ISC StormCast for Monday, March 13th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 13 March 2017
⏱️ 7 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, March 13th, 2017 edition of the Sands and at Storm Center's Stormcast. My name is Johannes Ulrich and that I'm recording from Jacksonville, Florida. |
| 0:12.0 | Let's start with a couple of emails that we got from readers last week. Last week, a reader wrote in with a problem that's not really all that |
| 0:22.4 | uncommon these days. And he just received a new address space allocation. But what happened |
| 0:29.6 | is he actually resides in New Zealand. But the address space that he got assigned was used in |
| 0:36.9 | Europe in the past. So a lot of geolocation databases |
| 0:41.7 | still registered it as Europe, which of course has the problem for his users that they can't get |
| 0:48.5 | access to some content that blocks them based on geolocation. With IPV4 address space being in short supply, |
| 0:58.0 | of course it's being reused very quickly after someone is freeing up some address space and it's |
| 1:04.0 | often also like in this case moved around between regions. Now what you really should do here |
| 1:10.6 | is make sure that your address location |
| 1:13.6 | databases are up to date and the same with other block lists and the like. Given that address |
| 1:20.1 | space may change hands, it's of course important to keep block lists up to date and not to block IP addresses indefinitely. |
| 1:30.5 | Current mobile phones are typically either locked with a pin or, in the case of Android, |
| 1:36.1 | often with a pattern that the user draws on the screen. |
| 1:40.7 | Researchers at the University of Stuttgart now did an interesting experiment where they tried to recover either the pin or the pattern using a thermal camera. Of course, it's pretty obvious that in principle it's possible to detect the latent heat of the finger as it touched the screen. But what's interesting here is how successful it is |
| 2:03.3 | and what some of the limitations are. Apparently around 30 seconds is sort of the critical time here. |
| 2:10.5 | So if you don't get the image within 30 seconds, then the success rate is substantially reduced. For the patterns, one thing that does |
| 2:21.9 | affect the success rate quite a bit is if the user has overlapping patterns where the same |
| 2:28.7 | line is drawn twice, then again the success rate is quite a bit lower. Doesn't affect pins as much. With pins, if you |
| 2:38.0 | hit the same digit multiple times, the success rate was still pretty good. Now given that the |
| 2:45.8 | window here is only 30 seconds, I don't think the attack is terribly practical, but some interesting countermeasures |
| 2:52.5 | here. The obvious one, just cover the screen with your hand that way warming up the entire |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.