer. You know, killer just sounds
so...
    Dracula: Naked?
    Buffy: Like I... paint clowns or something. I'm the good guy, remember?
    Dracula: Perhaps, but your power is rooted in darkness. You must
feel it.

    So a couple days ago Immunity released our exploit for the new Samba
vulnerability to CANVAS Early Updates
<http://www.immunityinc.com/ceu-index.shtml>. [1]

    Likewise, the new INFILTRATE 2013 <http://infiltratecon.com/> page
is up! That means you can buy tickets, and you should all do that until
we sell out. :>

    -dave
    [1] We have a movie of this if you want to see it, but it's "by
request only".

Early Registration for INFILTRATE 2013 is now open

Shari Bermudez — 2012-04-13T21:00:23

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Exciting News!  Starting today early registration for our 3rd annual
INFILTRATE Conference is now open.  Register now to take advantage of
the lowest conference prices offered.

INFILTRATE 2013 is being held at the fabulous Fontainebleau Miami
Beach from April 11 - 12, 2013.  The conference hotel room pricing is
unbelievable so reserve your room early before the room block disappears.

Do not forget about our training classes!  We will be offering
WebHacking, Unethical Hacking and Master Training Courses at
INFILTRATE 2013.  Training seats are offered on a first come first
serve basis so reserve your seat today!

To register or for additional information about INFILTRATE 2013 please
visit:  http://infiltratecon.com/

We look forward to seeing you there!

- --

Shari Bermudez
Project Manager
Immunity Services LLC-a division of Immunity Inc.
1130 Washington Ave.8th FL
Miami Beach, FL 33139
(p) 786-220-0600 (f) 786-513-8100
(e) shari< at >immunityinc.com



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk+Ik+cACgkQTAtnp8341PX9iwCfSIAzbad4wkBNY+YSVxnJUyet
yYQAoJBuLiOhQ1tJsG640Tj0fFe3sAk2
=GVqF
-----END PGP SIGNATURE-----