Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: #DNS Covert Channels; Ambient Light Sensors; - SANS Internet Storm Center #DNS Covert Channels; Ambient Light Sensors;


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, April 21st 2017

A daily summary of network and system security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
Created: Thursday, April 20th 2017
Length: sh: /usr minutes
Today's Headline: #DNS Covert Channels; Ambient Light Sensors;

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
Fancy Player (with skip back/forward)

Show Notes

Detecting Covert DNS Channels
https://isc.sans.edu/forums/diary/DNS+Query+Length+Because+Size+Does+Matter/22326/

Ambient Light Sensors May Become Accessible Via JavaScript
https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/

BIND Name Server Update
https://kb.isc.org/article/AA-01491

Entropy As A Service
https://www.getnetrandom.com

Webcast: NoSQL Doesn't Make You NoVulnerable
https://www.sans.org/webcasts/nosql-doesnt-novulnerable-104897

Discussion

Whitewood’s netRandom sounds interesting, but unfortunately it’s not something I can trust. Whitewood is a US company, has to obey US law and therefore has to buckle to the NSA. And at least since Dual_EC_DRBG we know that the NSA wants to mess with our randomness.
Posted by juser on Fri Apr 21 2017, 18:33

Login here to join the discussion.