Podcasts about White Ops

Families are juggling more responsibilities than ever. We've seen technology support many areas of our lives, but family management is still mostly done the old-fashioned way which often leaves us feeling like there's never enough time in the day. In this episode, Ellie Windle, Founder and CEO of Persist, talks about how AI might reshape family life. Ellie's career in ad tech, including roles as a GM at MediaMath and VP of Client Success at White Ops (now HUMAN), sharpened her skills in using data and technology to solve complex problems. This combined with being a mother herself gives Ellie a unique vantage point on applying tech to the age-old challenges of family management.

They tried to shoot who? Well we all know it wasn't Bronny fr...

Mai Ton oversees the development and execution of Fabric's people strategy. She has over 20 years of leadership experience in tech startups and has helped various companies through IPOs and M&A transactions. She has built the entire people function at every company she has worked and has won over 14 awards for her previous companies. She formerly led the People teams at White Ops, HelloSign, Onelogin and Trulia. Instead of helping one company at a time as an internal HR leader, Mai Ton formed her own consulting business, EMP HR Consulting, where she contributes her knowledge to help many companies simultaneously. Mai's services provide companies a clear people strategy with core structures like performance management, compensation frameworks, remote strategies and benefits programs which increase employee engagement and retention. She was named to the list of the Top 50 Most Powerful Women in Technology in 2019. Mai is a Board member of LEAP.org a non-profit organization that helps Asian Americans break the bamboo ceiling. She is an advisor to some of the newest HR technology software companies and shares her knowledge with others by speaking at various HR conferences. She received a BA in Sociology from the University of Texas, Austin.   She wrote a book called: Come into My Office: Stories from an HR Leader in Silicon Valley   You can find her on Twitter and Instagram.   The songs picked by all our guests can be found via  our playlist #walktalklisten here.    Please let me/us know via our email innovationhub@cwsglobal.org what you think about this series. We would love to hear from you. Please like/follow our Walk Talk Listen podcast and follow @mauricebloem on twitter and instagram.  Or check us out on our website 100mile.org (and find out more about our app (android and iPhone) that enables you to walk and do good at the same time! We also encourage you to check out the special WTL series Enough for All about an organization called CWS.  

The Pharmakoi rampaged across dozens of star systems, taking on the toughest races in the Galaxy in their campaign of conquest. But they are only the beginning.Sean Patrick Ryan sees that another race is behind the Pharmakoi expansion ; a race that wants to test our galaxy for weakness, and who needs to be eliminated from within. To fight the enemy in the shadows, Sean will put together a strike team to light up the darkness— with nukes if necessary.They will get the job done at any cost.They will be White Ops.Support this show http://supporter.acast.com/houseofmysteryradio. See acast.com/privacy for privacy and opt-out information.

New book: White Ops! https://www.amazon.com/gp/product/B09LJ2762Q Special guest: Declan Finn! http://www.declanfinn.com/

In this Cast we talk with the prolific Declan Finn about his newest “Space Opera” White Ops. This is a project that he began  long ago and discarded and reworked many times. The pandemic gave Declan the chance to revisit it and make all the updates and changes he wanted as well as give him […]

On this episode of The Marketer's Journey, I interview Dan Lowden, CMO at HUMAN, a cybersecurity company formerly known as White Ops. Dan is a passionate marketer and storyteller, and he's held several positions throughout his career including CMO, founder and even head chef. During the episode, we discuss the path to becoming a CMO, meeting customers in a human way, brand storytelling and much more.Check out this and other episodes of The Marketer's Journey on Apple Podcasts, Spotify, Stitcher, and Google Play!Key takeaways from this episode:Passion rules at the end of the day. When it comes to hiring processes, building a brand narrative and carrying forward your company's key messaging, the passion behind it all is the secret ingredient for success. If you can't have passion, then intrigue that has the potential to turn into passion is the next runner up.Case studies are more crucial now than ever before. With the rise of digital and virtual video conferencing due to the pandemic, impactful case studies demonstrating tangible examples of your company's work are key for connecting and engaging with your customers.Demonstrate your wins. Dan mentioned that so much of the news today is about losing, so it's important to show off your wins in a compelling way. Paint a picture of your success like you're crafting a scene from a movie, and trust that your buyers will connect with your narrative on an emotional level. Learn more about HUMAN here: https://www.humansecurity.com/Learn more about Dan here: https://www.linkedin.com/in/danlowden/

The ad industry is making progress in the fight against ad fraud, says Michael Tiffany, president and co-founder of bot detection firm White Ops, which recently got acquired by Goldman Sach. But don’t rest on your laurels, because when fraud leaves one corner of the internet … it creeps into another. Fraud is on the rise in CTV.

In this episode of CapConversation, Capco Digital’s Nic Parmaksizian and Julian Bonnay chat with Tamer Hassan, CEO and co-founder of White Ops, a global leader in bot mitigation, bot prevention, and ad fraud protection. White Ops was co-founded by Tamer Hassan in 2012, with a goal was to preserve the integrity of the internet from the malicious bots that spread malware and propagate various forms of cybercrime. In 2016, Hassan led the takedown of 3ve, the biggest bot fraud organization to date, with the help of Google and the FBI. Previous to co-founding White Ops, Hassan founded Compel Data Technologies. Previous to this, Hassan served as a Major in the US Air Force, where he completed multiple combat deployments in Iraq and Afghanistan as a decorated Combat Search and Rescue helicopter pilot and Tactical Officer. In 2019, Hassan was named in Fast Company’s Annual List of the 100 Most Creative People in Business.

In the Enterprise News, BotRx widgets provide analytical context on how attacks impact business operations, New Kasada API protects from botnet attacks and targeted fraud, White Ops Offers Expanded Protection Against Sophisticated Bot Attacks and Fraud through the AWS Marketplace, SentinelOne, an AI-based endpoint security firm, confirms $267M raise on a $3.1B valuation, ZeroNorth unites security and DevOps teams with Defect Density Dashboard, and much more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw206

In the Enterprise News, BotRx widgets provide analytical context on how attacks impact business operations, New Kasada API protects from botnet attacks and targeted fraud, White Ops Offers Expanded Protection Against Sophisticated Bot Attacks and Fraud through the AWS Marketplace, SentinelOne, an AI-based endpoint security firm, confirms $267M raise on a $3.1B valuation, ZeroNorth unites security and DevOps teams with Defect Density Dashboard, and much more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw206

White Ops is the global leader in bot mitigation. They protect more than 200 enterprises—including the largest internet platforms—from sophisticated bots by verifying the humanity of one trillion online interactions every week. The most sophisticated bots look and act like humans when they click on ads, visit websites, fill out forms, take over accounts, and commit payment fraud. They stop them. The White Ops Bot Mitigation Platform can detect, prevent and outwit bot populations of every level of sophistication. They get inside their adversaries’ OODA loops with proactive adaptation. Their unique approach to bot mitigation put them in the lead role to collaborate with the FBI, Google, Facebook and many other partners in the takedown of 3ve, one of the largest botnets ever defeated. White Ops is a pro-privacy, pro-human organization. Their privacy-sensitive code detects bots without tracking humans. And that privacy-centric approach has earned the trust of our partners and allowed us to reach an enormous global scale. Their code runs in countless websites and apps every day, affords us a footprint larger than any single anti-virus or threat detection platform on the internet. I wanted to find out more about their mission at White Ops to protect the internet by verifying the humanity of every online interaction and disrupt the economics of cybercrime. On my quest for knowledge, I also uncovered an inspiring backstory that began in 2012 in a Brooklyn sci-fi bookstore. Michael Tiffany, President, and Co-Founder White Ops, shares the story behind White Ops, The takedown of the 3ve botnet in partnership with the FBI and Google. We also discuss other more recent fraud investigations such as ICEBUCKET (Largest Connected TV botnet to date) and Terracotta.

Sarah Walker is as close to a unicorn as they come - a senior, female engineering executive in the world of ad tech and cybersecurity. Sarah has worked at American Express, Pfizer, FreeWheel and Annalect Group (Omnicom). She led a global team of over 70 people at White Ops, a cybersecurity leader, and is a founding member at Chief. In this episode, some of the topics we covered include: the value of taking a mission-driven approach to your career, moving into a more technical role (if you don't have a technical background), how to build and manage a cohesive global team and all of her incredible work around connecting and empowering other women in tech to succeed. She is inspirational and laid down some fantastic advice throughout.

At the 2020 RSA conference, SC Media sat down for a podcast interview with Tamer Hassan, CEO and co-founder of anti-fraud and bot mitigation company White Ops, to discuss the growing underground market for bots-as-a-service.

Sometimes, the big ideas sort of just happen. That said, some magical brand moment isn’t going to just appear without some planning or effort—but sometimes, some small bit of genuine authenticity can grow into a brand pearl. That’s part of what happened with White Ops, and on this episode, Dan Lowden, CMO, discusses how. White Ops is fueled by their purpose-driven mission to disrupt the illicit economy built by cybercriminals; that mission has caught fire and stands as a sterling example of why purpose is a must. Tune in to hear about how they formed their mission, how they show it to the world, why they shun the hard sell, and how an overarching purpose came from a simple t-shirt that just read “human.”

In this episode we talk to Dan Lowden, CMO at White Ops. Are you able to easily track & analyze the reach of your organic LinkedIn content? If not, you may want to check out a tool we've been using here at Sweet Fish: SHIELD Use the promo code B2BGROWTH for a 25% Discount Want to get a no-fluff email that boils down our 3 biggest takeaways from an entire week of B2B Growth episodes? Sign up today: http://sweetfishmedia.com/big3 We'll never send you more than what you can read in < 1 minute.

Researchers at bot mitigation firm White Ops have been tracking fraudulent apps in the Google Play store. These apps often imitate legitimate apps, even going so far as to lift code directly from them, but instead of providing true functionality they harvest user data and send it back to command and control servers. Marcelle Lee is a principal threat intel researcher at White Ops, and she shares their findings.  The original research can be found here — https://www.whiteops.com/blog/another-day-another-fraudulent-app The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.  

Researchers at bot mitigation firm White Ops have been tracking fraudulent apps in the Google Play store. These apps often imitate legitimate apps, even going so far as to lift code directly from them, but instead of providing true functionality they harvest user data and send it back to command and control servers. Marcelle Lee is a principal threat intel researcher at White Ops, and she shares their findings.  The original research can be found here — https://www.whiteops.com/blog/another-day-another-fraudulent-app

di Giovedì 14 marzo 2019 Calabria. Maxi-evasione del fisco da 13 MilioniLa Guardia di Finanza di Locri (Reggio Calabria) ha scoperto una maxi-evasione per oltre 13 milioni di euro. Tre persone sono state denunciate per frode fiscale e occultamento delle scritture contabili. La scoperta, grazie a 2 distinte verifiche fiscali su 2 società del commercio all’ingrosso di articoli da regalo, a Siderno (RC). Individuato un amministratore che per far ricadere eventuali resposabilità su terzi cedeva quote societarie e costituiva una nuova società rappresentata dai precedenti soci. Google. Bloccati 2,3 Miliardi di “annunci-inganno” Nel 2018 Google ha bloccato 2,3 mld di annunci pubblicitari ingannevoli o pericolosi, oltre 6 milioni al giorno. Lo rende noto la società nel report Trust and Safety Ads. Quasi 207.000 erano annunci per rivendere biglietti, oltre 531.000 erano prestiti per cauzioni e circa 58,8 mln erano legati ad attività di phishing. Google spiega anche di aver sventato una grande frode pubblicitaria, in collaborazione con Fbi e la società di cybersecurity White Ops. Torinese, case evacuate per gli incendi. I Vigili del fuoco hanno evacuato in via precauzionale alcune abitazioni a Givoletto, nel Torinese, a causa degli incendi che da 2 giorni stanno bruciando i boschi della zona. Nelle aree interessate dai roghi sono al lavoro due unità di Comando avanzato con due funzionari, molte squadre dei vigili del fuoco e l’Aib (i volontari antincendi boschivi del Piemonte). Il fumo è ben visibile anche a Torino. Gli incendi sono favoriti da siccità, secchezza della vegetazione e vento, che ieri ha soffiato fino a 90 km orari.

Michael Tiffany and Ryan Castellucci of White Ops discuss the recent takedown by law enforcement of the 3ve ad-fraud operation. 3ve was a sophisticated and expansive operation responsible for tens of millions of dollars in losses due to fraudulent ads. Michael and Ryan talk about specifics tactics used by the fraudster, the collaboration required to take down the operation, and what lessons the online ad industry can take from this. 

In an age of digital identity, how do we protect ourselves in an increasingly insecure world? In 2008, Dan Kaminsky identified a critical flaw in the internet’s Domain Name System (DNS) and led the largest synchronized fix to the internet’s infrastructure of all time. Today, he’s Chief Scientist and cofounder of White Ops. Topics include: the great cities of the world that were proven vulnerable, and burned to the ground, computer worms, why it’s easier than ever to hit the WHOLE world with an attack, crypto’s role in proliferating these attacks, evil hacking as a kind of mind control!, how – in the context of Mars – to start over and get security right, and building an elite team of security hackers dedicated to fighting crime and fixing bugs around the world.

Shortly after New Years we were hit with two security flaws that affect microprocessors called Meltdown and Spectre. These hardware flaws allow programs to steal data being processed on a computer. Both have both been around for quite some time and it’s unclear to what extent they have already been exploited. Desktop, laptop, and cloud computers may be affected by Meltdown, as for Spectre, it’s all of the above, and mobile. My guest this week is Dan Kaminsky, Chief Scientist at White Ops, a cybersecurity firm. Dan is one of the seven Recovery Key Shareholders who possess the ability to restore the DNS root keys, aka the keys to restore the internet. We talk about Meltdown and Spectre, Intel’s response, and whatever you do, don’t download the dancing fish… but first, our need for speed and the introduction to Meltdown and Spectre.

Today's Commexis Cast discusses an article from AdWeek's Christopher Heine about potentials for white ops bot blockers for programmatic advertising. Advertising holding companies such as Omnicon and WPP have come together to form The Trade Desk in hopes of reducing bots and potential ad fraud. Will this help in the long run? And should you put your advertising dollars into programmatic advertising? Len and Phillip have the details. Plus, Google is testing out new features in Google Maps, according to Search Engine Land's Barry Schwartz. Today's cast: Len Ward (Commexis President), Matthew McGrorty (Commexis Videographer/Podcaster), and Phillip Brooks (Lead Digital & Creative Strategist).

For the latest DMN One on One podcast we sit with Michael Tiffany, co-founder and CEO at the white hat hacking company White Ops. We discuss white hat hacking, ad fraud, and White Ops' ongoing war against the black hack hackers behind today's inflated fraudulent ad inventory, as well as how ad fraud could potentially finally meet its end.

The O’Reilly Security Podcast: Coarse-grained security, embracing the ephemeral, and empathy for everyone.In this episode, I talk with Dan Kaminsky, founder and chief scientist at White Ops. We discuss what a National Institutes of Health (NIH) for security would look like, the pros and cons of Docker and ephemeral solutions, and how the mere act of listening to people better can improve security for everyone.Here are some highlights: Creating an NIH for security research The hard truth is that there just are societal scale problems: cities burn, people need to transit from one location to another, we need food that doesn't poison us. The reality is that there are problems that affect all of us if they're present. The Internet is not a safe place right now, and, more importantly, the tools we’re using to interact with it are relatively broken. This is a problem, but we shouldn't be ashamed. I think we need to have a larger-scale response to the problems of the Internet. It has been a tremendous boon to our society. It is the heart of our economic growth. It's the greatest growth since the Industrial Revolution, but it's got some problems that we're not just going to guilt people out of. We've got to do some engineering work. We're going to have to share a lot more. The FBI has crime statistics, and it's incredibly useful on a societal scale. There needs to be this lack of shame that things are burning and say, ‘Yeah, this breach, here's what happened.’ Let's do some month-long investigations about what happened. Get that data out there and try to respond to it. This is not the first time we've had problems in an important tech, and it won't be the last time, but let's actually work on it. The reason I talk about the NIH is because they actually fund work on these sorts of problems, and things do get better. Coarse-grained security We've been trying to build these incredibly fine-grained security models based on the presumption that every little bit of a system potentially needs to talk to every other little bit of a system. You get what in Windows we call ‘ACL hell’ for the access control lists. They just get enormous. Linux has SELinux—all these very, very fine-grained systems and I don't think they work. I've become a real fan of coarse-grained security, where there are well-defined interfaces and known good state. For example—this is a real-world thing that happens in operations—you have a bunch of machines you know get compromised from time to time, and you know developers need to access them to figure out when they're not compromised to understand why they’re slow, why they’re crashing, why they’re unusable, whatever. How do you let your developers, who have very sensitive desktops, access these machines in the data center? You do things where the only signal that gets through is a keyboard, a mouse, a screen. In fact, that might literally be a remote desktop connection that goes to a device where that's all it transmits: keyboard, video, mouse. You don't let the developer desktop talk directly over IP to the machine you know probably got compromised. What you've done there is you've squeezed the signal down to really almost nothing; to a deeply well-defined interface. When the only thing it can do is what it's supposed to do operationally, you get some security properties that people can reason about. They can think about what the system is doing. A lot of security is just making computers behave like people think they're behaving. Getting rid of the goop There's alignment between what developers want and what security wants. Everyone wants the system to behave in a predictable manner. Now, as a deployment methodology, Docker’s got some really cool things. As a security mechanism, there's a lot of goop that we sort of paper over, stuff that's being shared between the one kernel and the many user spaces. No one quite knows what the goop is, what needs to be saved, what needs to be restored, what needs to be secured. No one quite knows all the states and all the information being exchanged between the isolated environment and the important kernel. That's a big deal; this is literally the scenario that means this is going to be rough to secure because that's where the hackers hide. When you don't know what you're tracking, they'll go find that. Embracing the ephemeral No one wants to go back to the way things worked in virtual machines. No one has enough disk space for that. But there are a bunch of really good properties in the virtual machine architecture. We don't need to do deployments like the old VMs, but we can use the properties of the actual hardware. I've been exploring that myself. I have this mechanism called Autoclave. Autoclave is basically doing a bunch of stunts between containers and VMs. I have full Linux and Windows environments booting up in less than a quarter of a second, fully functional, fully operational, fully ephemeral. You go in, you do whatever you're going to do, you leave, the thing's destroyed. The goal I want to get to is when you interact with a server, on connecting to it, a virtual machine spawns—you do your business, it leaves, it's okay. So, then there are these architectural stunts you can play where it's just, ‘I want you to do the same thing you did before. I want you to do it on every connection. I want you to do it efficiently, and I don't want you to throw away everything after.’ This is actually technically feasible. I've been playing with it, and I'm going to demonstrate it at the Security conference in New York next month. Empathy builds better solutions Empathy is actually caring about someone else's problems. Empathy is how you make things that don't suck. It is the process of putting your mind in someone else's life experience and thinking, ‘Okay, this is where you're coming from. What do you need?’ Because you know no one wants to get hacked. People have a budget for not suffering that. People don't want their houses to burn. People don't want their bank accounts emptied. It's not that we don't have buy-in, it's just that we have to change things so that the first thing you do when you get home doesn’t have to be figuring out how to keep your house from burning down tomorrow. That's where we are in security right now, and it's not okay. We should figure out how we can integrate in other people's lives.

The O’Reilly Security Podcast: Coarse-grained security, embracing the ephemeral, and empathy for everyone.In this episode, I talk with Dan Kaminsky, founder and chief scientist at White Ops. We discuss what a National Institutes of Health (NIH) for security would look like, the pros and cons of Docker and ephemeral solutions, and how the mere act of listening to people better can improve security for everyone.Here are some highlights: Creating an NIH for security research The hard truth is that there just are societal scale problems: cities burn, people need to transit from one location to another, we need food that doesn't poison us. The reality is that there are problems that affect all of us if they're present. The Internet is not a safe place right now, and, more importantly, the tools we’re using to interact with it are relatively broken. This is a problem, but we shouldn't be ashamed. I think we need to have a larger-scale response to the problems of the Internet. It has been a tremendous boon to our society. It is the heart of our economic growth. It's the greatest growth since the Industrial Revolution, but it's got some problems that we're not just going to guilt people out of. We've got to do some engineering work. We're going to have to share a lot more. The FBI has crime statistics, and it's incredibly useful on a societal scale. There needs to be this lack of shame that things are burning and say, ‘Yeah, this breach, here's what happened.’ Let's do some month-long investigations about what happened. Get that data out there and try to respond to it. This is not the first time we've had problems in an important tech, and it won't be the last time, but let's actually work on it. The reason I talk about the NIH is because they actually fund work on these sorts of problems, and things do get better. Coarse-grained security We've been trying to build these incredibly fine-grained security models based on the presumption that every little bit of a system potentially needs to talk to every other little bit of a system. You get what in Windows we call ‘ACL hell’ for the access control lists. They just get enormous. Linux has SELinux—all these very, very fine-grained systems and I don't think they work. I've become a real fan of coarse-grained security, where there are well-defined interfaces and known good state. For example—this is a real-world thing that happens in operations—you have a bunch of machines you know get compromised from time to time, and you know developers need to access them to figure out when they're not compromised to understand why they’re slow, why they’re crashing, why they’re unusable, whatever. How do you let your developers, who have very sensitive desktops, access these machines in the data center? You do things where the only signal that gets through is a keyboard, a mouse, a screen. In fact, that might literally be a remote desktop connection that goes to a device where that's all it transmits: keyboard, video, mouse. You don't let the developer desktop talk directly over IP to the machine you know probably got compromised. What you've done there is you've squeezed the signal down to really almost nothing; to a deeply well-defined interface. When the only thing it can do is what it's supposed to do operationally, you get some security properties that people can reason about. They can think about what the system is doing. A lot of security is just making computers behave like people think they're behaving. Getting rid of the goop There's alignment between what developers want and what security wants. Everyone wants the system to behave in a predictable manner. Now, as a deployment methodology, Docker’s got some really cool things. As a security mechanism, there's a lot of goop that we sort of paper over, stuff that's being shared between the one kernel and the many user spaces. No one quite knows what the goop is, what needs to be saved, what needs to be restored, what needs to be secured. No one quite knows all the states and all the information being exchanged between the isolated environment and the important kernel. That's a big deal; this is literally the scenario that means this is going to be rough to secure because that's where the hackers hide. When you don't know what you're tracking, they'll go find that. Embracing the ephemeral No one wants to go back to the way things worked in virtual machines. No one has enough disk space for that. But there are a bunch of really good properties in the virtual machine architecture. We don't need to do deployments like the old VMs, but we can use the properties of the actual hardware. I've been exploring that myself. I have this mechanism called Autoclave. Autoclave is basically doing a bunch of stunts between containers and VMs. I have full Linux and Windows environments booting up in less than a quarter of a second, fully functional, fully operational, fully ephemeral. You go in, you do whatever you're going to do, you leave, the thing's destroyed. The goal I want to get to is when you interact with a server, on connecting to it, a virtual machine spawns—you do your business, it leaves, it's okay. So, then there are these architectural stunts you can play where it's just, ‘I want you to do the same thing you did before. I want you to do it on every connection. I want you to do it efficiently, and I don't want you to throw away everything after.’ This is actually technically feasible. I've been playing with it, and I'm going to demonstrate it at the Security conference in New York next month. Empathy builds better solutions Empathy is actually caring about someone else's problems. Empathy is how you make things that don't suck. It is the process of putting your mind in someone else's life experience and thinking, ‘Okay, this is where you're coming from. What do you need?’ Because you know no one wants to get hacked. People have a budget for not suffering that. People don't want their houses to burn. People don't want their bank accounts emptied. It's not that we don't have buy-in, it's just that we have to change things so that the first thing you do when you get home doesn’t have to be figuring out how to keep your house from burning down tomorrow. That's where we are in security right now, and it's not okay. We should figure out how we can integrate in other people's lives.

In today's podcast, Yahoo!'s really bad breach. We hear about Raum, a malicious tool the Black Team is offering in select criminal markets on a pay-per-install basis. In industry news, we learn that Vista Equity Partners is taking Infoblox private. Webroot is acquiring CyberFlow Analytics, Oracle has bought Palerra, and Elastic has acquired Prelert. White Ops closes a $20 million Series B round.  Emily Wilson from Terbium Labs explains the importance of reputation on the Dark Web. RedOwl's Brian White outlines insider threats. A new third-party risk management coalition forms. NATO-themed phishbait hooked German politicians.

In our 113th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, and Maury Shenk discuss: United Kingdom: UK’s pending surveillance bill and GCHQ’s compliance regime for access to bulk personal data; Apple stops providing security patches to QuickTime on Windows; Federal judge rules FBI didn’t have proper warrant to hack child porn site; FISA Court troubled by surveillance excesses at FBI and NSA; and Chinese drone maker says that it may share data with local government. In our second half, we have a one-hour panel discussion with cryptographers and security professionals at the Annual International Conference on Cyber Engagement, the panelists include: Patrick Henry, a notable cryptographer with experience at GCHQ, NSA, and the private sector; Dan Kaminsky, the Chief Scientist at White Ops; Kiran Raj, who is Senior Counsel to the Deputy Attorney General; and Dr. Zulfikar Ramzan the CTO of RSA Security. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Ryan-Castellucci-Cracking-Cryptocurrency-Brainwallets.pdf Cracking Cryptocurrency Brainwallets Ryan Castellucci Security Researcher, White Ops Imagine a bank that, by design, made everyone's password hashes and balances public. No two-factor authentication, no backsies on transfers. Welcome to "brainwallets", a way for truly paranoid cryptocurrency users to wager their fortunes on their ability to choose a good password or passphrase. Over the last decade, we've seen the same story play out dozens of times - a website is broken into, the user database is posted online, and most of the password hashes are cracked. Computers are now able make millions, billions or even trillions of guesses per second. Every eight character password you can type on a standard keyboard and every combination of five common english words could be tried in less than a day by today's botnets. Can people come up with passphrases able to stand up to that when money is on the line? Let's find out. For this talk, I will be releasing my high speed brainwallet cracker, "Brainflayer". I'll cover a history of brainwallets, safer passphrase-based wallet generation, passphrase security, in-the-wild cracking activity, and how I accidently stole 250 Bitcoins (and tracked down the owner to give them back). Ryan Castellucci has been interested in cryptography since childhood when his parents gave him a copy of "Codes, Ciphers and Secret Writing". He soon learned to program and wrote a tool to crack simple substitution ciphers. More recently, he co-spoke with Dan Kaminsky at DEF CON 22 and was a finalist in the 2014 Underhanded Crypto Contest. For his day job at White Ops, he finds new and exciting ways to tease out the subtle differences between bots and human-controlled web browsers. Twitter: @ryancdotorg Web: https://rya.nc