We need to talk about the values of cryptography, of open software and networks, of hackers being a force for measurable good.We need to talk about how infrastructure like DNS -- it was there 25 years ago, we can imagine it will be there 25 years from now -- acts as foundation for future development in a way that the API of the hour doesn't.The Digital Millennium Copyright Act is being used to weld the hood of cars shut to keep engine software safe from mechanics. is a big player in the zero-day market even as international agreements seek to regulate exploit code and surveillance tools?

For several months I’ve been poking at a decent-sized spam botnet that appears to be used mainly for promoting adult dating sites.

Having hit a wall in my research, I decided it might be good to publish what I’ve unearthed so far to see if this dovetails with any other research out there.

At the time, it was unclear to me how this apparent botnet was being used, and since then the total number of bots reporting in each day has shrunk considerably.

During the week the above-linked screen shots were taken, this botnet had more than 1.2 million zombie machines or servers reporting each day (that screen shot archive includes roughly half of the panels found).

CIAB (The Council of Insurance Agents and Brokers) - survey of insurance brokers in USA - 15th May 2017 98% of respondents noted that capacity in market is either plentiful or increasing.

75% of respondents believe there is, for the most part, adequate clarity in the content of a cyber policy.In late October 2016, an anonymous source shared with Krebs On a list of nearly 100 URLs that — when loaded into a Firefox browser — each displayed what appeared to be a crude but otherwise effective text-based panel designed to report in real time how many “bots” were reporting in for duty.Here’s a set of archived screenshots of those counters illustrating how these various botnet controllers keep a running tab of how many “activebots” — hacked servers set up to relay spam — are sitting idly by and waiting for instructions.Kernel exploitation using the browser as an initial vector was a rare sight in previous contests.This presentation will detail the eight winning browser to super user exploitation chains (21 total vulnerabilities) demonstrated at this year's Pwn2Own contest.Things do need to be better, and we need to talk about the role of Government in that. Let's talk about how it really works, so we can discuss how we can do it better.