Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

How to Disclose or Sell an Exploit without Getting in Trouble 3: Minimizing Disclosure Problems

Providing a deeper insight into risk mitigations, James Denaro lists and explains a few options for staying on the safe side when making exploit disclosure. Another thing you want to do is be aware of pre-existing contractual relationships that you as a security researcher might have with the target of...

How to Disclose or Sell an Exploit without Getting in Trouble 2: CFAA and TRO Risk Mitigations

Elaborating on the Computer Fraud and Abuse Act as well as temporary restraining orders, James Denaro now advises on ways of mitigating the respective risks. We’ve got some examples here (see right-hand image) where CFAA has been applied. I think it’s helpful to look at some examples because that’s...

How to Disclose or Sell an Exploit without Getting in Trouble

James Denaro, patent attorney at CipherLaw, delivers a presentation at Defcon highlighting the legal risks InfoSec researchers might run into in their activity. The topic for today is how to disclose or sell an exploit without getting in trouble. I’m Jim Denaro. I’m an intellectual property attorney...

Prowling Peer-to-Peer Botnets after Dark 4: Methodology for Analysis Accuracy

Dwelling on the ways to ensure accurate botnet evaluation, Tillmann Werner focuses on distinguishing peers and introduces the especially tailored Prowler tool. What you see here is analysis of the convergence for the P2P botnets we crawled (see right-hand image). On the left-hand side, you see a curve...

Prowling Peer-to-Peer Botnets after Dark 3: Crawling Strategies

Entirely focusing on the subject of crawling P2P botnets here, Tillmann Werner explicates the motivations for this process as well as applicable strategies. Let’s talk about crawling. Crawling is nothing else but recursively enumerating peers. You start with one peer, you request its peerlist, you take a...

Prowling Peer-to-Peer Botnets after Dark 2: Architecture and Protocols

Tillmann Werner delves into the details of peer-to-peer botnet architecture and describes protocols used in the Miner and different versions of ZeroAccess. Interestingly, for all botnets that you’ve seen on the previous list the architecture is not purely peer-to-peer. It’s hybrid architecture. That’s...

Prowling Peer-to-Peer Botnets after Dark: Ins and Outs of the P2P Underworld

CrowdStrike’s researcher Tillmann Werner provides an extensive overview of peer-to-peer botnets, covering the essentials and architecture details thereof. Welcome to my presentation! I’m Tillmann Werner; I work for a company called CrowdStrike which is an American startup that deals with targeted...

A Password Is Not Enough 6: Disk Encryption with the Phalanx Toolset

Description of the Phalanx, a disk encryption tool released by Daniel Selifonov, some security assumptions and general conclusions are what this part is about. And so, the tool I’m releasing – it’s, really, a proof-of-concept experimental code; I call it Phalanx (see right-hand image). It is a patched...

A Password Is Not Enough 5: Secure Architecture Design

Daniel Selifonov dissects a blueprint reflecting virtually attack-proof system architecture that prevents disk encryption from being seriously compromised. So, let’s look at a blueprint (see right-hand image), what I think we should have for getting a system from a cold boot up into when we have our...

A Password Is Not Enough 4: Using TPM to Combat Specific Attacks

Based on Daniel Selifonov’s perspective, learn the security measures prior to authenticating to a PC and the way TPM protects from hardware and reset attacks. We want to then develop a protocol that a user can run against the computer so that they can verify that the computer has not been tampered with...