<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body text="#000000" bgcolor="#FFFFFF">
So BlackHat is over and although I didn't go, my favorite paper is
the SVG timing attack paper by Paul Stone, which is flat out awesome
work. Go read it here:<a
href="http://www.contextis.com/files/Browser_Timing_Attacks.pdf">
http://www.contextis.com/files/Browser_Timing_Attacks.pdf</a> .
Also, someone buy that brit a pint for simply writing up great
technical work in a readable, non "2-column with LaTex" format! He
used colors and fonts and headers and all sorts of crazy tech!<br>
<br>
And there was Hack Cup at BlackHat! I'll post pictures later, but
thanks to everyone who came and who have been coming to play indoor
soccer with us over the years. It's awesome to have everyone
participate in something friendly in the hyper-competitive world
that is security! :><br>
<br>
But of course, the real news (other than hack-cup) at BlackHat was
DIRNSA talking. It is on Youtube here: <a
href="http://www.youtube.com/watch?v=xvVIZ4OyGnQ&feature=youtu.be">http://www.youtube.com/watch?v=xvVIZ4OyGnQ</a>
. If you've watched it, you know that it is as if delivered by a
shellshocked zombie who has been spending nearly his entire life for
a month having his teeth drilled by lawyers . The only time he comes
alive is when getting heckled. It is painful to watch. I'll sum up
what he said in two sentences here, so you don't have to suffer
through it and that is this:<br>
<br>
"After 9/11, Cerberus was given some more leash. But he wasn't let
off his leash." <br>
<br>
See, it could have been that simple. And as someone in the next room
pointed out, who's at BlackHat <i>heckling </i>DIRNSA for reading
email anyways? If you've never read a mail spool, maybe you're at
the wrong conference, eh?<br>
<br>
To put it into context, is Bruce Sterling, famous science fiction
author and...person who can write. I will post his two articles
below, since they are both worth reading for the humor if nothing
else. "volcanic inexorability" is a great phrase, for example. There
are a lot of great phrases. Bruce has a decent connection to the
community, and he knows how to put words together like few others. <br>
<br>
<a href="https://medium.com/geek-empire-1/a1ebd2b4a0e5">https://medium.com/geek-empire-1/a1ebd2b4a0e5</a>
(The Ecuadorian Library)<br>
<a href="https://medium.com/p/f745f5fbeb1c">https://medium.com/p/f745f5fbeb1c</a>
(The Blast Shack (read this first))<br>
<br>
This article here is probably a less funny but just as interesting
read. He's a professor at Cornell who describes himself FIRST as a
hacker. <br>
<a
href="http://hackingdistributed.com/2013/08/01/framework-for-surveillance/">http://hackingdistributed.com/2013/08/01/framework-for-surveillance/</a><br>
<br>
And in the meantime the IC was busy owning things. Getting the job
done. <br>
<br>
<a
href="http://blogs.computerworld.com/cybercrime-and-hacking/22595/fbi-behind-firefox-zero-day-compromising-half-all-tor-sites">http://blogs.computerworld.com/cybercrime-and-hacking/22595/fbi-behind-firefox-zero-day-compromising-half-all-tor-sites</a>
<br>
<br>
And in the process proving the Grugq right.<br>
<br>
<img alt="TOR BROWSER vs PORTAL"
src="cid:part7.04040909.04010108@immunityinc.com" width="1157"
height="408"><br>
<br>
-dave<br>
<br>
</body>
</html>