Security 153 – Certificate Revocation Lists

[editor note: Tom is awesome in this. Me, not so much. I completely misunderstood how this worked.]

So what happens when a certificate can no longer be trusted? How do you revoke trust, or the certificate?

https://arstechnica.com/security/2017/07/https-certificate-revocation-is-broken-and-its-time-for-some-new-tools/

We are going into the weeks before defcon, where news is sparse. We recommend joining our WhatsApp group. Tweet us, or comment for the link.

 

Security 151 – Printer Dots

 

Due to poor OPSEC another NSA contractor is in jail for leaking. How did we catch her:

https://en.wikipedia.org/wiki/EURion_constellation

Russian malware communicates by leaving comments in Britney Spears’s Instagram account


http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html?m=1#.WTZRrWjyhaQ
https://twitter.com/leahmcelrath/status/871844022087802880