Vodaphone denies any backdoors found in Huawei devices

Looks like Vodaphone considered having a telnet server running as a backdoor in the initial reporting by Bloomberg. All the same though, using Huawei devices as infrastructure of a 5G cellular network gives another nation state access to some potentially sensitive data and they would have the ability to remotely tamper with it. As more and more people rely on high speed cellular networks this is still a bad idea!

https://bbc.in/2Y0rd85

 

Awesome video on how quantum computer can break current encryption

Someone posted this video on one of the Slack workspaces that I’m on. It was really informative on the techniques used and where the current state of the art quantum computers currently are. The good news is current quantum computers don’t have enough quantum memory to break large primes, however I wonder if there’s such a thing as Moore’s Law for quantum computing in which case the Internet will be in big trouble in just a few years.

Automatic exploitation video from BSides DC

This YouTube video is titled “Lightening fast CTF solving – Automatic Exploit Generation & Side Channel Analysis” was sent to me by Sketch from this year’s BSides DC. It shows how to automate exploitation for stack overflows and format string vulnerabilities and the tool suite is built on top of the “angr” framework, Intel’s Pin framework and the “pwntools” package for Python. At the tail end of the video he actually applies this tool suite against a NETGEAR SOHO router which not only finds the vulnerability but will actually exploit it remotely and discusses how it can be used to identify and exploit these vulnerabilities in IoT devices.

http://bit.ly/2VUDfPy

I have already taken the liberty of forking all of his GitHub repositories and you can find them here:

* Zeratool: http://bit.ly/2u8hBet
* PinCTF: http://bit.ly/2u4Od98
* Rocket-Shot: http://bit.ly/2u1gYnd