shift change 2024-01-29
Welcome to your shift change, reports from the off-going watch to the oncoming on anything interesting in privacy, security, or intelligence.
1. SANS CTI Summit—starting today, January 29th through tomorrow the 30th.
- There is still time to sign up (for free) before the sessions begin at 9 a.m. EST with opening remarks from Rebekah Brown, Katie Nickels, and Rick Holland.
I’ve read Rebekah Brown’s book, Intelligence-Driven Incident Response: Outwitting the Adversary, spent time learning and refreshing skills and concepts with Katie Nickel’s CTI Self Study Plan, part 1 and part 2, and I thoroughly enjoyed a more visual CTI experience reading through Thomas Roccia’s Visual Threat Intelligence—so I’m excited to see all three (and the rest of the summit presenters).
In the spirit of fun I will be releasing a CTI buzzword bingo card before the Summit begins, should “Midnight Blizzard” be a free spot?
Shoutout to Bret Irwin, who I have never met, but has shouldered the intel burden of trying to explain “Why Won’t They Listen? — Connecting your CTI to Decision Makers”
3. If you live in a SCIF or window-less office, here are some faux natural lighting suggestions so you don’t feel like a gremlin.
4. Money remains to shortest path around the Fourth Amendment’s protection against unreasonable government search and seizure, the NSA can just buy what it needs from the massive data hoarding industry the US refuses to confront. While the FTC is ordering companies to stop collecting sensitive data and in some cases destroy the data because of the unfair and deceptive trade practices used to manufacture consent or legitimate need, the NSA is funding the market the FTC is “fighting.”
I’m sure there are no parallels between the zero day market the US created and encouraged, and the massive personal data market the US has created and encouraged. At least nothing from the zero day market ever jumped onto the live internet and caused all sorts of problems.
Go right to the documents shared by Senator Wyden, including responses from NSA and DOD—here.
5. Catching up with the Markup’s Gentle January series:
- Use a pin or code, not biometric login to secure your phone or digital device—police can compel you to unlock your phone with biometric login but cannot compel you to reveal a pin or code (depending on the state and judge you get in your particular case considering your particular facts…)
- Use a virtual machine, for free (of course you can buy a platform as well):
A virtual machine is essentially a simulated computer that runs on top of your regular computer. It has its own files, its own operating system, its own memory—and no access to the real versions of these things on your actual computer.
Virtual machines are handy for opening potentially sketchy files (like email attachments from strangers) and software (that Blu Ray ripper you downloaded from overseas). You can get free virtual machine software to use on Mac, Windows, and Linux computers. Setting this up is time consuming but generally straightforward, with the important exception of newer Macs with Apple Silicon, for which the free software does not (yet) work. On those machines, or for an easier experience on other machines, paid products like Parallels for Mac, VMWare Fusion for Mac, or VMWare Workstation Pro for Windows are all well established options.
Detonating malware on a computer you have safely set up inside a computer and then just rolling the snapshot back to before the malware infected your computer and having a fully functioning computer-within-a-computer again is fun for a certain type of poker-and-prodder of how software responds. I guess what I’m saying is learning how to work with VMs comes with all sorts of perks.
## The shift change is a collection of timely stories of interest in the security, privacy, and intelligence worlds. Thanks for reading, and feel free to reach out to will@signaltonoise.fyi for any questions, comments, or thoughts on items you’d like to see highlighted.