Security 187 – Post Defcon

 

We recap Hacker Summer camp. The sights, the sounds, the random room searches.

Room Searches: https://arstechnica.com/tech-policy/2018/08/security-theater-meets-def-con-as-room-searches-spark-controversy/

Voting Machines: https://thenextweb.com/tech/2018/08/13/an-11-year-old-hacked-a-government-website-and-changed-election-results-at-defcon/

Voicemail vulnerability: https://mashable.com/2018/08/10/voicemail-hack-password-reset-2fa/#nbbfkK9anmqU

Ajit Pai said the FCC wasn’t DDoS’d: https://arstechnica.com/tech-policy/2018/08/ajit-pai-knew-ddos-claim-was-false-in-january-says-he-couldnt-tell-congress/

Security 186 – Delete All The Tweets

We teased this last week, and never got to it.

1) How to delete your tweets: https://gitlab.com/chaimtime/nuketweets

I forked the project, but I can’t find the OP to credit.

2) Fornite sidesteps the play store. This is a bad idea: https://www.theverge.com/2018/8/3/17645982/epic-games-fortnite-android-version-bypass-google-play-store

3) Android P is here

Security 185 – Google gets no Phish

 

Google claims nobody has been phished since deploying U2F: https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing/

Russia Indictments shows the US is really good at hacking: https://twit.tv/shows/security-now/episodes/672?autostart=false (Start at minute 90)

Tom wipes all his tweets : https://gitlab.com/actualdragon/nuketweets

Security 184 – WPA3

Is Google Reading your email? Well, did you allow it in permissions: https://www.bbc.com/news/technology-44699263

Time to talk more about permissions: https://myaccount.google.com/permissi…

WPA 3:  https://www.howtogeek.com/339765/what-is-wpa3-and-when-will-i-get-it-on-my-wi-fi/

And your reminder that commercial VPNs are still terrible. Create your own, it isn’t that hard:

Algo: https://blog.trailofbits.com/2016/12/…

PiVPN: http://www.pivpn.io/