Login  |  Register  |  Contact

Friday Summary, February 8, 2013: 3-dot Journalism Version

Every now and again I can’t decide what to discuss on the Friday summary, so this week I will mention all items on my mind.

First, I live near a lot of small airports. There are helicopters training in my area every day, and hardly a week goes by when a collection of WWII planes doesn’t rumble by – very cool! And 20 or so hot-air balloons launch down the street from me every day. So I am always looking up to see what’s flying overhead. This week it was a military drone. I have never given much thought to drones. We obviously have been hearing about them in Afghanistan for years, but it certainly jerks you awake to see one for the first time – overhead in your own backyard. Not sure what I think about this yet, but seeing one in person does have me thinking!

I watched the Super Bowl on my Apple TV this year. I streamed the game from the CBS Sports site to the iMac, and used AirPlay to stream to the Apple TV. That means I got to watch on the big plasma, and the picture quality was nearly as good as DirecTV. Not to give a back-handed compliment, but CBS Sports got a clue that people are actually using this thing they call “The Internet” for content delivery. The only downside was that I had to watch the same three bad commercials every 2 minutes for the entire freakin’ game. But hey, it was free and it was decent quality. Too bad the game sucked. Ahem. Anyway, happy the big networks are less afraid of the Internet and realize they can reach a wider audience by allowing access to content instead of hoarding it. All I need now is an NFL package on the Apple TV and I am set!

If I was going to write code to exfiltrate data from a machine, I think I’d try to leverage Skype. Have you ever watched the outbound traffic it generates? A single IM generated 119 UDP packets to 119 different IP addresses over some 40 ports. It’s using UDP and TCP, has access to multiple items in the keychain, maintains inbound and outbound connections to thousands of IPs outside the Skype domains, occasionally leverages encrypted channels, and dynamically alters where data is sent. I used a network monitor and can’t make heads or tails of the traffic or why it needs to spray data everywhere. That degree of complexity makes hiding outbound content easy, it has a straightforward API, and its capabilities allow very interesting possibilities. Call me paranoid, but I’m thinking of removing Skype because I don’t feel I can adequately monitor it or sufficiently control its behavior.

I’m really starting to look forward to the RSA Conference – despite being over-booked! Remember to RSVP for the Disaster Recovery Breakfast!

On to the Summary:

Webcasts, Podcasts, Outside Writing, and Conferences

Favorite Securosis Posts

Other Securosis Posts

Favorite Outside Posts

RSA Conference Guide 2013

Project Quant Posts

Top News and Posts

Blog Comment of the Week

This week’s best comment goes to Ajit, in response to Getting Lost in the Urgent and Forgetting the Important.

“These are things you cannot do in 140 characters, and we need something between a Tweet and a Whitepaper to have an industry conversation”

I am really hoping that we will see a stable platform similar to Google wave that can bridge the gap between a blog comment and a tweet to engage in that 1:1 conversation and still have a conversation flow.

—Adrian Lane

No Related Posts
Previous entry: Network-based Threat Intelligence: Following the Trail of Bits | | Next entry: Oracle takes another SIP of Hardware

Comments:

If you like to leave comments, and aren't a spammer, register for the site and email us at info@securosis.com and we'll turn off moderation for your account.

By Joe  on  02/08  at  11:33 AM

Regarding your Skype comments, take a look at a recent paper titled SkyDe (Skype Hide) - http://stegano.net/component/content/article/2-news/3-news-1.html

By Adrian Lane  on  02/08  at  11:47 AM

@Joe - Thanks for the link. I was just thinking that with the volume of stuff being sent it would be easy to hide. The trick with putting data into the silent spaces is far more clever than what I was thinking.

Thanks again!

-Adrian

Name:

Email:

Remember my personal information

Notify me of follow-up comments?