This podcast has a main focal point of security and how it works what you can do to protect yourself and how the experts are doing. We can go and check on them together!
I will have artwork and a video for all podcast future and past presentations
BlackHat USA: https://www.blackhat.com/us-17/
Pawnie Awards: http://pwnies.com/
Hacker Newspaper: http://thehackernews.com/
Hack Read: https://www.hackread.com/
Pwnie for Best Backdoor (new for 2016!)
Awarded to the researchers who introduced or discovered the most subtle, technically sophisticated, or impactful backdoor in widely used software, protocols, or algorithms.
- Juniper ScreenOS: 哈哈哈哈哈哈 (CVE-2015-7755 & CVE-2015-7756)
- Credit: Chinese Information Operations and Information Warfare Center
- Although many vendors intentionally backdoor their products, because they hate their users, some companies have to rely on the cyber warfare divisions of global powers to do so. In late 2015, Juniper issued an advisory claiming that “unauthorised” code in the Netscreen operating system had been active for the last few years. Netscreen firewalls are externally exposed by their very nature and it wasn’t long before two sets of issues were uncovered. In a nod to grunge 90s, a SSH backdoor was added that allowed anyone (mostly China) to login to a Netscreen device over SSHusing a hardcoded backdoor. The security firms who published the details did so know that far too many sysadmins were stuck at their in-laws over the December holidays and looking for any excuse to spend some quality time in a dark room by themselves. The second issue was far more interesting. In an attempt to make all of the privacy crazies^W^W crypto activists feel better about themselves, the Dual_EC RNG constant hardcoded into the Netscreen firmware was changed from one mysterious constant to another. Juniper hasn’t clarified whether the first constant was a backdoor as well, but it is safe to assume that the entire Netscreen platform should be gently lowered into a volcano at this point. Eight months later, not much is publicly known about how these backdoors were added, or which Juniper developer has a storage unit full of Chinese tiger p**** wine as a result.
===== Quotes =====
===== Diagramas ======