Defensive Security Podcast Episode 121

http://www.databreaches.net/fbi-cyber-division-bulletin-on-tools-reportedly-used-by-opm-hackers/
https://fortune.com/sony-hack-part-1/
http://www.csoonline.com/article/2938310/data-protection/lieberman-mandiant-and-verizon-wrong-on-unstoppable-threats.html
http://www.itworld.com/article/2939255/windows/the-us-navys-warfare-systems-command-just-paid-millions-to-stay-on-windows-xp.html

3 thoughts on “Defensive Security Podcast Episode 121

  1. Thanks for the excellent show.
    I have a suggestion that I hope you embrace.
    Bloggers are now being used by the government to feed the party line (propaganda) to the masses.
    Non-cooperation results in serious threats.
    I think if bloggers start using the warrent canary system then they would be provided with at least some protection. What do you think?

    https://canarywatch.org/

    1. It’s an interesting idea I hadn’t thought about until now. I am trying to think through the logistics and I suspect there is a problem of incentive to deal with. The problem that warrant canaries are trying to solve is where an organization receives some form of a warrant that prohibits disclosure of the warrant’s existence. And so long as the warrant receiving organization complies with the terms of the warrant, they have nothing (or at least little) to fear. The warrant canary is way to bypass the secrecy terms, to an extent, while remaining compliant with the terms of the warrant.

      In the blogger as a conduit for propaganda scenario, I wouldn’t expect there to be warrants involved, but rather bullying. I admit that I don’t have any experience with this, however it seems to me that “deal that can’t be refused” for the blogger wouldn’t have legally “safe” way for the him or her to leverage a warrant canary. I doubt the “request” would arrive in the form of a warrant with secrecy terms attached, but rather some implicit or explicit threat of some kind. From that angle, I suspect a blogger would either cease operations/quit, indicate no issues through the canary mechanism (i.e., lie), or go public and face whatever may come.

      Having said all of that, I am a bit skeptical about the premise. Governments around the world are employing masses of people to be propaganda agents, exerting influence through brute force. Sock puppets don’t turn on you. Well, usually they don’t.

      1. Thanks for the insight.

        I like use the saying from HHG to the Galaxy.
        “Good bye and thanks for all the fish.” When I comment on a suspect site. The fish are of course… Red Herring
        Amazing description of the red herring on wikipedia.

Leave a Reply