Talk Summary

☀️ Quick Takes

Is this Talk Clickbait?

1-Sentence-Summary

Favorite Quote from the Author

all it takes is one change one single bit to change everything

💨 tl;dr

Space weather can mess with computing, causing bit flips that lead to data theft. Self-hosting boosts privacy but is tricky. Misconfigured systems risk PII leaks. Tools like Certainly help manage DNS and TLS issues. Domain flipping can be exploited through typos. Stay proactive with security and automate tasks where possible.

💡 Key Ideas

• Space weather and heat voltage can cause bit flips in computing, comparable to typo squatting in domains, which can lead to data theft through DNS exploitation.
• Self-hosting drives curiosity and privacy; managing servers and email can be complex, involving dynamic SSL certificates and unique handling for spam control.
• Handling PII is uncomfortable due to security risks; misconfigured systems can lead to significant privacy issues, requiring legal involvement.
• Certainly is a DNS tool that logs requests, manages TLS handshakes, and can handle bit flips while ensuring minimal disruption.
• Domain flipping is influenced by character transformations, especially 'o' and 'w', presenting opportunities for exploitation in domain registration.
• Research into cosmic rays and their relationship with data errors showed no significant correlation, contradicting earlier assumptions.
• Data management security issues highlight the need for responsibility in breaches and the importance of proactive security measures.
• Open-source tools are essential for enhancing security in Red Team Recon and bug bounty hunting, emphasizing customizable solutions and improved monitoring.

🎓 Lessons Learnt

• Be Wary of Typo Squatting: Similar-looking domain names can lead to phishing attacks or misdirected data, so always double-check domains.

• Understand the Impact of Bit Flips: A single bit change can drastically alter outcomes; small changes can have big consequences in tech.

• Automate Repetitive Tasks: Automating tedious processes like certificate management saves time and reduces errors.

• Prioritize SSL and Certificate Pinning: Always use the correct SSL certificates and implement certificate pinning accurately to avoid security risks.

• Engage with Cybersecurity Communities: Collaborating with local cybersecurity groups can provide support and valuable connections.

• Be Cautious with Domain Registrations: Ensure distinct domain names to avoid misdirected emails and potential security issues.

• Utilize Data Analysis for Domain Flipping: Analyze potential domain combinations to identify the best opportunities for profitable flips.

• Take Ownership of Security Issues: When breaches happen, stop blaming others and focus on resolving the problem.

• Monitor Network Traffic: Setting up DNS traffic listeners helps identify vulnerabilities and enhances your security posture.

• Stay Informed on Domain Trends: Regularly check updates on top-level domains (TLDs) and domain standards for new registration opportunities.

🌚 Conclusion

Be vigilant about domain names and bit flips; they can lead to serious security issues. Automate what you can, engage with the cybersecurity community, and always take responsibility for your security practices. Stay updated on domain trends to seize opportunities.

In-Depth

All Key Ideas

Discussion on Bit Flips and Space Weather

• The talk focuses on space weather, heat voltage, and how they affect devices.
• Bit flips can change everything in computing, similar to typo squatting in domains.
• Bit squatting involves registering domains that are one bit off from popular domains.
• A real-world example of bit squatting is registering 'cougle ais.com' instead of 'googleapis.com.'
• The process of DNS requests can be exploited through bit flips, leading to potential data theft.
• SSL and HTTPS introduce security barriers that complicate the exploitation of bit flips.

Server Setup and Email Management Insights

• Setting up a server with Nginx proxy and using Let's Encrypt for dynamic SSL certificates involves tedious manual processes, including pre-staging and updating records.
• Wildcard certificates cover multiple subdomains but require careful configuration to avoid connection issues.
• The speaker has been self-hosting for about 25 years, driven by curiosity and privacy concerns.
• Using a cat all email address allows for unique email handling, enabling easy blocking of spam or breaches.
• The speaker received misdirected emails intended for a bank due to a typo in domain names, leading to unintended support responsibilities.

Speaker's Experiences with PII and Security Issues

• The speaker is uncomfortable handling people's PII and bank information due to a lack of technical solutions.
• A misconfigured scanner allowed sensitive information to be sent to the speaker's email.
• The speaker attended a hacker camp and sought help from a security organization, NCSc Fi, due to the severity of the issue.
• The speaker had to involve a lawyer to resolve the situation regarding the misconfigured scanner.
• Years later, the speaker encountered the same bank issue with a new domain due to a keyboard error.
• The bank improved their communication process by moving initial customer communications within their application, enhancing security.
• The speaker and a colleague discussed potential improvements to the system and decided to start a new project to build a custom setup.

DNS Tool Overview

• Certainly is a tool that collects requests and acts like a friendly butler, delivering responses based on those requests.
• It operates as a multi-domain DNS server, logging incoming requests and providing IP addresses for various services.
• The tool involves a TLS handshake process where it verifies domain ownership to obtain valid certificates from a Certificate Authority (CA).
• It handles data logging while avoiding disruption by using a 307 temporary redirect to the original domain.
• Unique to this method is the handling of bit flips, which typically require guessing long domain names and can induce loops if abused.
• Research by Luke Jung explores the costs of abusing memory with DNS and includes a tool called BF BF lookup for checking available domains.

Domain Flipping Insights

• WordPress offers 28 choices for domain registration, with longer names having more potential for 'bit flips.'
• Research indicates a higher probability of flipping from 1 to 0 than vice versa, akin to electrical power dynamics.
• Characters 'o' and 'w' have significant potential for transformation into other characters, making them valuable in domain flips.
• The characters 'a' and 'b' also play a role in bit flipping, but their transformations can lead to issues in DNS.
• The character 'o' has a high potential to convert into 'k,' creating a good return on investment for domain flips.
• There are 1,446 top-level domains (TLDs) available, with many capable of flipping into other domains, totaling 348 potential ones.

Domain Registration and Cosmic Ray Research Insights

• The flip from "o" to "M" is seen as a high probability opportunity in domain registration.
• Companies could consider using the domain "bomb" as it means "good" in Portuguese and could be tied to positive branding.
• The speaker discusses the potential of "vanity" domains, mentioning a steep application cost for one particular domain.
• There is a focus on replicating results related to cosmic rays and their effect on data errors, particularly DRAM errors.
• The team bought 25 domains for monitoring to correlate with cosmic space events and waited for significant solar storms.
• Despite expectations, their data collection did not show any correlation between cosmic rays and DRAM errors.
• A recent research paper corroborated their findings, advising a reevaluation of previous assumptions about cosmic rays impacting DNS.
• The data collected included 62 million DNS requests, 2.8 million HTTPS requests, and 15,000 emails during the study period.

Security Issues and Solutions in Data Management

• The talk discusses the use of e-tags for scanning and the discovery of 2,300 valid authentication tokens related to multiple companies, implying a significant data security issue.
• There’s a mention of the importance of taking responsibility in data breaches, suggesting a proactive approach rather than blaming others.
• The application space is impacted by a lack of ECC Dam in mobile devices, which may lead to vulnerabilities.
• Certificate pinning has been largely abandoned in browsers, highlighting a shift in security practices.
• The philosophy of the open BSD Pledge is presented as a potential solution for limiting network communications to known hosts.
• There’s an acknowledgment of the uncertainty behind why these security issues are occurring, calling for more research and collaboration.
• The tool 'certainly' is introduced as an open-source DNS server that handles wildcard certificates in flight, aimed at improving security and data collection.

Security Tool Features

• This approach isn't malicious but allows integration of third-party JavaScript for various uses, including log analysis.
• It supports multiple templates and can mirror the external posture of a target through DNS and HTTP checks.
• The tool is open source (MIT license) and customizable, aimed at Red Team Recon and bug bounty hunting.
• It can capture DNS traffic to understand naming standards and monitor scanning activities on networks.
• There's a need for more vantage points to address issues at the hardware level and focus on mitigations.
• Recalibrating trust anchors is essential, as computers can also exhibit human-like behavior in security contexts.

All Lessons Learnt

Security Awareness Tips

• Watch Out for Typo Squatting: Be aware that similar-looking domain names can be registered and exploited (like changing 'Google' to 'G00gle'), which can lead to phishing attacks or misdirected data.
• Understand Bit Flips: A single bit change in data can drastically alter outcomes, so recognize how small changes can lead to significant impacts in tech environments.
• Register Flip Domains Cautiously: If you're into domain registration, consider the potential risks of owning similar domains, as they can be used maliciously.
• Know the Importance of SSL: Always ensure you're using the correct SSL certificates; otherwise, you may end up with sad results when your requests are rejected due to security mismatches.

Best Practices for Online Management

• Automate tedious tasks: If you're doing repetitive tasks like managing certificates, automate them to save time and avoid errors. Manual processes can lead to issues down the line.
• Use cat all email addresses for privacy: Setting up a cat all email address helps manage your online presence and block unwanted spam. It allows you to control which services have your email without using the same address everywhere.
• Be cautious with domain registration: When registering domains, ensure they are distinct to avoid receiving misdirected emails. Typos can lead to unintended consequences, like becoming a support contact for another entity.
• Follow up on important communications: If you don’t receive a response from a company regarding security issues, take the initiative to follow up through other means, like phone calls, to ensure your concerns are addressed.

Cybersecurity Best Practices

• Be cautious with sensitive information: It's important to be careful when handling personal identifiable information (PII) and banking details, as there are no perfect technical solutions available to manage these securely.
• Proper configuration is key: Misconfiguring devices like scanners can lead to serious security issues, highlighting the need for proper setup to avoid accidental data breaches.
• Leverage community support: Engaging with local cybersecurity communities, like NCSC in Finland, can provide valuable assistance and connections when facing security challenges.
• Use legal channels wisely: When dealing with sensitive security issues, consulting with a lawyer can help navigate uncomfortable situations effectively.
• Adapt communication methods: Moving important customer communications to secure applications can help mitigate risks associated with email vulnerabilities.
• Collaborate for better solutions: Working with others in the cybersecurity field can lead to innovative solutions and improvements in security setups, emphasizing the importance of collaboration.
• Plan for custom solutions: When addressing security needs, consider building custom servers and configurations tailored to specific requirements for better control and security.

DNS Management and Domain Strategies

• Use open source tools like Certainly for DNS management.
• Implement a temporary redirect (307) to avoid breaking connections.
• Collect data without alerting users.
• Research domain investment strategies.
• Utilize existing tools like BF BF lookup for domain checks.

Domain Registration Strategies

• Focus on Characters O and W: These characters have the highest potential for bit flipping into useful alternatives, increasing the chance for successful domain registrations.
• Prioritize Characters with High ROI: O turns into K more often than other combinations, making it a smart choice for maximizing potential value in domain flips.
• Consider Domain Name Standards: Sticking to the DNS standard and avoiding weird characters helps prevent issues that could break your domain functionality.
• Stay Updated on TLDs: Regularly check the list of top-level domains (TLDs) as they are updated frequently, which can reveal new opportunities for domain registration.
• Utilize Data Analysis for Decisions: Running data on potential domain flips can help identify which combinations yield the best results, streamlining your registration process.

Research Insights

• Domain Flipping Can Be Profitable: Flipping domains like "amazon.bomb" can yield high returns if the right market conditions are met.
• Data Collection Needs Rigor: It's essential to have a reliable setup for monitoring data to trust the results of any experiments or research.
• Cosmic Rays Might Not Correlate with Errors: The assumption that cosmic rays cause DRAM errors isn't supported by new research, indicating the need to question established hypotheses.
• High Traffic Increases Data Validity: Collecting data from high-traffic domains enhances the reliability of results during experiments.
• Patience Is Key in Research: Waiting for the right conditions (like a solar storm) might seem beneficial, but results can still be disappointing, emphasizing the unpredictability of research outcomes.

Security Best Practices

• Take Responsibility: In situations of data breaches or security issues, the first step is to stop blaming others and take ownership of the problem.
• Re-register Bit Flip Domains: To protect against potential threats, consider re-registering bit flip domains for your domain; if you want to save money, use probability methods.
• Implement Certificate Pinning Correctly: When using certificate pinning, ensure it's done accurately to avoid compromising connections; failing to do so can lead to security risks.
• Embrace Open BSD Pledge Philosophy: On application initialization, restrict networking libraries to known hosts to enhance security; if connections don't match, terminate them.
• Call for Research: Acknowledging that the reasons behind security breaches are often unclear emphasizes the need for further research and collaboration in the field.
• Use Open Source Tools: Releasing tools like 'certainly' as open source allows for community involvement to better address security issues and improve current practices.

Security Best Practices

• Use JavaScript Templates Wisely: You can embed JavaScript in templates to analyze impacts effectively, allowing for better tracking of external requests.
• Monitor DNS Traffic: Setting up DNS traffic listeners can reveal naming standards and potential vulnerabilities in your network.
• Stay Updated on Payloads: By monitoring traffic spikes after new CVEs are released, you can gather the latest payloads used by attackers for better defense.
• Understand External Scans: Knowing what external scanners are probing your network helps you block unwanted traffic and enhance your security posture.
• Recalibrate Trust Anchors: It’s crucial to reassess your trust in systems, as they can behave unpredictably, similar to human flaws.
• Collaborate for Better Insights: More vantage points and contributions can lead to better understanding and fixes for security issues at their root.