OpSec

def con

We Asked Def Con Attendees Why People Are Still Getting Hacked

The cybersecurity industry is worth billions of dollars, and tens of thousands of people attend Black Hat and Def Con every year. So, are we getting any safer?
Samantha Cole
Joseph Cox
Ben Makuch
Lorenzo Franceschi-Bicchierai
8.16.19
Hacking

No, You Don’t Need a Burner Phone at a Hacking Conference

Every year, infosec Twitter debates whether people should bring a burner phone to conferences like Def Con or Black Hat. Here’s why we think you don’t need to worry about that.
Lorenzo Franceschi-Bicchierai
7.18.19
Hacking

The One Company I Gave My Address To Won’t Delete It

I get packages delivered to friends and don’t have my name on my doorbell. But all of my work may have been undermined by a cheap mattress.
Joseph Cox
7.16.19
OpSec

How a Simple Copy/Paste Revealed Explosive New Detail in Manafort’s Case

Redacted court documents keep getting unredacted because of simple, relatively easy to avoid errors. Here’s how to better redact PDFs.
Lorenzo Franceschi-Bicchierai
1.9.19
OpSec

American Sues US Government For Allegedly Pressuring Him To Unlock His Phone at Airport

CBP and DHS officers allegedly detained a Los Angeles man of Muslim faith for four hours before he boarded a plane, asking him questions and pressuring him to show them the contents of his phone.
Lorenzo Franceschi-Bicchierai
12.18.18
Election Security

Voting Machine Manual Instructed Election Officials to Use Weak Passwords

A vendor manual for voting machines used in about ten states shows the vendor instructed customers to use trivial, easy to crack passwords and to re-use the passwords when changing log-in credentials.
Kim Zetter
11.5.18
OpSec

Forensic Linguist Says 'Lodestar' Can't Tell Us Who Burned Trump in New York Times Op-Ed

Guessing the anonymous author of the Trump op-ed in The New York Times based on the use of the word ‘lodestar’ is “entirely useless,” according to a forensic linguist.
Lorenzo Franceschi-Bicchierai
9.6.18
Internet Insecurity

Some Signal Disappearing Messages Are Not Disappearing

Journalists and sources may try to secure their communications not just with encryption, but also with automatically disappearing messages. But Signal has a nasty bug that can retain some messages.
Joseph Cox
Lorenzo Franceschi-Bicchierai
6.8.18
OPSEC 101

Paul Manafort’s Terrible Encrypted Messaging OPSEC Got Him Additional Charges

Don’t commit crimes. But if you do, don’t back up the evidence of your crimes to Apple or Google’s cloud, where it doesn’t matter that the evidence was originally end-to-end encrypted.
Lorenzo Franceschi-Bicchierai
6.5.18
Mum's The Word

The NSA Just Released 136 Historical Propaganda Posters

In the 1950s and 1960s, the NSA was very worried about employees spilling secrets. Here’s some of the best internal propaganda posters that taught them to keep their mouths shut.
Lorenzo Franceschi-Bicchierai
6.4.18
Internet Insecurity

'Disappearing' Signal Messages Are Stored Indefinitely on Mac Hard Drives

If you use the Signal desktop app, be careful with your notification settings.
Lorenzo Franceschi-Bicchierai
5.9.18
point and click

New Tool Automatically Finds and Hacks Vulnerable Internet-Connected Devices

Hacking just got fully automated for script kiddies.
Joseph Cox
1.31.18
0104