Risky Business

On this week’s show we’re speaking with Susan Hennessey, a Fellow in National Security in Governance Studies at the Brookings Institution and managing editor of Lawfare. We’re talking to her about cross-border law enforcement in the Internet age.

We hear a lot of people in the infosec community expressing some discomfort with the FBI’s use of Network Investigative Techniques designed to de-cloak Tor users. Susan pops by to explain why the FBI and other law enforcement bodies aren’t worried about the international ramifications of dropping de-cloaking technique on the whole planet.

We also cover off a few of the other issues around how data can be turned over to various governments. It’s a fascinating chat and it’s coming up after the news.

This week’s show is brought to you by Tenable Security. In this week’s sponsor slot we’ll be hearing from Ray Komar, Tenable’s VP of technical alliances. We’re talking to Ray about a partnership Tenable has formed with Siemens. They’re trying to tackle the issue of tracking vulnerabilities in industrial control system equipment, but as you’ll hear, people aren’t actually buying it so much for the vulnerability tracking side, they’re buying it for the visibility side. It turns out dropping a passive scanner on your ICS network is a good way to know what’s actually ON your ICS network.

As always, Adam Boileau pops in to discuss the security news. We cover:

• The Uber hack
• Apple’s comedy “root” bug
• Krebs on possible Shadowbrokers link
• Charges against more Chinese APT operators and Iranian HBO attacker
• More “hack back” legislation action
• Intel ME bug details
• Golden SAML
• MOAR

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Uber Hid 57-Million User Data Breach For Over a Year | WIRED Lawmakers demand answers from Uber after massive data breach - Cyberscoop Apple MacOS High Sierra Security Flaw Lets Anyone Get Root Access, No Password Required | WIRED Who Was the NSA Contractor Arrested for Leaking the ‘Shadow Brokers’ Hacking Tools? — Krebs on Security DOJ reveals indictment against Chinese cyber spies that stole U.S. business secrets China hides homegrown hacks from its vulnerability disclosure process Feds Indict Iranian for HBO Hack—But Extradition Isn't Likely | WIRED Guilty plea for Canadian charged in 2014 Yahoo hacking case Rep. Graves: 'Active defense' bill will launch a new industry Intel Management Engine Flaws Leave Millions of PCs Exposed | WIRED mjg59 | Potential impact of the Intel ME vulnerability Researcher discovers classified Army intel app, data on open public AWS bucket | Ars Technica How Bots Broke the FCC's Public Comment System During the Net Neutrality Debate | WIRED Newly Published Exploit Code Used to Spread Mirai Variant | Threatpost | The first stop for security news Fund Targets Victims Scammed Via Western Union — Krebs on Security No Patch Available for RCE Bug Affecting Half of the Internet's Email Servers Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps - CyberArk Could Terrorists Hack an Airplane? The Government Just Did. Symantec Encryption Desktop Local Privilege Escalation – Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS – Nettitude Labs Patrick Gray on Twitter: "So the password Wikiloons sent Jnr wasn’t a CMS password, it was just used to get to a content preview. A dozen outlets had the password, so… https://t.co/sYpaR2DgxT"