Daily Dave

Syndicate content
This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.
Updated: 1 min 13 sec ago

Lawfareblog podcast on the VEP

11 hours 23 min ago

Posted by dave aitel on Aug 30

https://www.lawfareblog.com/lawfare-podcast-dave-aitel-and-matt-tait-how-everything-you-know-about-vulnerability-equities

You'll notice that there isn't really a pushback to the arguments in
this podcast from the usual suspects. Maybe that's because after they
listen to it, they kinda agree? My favorite question is when the editor
of Lawfare asks us "Why should anyone even listen to you guys anyways?"
I only tell one...

nullcon 8-bit Call for Papers is open

25 August, 2016 - 12:46

Posted by nullcon on Aug 25

Dear Hackers and Security Pros,

Welcome to nullcon 8-bit!
nullcon is an annual security conference held in Goa, India. The focus
of the conference is to showcase the next generation of offensive and
defensive security technology. We happily open doors to researchers
and hackers around the world and the universe , working on the next
big thing in security and request everyone to submit their new
research.

What is 8-bit?
As a tradition of...

SAINTCON 2016 Details

23 August, 2016 - 10:59

Posted by Troy Jessup on Aug 23

SAINTCON 2016 DETAILS

SAINT CON (SAINT is an Acronym for "Security Advisory and Incident Network Team") is a moderate sized hacking
conference based in Utah. SAINTCON is a non-profit event where we provide a security conference focused on training,
discussion, and information sharing.

When you attend SAINTCON, you will experience one of the best information security conferences that combines
professional, casual, and social...

Re: Latency is a demogorgon

18 August, 2016 - 09:06

Posted by Parity on Aug 18

A fun question to ask is, *"why wasn't that Cisco ASA remote patched?"*

Because EQGRP didn't tell Cisco about it, duh.

But, wait, if you're EQ and suddenly a bunch of your vulns are in the wind,
you're bloody well going to rethink the equities there, right? Especially
knowing that an adversary was suddenly in possession of a bunch of your
unpatched vulnerabilities...

Unless, of course, you didn't know.

pty...

Re: Latency is a demogorgon (dave aitel)

18 August, 2016 - 08:56

Posted by Jeffrey Carr on Aug 18

Thanks for this post, Dave. I enjoyed reading it.

Regarding the EQ Group leak, I think that there's a good case to be made
that an insider or an ex-employee was responsible. I hope to have some
reasons posted on why that is in the next few days.

Jeff Carr

On Wed, Aug 17, 2016 at 9:00 AM, <dailydave-request () lists immunityinc com>
wrote:

Latency is a demogorgon

17 August, 2016 - 10:24

Posted by dave aitel on Aug 17

So every remote access trojan framework has a high level interpreter
built into it these days. It brings you back to something from that Zero
Day movie (which we all watched drunk to make it bearable, admit it)
where a Kaspersky analyst talked about Stuxnet being "Big but amazingly
BUG FREE". Not having subtle bugs is something you can do much more
easily in Python/Lua/Ruby/etc than in C/C++. There are other good
reasons to have a high...

An anonymous posting

16 August, 2016 - 09:24

Posted by dave aitel on Aug 16

Note that the below is not from me. I know every time I do this ppl who
can't read are like "IT IS FROM YOU". But I have a strict personal rule
against pseudonyms; even my TF2 and Overwatch accounts are named
"DAVEAITEL".
-dave

----------------------------------------------------------------
Regarding the supposed Cisco firewall tool leak from NSA that was
publicly disclosed recently:

At a recent briefing, somebody said...

Re: The Correct Amount

16 August, 2016 - 09:15

Posted by Moses Hernandez on Aug 16

PHP is … well it just is, and that happens to be the problem. There is no good way around it, it’s far too much in use
to quickly deprecate and back out of, and it’s also very far from being well designed, or just designed at all. If you
don’t believe anyone just Google “Why is PHP Such a horribly designed language” for all the fun references to the
developers just magically patching this thing in real time to cobble the language....

INFILTRATE 2017!

15 August, 2016 - 08:54

Posted by dave aitel on Aug 15

If you're looking for a conference to attend that has real return on
investment then hopefully you've considered INFILTRATE
<https://www.eventbrite.com/e/infiltrate-2017-tickets-26604676303?aff=DailyDave>.
You can and will get drunk with your friends at INFILTRATE, but we've
spent a lot of time optimizing the conference for getting you real face
to face contacts and technical knowledge. Sometimes, and I hate to say
it, this...

Data based policy making in our space?

5 August, 2016 - 11:02

Posted by dave aitel on Aug 05

https://www.lawfareblog.com/slow-down-lawful-hacking-frameworks-and-fixes

If you have not read this, then feel free to heckle me here about it!
Nate Cardozo has lots to say about it, but since the EFF's current
position on these things is a ball of unsupportable spaghetti he might
save his heckling for Twitter. :)

-dave

DARPA Cyber Grand Challenge!

5 August, 2016 - 10:16

Posted by dave aitel on Aug 05

Summary: Fifteen years from now we'll be able to secure the 80s! :)

If you haven't read this giant post on the subject, then you should:
http://cybersecpolitics.blogspot.com/2016/05/the-common-thread-fuzzing-bug-triage.html?m=1

The Cyber Grand Challenge was last night and they LIVE Streamed it to
the world over YouTube <https://www.youtube.com/watch?v=xek4OcScCh4>,
which was GREAT. The whole thing went fairly flawlessly, which...

Overwatch and Cyber War

3 August, 2016 - 11:12

Posted by dave aitel on Aug 03

<overwatch picture>

Overwatch <http://imgur.com/gallery/VkkGb>has swept the nation! In
particular, it's swept the small cadre of hackers that makes up Team
Cyber, to the point where you can make random professional connections
on any server Blizzard sends you to. A couple nights ago I talked about
INFILTRATE with some people while we shot at each other with imaginary
dragon arrows. And I wanted to talk here about the Overwatch...

Re: The Correct Amount

2 August, 2016 - 17:03

Posted by Kristian Erik Hermansen on Aug 02

Do you feel the same way about FaceBook PHP? Or general PHP v7? It sounds
like everyone has cancer, smokes, and is pregnant...

Find your wireless opponents. :)

2 August, 2016 - 15:56

Posted by dave aitel on Aug 02

New SILICA Video is here! https://vimeo.com/177231337

It's worth upgrading if you bought yours to Vegas and you want to locate
whoever is messing with the wireless. :)

-dave

The Correct Amount

2 August, 2016 - 10:58

Posted by dave aitel on Aug 02

Last week I did the technical review of one of our deliverables. Super
secure website, run by smart people. They'd limited their exposure to
one PHP file. But a good security services company provides strategic
advice, along with individual tactical recommendations. In this case,
the consultant found two critical vulnerabilities in just that one
lonely PHP file. Our strategic recommendation is always this: Use as
much PHP on your website as...

Re: Clique - a stillborn project

1 August, 2016 - 09:19

Posted by Dan Guido on Aug 01

Sorry to revive a dead thread, but I think this general idea of a
re-encrypting mailing list has been implemented:

https://bitbucket.org/awruef/listcrypt/src

Enjoy!

-Dan

Re: Dailydave Digest, Vol 56, Issue 10

31 July, 2016 - 13:05

Posted by Dave Aitel on Jul 31

In my head I equate using computer and network operations (CNO) inside an
organization to enable information operations (IO) to getting exploitation
primitives and enabling a "Weird Machine
<http://www.slideshare.net/scovetta/fundamentals-of-exploitationrevisited>".
IO has a long history, but it's a completely different thing once CNE gets
involved. You get a feedback loop. It's like having a debugger, versus
blindly...

Re: "Clickbait policy-making"

31 July, 2016 - 12:57

Posted by Konrads Smelkovs on Jul 31

[..]

That's because cyber is much more about infowar than death and
destruction as with NBC. And Daily Mail is an amplifier and outlet of
propaganda regardless of whoever served it, so studying in and citing
as as an example of infowar pen-ultimate stage (the ultimate being
change in someone's mindset) is legitimate.

Re: hacking ideology

31 July, 2016 - 12:47

Posted by J.M. Porup on Jul 31

Isn't "hacking ideology" precisely the sort of speech the First
Amendment was designed to protect?

jmp

Re: "Clickbait policy-making"

29 July, 2016 - 14:43

Posted by Mara Tam on Jul 29

Dave’s not wrong about this. Cyber policy suffers horribly from the fact that it is disproportionately informed by
popular press (i.e. clickbait).

The American Academy of Arts and Sciences recently published a collection titled ‘Governance of Dual-Use Technologies :
Theory and Practice’.[1] This collection covers nuclear technologies, biological technologies, and IT / ‘cyber
weapons'. If you read all three sections, it becomes...