Post

Infosec Reading List - July 2019

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here. Text in italic represent quotes from the original article.

Quotes from the Twitterverse

Desktop View


Desktop View


Desktop View


Desktop View


Desktop View


InfoSec

  • JTAG on-chip debugging: Extracting passwords from memory - [link]
  • The dots do matter: how to scam a Gmail user - “The dots-don’t-matter feature should be disabled by default for any new Google accounts, and eventually retired.” - [link]
  • Totally Pwning the Tapplock Smart Lock - [link]
  • This psychologist explains why people confess to crimes they didn’t commit - “My point with them was that they are going to be fooled that confessions that look real can actually be false, even if they’re corroborated by informants and forensic science,” he says. “I wanted to let them know that alarm bells should go off when they see a confession case.” - [link]
  • SKS Keyserver Network Under Attack - This attack cannot be mitigated by the SKS keyserver network in any reasonable time period. It is unlikely to be mitigated by the OpenPGP Working Group in any reasonable time period. Future releases of OpenPGP software will likely have some sort of mitigation, but there is no time frame. The best mitigation that can be applied at present is simple: stop retrieving data from the SKS keyserver network. - this sounds like pretty much game over - [link]
  • How To Blow Your Online Cover With URL Previews - [link]
  • Apple App Site Association - the Apple-based robots.txt - [link]
  • The Most Expensive Lesson Of My Life: Details of SIM port hack - loosing 100’000 USD through SIM port hacking - [link]
  • Helping organizations do more without collecting more data - “Today, we’re rolling out the open-source availability of Private Join and Compute, a new type of secure multi-party computation (MPC) that augments the core PSI protocol to help organizations work together with confidential data sets while raising the bar for privacy.” - [link]
  • How might we reimagine a more compelling and relatable visual language for cybersecurity? - there are folks out there that want to get rid of people in dark hoodies representing the infosec topic - [link]

Outdoor

  • The River of The Trembling Spirit – An Unsupported Crossing of Iceland By Ski, Packraft and on Foot - nice multisport trip to Iceland - [link]
  • This porter has hiked the Inca Trail hundreds of times, but never seen Machu Picchu - [link]
  • Shared Territory Iceland (film) - inspiring, reminds me of my time in Iceland - [link]
  • Iceland Traverse Hike – Diary From The Trail - [link]
This post is licensed under CC BY 4.0 by the author.