Infosec Reading List – February 2017

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.

All InfoSec Reading Lists can be found here.

Collection of some interesting Tweets


  • Dutch secret service tries to recruit TOR admin – interesting story but not limited to NL only – this happens everywhere – link
  • Discarded laptop yields revelations on network behind Brussels, Paris attacks – link
  • Security aspects in agile development environments – link
  • “Scientific Hooliganism” from around 1900 – the story about one of the first wireless hacks – link
  • End-2-end encryption prevents data mining, hence targeted adds – story behind Google’s story of implementing end-2-end encryption for Gmail – link
  • Why it sucks to be a Security Researcher – link
  • Bypassing Telekom FON hotspot authentication – link
  • Sunny with a chance of stolen credentials: Malicious weather app found on Google Play – capability to lock phone and hold it as ransom besides harvesting banking credentials and intercept messages – link
  • How I got your phone number through Facebook – link
  • On Web Cache Deception Attacks – link
  • Who Ran – link
  • Data from connected CloudPets teddy bears leaked and ransomed, exposing kids’ voice messages – link
  • Academia strikes back – Partial list of contact points for aspiring graduate students (and post-docs) in Computer Science/Engineering from US-banned countries – link
  • Hotel guests locked out of their rooms due to ransomware – “However the hotel management decided to limit exposure to future attacks by rolling back to regular locks and keys, also answering requests of some customers looking for a more traditional and home-like atmosphere.” – while the trend tends to connect everything to the Internet (see IoT mess), there will be a smaller group disconnecting specific environments in order to avoid risks – being “offline” will potentially become a hipster trend – link
  • OpSec guidelines for “Twitter Activist Security” – link
  • “I have nothing to hide. Why should I care about my privacy?” – read the article in case you hear this sentence often – specifically the practical reasons mentioned in the article are worth to consider – link
  • Reading Uber’s Internal Emails [Uber Bug Bounty report worth $10,000] – link
  • Printer (In)security – nice work by former colleagues from the RUB – link
  • PGP – why giving up on PGP – why not giving up on PGP – link and link
  • Cloudbleed – pragmatic thoughts – link – and the official statement from CloudFlare with quite some information in it – link 
  • First SHA-1 collision has been announced – official statement – link – and another interesting article from 2014 on why Google intends to kill SHA-1 – link

Politics Related

  • “Progress in reducing the overall threat of nuclear war has stalled—and in many ways, gone into reverse. This state of affairs poses a clear and urgent threat to civilization, and citizens around the world should demand that their leaders quickly address and lessen the danger.” – It is two and a half minutes to midnight – Bulletin of the Atomic Scientists – link
  • Mikhail Gorbachev: “It All Looks as if the World Is Preparing for War”link
  • Sincerely, Niccolo Machiavelli: An open letter to Donald Trump, from the guy who wrote the book on power moves – link
  • Open Season – Building Syria’s Surveillance State – “This report focuses as well on the vital role of middleman companies in the surveillance trade. These companies act primarily as resellers, brokers, logistics coordinators, and intermediaries between the surveillance technology manufacturers and their clients. They court and secure clients on the ground, smooth over logistical dif culties, and provide other services for a percentage of the total project.”link
  • SIPRI data on military expenditure – link
  • What “Things going wrong” can look like – link
  • U.S. Special Operations Forces Deployed To 70% Of The World’s Countries In 2016 – link


  • Thru Hiking the PCT in 2017 could become a mission with a lot of snow – link
  • List of 30 terrifying trails around the world –> fill up your bucket lists – link
  • The Scottish bothy bible guidebook – link
  • Long Before McCandless (the guy behind Into the Wild), John Hornby Tested Himself in Northern Canada—and Failed – link

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s