[Dailydave] What is important?

https://vimeo.com/270394910 Attacking a co-hosted VM, Paul Fariello, Mehdi Talbi, INFILTRATE 2018 I find that I often have a distorted view of what the "most important" INFILTRATE talk is every year. But since Immunity is merging with a data center company, it does make sense to give extra

[Dailydave] Strategic Keynote: Matt Tait

Matt Tait's INFILTRATE 2018 keynote: here , is really about the intersection of two different strategic risk bubbles. It is about a misunderstood or mis-articulated security dilemma. On one hand, vulnerabilities which get auto-silently-patched do not get used by

[Dailydave] INFILTRATE 2018: Ghost in the Locks

https://vimeo.com/267613809 Ghost in the locks, Tomi Tuominen, Timo Hirvonen, INFILTRATE 2018 This was one of our mystery talks this year, and I have to say, you'll never trust your hotel room door again. :) -dave signature.asc Description: OpenPGP digital signature

[Dailydave] Trends and INFILTRATE

We got generally good feedback for INFILTRATE but in my view conferences are less "Are they enjoyable?" and more "What did people legitimately get out of it?" One thing I really like about INFILTRATE is we are small enough that the crowd is

[Dailydave] Sponsors!

So I wanted to take a moment this Friday afternoon and thank INFILTRATE's sponsors: Zerodium, Trail of Bits, Google, AWS, Microsoft, Draper, Siege Technologies, and Grimm I kinda wanted to point out that while now it's now in vogue to have offensive tracks, and people are talking about how

[Dailydave] Implants -> Persistence -> Fun! :)

Persistence is the focus of the newest INNUENDO release and it’s one we’ve been working on for a long time now. If you’ve not seen our release video which goes over these things in some depth it is here: https://vimeo.com/253864191 Persistence is one of those things that you really only figure

[Dailydave] Towards Heat Death

So much of internet security is pointing out to overly optimistic people that they are trying to fight from their back, against a hungry T-Rex who doesn't care about your brazilian jiu jitsu black belt, and has no arms to armbar anyways. Like, one of my favorite papers Immunity ever did was the

[Dailydave] Offering Gold Level Internet Service!

So every country, including the US, has decided that disconnecting from the outside world in the even of an attack might be a good idea, and gamed it through pretty thoroughly. Today's DefenseOne article was on Russia:

[Dailydave] What's next?

So right now I'm listening to alivestream from BAH on AI's usage in the military. It's good to get beyond the straight up Terminator-esque fear that is all the rage in policy circles right now. I mean, today you saw an

[Dailydave] Transitions

So much of BJJ is about transitions from one position to another. For example, when you have one kind of bugclass, and you apply a methodology to transform that into another bugclass. For example, recently I saw a talk during our INFILTRATE dry runs, where someone (not even hacking a browser or