Computer security: bugs, vulnerabilities, exploits

I was reading some really long deep and technical stuff about discovering techniques and creating code which can take over an iPhone from a distance. This is the sort of thing which takes months to write and can only be published after the software has been fixed and a new version shipped.

It feels to me that some understanding of how things fail could usefully be part of everyday knowledge - certainly part of the knowledge of anyone who writes code for a living. But what introductory material is there, what route is there for learning these things?

  • Why does software have bugs?
  • How can bugs cause us harm?
  • Exactly how does a bug give rise to a vulnerability?
  • What does an exploit look like? Who creates them? Who uses them?
  • How can we do better than this?

As ever, my inclination is probably to go a bit too deep into how things work, whereas what matters first is how things are.

There are quite a few accessible PodCasts and YouTube channels covering InfoSec (information security/cyber security). It’s a pretty diverse field, but there’s overlap between a lot of areas.

If we have anyone who’s worked in the field, it would be great to hear from you - what I know comes mainly from curiosity & wanting to make sure what I build is secure. The best way to secure things is to work out how they can be broken and build with known issues in mind.

Some of these provide really good direct info and others demo some of the tools of the trade e.g.:

Podcasts

  • Darknet Diaries - great podcast covering past with a good mix of accessible stories and technical detail.
  • Smashing Security - more of a news/magazine podcast covering InfoSec by Graham Cluley & Carole Theriault. Some good sources get mentioned and occasionally the “sponsor interview” thing at the end is good too.
  • The Many Hats Club - only recently came across this one - an infosec professional chatting and interviewing others working in the field. Generally long form, can be NSFW (even in audio form - the John McAfee interview especially) but pretty informative.
  • The InfoSec & OSINT Show - generally interview-based, covering many infosec topics & OSINT (Open Source INTelligence - i.e. intelligence gathering based on openly available information)
  • Cyber - investigative journalism loosely infosec-related from Vice News. Some magazine-type content as well.

YouTube

  • LiveOverflow - really down to earth security pro - he does plenty of explainers and walkthroughs
  • NullByte - some of his content is a bit restricted on YouTube these days (he did name one of his features “Cyber Weapons Lab” before YouTube firmed up its policies on what’s allowed) but full content available on his site. Sometimes he blinks.
  • Hak5/ThreatWire - Hak5 is an established creator of tools for physical access testing & ThreatWire is their regular news feature.
  • John Hammond (not that one) - lots of TryHackMe walkthroughs.
  • BlackHat & DEFCON - 2 of the biggested infosec conferences in the world. Some really good talks by professionals.
  • Laser Unicorns :stuck_out_tongue: image

Websites

Most of these will lead you onto other similar tools and topics, so I’ve kept it to one of each ‘type’ of thing.

  • ToS DR (terms of service, didn’t read) - more of a privacy and awareness thing, but they aim to summarise the ridiculous terms of service various tech products require agreement to before you use their services.
  • Cybrary (like library, but for Cyber) - not tried it myself, but hear it’s very good. Leans towards career development in infosec.
  • FreeCodeCamp - not just for dev, they also have security courses.
  • HackTheBox provides vulnerable environments set up as Virtual Machines (VMs) you can run locally and explore the vulnerabilities. The scenarios are generally based on real-world issues so you get to ‘attack’ the box & get practical experience, without risking legal problems. I haven’t used one of these myself (I work in dev rather than security), but while trying to understand the extent of some vulnerabilities during dev, did download an example VMs from VulnHub for similar reasons. See walkthroughs on things like FreeCodeCamp or several youtubers e.g. ipsec
  • Pwnie Island - A deliberately vulnerable 3D open world game. Some puzzles are only solvable by exploiting bugs and vulnerabilities in the game - again, I haven’t tried it, but thought it was a great concept for getting people thinking about security. The LiveOverflow youtube channel above has a walkthrough.
  • OverTheWire - hosted vulnerable servers for hacking exercises.

Also worth a mention are the hacks in the TV show Mr Robot. They’re based on plausible real-world scenarios (some of the circumstances chained together are a bit unachievable, but they relate to real-world techniques, tools and vulnerabilities).

Whilst looking around to see if I’d missed any good mentions - this list came up. It’s a bit old, but has a bunch of practice tools on there, including several I’d not heard of before, ranging from exploiting web apps, to CTF’s (competitive ‘capture the flag’ hacking challenges) & reverse engineering challenges.

1 Like

I’ve got some RSS feeds from security blogs, perhaps more technical than accessible, but here’s the corresponding blogroll:

1 Like