"Ghost in the Wires" by Kevin Mitnick with William L. Simon - Audiobook read by Ray Porter.
This is the audiobook equivalent of a page-turner, at least partly thanks to an excellent reading by Ray Porter, or a feature-length episode of "Darknet Diaries" (without @jackrhysider). It's odd to hear some of the non-prose read, but funny as one recognises it, though not so funny as having the codes read sounding like backmasked messages opening a reverse shell to the brain.
A lot has changed since Kevin's adventures in the late 1980s and 1990s, but another lot... hasn't and its important lessons remain relevant.
Being read this so soon after Richard Feynman's "Surely You're Joking, Mr. Feynman!" provided a strange insight into the different paths taken by two similar minds in different - but in many ways not so different - places and times.
https://www.mitnicksecurity.com/ghost-in-the-wires
[#]GhostInTheWires #KevinMitnick #KevinDMitnick #Hacker #Hackers #InfoSec #InformationSecurity #CyberSecurity #Books #Audiobooks #FBI #CIA #NSA #USA #RichardFeynman #FREEKEVIN
=> More informations about this toot | View the thread
While we read the National Institute of Standards and Technology Special Publication 800-63 "Digital Identity Guidelines" for fun and have no problem implementing it in a web app written in LISP running in a containerised FIPS 140-2 compliant GhostBSD image using a custom Kerberos and Hesiod service hosted on Baidu Cloud, the kind folks at @1password have summarised the latest draft of in a most useful way.
"NIST proposed password updates: What you need to know"
https://blog.1password.com/nist-password-guidelines-update/
It would be in poor taste to suggest that the NIST enforcement division rapid response team start kicking down some office doors and branding SP 800-63B on certain developers' foreheads, so I won't mention it.
https://pages.nist.gov/800-63-4/sp800-63b.html
[#]Passwords #Authentication #NIST #SP800_63 #InfoSec #CyberSecurity #DALLE #HRGiger
=> More informations about this toot | View the thread
Having just discovered Podcast Index ActivityPub support, here is a list of my current information security-related subscriptions in order of their latest release. Please add yours.
• Malicious Life @460150 with Ran Levi at Cybereason
• Random but Memorable @236393 with @mattdavey, @MrRooni, and Anna Eastick at @1password
• Hacking Humans @1021915 with @bittner, @jtcarrigan and @varmazis at @N2K
• Darknet Diaries @577105 with Jack Rhysider @jackrhysider
• SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) @571906 with @jullrich at @sans_isc
• Risky Business @548735 and Risky Business News @5423259 with @riskybusiness, @tomatospy, @campuscodi, Adam Boileau, @thegrugq, and Claire Aird
• Defensive Security Podcast @735955 with @jerry and @lerg
• Open Source Security Podcast @518991 with @kurtseifried and @joshbressers
• Troy Hunt's Weekly Update Podcast @6971 with @troyhunt of @haveibeenpwned fame
• No Such Podcast @6991439 with folks at the U.S. National Security Agency
• Hacker History Podcast @2169457 with @joshbressers
• Decipher Security Podcast @615780 with @dennisf and @LindseyODWelch at @Deciphersec
• The Cyberlaw Podcast @1089343 (Retired) with @stewartbaker
Thanks to @dave, @adam, @alberto and all at https://podcastindex.org for the service.
[#]InfoSec #InformationSecurity #CyberSecurity #Podcast #Podcasts #PodcastIndex
=> More informations about this toot | View the thread
Of all the problems with email campaign HTTP redirects, one of the most annoying is the prevalence of insecure links, i.e. http:// I think this may account for 98.3% of all HTTP traffic outside the great firewall of China.
From: verizon-notification@ecrm-mail.verizon.com
Subject: Protecting your privacy is important to us.
Date: Sat, 10 Aug 2024 04:44:04 -0400
To view the current Privacy Policy visit verizon.com/fiosprivacypolicy at any time or click on the button below.
Of course that is not linked to the URL shown, but a long referral link with tags and tracking, but at least that link and the apparent destination is secure, i.e. https://
GET https:// verizon .com/fiosprivacypolicy
HTTP/1.1 301 Moved Permanently
Location: http:// verizon .com/fiosprivacypolicy
In the footer they don't even try:
Verizon is dedicated to protecting your privacy. Please read our Privacy Policy.
where "Privacy Policy" links to a referral to an insecure link, i.e. http:// (and not the same page as the previous "Privacy Policy").
HTML Programmers never die.
HTML Programmers never learn.
[#]Verizon #PrivacyPolicy #NotImportantToUs #HTTPS #HTTP #HTMLProgrammers #InsecureByDesign
=> More informations about this toot | View the thread
=> This profile with reblog | Go to AJCxZ0@infosec.exchange account This content has been proxied by September (3851b).Proxy Information
text/gemini