On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports – but you will also find other recommendations from time to time.

All InfoSec Reading Lists can be found here.

Collection of some interesting Tweets

InfoSec

• Dutch secret service tries to recruit TOR admin – interesting story but not limited to NL only – this happens everywhere – link
• Discarded laptop yields revelations on network behind Brussels, Paris attacks – link
• Security aspects in agile development environments – link
• “Scientific Hooliganism” from around 1900 – the story about one of the first wireless hacks – link
• End-2-end encryption prevents data mining, hence targeted adds – story behind Google’s story of implementing end-2-end encryption for Gmail – link
• Why it sucks to be a Security Researcher – link
• Bypassing Telekom FON hotspot authentication – link
• Sunny with a chance of stolen credentials: Malicious weather app found on Google Play – capability to lock phone and hold it as ransom besides harvesting banking credentials and intercept messages – link
• How I got your phone number through Facebook – link
• On Web Cache Deception Attacks – link
• Who Ran Leakedsource.com? – link
• Data from connected CloudPets teddy bears leaked and ransomed, exposing kids’ voice messages – link
• Academia strikes back – Partial list of contact points for aspiring graduate students (and post-docs) in Computer Science/Engineering from US-banned countries – link
• Hotel guests locked out of their rooms due to ransomware – “However the hotel management decided to limit exposure to future attacks by rolling back to regular locks and keys, also answering requests of some customers looking for a more traditional and home-like atmosphere.” – while the trend tends to connect everything to the Internet (see IoT mess), there will be a smaller group disconnecting specific environments in order to avoid risks – being “offline” will potentially become a hipster trend – link
• OpSec guidelines for “Twitter Activist Security” – link
• “I have nothing to hide. Why should I care about my privacy?” – read the article in case you hear this sentence often – specifically the practical reasons mentioned in the article are worth to consider – link
• Reading Uber’s Internal Emails [Uber Bug Bounty report worth $10,000] – link
• Printer (In)security – nice work by former colleagues from the RUB – link
• PGP – why giving up on PGP – why not giving up on PGP – link and link
• Cloudbleed – pragmatic thoughts – link – and the official statement from CloudFlare with quite some information in it – link
• First SHA-1 collision has been announced – official statement – link – and another interesting article from 2014 on why Google intends to kill SHA-1 – link

Outdoors

• Thru Hiking the PCT in 2017 could become a mission with a lot of snow – link
• List of 30 terrifying trails around the world –> fill up your bucket lists – link
• The Scottish bothy bible guidebook – link
• Long Before McCandless (the guy behind Into the Wild), John Hornby Tested Himself in Northern Canada—and Failed – link