Podcast summary and Notes on " 108"

Chaos Computer Club - archive feed

mch2022

mch2022 curated content

Honey, let's hack the kitchen: (MCH2022)

Attacks on cyber physical systems are perceived as necessarily complex and requiring significant time and resources. However, in the last couple years we have also observed the inverse: simple attacks where actors with varying levels of skill and few resources gain access to software and interfaces that control physical processes. These compromises appear to be driven by ideological, egotistical, or financial objectives, taking advantage of an ample supply of internet-connected cyber physical systems. This is sometimes concerning, for example when it is affects panels for controlling processes in a water facilities or manufacturing processes. Sometimes, though, it is absurd, such as when the critical systems actors claim to compromise are in fact toys or domestic appliances. In this talk, we will share a series of stories of success and failure involving low sophistication compromises on cyber physical systems. We will describe the different types of cases we have observed, what the actors did, and how you can reproduce them for good. At last, we will discuss to what extent these crimes of opportunity represent a risk to cyber physical systems and what we can do about it. In november 2021, I presented a version of this talk at a local non-profit event in Bergamo, Italy. For this event - NoHat - I focused on sharing the stories of low sophistication compromises we observed involving software used to control physical processes. However, for MCH I did some modifications in the title and the presentation itself to share not only the cases, but also how to reproduce them for good. The purpose of this talk is to share with the audience how actors without necessarily a lot of skills or resources are using very simple tools to hack cyber physical systems. I will do some experiments to show very quick results the audience can get reproducing these techniques so that they learn how to find these internet-connected cyber physical assets and notify the owners. The outline of the initial presentation was: • Introduction o Story: Hacked kitchen was supposed to be a gas system • Define low sophistication cyber physical compromises • (De)evolution of cyber physical threats o From state-sponsored to financial, and now opportunistic • Describe low sophistication compromises of cyber physical systems o Distribution and claims of exposed systems o Seeming actor motivations o Common actor techniques o Types of evidence (or lack of) • Low Sophistication Threat Actors Access HMIs and Manipulate Control Processes o Oldsmar, Florida modified HMI on water facility o Israel’s advisory on compromises to water facility systems o Solar energy and dam surveillance system o Hotel BAS • Amateur Actors Show Limited OT Expertise o “Train control system” was in fact a human resources tool o Second “train control system” controls toy trains o Website leaks claiming access to SCADA systems • Hacktivist and Researcher Tutorials o Two hacktivist groups share tutorials for finding and compromising cyber physical systems o Researchers have done too – including a couple examples, such as a recent script to identify tank gauges • Does this activity pose an actual risk to cyber physical systems? o Each incident provides threat actors with opportunities to learn more about OT, such as the underlying technology, physical processes, and operations. o Even low-sophistication intrusions into OT environments carry the risk of disruption to physical processes, mainly in the case of industries or organizations with less mature security practices. o The publicity of these incidents normalizes cyber operations against OT and may encourage other threat actors to increasingly target or impact these systems. • On the bright side… o There are safety methods in place that stop immediate computer instructions from modifying actual physical processes  Engineering and human processes  Missing security on the software side Additional Materials: Please find in this link our recent blog on this topic: https://www.fireeye.com/blog/threat-research/2021/05/increasing-low-sophistication-operational-technology-compromises.html about this event: https://program.mch2022.org/mch2022/talk/C9FANR/

July 23, 2022

Chaos Computer Club - recent events feed (low quality)

mch2022

mch2022 curated content

A journey through philosophy: exploring metaphysics via memes and a sprinkling of pop culture. (emf2022)

Over my time in academia, I've endured a number of existential crises whilst learning about the concepts within philosophy that are required in order to undertake academic research. I figured that, if I'm going to spend the rest of my life constantly questioning my existence and reality itself, why not share this experience with others, too? A problem shared is still a problem that keeps you awake at night staring into the abyss unable to function. But hey, at least now I'm not alone. In order to explain these theories and share my recurrent episodes of screaming WHYYYYYYYY at the universe, I've collected a number of memes and references over the years to convey concepts such as what is it to 'exist', why the scientific method is just as 'made up' as anything else, how we define 'truth' and lots of other tasty things to create a pervasive, disjointed feeling that you just can't seem to shake. Join me in this journey and then we can all go and sit by the lake and have a good cry / scream / rock back and forth because what does it all mean and what even is real anyway and I'm off to go eat a cake because while I can't actually prove if the cake is a lie or not I'm convinced it is damn tasty and I NEED TO FEEL SOMETHING OTHER THAN THIS EXISTENTIAL UNCERTAINTY FOREVER OKAY? about this event: https://c3voc.de

June 04, 2022

Chaos Computer Club - recent events feed (high quality)

A journey through philosophy: exploring metaphysics via memes and a sprinkling of pop culture. (emf2022)

Over my time in academia, I've endured a number of existential crises whilst learning about the concepts within philosophy that are required in order to undertake academic research. I figured that, if I'm going to spend the rest of my life constantly questioning my existence and reality itself, why not share this experience with others, too? A problem shared is still a problem that keeps you awake at night staring into the abyss unable to function. But hey, at least now I'm not alone. In order to explain these theories and share my recurrent episodes of screaming WHYYYYYYYY at the universe, I've collected a number of memes and references over the years to convey concepts such as what is it to 'exist', why the scientific method is just as 'made up' as anything else, how we define 'truth' and lots of other tasty things to create a pervasive, disjointed feeling that you just can't seem to shake. Join me in this journey and then we can all go and sit by the lake and have a good cry / scream / rock back and forth because what does it all mean and what even is real anyway and I'm off to go eat a cake because while I can't actually prove if the cake is a lie or not I'm convinced it is damn tasty and I NEED TO FEEL SOMETHING OTHER THAN THIS EXISTENTIAL UNCERTAINTY FOREVER OKAY? about this event: https://c3voc.de

June 04, 2022

Chaos Computer Club - recent audio-only feed

A journey through philosophy: exploring metaphysics via memes and a sprinkling of pop culture. (emf2022)

Over my time in academia, I've endured a number of existential crises whilst learning about the concepts within philosophy that are required in order to undertake academic research. I figured that, if I'm going to spend the rest of my life constantly questioning my existence and reality itself, why not share this experience with others, too? A problem shared is still a problem that keeps you awake at night staring into the abyss unable to function. But hey, at least now I'm not alone. In order to explain these theories and share my recurrent episodes of screaming WHYYYYYYYY at the universe, I've collected a number of memes and references over the years to convey concepts such as what is it to 'exist', why the scientific method is just as 'made up' as anything else, how we define 'truth' and lots of other tasty things to create a pervasive, disjointed feeling that you just can't seem to shake. Join me in this journey and then we can all go and sit by the lake and have a good cry / scream / rock back and forth because what does it all mean and what even is real anyway and I'm off to go eat a cake because while I can't actually prove if the cake is a lie or not I'm convinced it is damn tasty and I NEED TO FEEL SOMETHING OTHER THAN THIS EXISTENTIAL UNCERTAINTY FOREVER OKAY? about this event: https://c3voc.de

June 04, 2022

Chaos Computer Club - recent events feed

A journey through philosophy: exploring metaphysics via memes and a sprinkling of pop culture. (emf2022)

Over my time in academia, I've endured a number of existential crises whilst learning about the concepts within philosophy that are required in order to undertake academic research. I figured that, if I'm going to spend the rest of my life constantly questioning my existence and reality itself, why not share this experience with others, too? A problem shared is still a problem that keeps you awake at night staring into the abyss unable to function. But hey, at least now I'm not alone. In order to explain these theories and share my recurrent episodes of screaming WHYYYYYYYY at the universe, I've collected a number of memes and references over the years to convey concepts such as what is it to 'exist', why the scientific method is just as 'made up' as anything else, how we define 'truth' and lots of other tasty things to create a pervasive, disjointed feeling that you just can't seem to shake. Join me in this journey and then we can all go and sit by the lake and have a good cry / scream / rock back and forth because what does it all mean and what even is real anyway and I'm off to go eat a cake because while I can't actually prove if the cake is a lie or not I'm convinced it is damn tasty and I NEED TO FEEL SOMETHING OTHER THAN THIS EXISTENTIAL UNCERTAINTY FOREVER OKAY? about this event: https://c3voc.de

June 04, 2022

Teacherpreneurs, Raise Your Hand

108: A Teacherpreneur Graph Story: How I Found Peace, Freedom, and Options

108-TRYH-A Teacherpreneur Graph Story: How I Found Peace, Freedom, and Options

Today I share one final graph story, and that is my own. For me, TpT was a life preserver and my journey has taken many twists and turns until finally allowing me to find peace, freedom, and options. I hope you will join me.

LInks:

Podcasting Academy for Teacherpreneurs (Podcasting Course)

Subscribe and Review:

Are you subscribed to my podcast? If you’re not, I want to encourage you to do that today. I don’t want you to miss an episode. I’m adding a bunch of bonus episodes to the mix and if you’re not subscribed there’s a good chance you’ll miss out on those. Click here for iTunes.

Now if you’re feeling extra loving, I would be really grateful if you left me a review over on iTunes, too. Those reviews help other people find my podcast and they’re also fun for me to go in and read. Click here to leave a review, select “Ratings and Reviews” and “Write a Review” and let me know what your favorite part of the podcast is. Thank you!

Support the show

enMay 24, 2022

EP 108: John Sherman — Hueco Tanks in the 80s, Highballing Before Crash Pads, and Adding Layers to the Bouldering Experience

John Sherman is a bouldering legend. His nickname “Verm” (short for “Vermin”) is where the “V” in our bouldering grade system came from. We sat down in a cave in Hueco Tanks and talked about what bouldering was like 30+ years ago, early climbing shoes, highballing before crash pads were invented, out-of-body experiences, and how some of the boulders got their provocative names.

Check out Chalk Cartel!

chalkcartel.com

Use code "NUGGET" at checkout for 20% off your next order!

Check out Crimpd!

crimpd.com

Or download the Crimpd app! (Available for iOS and Android)

Check out PhysiVantage:

physivantage.com (link includes 15% off coupon)

Use code "NUGGET15" at checkout for 15% off your next order!

We are supported by these amazing BIG GIVERS:

Bryan Fast, Leo Franchi, Michael Roy, David Lahaie, Robert Freehill, Jeremiah Johnson, and Scott Donahue

Become a Patron:

patreon.com/thenuggetclimbing

Show Notes:

thenuggetclimbing.com/episodes/john-sherman

Nuggets:

0:08:00 – Recording in a cave in Hueco Tanks, and the Triple Crown of roof cracks

0:12:54 – Experiencing what climbing was like 30 years ago, and early climbing shoes

0:19:24 – What brought John to Hueco for the first time, falling in love with the bouldering there, and Mike Head

0:27:30 – John Gill, the legitimization of bouldering, and four technological advances in gear that changed climbing forever (sticky rubber, cordless drill, crash pads, and cams)

0:35:35 – What Hueco was like in the winter of 1982

0:39:42 – A day in the life back then, and making the first “crash pads”

0:45:14 – Chalk, and why sport climbing was the end of climbing as Verm learned it

0:47:47 – Using the same terminology to describe different ethics, and doing ‘See Spot Run’ ground up without crash pads

0:55:03 – Geckskin

0:57:15 – Historical tidbit (the Swiss guides)

0:58:04 – More context about ‘See Spot Run’

1:02:24 – Adding layers to the bouldering experience

1:07:49 – The definition of “Kehl-geling”, and John’s out-of-body experience when climbing ‘The Thimble’

1:20:00 – Why John wears two chalk bags when he climbs, and wanting to climb like Alex Sharp and Andy Parkin

1:23:59 – Wearing a helmet bouldering, and John’s New Jersey story about hitting his head

1:35:00 – Patron question from Aiden: What inspired you to write Stone Crusade?

1:41:57 – The Fiesta XXX Drive-In, and getting boulder problem names from a sex toy magazine

1:47:36 – How ‘Daily Dick Dose’ got its name, and living in the Quonset hut

1:52:44 – How John got the name “Verm” (short for “Vermin”)

1:53:46 – Patron question from Carmelo: Are we ever going to see Old Man Lightning?

1:54:54 – Patron question from Craig: Which bird most represents your personality?

1:56:32 – Why California Condors are John’s favorite birds, and individual personalities

The Nugget Climbing Podcast

enFebruary 28, 2022

Broken Wiki (jh21)

Analyse von Wikipediaartikeln zum Finden möglicher Fälschungen about this event: https://pretalx.c3voc.de/jugend-hackt-rhein-neckar-2021/talk/GKBZUA/

Chaos Computer Club - archive feed (high quality)

October 24, 2021

2021

Chaos Computer Club - archive feed

jhrn2021

Broken Wiki (jh21)

Analyse von Wikipediaartikeln zum Finden möglicher Fälschungen about this event: https://pretalx.c3voc.de/jugend-hackt-rhein-neckar-2021/talk/GKBZUA/

October 24, 2021

2021