[Dailydave] The Amygdala, Cyberwar, and You

Humans, like other hominids, are giant machines for social status relationships processing, which you're going to be reminded of every time Google news suggests some article on TMZ with people you ostensibly don't know, but enough forced exposure has convinced you they are *in your extended

Re: [Dailydave] The Treadmill

liability but cutting out > the legal profiteering). > 3) Personal liability for software executives that make "I accept the > risk on behalf of my customers" decisions. > > Any other suggestions? > > Cheers, > Thomas > > Am Di., 7. Apr. 2020 um 21:55 Uhr

[Dailydave] BAH vs GRU

So when I worked at the NSA I worked with some Booz Allen Hamilton people, and they were extremely helpful but wore suits all the time so it was a bit confusing. But I think that time has changed me in the sense that I kinda read and watch everything like it is SIGINT. For example, imagine if you

[Dailydave] The Treadmill

I've been spending a lot of time reading policy papers on software liability recently. The theory from the policy community is that you can get a

[Dailydave] Command And Control

I just listened to a webinar on threat hunting. It's a thing you can do. Anyways, at one point the presenter talked about how he really preferred to threat hunt by looking at network protocols for threat hunting, and he focused on beaconing and C2. Every time someone says that, I flash back to

[Dailydave] For your ears!

I don't even know how to promote this, because it seems narcissistic in the extreme. But if you want to make fun of me with gritty details, or hear a secret history of the NSA, you should peruse this podcast that Ryan Naraine did last week! :) https://securityconversations.fireside.fm/dave-aitel

[Dailydave] The best bugclass is whatever the defender is most mentally invested in

A decade or so ago I got pneumonia and then tried to give a talk about why attackers tend to win at cyber stuff. The usual answer you will hear, the *RSAC* answer, if you will, is total BS. If someone says

[Dailydave] INFILTRATE!

So it's a fun time to organize a conference of global attendees and speakers! :) But while we track COVID carefully, I wanted to highlight one of our sponsors you may not know about: ZecOps . I've, of course, followed Zuk Avraham and co for a while (as many of you have on

[Dailydave] "Defending Forward" in time

So I went to S4 this week, which is a good conference here in Miami Beach, mostly about hacking/protecting utilities and other critical infrastructure components. But I had the good fortune to run into a friend I'd never met before. Anyways,

[Dailydave] Reverse Engineering LOLs

If you've ever rolled with a world-class black-belt you know that no matter how hard you are trying, they catch submissions seeming effortlessly. They simply have a different understanding of space and movement and momentum than you do. And the same thing is true in the cyber operations field. In

[Dailydave] Knock knock, Neo.

I rewatched The Matrix recently with my kids. It holds up through the test of time, like a few movies do, but which obviously Star Wars will not. I gave my kids $40 to go watch the Rise of Skywalker and they decided to go get ice cream and play TF2 instead, as a metric for cultural lock-in.

[Dailydave] Ghidra! Ghidra! Ghidra!

Here is a video I was watching today that you should also watch: https://vimeo.com/335158460 So I know a lot of people on the list already KNOW AND USE Ghidra. But my fav. classes are ones that scale from both beginners to advanced users because they go into how a particular team does something

[Dailydave] INFILTRATE 2020 Keynote Speaker Announcement!

So when I was 15 or something I read a poem in a Virginia Tech literary magazine that changed everything. Looking back, the idea that something you write can float like pixie dust across the world and eventually change the course of a life was too powerful to ignore. For a lot of people, that

[Dailydave] Avast!

I love everything about this spin, from the historical players (hi Jaya!) to the title of "Avast fights off cyber espionage attempt..." https://blog.avast.com/ccleaner-fights-off-cyberespionage-attempt-abiss Mostly the reason I would hit up an antivirus or endpoint security firm is to monitor

[Dailydave] Amusement

So one of the hardest jobs as a penetration testing firm is when a new bugclass starts getting popular, for whatever reason, you have to find a way to explain to your clients that not only do they have to adjust their defenses, but the defenses they put in place for the last bugclass may, in fact,

[Dailydave] "For the Glory of the State Machine"

So for the past while I've been obsessed with HTTP Desync Attacks . A lot of people call this "http request smuggling" which is a dumb name in a few ways, most specifically because it restricts the bug class (and hence your mindset) down to the smallest

[Dailydave] The Past is not the Past

https://techblog.mediaservice.net/2019/05/raptor-at-infiltrate-2019/ <--Marco Ivaldi's blogpost on INFILTRATE. I would go into more depth in this email but I feel like you should just go read his post and watch his talk: https://vimeo.com/335197685. -dave

[Dailydave] The Gods of Malice

So if you have not, I highly recommend watching the first two episodes of our INFILTRATE 2019 series: https://vimeo.com/322257258 (Part 1: XANADU) https://vimeo.com/329589102 (Part 2: Rise of the Demiurge) One major thing Infiltrate does differently is the Dry Runs that we have every speaker do.

[Dailydave] 0days Post

When in the course of human events, it becomes necessary for one person to communicate information about an unknown vulnerability to the public, they often do not do so in the manner to which you might expect: With all due pomp and circumstance, a ringing of the sacred bells, a phone call to Kim

[Dailydave] Static and Dynamic Analysis

So one thing I often find weird about our industry is how it gets taken over by marketing language and the utility of entire classes of products gets clouded over. For example, part of any SDLC is going to be static and dynamic analysis. However, if you ask a normal security manager what kinds of

[Dailydave] INFILTRATE Talks

We've announced all but one of the INFILTRATE 2019 speakers! http://infiltratecon.com/speakers/ Probably the hardest question to answer about a CFP I've found is "Why wasn't this particular great talk chosen?" and I've gotten a few of these since the announcement letters went out. Part of the

[Dailydave] Modern Meanness

"Every man loves what he is good at", said Thomas Shadwell, poet laureate of England, a few hundred years ago. Coincidentally, a few years ago I was on a TF2 server with a different Thomas Shadwell. I actually grew up with Team Fortress Classic, and then when I had kids I got back into TF2 because

[Dailydave] Bring a question, and sunblock.

https://twitter.com/daveaitel/status/1084837761796980736 Project Zero released about five different bugs today in Windows: https://bugs.chromium.org/p/project-zero/issues/detail?id=1683 This is my favorite bit: """ *Ultimately I warned you after cases 36544 and 37954 that you should be fixing

Re: [Dailydave] CVSS is the worst compression algorithm ever

Thu, Jan 10, 2019 at 9:59 AM toby wrote: > I'm going to nitpick this. Not because your complaints about CVSS are bad, > just that they are unsupported and insufficiently explained. > > On Tue, Jan 8, 2019 at 8:23 AM Dave Aitel wrote: > >> I wanted to take a few minutes and do

[Dailydave] CVSS is the worst compression algorithm ever

I wanted to take a few minutes and do a quick highlight of a paper from CMU-CERT which I think most people have missed out on: https://resources.sei.cmu.edu/asset_files/WhitePaper/2018_019_001_538372.pdf Towards Improving CVSS -

Re: [Dailydave] Modchips of the State [ CCC December 2018 talk by Trammell Hudson ]

Ok so this was a good talk. He started off with why it would be difficult to do things in a factory, although everything he noted (which were protestations from a manufacturer) seemed pretty overcome-able. For example "We have our own employees on site checking for security issues such as this" -

[Dailydave] TALKS

You can still submit talks to the INFILTRATE CFP btw. :) http://infiltratecon.com/cfp/ We have profit sharing for speakers, and it's a more fun and USEFUL conference than others you might have seen. For us by us, etc.! :) Right now I'm watching Sophia's Jailbrakecon

[Dailydave] CTFs

So at CSAW a couple weeks ago there was a CTF, and like most conferences, it worked out well. I mean part of it is Vector35 doing their magic and a set of players who had both skills and focus. (Vector35 will be back with a bigger class at INFILTRATE this year!) Anyways, I both love and hate CTFs

[Dailydave] Elephants and information leaks

https://immunityproducts.blogspot.com/2018/11/recent-kernel-memory-disclosure-bugs-in.html We don't usually detail publicly the amount of engineering that goes into a CANVAS exploit. But above is a blogpost about some of our recent work. If you are a CANVAS Early Update customer, the Windows

[Dailydave] 2019 Keynote: WINDOW SNYDER

https://vimeo.com/135888545 - Andrew Cushman, 2012 I wanted to highlight how much I lie awake at night thinking about keynotes. And I think we have a good record on them, if for no other reason than we refuse to do the standard drill. At other conferences, keynotes go to sponsors or to people

[Dailydave] Quasi-Clans

So we're announcing the INFILTRATE keynote tomorrow, and as I was on vacation last week, sitting on a different beach from the beach I normally sit on, I spent some time reflecting on what INFILTRATE really looks like, you know, as part of my effort to "find myself" or whatever I was doing.

[Dailydave] Wormy worms.

https://www.youtube.com/watch?v=L96bfxIisq4 So I spent some time last week watching this talk, and a few of the other Hack.lu talks. A large part of this talk is about a historical walkthrough of both public work on the subject, and public examples of various worms which operated as

[Dailydave] INFILTRATE CFP KEYNOTES

Doing a keynote is a lot of work - the peer review alone is brutal. And we work hard on getting our INFILTRATE keynote speakers to present a unique vision and perspective on our business, community, or overall strategy. Usually, I personally call in favors from people I know or friends of friends,

Re: [Dailydave] Voting Village at Defcon

> Sure, it's SQLi, but I'm not sure why you'd minimize her effort. > According to the village's Twitter account, she changed the vote tallys > from a replica of the site. https://twitter.com/VotingVillageDC It > would be nice if the media reported on the recommendations that

[Dailydave] Hammerhead repost for Halvar

From: https://web.archive.org/web/20040131120103/http://www.immunitysec.com:8010/29/2002 - Fishing for Obscurity Some sharks and fish have a unique sixth sense – they can generate and detect electrical fields, even minute ones. According to the font of all natural knowledge, the Discovery channel

[Dailydave] Assessment

So soon after the Immunity deal closed we had this big all hands conference call with everyone in the larger Cyxtera group on it, and Chris Day, who runs the group I'm in, said, "Hey Dave, can you give everyone a quick rundown as to what Immunity is, now that we're all one big team?" and I'll be

[Dailydave] Project Grapple

https://www.local10.com/sports/liberty-city-kids-form-unlikely-team-combining-2-sports-while-learning-life-lessons- https://www.flograppling.com/video/6044979-project-grapple-the-jiu-jitsu-non-profit-changing-lives https://www.instagram.com/project_grapple/ Hi everyone! So for those of you who

[Dailydave] To DARPA, re CGC! CC: Everyone else! :)

So this experiment is super interesting. And there's a ton of great new fuzzers coming out. AND I DARE YOU TO PROVE TO ME THAT SMT STUFF IS NOT JUST A HUGE WASTE OF TIME BY REDOING THIS EXPERIMENT WITH THEM! :) In particular Angora looks extremely good. The paper is well worth a read:

[Dailydave] Biofilms

So let's say you are attacking a large network, and you have a number of implants on that network. At some point, some of those implants get coopted by the defenders (or by another attacker). You want to change the behavior of your implants if enough of them are compromised or killed. There are

[Dailydave] Ants in your pants

Recently at RPISEC and on Twitter people have asked me what the design differences are between INNUENDO and something like Meterpreter. I think these are quite large really, and worth trying to explain. Really it boils down to a fundamentally different algorithmic approach to distributed

[Dailydave] Keynotes

So I'm about to do V6 of my T2 keynote - usually it takes about 10 full runs until a keynote is good. This is why we are very very careful about asking people to do keynotes. They typical first run of a keynote gets feedback like "This is terrible. Just terrible. Awful". (Except Halvar's). In any

[Dailydave] Eulogy

It's 11am. I'm pretty drunk right now. Lee would have liked to have known that his passing was noticed. For those of you who knew him. -dave ___ Dailydave mailing list Dailydave@lists.immunityinc.com

[Dailydave] Twitter

Right now everyone is going on and on about how Russians spent 256K on ads on Twitter to influence the election. Much less understood is how great Twitter ads are for targeting phishing attacks! I wrote this whole article while back here

[Dailydave] Diversity Programs

https://vimeo.com/230504167 So I wanted to quickly go over how important it is sometimes to write the exploits from scratch. Honestly, we can't figure out what's wrong with the MSF version of this exploit, or understand why Microsoft didn't point out it was also a LPE. But it's worth knowing and

Re: [Dailydave] CGC Wrapup Video

uln only reachable with a non CGC infrastructure cpuid and > the team would now target that vulnerability, losing out on the points they > were getting before and netting rubeus some free defense points when they > were still vulnerable. > > > On Thu, Aug 17, 2017 at 3:59 PM, dave ai

Re: [Dailydave] DARPA CGC Recap

I just want a list of which vulnerabilities were exploited by which engines and in what round + all the vulnerabilities in source (which is in the repo I think). :) In a way, having them be able to SEE people throw vulnerabilities at each other corrupts the data a bit I think, because you no

Re: [Dailydave] Quantum Key Distribution

http://www.scmp.com/news/hong-kong/article/1259508/edward-snowden-us-government-has-been-hacking-hong-kong-and-china Obviously motivation is my editorial analysis. :) -dave On 8/10/2017 11:50 AM, J.M. Porup wrote: > On Thu, Aug 10, 2017 at 11:41:43AM -0400, dave aitel wrote: >> Whil

[Dailydave] Quantum Key Distribution

While nothing cryptographic has leaked from the Snowden documents to the public, Edward Snowden did give up a lot of things to the Chinese to get out of Hong Kong, and I notice that they've recently invested very heavily in Quantum Key Distrubtion (for example, shooting satellites up with

[Dailydave] SMBLoris

So I know it's Microsoft Tuesday, but we've been working on that SMBLoris bug a bit more for release to customers as well, and as part of that, we're spending a lot of time thinking about it, as deceptively simple as it is. The thing I'm wondering is why people outside of FinancialSec think DoS

[Dailydave] Things pipacs said

Ok, so pipacs is no joke, as is obvious to all of us, but I really wanted to drill down and shorten his point, which is this: When you make a hypervisor do real work, you turn it into a kernel. And the level of access you have on a kernel (even sandboxed) for a reasonable workload is almost always

[Dailydave] Fictions we are not maniacal about.

Ok, so not to draw a contrast to today's events with regards to the US Military's acceptance of the T in LGBT but Immunity is hiring penetration testers and exploit writers (DC/Miami), we do important work, and we do it in an inclusive way. You can send your CVs to ad...@immunityinc.com, and we

Re: [Dailydave] Encrypted Malware Traffic Detection == hilarious?

compute and > storage costs are usually quite high. There are a lot of trade-offs. > Honestly, most people get lost and never get clarity about what and how > they are trying to detect and whether the data and techniques align with > their desired results. They take an opportunistic stab

[Dailydave] Encrypted Malware Traffic Detection == hilarious?

Let's talk about the giant pile of wrong that is this reporting on Cisco's new marketing campaign around detecting encrypted malware traffic. "This is a seminal moment in networking" is the quote

[Dailydave] Biggest Rocks and Glassiest Houses

Ok, so what I was hoping to do was convince Tenable and Qualys to dig into their data today and answer a simple question that confounds the entire policy world. They say a few pithy things, and without any data whatsoever, as is their truest love. The most common thing they say, such as on the

Re: [Dailydave] t2'17: Call For Papers 2017 (Helsinki, Finland)

ope.html > [5] > > http://yle.fi/uutiset/osasto/news/finnish_intelligence_warns_foreign_powers_targeting_young_politicians/9540600 > [6] Except literally @nudehaberdasher and @0xcharlie > [42] Ladies, gentlemen, and hackers, this year our head

[Dailydave] Andrew Johnson / Sacha Faust - Cloud Post Exploitation Techniques @ Infiltrate 2017

https://vimeo.com/214855977 So imagine if instead of trying to use SMB everywhere inside corporate networks it had used Active Directory techniques, or maybe a bit of both? And in addition, people have poorly understood the risks of the way the Active Directory model was ported to the cloud.

[Dailydave] Smart channel configurations, something you needed but never thought you needed, like a thneed.

https://vimeo.com/215905922 https://vimeo.com/215906923 https://vimeo.com/200421115 Ok, so I have a hard time explaining what it means for an implant to be "brainy". To be fair, we have a hard time explaining WHY we want our implants to be brainy. Not-brainy is a perfectly valid approach! Many

[Dailydave] INFILTRATE 2017 Initial Thoughts

We are in a time of different skies falling than expected. It's hard to remember this, but only a couple years ago, remote vulnerabilities and exploits were thought extinct. Everyone moved to client-sides and exploiting trust relationships in domains and strange cryptographic incantations like

Re: [Dailydave] Question re: Juniper

No I want to know if they fixed the backdoor or simply restored it to the original owner :) On Thu, Apr 20, 2017, 4:32 PM Joshua wrote: > Why are you asking Dave? Do you have a database of traffic you need to > decrypt for a customer? > > Sent from ProtonMail

[Dailydave] CGC vs Common Sense

A snippet of a conversation I had today with Bob the Hacker (B): B: AFL totally fucked that competition from a diversity point of view D: Well maybe that's a problem? I feel like someone should be asking these questions. B: Well, it is a problem B: The entire CGC sidetracked many of the most

[Dailydave] Question re: Juniper

Did Juniper actually fix the many bugs that led to the potential for backdoor access via the trojaned random number generator, or just change the key back to the original? In other words, if I have the private key, can I still decrypt Juniper VPN traffic, or no? -dave

[Dailydave] INFILTRATE! YES! YOU SHOULD COME!

https://blog.trailofbits.com/2017/03/23/april-means-infiltrate/ *blushes* Conferences are about a community coming together. There was a point, a while back, when we all realized that BlackHat no longer really represented our community - maybe the fiftieth time we saw someone apologize on stage

[Dailydave] Blinken Lights IDS

Everyone I know lived through the "Blinken-Lights-IDS" phase. This is back when you had dial-up or perhaps very early Internet and you were the only person on your switch, and most importantly, you slept and lived near your computer and switch because you were a poor college student or similar. So

[Dailydave] What has Fallen

No matter how "strategic" everyone says they are in our community, or in the NatSec policy community adjacent to it, people have the localized perspectives of a gecko, endlessly chasing moth after useless moth attracted to the laundry-room-light of Fail that is the software development world. If

[Dailydave] The Value of Offensive Conferences

It's no secret that in order to get ahead, you cannot send your technical people to BlackHat and Defcon. That's where you send your sales engineers, which is a sad thing, since I really enjoyed the earlier days of BH and DefCon, but the smaller conferences are a world ahead when it comes to the

[Dailydave] SHA1

So what is it that breaking SHA1 gets you on Windows boxes? -dave ___ Dailydave mailing list Dailydave@lists.immunityinc.com https://lists.immunityinc.com/mailman/listinfo/dailydave

[Dailydave] Tactical OPSEC in INNUENDO

https://vimeo.com/200421115 If you have ten minutes in some line at RSAC, and you want to see a great video, then click that link above. :) The summary is this: You only want your implant to use the web for C2 when there are people using the web! No implant should be going out over HTTPS when

[Dailydave] Improvements

http://www.securityweek.com/crowdstrike-sues-nss-labs-prevent-publication-test-results [image: fRPrLXf.jpg] One thing I've had problems with is learning that people can "get gud". It's one of the reasons I always cringe at the inevitable policy trope of "Cyber war is easier for attackers than

[Dailydave] Confusion and hosts and reputation

So I've spent some time today trying to understand the various hoopla around "domain fronting". And it's a TOCTOU bug that cloud providers could fix, but hopefully won't. Previous state of the art in bypassing WebSense and Cisco's proxy and FortiGate and the rest was just to hack some random PHP

[Dailydave] Webex and RCE

Trainings tend to be about the past. They are more war stories than distilled wisdom. Like when we teach you how to do a client-side and then a kernel exploit , that's because that's the attack path that's been most successful for us in

Re: [Dailydave] #HackingTogether.org

Just as a secondary note, we always offer non-alcoholic cocktails at INFILTRATE for similar reasons... -dave On Mon, Jan 23, 2017 at 4:05 PM Rob Fuller wrote: > I'm soo late to this game but I made a video to describe my feelings about > it and help where I can to spread

[Dailydave] Just so you don't have to...

I went through the Shadowbroker.zip file they released. It's like, super old boring crap but the following readme's were mistakenly included it seems. I'll hit a few enters if you don't want to read it because you have clearance. -dave # as

[Dailydave] Adversary Simulation

So obviously everything a penetration testing company does is at some level "Adversary Simulation". I like to call it "Focused Training" - because penetration testing is more about education than anything else, but the WAY you do to that is by emulating and instrumenting some sort of adversarial

[Dailydave] they are all different.

I haven't written much lately, but I know you'll forgive me. Lately I've written a lot on theother blog , cheating on you, the DailyDave reader, because I felt expending my verbal energy on rhetorical defense against the mind-scar that is the Vulnerability

[Dailydave] Immunity is throwing a shindig in Laurel MD Nov 21st!

https://twitter.com/Immunityinc/status/786561783691481088 It's not just about the beer - it's really more about sharing our experiences throughout the year writing and enjoying the delicious brew that is modern exploits! We have two talks, both of which will be great. Please email

Re: [Dailydave] Book Reviews

> You can with stored cross site scripting. > > You if the app is also vulnerable to cross site request forgery. > > You can if you steal a privileged session and you have network access. > > -Eric > > On Oct 10, 2016 11:24 AM, "Dave Aitel" <dave.ai...@gmai

[Dailydave] Book Reviews

2 Book Reviews in this post. 1. Lab Girl : Probably the best book I've read all year. Immediately go and purchase and read this. Speaks well to the hacker spirit, but is written

[Dailydave] Dealing with large colony sizes

https://vimeo.com/181992289 Tagging and Automation https://vimeo.com/182118990 Web Powershell Channel Ant colonies used to be very small. Some of the features Ants needed to develop (specialized genes for controlling size in various castes of the colony, for

[Dailydave] Lawfareblog podcast on the VEP

https://www.lawfareblog.com/lawfare-podcast-dave-aitel-and-matt-tait-how-everything-you-know-about-vulnerability-equities You'll notice that there isn't really a pushback to the arguments in this podcast from the usual suspects. Maybe that's because after they listen to it, they kinda agree? My

[Dailydave] Latency is a demogorgon

So every remote access trojan framework has a high level interpreter built into it these days. It brings you back to something from that Zero Day movie (which we all watched drunk to make it bearable, admit it) where a Kaspersky analyst talked about Stuxnet being "Big but amazingly BUG FREE".

[Dailydave] A Peer Review of the Latest Bellovin Paper on Cyber Weapons

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2809463 Limiting the Undesired Impact of Cyber Weapons: Technical Requirements and Policy Implications Steven M. Bellovin, Susan Landau, and Herbert S. Lin *Acknowledgements: We are grateful for comments from Thomas Berson, Joseph Nye, and Michael

Re: [Dailydave] "I hunt Sys-Admins"

ilman/listinfo/dailydave > or, via email, send a message with subject or body 'help' to > dailydave-requ...@lists.immunityinc.com > > You can reach the person managing the list at > dailydave-ow...@lists.immunityinc.com

[Dailydave] Support Classes

https://www.josipfranjkovic.com/blog/race-conditions-on-web Everyone read that post because it's some good shit. Unrelated to the rest of this post, but still great. Ok, now that you are done: Lately, like all of you I have been playing Overwatch. Usually I play with people in infosec because

[Dailydave] 3rd Party Doctrine

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2791646 Someone needs to write this paper, but for the Intelligence Community law... This is an extremely long way of saying "What we have now as legal doctrine doesn't work because the physics has changed underneath us." If you read this paper

[Dailydave] Knowledge Transfer

From Spender's recent Keynote : """ Conferences poor method of knowledge transfer Good method of making audience feel “knowledge” transfer Accept that it’s basically show-and-tell, that understanding of a topic requires more than an hour, sometimes

Re: [Dailydave] Where the nuclear metaphors all breakdown.

ared intel leading to kinetic, financial or other ops. All not > likely given strategic mistrust between the two sides > > -Original Message- > From: dave aitel [mailto:d...@immunityinc.com] > Sent: Wednesday, May 18, 2016 3:35 PM > To: Adam M. Segal <ase...@cfr.org>;

[Dailydave] Bug Finding.

http://cybersecpolitics.blogspot.com/2016/05/the-common-thread-fuzzing-bug-triage.html I like to do analysis of this field for some reason. And I wrote up a big thing about it. And I included jokes, but not too many! Because it's super serious and stuff. You should read it if you're a project

[Dailydave] Book Review: Janna Levin's "Black Hole Blues"

http://www.amazon.com/Black-Blues-Other-Songs-Outer/dp/0307958191 So I wanted to do a quick review of Janna Levin's book on gravitational waves. In specific, her book is on how BIG SCIENCE happens. Because finding actual gravitational waves makes for a great case study - it was done in public,

[Dailydave] You cannot use IDS data to talk about 0days or attacks.

This paper is bad in many ways, but in particular it confuses binaries with 0day (which are more related to vulnerabilities), uses a simplistic "windows of vulnerability" model, and uses the Symantec WINE dataset to try to derive real data from.

[Dailydave] Naming/Shaming Iran was a Bad Idea (tm)

Please click and share, as they say. http://cybersecpolitics.blogspot.com/2016/04/namingshaming-iran-was-huge-mistake.html -dave ___ Dailydave mailing list Dailydave@lists.immunityinc.com https://lists.immunityinc.com/mailman/listinfo/dailydave

[Dailydave] Conference Strategy vs Tactics

Someone asked me yesterday "Why do INFILTRATE? Why did you even start it?" And the answer was more complex than I could say at the moment. Strategy always is, because narratives are linear and strategy is by definition a complex tree of weighted possibilities. But I want to say a few things about

[Dailydave] Fingerprint biometrics attack paper...

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.10.7168=rep1=pdf I want everyone to click on this paper and then maybe help explain it to me! From what I understand they got a fingerprint reader to tell them how hot/cold they were to an acceptable fingerprint. So they they modify a

Re: [Dailydave] Blind SQL Injection Still Worky Worky

. For the most part people think "SQLMap" is as good as it gets, and it's still great and very useful but it of course, has many limitations when it comes to doing things in the wild. -dave On Fri, Apr 1, 2016 at 11:38 AM Dave Aitel <dave.ai...@gmail.com> wrote: > IN

[Dailydave] Blind SQL Injection Still Worky Worky

INFILTRATE 2016 is coming up and the office is super quiet because everyone else is helping set up the training at the Fountainblue. It's "go time" which means I can only fuck things up with my preemption and annoying questions and high levels of anxiety. So I'm

[Dailydave] I watch the 2016 RSAC Keynotes so you don't have to

http://www.rsaconference.com/videos?tags=Keynote I like to watch all the keynotes after RSA and see what kinds of themes there are. Partially because keynotes are 100K at RSAC and that means that probably someone put time and effort into making them worth listening to? They are like the SuperBowl

Re: [Dailydave] Hacking critical infrastructure.

hat every GOV computer even remotely concerned > with the notion of the critical infrastructure will have it leaving > your adversary no choice to ignore them. > -- > Konrads Smelkovs > Applied IT sorcery. > > > On Mon, Mar 14, 2016 at 3:31 PM, dave aitel <d...@immunityinc.com>

[Dailydave] Hacking critical infrastructure.

http://cybersecpolitics.blogspot.com/2016/03/cyber-norms-futility-of-blacklisting.html If you disagree with this post, please spam here instead of twitter, which has only terse horribleness as its argument protocols. :) -dave ___ Dailydave mailing

[Dailydave] Anonymous-group-redphones

People think the idea of a group-based anonymous redphone is a little weird when it comes to norms for state actors in the cyber realm. It is not. In fact, there already is one, for those of you who have not caught up yet: This list. Dailydave has a very large audience. But when you email it,

[Dailydave] Watermarking Intrusions.

http://cybersecpolitics.blogspot.com/2016/03/a-technical-scheme-for-watermarking.html It'd be great to hear from some non-US people in the industry as to whether they think this sort of thing is doable on their end. Likewise, it's not clear what parts of a technical proposal are most important?

[Dailydave] Watching the Debate?

I did this keynote at S4 in January (pre-Apple-lawsuit) https://www.youtube.com/watch?v=p1zSlUBfSUg Feel free to heckle remotely by sending emails to this list. :) -dave ___ Dailydave mailing list Dailydave@lists.immunityinc.com

  1   2   3   4   >