-
On Pre Op Hackers
Proper Planning and Preparation Prevents Piss Poor Penetrations I was asked for good references on pre-operation phases of hacking. I recommended Matt Monte’s “network attacks and exploitation: a framework”, and Bill McRaven’s “Spec Ops: Case Studies in Special Operations Warfare: Theory and Practice”. The Monte book is the best book on cyber written so far.… Read more
-
The Network is not the Issue Dude
Ageism is never a good look There is an argument that goes “the Internet is not secure because it was designed in the 60s (or 70s, or whenever) and back then security wasn’t part of the plan. Now we’ve inherited that legacy of no security, and it haunts us still.” For some reason this has… Read more
-
Cyber Events
There is a constant need to label cyber operations as “cyber ${battle from history}.” The most recent one, indeed the one that inspired me to write about this phenomenon, is the spectacularly insane “cyber Cuban missile crisis.” The exact quote is from some fraudulent “cyber security experts” apparently: Experts are telling me that the solar… Read more
-
Cyber Writing Sucks
In the medieval era scribes and poets wrote about war and conflict for a class who participated actively in those activities. As a result, a great deal of the writing is actually very accurate in its depictions because the audience knew when it was inauthentic. This strikes me as an interesting point because the cyber… Read more
-
A Walkthrough of “Biden’s Laptop” with Rudy Giuliani
I have transcribed the audio from this video clip of Rudy Giuliani performing an examination of one of the alleged Hunter Biden laptops. We don’t see the screen so I’ve attempted to figure out, and explain, what he’s seeing and doing. Evidence stomping Giuliani’s investigation methodology violates every principle of digital forensic analysis. His clumsy… Read more
-
How to hide money laundering on the blockchain
This is a summary of the key points from this article: How to Not Get Caught When You Launder Money on Blockchain? Seems like successfully laundering Bitcoins is fairly complicated, lots of pitfalls. Secrecy is usually binary, it is all or nothing. If there is secrecy for 99 transactions and then a failure on the… Read more
-
Ransomware Prohibition
Theres nothing that can’t be made worse The Treasury has moved to prohibit payment of ransomware ransoms. They’ve said there will be some exceptions, and it is obvious that this won’t be an effective complete global ban on payment. The result, a partial ban on payment, is the worst possible ransomware environment for victims. The… Read more
-
The WeChat Ban and National Cyber Strategy
NOTE: The ban on WeChat was blocked for violating freedom of speech. For the millions of Chinese in the diaspora Trump’s WeChat ban has created a problem only the software grey market can solve. WeChat is almost an existential requirement. It’s the only messaging app the Chinese Communist Party (CCP) allows, making it the only… Read more
-
Cybercraft: the short version
Cybercraft is the skillful management of cyber ways and means to achieve your ends. We are living through a return to great power competition. Cyber has created a new means for contest between states and other entities, including organisations, companies, small groups and individuals. Cyber has infiltrated every facet of modern life. It has become… Read more
-
Disclosure Keynote: Cybercraft
I presented the opening keynote at Okta’s Disclosure conference on Sept 2nd 2020. I used the opportunity to put forward a new term of art (cybercraft) and to outline some of my thinking on cyber conflict. There is a good write up on ZDNet here. The video is on YouTube. Another write up on DarkReading… Read more