Archive for August, 2019
Obit watch: August 20, 2019.
Tuesday, August 20th, 2019Obit watch: August 18, 2019.
Sunday, August 18th, 2019Cedric Benson, former UT and NFL player, was reportedly killed in a motorcycle accident last night.
He was 36. Reports are that a passenger on his motorcycle was also killed.
Obit watch: August 17, 2019.
Saturday, August 17th, 2019Quickly, because I’m busy again: Peter Fonda. THR.
Please refrain from tasting the KNOB.
Friday, August 16th, 2019As a Bluetooth guy, and as someone who just posted a bunch of DEFCON 27 stuff, I feel compelled to say something about the Key Negotiation of Bluetooth Attack (aka KNOB) which has been getting a lot of attention the past few days.
Here’s the actual paper from the USENIX Security Symposium.
Here’s a higher level overview of how the attack works.
Also of interest, also from USENIX, also getting some media attention: “Please Pay Inside: Evaluating Bluetooth-based Detection of Gas Pump Skimmers“. What’s cool about this is that the authors have developed Bluetana, an Android app that scans for Bluetooth devices in the area (every five seconds), displays a list of devices it found, and highlights ones that show characteristics similar to those of Bluetooth skimmers.
I’m fascinated by both of these papers, just based on a preliminary skimming. I’m hoping to do a detailed reading at that mythical point in the future when I have more free time…
Black Hat/DEFCON 27 links: August 16, 2019.
Friday, August 16th, 2019- Slides for “Moving from Hacking IoT Gadgets to Breaking into One of Europe’s Highest Hotel Suites” are finally available at the Black Hat site. I’ve only given this a quick skim, but I’m excited.
- Slides from “Deconstructing the Phishing Campaigns that Target Gmail Users” are here.
- It looks like, according to Philippe Laulheret, the most up-to-date version of his ““Intro to Embedded Hacking—How you too can find a decade old bug in widely deployed devices. [REDACTED] Deskphones, a case study.” slides are here By the way, my guess about the phone maker was wrong. Also: post on the McAfee Labs blog going into more detail about the exploit.
- Likewise, according to Dirk-jan Mollema, this is the most current version of his “I’m In Your Cloud… Pwning Your Azure Environement” presentation: slides, videos.
Apologies for being behind on this: I’m also working on another project that’s taking up a lot of my blogging time, but I hope to be done with that soon.
Obit watch: August 14, 2019.
Wednesday, August 14th, 2019The name may ring a small bell for some of you. Others of you may be more familiar with his father…
…Dr. Carl A. Weiss, aka “The man who shot Huey Long”.
Maybe.
The junior Dr. Weiss spent much of his life trying to prove that his father did not shoot Long. Some historians agree:
The counternarrative asserts that the doctor had only punched Long, that the bodyguards had overreacted and that Long was actually killed in the fusillade of their bullets. The guards were said to have then covered up their reckless response by pinning the death on Weiss.
“In his heart he knew the allegations weren’t true,” Carl III said of his father in a telephone interview. “The one-man, one-gun, one-bullet is not what occurred.”
Professor Richard D. White Jr., dean of the E. J. Ourso College of Business at Louisiana State University and the author of a more recent biography, “Kingfish: The Reign of Huey P. Long” (2006), shares those doubts.
“As a historian I cannot say either way, but deep in my heart I do not believe Carl shot Huey, but instead a stray bodyguard bullet hit him,” Professor White, who had met with Dr. Weiss Jr., said in an email this week.
…
Dr. Weiss ultimately cooperated with James E. Starrs, a forensic scientist at George Washington University, who tracked down Carl Sr.’s revolver (it was not unusual for Baton Rouge doctors making late-night house calls to be armed) and a single spent bullet.
They were found in a safe deposit box belonging to the daughter of Louisiana’s former top police official. Dr. Weiss joined the State Police in successfully suing to review the records and test fire the gun.
The police concluded that the bullet — if it was, indeed, the one that had killed Long — had not come from Weiss’s revolver.
Long’s clothes were also examined, and here the tearing of the material and the residue left on it indicated that Long had been shot at point-blank range. That undercut at least one theory — that Long was killed by a ricocheting bullet fired by a bodyguard.
I want to note here, for the record, that the supposed Weiss gun was not a revolver, but an FN Model 1910 pistol. As a matter of fact, it was this one.
I don’t know what to think about Long and Weiss. I’m inclined more in the direction of T. Harry Williams (who was writing close enough to the event that he could interview some first-hand witnesses, and believed that Weiss shot Long) than I am towards some of the later historians. On the other hand, the whole thing is just such a mess of botched investigations and chain of custody questions (how did the Weiss gun and the bullet end up in that guy’s safety deposit box?) that I doubt we’ll ever know anything for sure.
Quel fromage!
Tuesday, August 13th, 2019I don’t think this qualifies for flaming hyenas status. Yet.
…
…sources confirmed that the investigation involves an alleged “quid pro quo” between donors to six-term Sheriff Laurie Smith’s election efforts and people who have obtained concealed-carry weapons permits from her office, which has been relatively stingy about issuing the privilege compared to neighboring counties.
The sources also said that the probe, while publicly surfacing over the past few days, had been in the works far longer and that it is focused on some of Smith’s trusted advisers in the agency.
…
…at least four recipients of the 13 permits either issued or renewed last year donated at least $1,000 to Smith’s re-election efforts, including to her formal campaign or to the independent Santa Clara County Public Safety Alliance that supported her.
That includes match.com founder and Santa Clara County Valley Water District board member Gary Kremen, a Los Altos resident who donated $5,000 to the safety alliance group last fall, during Smith’s re-election bid for a sixth term.
Black Hat/DEFCON 27 links: August 13, 2019.
Tuesday, August 13th, 2019I had a lot of trouble finding this on the site, but: the DEFCON 27 media server is here.
- “Say Cheese – How I Ransomwared Your DSLR Camera”. Here’s the writeup from the CheckPoint Research website, which is the most detailed I’ve been able to find.
- Also from CheckPoint Research: the white paper for “SELECT code_execution FROM * USING SQLite;—Gaining code execution using a malicious SQLite database“.
- GitHub repo for the BAL Xilinx package. This is part of the “Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct FPGA Bitstream Manipulation” presentation, and includes links to the slides and white paper.
- I believe these are the most up-to-date slides for “GSM: We Can Hear Everyone Now!“
- Stumbled across this while looking for other stuff: “MITRE ATT&CK: The Play at Home Edition“. Slides here.
- There’s a long blog post at the McAfee Labs website about vulnerabilities in an industrial control system by Delta Controls. As I understand it, this is the basis for the “HVACking: Understand the Difference Between Security and Reality!” talk at DEFCON.
- PenTest Partners post on “Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss“.
I’ve got to wrap this up for now, as my lunch hour is almost over. I may try to do a second post tonight, if I find enough additional material to justify one. Otherwise, please share, enjoy, comment, and thank any presenters whose work you found particularly enjoyable or valuable.
Obit watch: August 13, 2019.
Tuesday, August 13th, 2019Dorothy Olsen. She was 103 when she passed away on July 23rd.
You’ve probably never heard of her, but she was one of the WWII Women Airforce Service Pilots (WASPs). The WASPs ferried military aircraft from manufacturing plants to points where they could then be flown overseas.
Transporting and testing the latest models, towing targets and transferring captured enemy planes, the WASPs collectively flew an estimated 60 million miles from 1942 to 1944. Thirty-eight died in accidents during training or on duty.
From her base in Long Beach, Calif., Mrs. Olsen flew 61 missions for the Sixth Ferry Group in nearly two dozen models, including P-38s, P-51s and B-17s. She flew them to West Coast airfields to be deployed in the Pacific, or to Newark to be deployed in Europe.
The WASPs were initially considered to be civil service employees and not military.
According to the paper of record, Ms. Olsen’s death leaves 38 surviving WASPs.
Henri Belolo, co-founder (with Jacques Morali) of the Village People.
I love the caption on that first photo.
TMQ Watch: August 2019.
Monday, August 12th, 2019Looks like the NFL is getting fired up again.
Yes, the loser update will return this year. We haven’t sat down to consider which teams are likely candidates for the Owen-16 trophy, but maybe we’ll get some time to do that between now and the start of the regular season.
But we are sure everyone is asking this question: what of Gregg Easterbrook and “Tuesday Morning Quarterback”? Has he found a new home, since the “Weekly Standard” folded up their tent and headed into the long dark night? And what of “TMQ Watch”? Will that be a recurring feature next year?
To answer the last question first: sadly, no. No “TMQ Watch” in 2019. Why?
To answer many inquiries from Tuesday Morning Quarterback aficionados – just finished novel #4, researching nonfiction book #7, there are only so many hours in the day. So no TMQ this season. Not ruling out for future. pic.twitter.com/sKkPielXIM
— Gregg Easterbrook (@EasterbrookG) August 11, 2019
Not our choice, Easterbrook’s. We may try to keep an eye on his Twitter feed for noteworthy items relating to the NFL. But we’ve found that Easterbrook’s Twitter feed is a reliable way of pressure testing our cerebral arteries, so we don’t recommend making bets on how much and how often we’ll be doing that.
Bagatelle (#13)
Saturday, August 10th, 2019Every now and then, I see a story in one of the papers and think to myself, “Dick Wolf’s going to get an episode of ‘Law and Order: Kinky Sex Crimes’ out of this one.”
Today is the first time I’ve ever thought “Dick Wolf’s going to get an entire season of ‘L&O:KSC’ out of this story.”
Black Hat/DEFCON 27 links: August 9, 2019.
Friday, August 9th, 2019Some more stuff I’ve stumbled across from Black Hat:
- “All Your Apple are Belong to Us: Unique Identification and Cross-Device Tracking of Apple Devices” by SparkZheng and XiaolongBai. Slides here.
- I didn’t flag these as ones I was interested in, but XiaolongBai retweeted links: “Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime” by Tao Huang and Tielei Wang, “Attacking iPhone XS Max” by Tielei Wang and Hao Xu, and “Debug for bug: Crack and Hack Apple Core by itself” by Lilang Wu and Moony Li.
- “Inside the Apple T2” by Mikhail Davidov and Jeremy Erickson. Slides here.
- And now, your break from things Apple: “Infighting Among Russian Security Services in the Cyber Sphere” by Kimberly Zenz. Slides here. I’m excited about this one, and I have a feeling it might pique Lawrence‘s interest, too.
- Blackhat version of a DEFCON presentation: “All the 4G Modules Could be Hacked” by Shupeng Gao, Haikuo Xie, Zheng Huang, and Zhang Ye. Slides here.
- This has gotten some public attention, so I’m linking it here without comment: “Arm IDA and Cross Check: Reversing the Boeing 787’s Core Network” by Ruben Santamarta. Slides here. White paper here.
I expect to be somewhere between slightly and highly busy this weekend, so updates will be catch as catch can. It might be Monday before I can pull more stuff together, but I’ll try as best as I can to get updates before then.