Sign up to save your podcasts
Or
Share Episode 06 - First, Do No Robotic Murder
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 06 - First, Do No Robotic Murder
Discussed Articles
1) How to Crash a Surgical Robot
How could your security controls be used against you?
* http://www.theregister.co.uk/2015/04/28/packet_of_death_how_to_crash_a_surgical_robot/
2) Defenders think in lists. Attackers think in graphs
Are you thinking of your defense in the same way that your attackers are thinking about coming at you? Is that a good thing? What would be the blast radius if one of your boxes was compromised?
* http://blogs.technet.com/b/johnla/archive/2015/04/26/defenders-think-in-lists-attackers-think-in-graphs-as-long-as-this-is-true-attackers-win.aspx
3) SHA-1 Migration
Legacy software continues to be a pain. Migrate sooner rather then later. Write software that is future proof as much as possible.
* http://www.theregister.co.uk/2015/04/30/sha_2_migration_headaches/
Breach of the Week
Superfish Redux
Lenovo will continue to ship bloatware which provides avenues for exploitation. Who wins in these situations besides law firms? Flatten your boxes with a known good minimal image.
* https://www.unitedstatescourts.org/federal/cand/284981/1-0.html
* https://news.ycombinator.com/item?id=9525834
View all episodes
Discussed Articles
1) How to Crash a Surgical Robot
How could your security controls be used against you?
* http://www.theregister.co.uk/2015/04/28/packet_of_death_how_to_crash_a_surgical_robot/
2) Defenders think in lists. Attackers think in graphs
Are you thinking of your defense in the same way that your attackers are thinking about coming at you? Is that a good thing? What would be the blast radius if one of your boxes was compromised?
* http://blogs.technet.com/b/johnla/archive/2015/04/26/defenders-think-in-lists-attackers-think-in-graphs-as-long-as-this-is-true-attackers-win.aspx
3) SHA-1 Migration
Legacy software continues to be a pain. Migrate sooner rather then later. Write software that is future proof as much as possible.
* http://www.theregister.co.uk/2015/04/30/sha_2_migration_headaches/
Breach of the Week
Superfish Redux
Lenovo will continue to ship bloatware which provides avenues for exploitation. Who wins in these situations besides law firms? Flatten your boxes with a known good minimal image.
* https://www.unitedstatescourts.org/federal/cand/284981/1-0.html
* https://news.ycombinator.com/item?id=9525834