I need a new computer. Or maybe I just want one.

  1. Owen Williams writes on Medium Apple just told the world it has no idea who the mac is for and I'm not entirely sure I disagree.
  2. Rui Carmo lamenting the state of the macOS ecosystem and talking Elementary IO.
  3. Touch bar is cool. I think it might work, but a fully reprogrammable awesome Sonder E Ink Keyboard or the 9.7" retina touchscreen would've made more sense.
  4. Despite having no hardware upon which to test... here's someone's attempt at sudo-touchid with a minor caveat :(
  5. And if you're a student - here's a nice deal JetBrains Developer Tools

Tomorrow I'm leaving this up to Ben, I'm not a morning person.


Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0D.mp3
Category:LSD_Television -- posted at: 7:00am EDT

Good morning!

Coming to you live from O'Reilly Security in NYC. Well, the breakfast buffet anyways.

  1. Great 101 article from Ars Technica How security flaws work: SQL Injection
  2. The always eloquent friend of the show / my friend Violet Blue cuts to the bone with the awesome phrase "Infosec smarty-pantses" in her article on That Time Your Smart Toaster Broke The Internet Note that @gattaca's toaster doesn't obey him either
  3. Twitter does dumb shit again and pisses off long term users Hiding Usernames In @Replys
  4. DMCA exemption list finally updated and has a great list covered exemptions from The Register

Tune in tomorrow for a SPOOOKY story from me still in NYC.

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0C.mp3
Category:LSD_Television -- posted at: 1:30pm EDT

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0B.mp3
Category:LSD_Television -- posted at: 4:04am EDT

Australia's Blood Service's exposed lots of personal data - https://www.troyhunt.com/the-red-cross-blood-service-australias-largest-ever-leak-of-personal-data/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0A.mp3
Category:LSD_Television -- posted at: 9:36am EDT

Machine Learning Appsec testing - http://www.slideshare.net/babaroa/code-blue-2016-method-of-detecting-vulnerability-in-web-apps

Mozilla doesn't trust Ernst & Young audits of CAs - https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x09.mp3
Category:LSD_Television -- posted at: 11:55am EDT

Episode 0x6F


We are happy to announce that we've got a full show... with only two hosts. But hey - it's number 100(decimal)

Upcoming this week...

  1. Lots of News
  2. Breaches
  3. SCADA / Cyber, cyber... etc.
  4. finishing it off with DERPs/Mailbag (or Deep Dive)
  5. And there are weekly Briefs - no arguing or discussion allowed

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

In this episode:


Creative Commons license: BY-NC-SA

Direct download: LSDPodcast-0x6F.mp3
Category:LSD_Podcasts -- posted at: 10:00am EDT

UNENCRYPTED SCADA PAGERS!!! http://arstechnica.com/security/2016/10/nuclear-plants-leak-critical-alerts-in-unencrypted-pager-messages/ (watch Jamie and Dave's head explode when they read that)

MS threat modelling tool - https://www.microsoft.com/en-us/download/details.aspx?id=49168


Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x08.mp3
Category:LSD_Television -- posted at: 9:37am EDT

Yet another - this is LSD TV mini0x07.

Talking about the Defense again.

Oh, and Ben's got a link for you - http://mooc.fi/courses/2016/cybersecurity/

Direct download: Liquidmatrix_Security_Digest_TV_mini0x07.mp3
Category:LSD_Television -- posted at: 12:40pm EDT

Hangzhou Xiongmai recalls IoT devices - http://www.reuters.com/article/us-cyber-attacks-manufacturers-idUSKCN12O0MS

Comodo CA relies on broken OCR and issues certs incorrectly - https://bugzilla.mozilla.org/show_bug.cgi?id=1311713

Using Rowhammer on Android - http://arstechnica.com/security/2016/10/using-rowhammer-bitflips-to-root-android-phones-is-now-a-thing/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x06.mp3
Category:LSD_Television -- posted at: 12:27pm EDT

Hyper scale defenses (https://youtu.be/90kxsEOSZQ8), scaring the Russians (http://www.cbc.ca/beta/news/technolog...) and rigged elections in the Philippines (http://thestandard.com.ph/mobile/arti...) -- turns out its very old news which popped up in my news feed and I can't read dates

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x05.mp3
Category:LSD_Television -- posted at: 5:28pm EDT





October 2016
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31