Cyber Frontiers

GDPR – What You Need to Know, RSA Conference Recap and Crypto Mining Update – CF044

We’re back! This week on Cyber Frontiers Christian and Jim catch up on the avalanche of GDPR and separate fact from hype. We also take a dive into where we are with cryptocurrency security, weighing in on the recent Crypto Currency hack in South Korea and the overall maturity of the technology. We also relate the topics back to some of the big themes from RSA 2018 and provide a quick recap of the conference themes. Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future!   Christian Johnson will bring fresh and relevant topics to the show based on the current work he does. Support the Average Guy: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at Tags: Podcast, Cyber Frontiers, Cybersecurity, Spectre, GDPR, RSA, Crypto Mining, Crypto   CryptoMining Gone Wild GDPR – Everyone Is Either Scrambling or Talking Facebook RSA Conference Recap   Contact Christian: Contact the show at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

An Update on Meltdown and Spectre, ATM JackPotting and Christian Talks Crypto Currency – CF043

This week on Cyber Frontiers we jump into and update on the public disclosures of the meltdown and spectre vulnerabilities. We also chat about the latest hardware hacking efforts with ATMs and JackPotting as well as get Christian’s take on Crypto Currency and the coin market. Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future!   Christian Johnson will bring fresh and relevant topics to the show based on the current work he does. Support the Average Guy: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at Tags: Podcast, Cyber Frontiers, Cybersecurity, Spectre, Meltdown, ATM Jackpotting, Crypto Currency, Bitcoin Some Minor Updates on Meltdown and Spectre: Microsoft says go away Intel to their buggy Spectre patch: Linux Kernel released (and now ): Intel reportedly designing new silicon to address issues and performance impact in future: ATM JackPotting: Jim: Christian’s take on the state of Crypto Space today. Contact Christian: Contact the show at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

Meltdown and Spectre: A Tear at the Foundation of Computer Security – CF042

This week on Cyber Frontiers we jump into full coverage of the 6-day old public disclosures of the meltdown and spectre vulnerabilities. With some issues mitigated, the news is a gravitational force that has dominated cybersecurity early into 2018 and could continue to engage industry for years to come. We discuss the short and long term security implications and performance debacles, and provide technical and non-technical explanations for the two classes of vulnerabilities disclosed. We review the mitigations users can start employing now, and discuss impacts for the average guy and the enterprise. Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future!   Christian Johnson will bring fresh and relevant topics to the show based on the current work he does. Support the Average Guy: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at Tags: Podcast, Cyber Frontiers, Cybersecurity, Spectre, Meltdown, Computer Security, Intel, AMD, ARM, CPU Meltdown Vulnerability: Technical Paper: Out-of-order execution creates a side channel vulnerability. Modern CPUs execute instructions out of order and these instructions may not actually be needed to return the real result of what a program is computing. These transient or temporary results may be written to the CPU in registers or to the cache. Flush+Reload targets lines to be moved out of the CPU into main memory for access as the side channel. Out-of-order execution itself is not a flaw, it’s a CPU feature. Other execution units can run ahead of the current running program counter if the resources are available to support parallel computing. Restricted meaning in meltdown paper: refers to an instruction sequence following a branch, and executing that operation before the results of all prior instructions have been returned. (Programs operate linearly, think of the parallelism jumping ahead on a work line to do other work ahead of time). Bank Heist Analogy: Spectre Vulnerability: Technical Paper: Takes advantage of processors using branch prediction. Branch prediction tries to guess the destination of memory addresses in use to attempt to jump ahead and execute. Attack involves making program perform operations speculatively that never occur during proper program execution, and leak data via a side channel. From the Spectre Paper: “Specter attacks trick the processor into speculatively executing instruction sequences that should not have executed during correct program execution.” Exploiting conditional branches in a loop is one of the easy to understand techniques for this attack (see Exploiting Conditional Branches on pg. 2) The read that is cached is not properly reverted when the processor realizes that the speculative execution was erroneous. Differences Between Meltdown and Spectre: Spectre limited to process memory, meltdown accesses kernel memory space from user space. Meltdown fully mitigatable in the operating system with a patch, spectre is not. There is no real “fix” for spectre, its indicative of the way we’ve run processors for years (branch prediction). They both require the use of the CPU cache as a side channel for reading out serialized values into memory space that the attacker leverages. Things you should do today: Make sure you received the latest out-of-band security updates for Windows update. Make sure you have installed the latest linux kernel from your package manager (likely yum or apt-get). Make sure you are on iOS and macOS and with the Safari fix to mitigate Meltdown and Specter. For desktop or server owners, check with your manufacturer for BIOS updates that have been released to provide mitigations for spectre. For those in the Windows Server Community: Some non-technical explanations:   Contact Christian: Contact the show at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

Reflection on Cyber Culture: Societal Impact and Living (In)Securely In the Modern Age – CF032

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Jim and Christian pause to reflect on 9/11 (the day of recording), and how cybersecurity has impacted our nation’s wellbeing over the past decade. From here we branch into some of the many challenges associated with the future of information warfare, and introduce research concepts that are being pioneered for thwarting the evolving threats of our time. We uncover some interesting themes and conclude the show with a discussion of useful tools that any cyber researcher should know about for studying malware and its footprint on systems and networks. Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

DEFCON 24 – CF031

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at This week on Cyber Frontiers Christian Recaps DEFCON 24 and walks through highlights and observations from the conference proceedings. We talk about what it means to be a Jittery MacGyver (building a bionic hand from a coffee maker), manipulating airline boarding passes, hotel point of sale systems, reverse engineering, Java runtime exploitation, that pesky Windows Schannel library and more! This year’s conference was hosted at Bally’s in Vegas. Approximately fifteen to twenty thousand of the world’s hacking elite attended for three days of fun. With 240 dollars cash paid at the door, electronic hacker badges, and no information required at registration – security evangelists from many different perspectives and communities were in attendance. We saw a variety of presenters international and domestic from universities, security companies, independent consultants, etc. give interesting talks throughout the security space. All of the presentations for DEFCON 24 have now been posted to: Audio and video for the conference should eventually start to be uploaded and published from DEFCON (the folders on the media drive are at least showing as of publishing this show). If you attended DEFCON or are interested in having us cover one of the presentations in depth on a future podcast, shoot us a note and we’ll be happy to give you a deep dive analysis on the topic of your choosing! Hedberg — The Bionic Hand Made from One Keurig Coffee Maker   ;feature=   Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

IPv6 and What is Coming in the Future – CF030

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at Full show notes and video at IPV6 Adoption in 2016 #tab=per-country-ipv6-adoption&tab=per-country-ipv6-adoption Waruna What is IPV6 New internet protocol Ability to many more devices due to 128 vs 32 bit of ipv4 IPV6 Benefits End to end connectivity No private address collisions Efficient routing Simpler header, less extraneous data Easier administration Less information to be processed by router Fewer information in header New Extension Headers The IPv6 specification currently defines 6 Extension Headers: Routing Header – Similar to the source routing options in IPv4. Used to mandate a specific routing. Authentication Header (AH) – A security header which provides authentication and integrity. Encapsulating Security Payload (ESP) Header – A security header which provides authentication and encryption. Fragmentation Header – The Fragmentation Header is similar to the fragmentation options in IPv4. Destination Options Header – This header contains a set of options to be processed only by the final destination node. Mobile IPv6 is an example of a Destination Options Header. Hop-by-Hop Options Header – A set of options needed by routers to perform certain management or debugging functions Drawbacks No NATS No drawbacks in security The firewall provides security not NAT itself Not backwards compatible Security differences IPV6 IPSEC – built in Using IPSec, participating peers (computers or machines) can achieve data confidentiality, data integrity, and data authentication at the network layer ( Layer 3 of the Open Systems Interconnection 7-layer networking model). Encryption – symmetric Certificate authorities Encryption that can be deployed in standalone environments between clients, routers, and firewalls With IPsec, data can be sent across a public network without observation, modification, or spoofing. IPsec functionality is similar in both IPv6 and IPv4; however, site-to-site tunnel mode only is supported in IPv6. In IPv6, IPsec is implemented using the AH authentication header and the ESP extension header. The authentication header provides integrity and authentication of the source. It also provides optional protection against replayed packets. The authentication header protects the integrity of most of the IP header fields and authenticates the source through a signature-based algorithm. The ESP header provides confidentiality, authentication of the source, connectionless integrity of the inner packet, antireplay, and limited traffic flow confidentiality. Offers end to end encryption SEND Protocol – secure neighbor discovery Cryptographic confirmation of host at connection time Privacy The design of IPv6 intended to re-emphasize the end-to-end principle of network design that was originally conceived during the establishment of the early Internet. In this approach each device on the network has a unique address globally reachable directly from any other location on the Internet. Drawbacks Deployment and configuration is an issue Proper deployment and configuration is a serious issue. Trying to deploy IPv6 the same way IPv4 was done guarantees problems. IT administrators must learn a whole new approach to networking, from simple network troubleshooting to configuring firewalls and monitoring security logs. There are many opportunities for confusion and mistakes. Lack of support The risk today is the lack of IPv6 security knowledge. Enterprises must invest time and money in IPv6 security training upfront, before deploying. That or risk compromise and spending more time and more money on security later to plug the holes. Network security is more effective as part of the planning stage rather than after deployment. This is not an area to skimp on. According to Scott Hogg, IPv6 Security author and CTO of GTRI, “All security practitioners should learn about IPv6 now because all organizations have IPv6-capable and enabled operating systems in their environments. Failure to secure the IPv6 systems is like allowing a huge back-door to exist.” Security device bypass via unfiltered IPv6 and tunneled traffic. Only a lack of knowledge is considered a bigger risk than the security products themselves. Conceptually it’s simple, security products need to do two things – recognize suspicious IPv6 packets and apply controls when they do. However in practice this is hardly possible in v4 let alone an environment that may have rogue or unknown tunnel traffic. Reputation based protection – Many security software vendors use the reputation of IP addresses to filter out malicious websites that are known sources of malware. While reputation systems for IPv4 addresses already exist, it’s a bit of a chicken-and-egg situation when it comes to IPv6. No one has established an IPv6 reputation database, so no one is using reputation-based security with IPv6 addresses — and therefore no one is building a reputation database. It’s something the security industry will surely eventually adopt, but for now it’s a missing piece in the security puzzle. Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »
Cyber Frontiers

Hands on with the Anonabox Pro – CF029

Listen Mobile: Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future Through an Academic Perspective!   Christian Johnson, a student at the University of Maryland will bring fresh and relevant topics to the show based on the current work he does. Please leave a REVIEW (iPhone or iPad) – ;type=Podcast&ls=1&mt=1 Support the Average Guy Tech Scholarship Fund: WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at You can contact us via email at or call in your questions or comments to be played on the show at (402) 478-8450 Full show notes and video at This week we pick up on our conversation on anonymity, Tor, and the dark web by reviewing one of the hot and trending hardware appliances powering the anonymous internet world – the Anonabox PRO! Features: Ability to uplink or downlink via ethernet or WiFi Direct passthrough – works as a regular router when anonymity is not turned on. Pocket sized, runs off USB power (will showcase running in my lab) Supports anonymity through Tor, or premium VPN services like HMA. Uses embedded DD-WRT kernel / intuitive web interface. Easy instructions packaged w/ product Background: Jim’s Twitter: #!/jcollison Contact Christian: Contact the show at Find this and other great Podcasts from the Average Guy Network at Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at: / 
Continue Reading »