-
Notifications
You must be signed in to change notification settings - Fork 20
/
dd07.html
161 lines (103 loc) · 8.69 KB
/
dd07.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
<!--
=============================
_ ______ ____ ______
/ | / / __ \/ __ \/ ____/
/ |/ / / / / / / / __/
/ /| / /_/ / /_/ / /___
/_/ |_/\____/_____/_____/
=============================
-->
<!DOCTYPE html>
<html>
<head>
<title>N O D E</title>
<meta name="google-site-verification" content="KAh0wcTC2Anz5ea6Kq26RuhsiUKx5FD3D4HZAJdfaf4" />
<link rel="shortcut icon" href="images/avatar.png">
<link rel="alternate" href="https://n-o-d-e.net/rss/rss.xml" type="application/rss+xml" title="N O D E"/>
<link href="https://fonts.googleapis.com/css?family=Share+Tech+Mono" rel="stylesheet" type="text/css">
<link rel="stylesheet" type="text/css" href="css/style.css" media="screen">
</head>
<body>
<div id="page">
<div id="content">
<!--HEADER SECTION -->
<div id="header"><pre>
<a class="node" href="http://n-o-d-e.net">
×× ×× ××××× ×××××× ××××××
××× ×× ×× ×× ×× ×× ××
×× × ×× ×× ×× ×× ×× ×××××
×× ××× ×× ×× ×× ×× ××
×× ×× ××××× ×××××× ××××××</a>
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------</pre>
</div>
<!--CONTENT -->
<div id="list">
<div class="title">
DEAD DROP 07 / MICROWAVE NETWORKS, BATTERY TRACKING, DEFCON 24 VIDS, VOICE MIMIC<br>
--
</div>
<div id="post">
<p>Welcome to Dead Drop number 7, a look at what's happening in the worlds of computer security and digital freedom. All source links mentioned are below.</p>
<div class="videowrapper">
<iframe src="https://www.youtube.com/embed/v9w89DPjlEU?rel=0&showinfo=0" frameborder="0"></iframe>
</div>
<p class="description">
- <a href="https://www.youtube.com/watch?v=v9w89DPjlEU" target="_blank">Youtube link</a><br>
- <a href="https://archive.org/download/deaddrop07/dd07.mp4" target="_blank">Archive.org mirror</a><br>
- <a href="https://archive.org/download/deaddrop07/deaddrop07_archive.torrent" target="_blank">Torrent</a><br>
- <a href="https://keybase.pub/nodefiles/dd07.mp4" target="_blank">Keybase mirror</a>
</p>
<p class="subtitle">BREACHES</p>
<p>1.3 Million blood donor records have been inadvertently exposed by the Red Cross in Australia due to an error which accidentally published it's database to a public website.</p>
<p>http://www.darkreading.com/attacks-breaches/leak-of-13-million-blood-donor-records-is-australias-biggest-breach-ever/d/d-id/1327339<br>
https://www.youtube.com/watch?v=P9YfiHIhqJI</p>
<p>Evony, an online flash game, has also had data from 33 million user accounts dumped from an attack which allegedly took place a few months ago. The dump includes usernames, MD5 hashed passwords, email addresses, and IP addresses.</p>
<p>http://www.infosecisland.com/blogview/24832-33-Million-Evony-User-Accounts-Emerge-Online.html<br>
https://www.youtube.com/watch?v=GbNxfq0-uaE</p>
<p class="subtitle">FINGERPRINTING</p>
<p>A while back I talked about the Battery API which is being used to accurately fingerprint and track users across the web, especially on mobile. Well it seems like Firefox is listening to peoples concerns, and a future version of the browsers will apparently remove all support for it.</p>
<p>https://nakedsecurity.sophos.com/2016/11/02/firefox-kills-the-battery-status-super-cookie/<br>
https://bugzilla.mozilla.org/show_bug.cgi?id=1313580<br>
https://developer.mozilla.org/en-US/docs/Web/API/Battery_Status_API</p>
<p class="subtitle">HACKING</p>
<p>This week DefCon added a tonne of new videos from the speakers at DefCon 24 which was held a few months ago. If the past talks are anything to go by, these will be a must watch.</p>
<p>https://www.youtube.com/user/DEFCONConference/videos<br>
https://www.youtube.com/watch?v=YN_qVqgRlx4</p>
<p>Hak5 also released a new episode where Darren talks to Samy Kamkar, the creator of the MagSpoof and KeySweeper, where they discuss hardware hacking and more.</p>
<p>https://www.youtube.com/watch?v=kqaIL_XJjSI</p>
<p>As well as that, researcher Julian Oliver has created a stealth cell tower, hidden inside an office printer. Inside is a GSM base station which can interact directly with phones, and track them, plus on top of that, the printer functionality still works. There's a full guide on Julian's website for those curious.</p>
<p>https://julianoliver.com/output/stealth-cell-tower<br>
https://boingboing.net/2016/11/03/a-fake-hp-printer-thats-actu.html</p>
<p class="subtitle">VULNERABILITIES</p>
<p>Security researchers have found a cross-site scripting vulnerability on the website building platform Wix, potentially allowing attackers to take full control of websites hosted there. Apparently this effects all 80+ million users.</p>
<p>http://www.infosecisland.com/blogview/24841-DOM-XSS-Vulnerability-Impacts-Over-70-Million-Wix-Websites.html<br>
https://www.contrastsecurity.com/security-influencers/dom-xss-in-wix.com<br>
https://www.youtube.com/watch?v=hshYJzuOlN4</p>
<p class="subtitle">SURVEILLANCE</p>
<p>Recently released documents have shown that AT&T has a secret program called Project Hemisphere which it uses to sell user data to law enforcement agencies. This means these agencies don't need warrants to access almost 10 years worth of cell tower, wireless, and landline switch data.</p>
<p>http://www.thedailybeast.com/articles/2016/10/25/at-t-is-spying-on-americans-for-profit.html</p>
<p class="subtitle">IDENTITY</p>
<p>Adobe recently announced a new VoiceOver feature from the latest Creative Cloud release. Not sure what it's doing until the hood, but it seems similar to Deepmind's WaveNet, which uses input audio, say the sound of someone speaking, and based on that, allows you to make it say anything in the same voice.</p>
<p>https://www.youtube.com/watch?v=I3l4XLZ59iw</p>
<p class="subtitle">MICROWAVE NETWORKS</p>
<p>And finally, Ars Technica wrote an interesting piece about the various microwave networks installed across Europe. Used for things like high frequency trading, they say the data speeds are about twice those of the normal internet infrastructure. There's something cool about alternative networks isn't there?</p>
<p>http://arstechnica.co.uk/information-technology/2016/11/private-microwave-networks-financial-hft/</p>
<p>--<br>
BY NODE</p>
</div>
</div>
<!--FOOTER SECTION -->
<div id="footer">
<pre>------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------</pre>
<div class="filter">
<a href="http://n-o-d-e.net">HOME</a>
<span class="footdogs"> × </span>
<a href="http://N-O-D-E.net/shop/">SHOP</a>
<span class="footdogs"> × </span>
<a target="_blank" href="http://patreon.com/N_O_D_E_">PATREON</a>
<span class="footdogs"> × </span>
<a target="_blank" href="https://github.com/N-O-D-E/N-O-D-E.net">GITHUB</a>
</div>
</div>
</body>
</html>