Philip Martin @SecurityGuyPhil Twitter profile

Last Seen Profiles

@marian_584

@Diamobster

@iregu76

@cosmos_dc

@miyatasilok

@_pogai_

@aron91_121

@gloryscious

@FloydMayweather

@KMYM__info

@seanb2b

@SotonSaudiClub

@LTHSWrestling

@Ansvalve1

@mika_cross

@lobangbuay

@HockeyBreakaway

@yasedizi

@Sunil_Deodhar

@Chsher

@hanna58111

@nuala20

@USDAFoodSafety

@MaartenvSmeden

@0ksiri0

@santho_chandran

@NatxoBellido

@greeniemc

@mi92592879

@Tala_3419

@BOXKIT_

@HeritageIrish

@loversicks

@punchy9k

@Timothyabidemi

@bokeplokalmalam

Philip Martin

@SecurityGuyPhil

9 months

hey @GaryGensler and @SECGov , serious offer: as a crypto exchange we've had a lot of experience with security protocols around social media, and as a veteran and patriot I love to help my country. If you'd like any suggestions feel free to reach out.

U.S. Securities and Exchange Commission

@SECGov

9 months

The @SECGov X account was compromised, and an unauthorized post was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.

12K

5K

17K

30

81

945

Philip Martin

@SecurityGuyPhil

5 years

1/ A little more context on the Firefox 0-day reports. On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees.

15

376

898

Philip Martin

@SecurityGuyPhil

3 years

1/ I've seen a bunch of incorrect claims that Coinbase was involved in the recent DOJ seizure of bitcoin associated with the Colonial Pipeline ransomware attack. We weren’t. a thread:

33

218

809

Philip Martin

@SecurityGuyPhil

2 years

@TalBeerySec @ZenGo @CoinbaseWallet Hey @TalBeerySec , I lead security at Coinbase. We appreciate security researchers from around the world working with us to keep Coinbase products and customers safe. That message doesn't reflect how we want to engage with the security research community. 1/

6

7

210

Philip Martin

@SecurityGuyPhil

3 years

7/ So how did they get the private key? Maybe some whiz-bang magic, but my guess would be it was some good ol' fashioned police work to locate the target servers, and an MLAT request and/or some political pressure to get access.

13

30

207

Philip Martin

@SecurityGuyPhil

2 years

1/ As promised, I’m now able to share an update on this investigation. As I noted previously, this kind of investigation is not quick, but is critical to maintaining a level playing field.

Philip Martin

@SecurityGuyPhil

2 years

@cobie Thanks, @cobie . My team has been investigating since yesterday. Investigations like this are not quick or simple but they are critical to determining the context surrounding those on-chain movements. Transparency is also key, so I will share any findings as soon as we are able.

5

6

75

33

43

185

Philip Martin

@SecurityGuyPhil

4 years

@nathanielpopper The security and availability of Coinbase’s cryptocurrency storage systems is not dependent on any one or small group of individuals in the company - it’s managed by several teams with redundancy built in in terms of both people and systems. 1/6

12

11

167

Philip Martin

@SecurityGuyPhil

5 years

5/ Hashes (sha1): b639bca429778d24bda4f4a40c1bbc64de46fa79 23017a55b3d25a2597b7148214fd8fb2372591a5 C2 IPs: 89.34.111.113:443 185.49.69.210:80

4

24

152

Philip Martin

@SecurityGuyPhil

2 years

1/ I don't have inside knowledge of what is happening inside @binance . That said, their on-chain movement of funds for audit purposes isn’t out of the norm and @coinbase did something similar many years ago when we first started 3rd party auditor review of custodial assets. 🧵

6

17

139

Philip Martin

@SecurityGuyPhil

5 years

2/ We walked back the entire attack, recovered and reported the 0-day to firefox, pulled apart the malware and infra used in the attack and are working with various orgs to continue burning down attacker infrastructure and digging into the attacker involved.

3

16

138

Philip Martin

@SecurityGuyPhil

2 years

@TalBeerySec @ZenGo @CoinbaseWallet We'll fix the process that lead to that message going out the door. Good luck on your presentation!

6

0

127

Philip Martin

@SecurityGuyPhil

3 years

5/ Coinbase uses a pooled hot wallet, so handing over a specific private key wouldn't make a ton of sense, and we've (for obvious security reasons) not built a private key export API endpoint into our signing systems.

4

8

108

Philip Martin

@SecurityGuyPhil

3 years

3/ I’ve seen some folks point to @Bitquery_io graphs which say “Coinbase” and it appears to be a reference to the concept rather than the company. 2 tx are missing a receiver address field in the underlying GraphQL data making their UI think it’s a coinbase (concept) tx.

4

8

92

Philip Martin

@SecurityGuyPhil

5 years

3/ We’ve seen no evidence of exploitation targeting customers. We were not the only crypto org targeted in this campaign. We are working to notify other orgs we believe were also targeted. We’re also releasing a set of IOCs that orgs can use to evaluate their potential exposure.

1

8

86

Philip Martin

@SecurityGuyPhil

3 years

2/ Coinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/wallet.

1

11

86

Philip Martin

@SecurityGuyPhil

5 years

4/ If you believe you have been impacted by this attack or you have more intel to share and want to collaborate with us on a response, please reach out to security @coinbase .com. IOCs follow.

2

7

80

Philip Martin

@SecurityGuyPhil

3 years

6/ I've also read that because the seizure warrant specified property in the Northern District of California, it had to be targeted at Coinbase. Nope. What this likely means is that the private key is located at one of the many Northern California FBI field offices.

2

7

78

Philip Martin

@SecurityGuyPhil

3 years

4/ You can take my word for it, or take the (sworn!) word of the agent who wrote the affidavit: "34. The private key for the Subject Address is in the possession of the FBI in the Northern District of California"

1

10

80

Philip Martin

@SecurityGuyPhil

2 years

@cobie Thanks, @cobie . My team has been investigating since yesterday. Investigations like this are not quick or simple but they are critical to determining the context surrounding those on-chain movements. Transparency is also key, so I will share any findings as soon as we are able.

5

6

75

Philip Martin

@SecurityGuyPhil

5 years

Coinbase now supports security keys! Really excited to get this out the door and in the hands of our customers.

2

14

69

Philip Martin

@SecurityGuyPhil

4 years

@nathanielpopper Wired did a solid writeup on some of the internals of our process a while back: 6/6

Why You Need a Physical Vault to Secure a Virtual Currency

Cryptocurrency exchange Coinbase stores its customers' bitcoin offline, using an elaborate process that breaks apart encryption codes and stores them on paper.

www.wired.com

0

1

55

Philip Martin

@SecurityGuyPhil

2 years

3/ We provided information about them to the DOJ and terminated our employee. Today, these individuals have been criminally charged in the Southern District of New York.

Three Charged In First Ever Cryptocurrency Insider Trading Tipping

www.justice.gov

4

12

58

Philip Martin

@SecurityGuyPhil

4 years

@nathanielpopper Secure and resilient key management is a critical part of any crypto company. As an industry, we've seen this first hand not just in terms of the security of the assets, but in terms of the process being resilient to the unavailability of critical executives at the company. 2/6

1

2

48

Philip Martin

@SecurityGuyPhil

3 years

3a/ Graph: ; coinbase concept:

1

4

49

Philip Martin

@SecurityGuyPhil

5 years

1/ Honestly blown away by the amount of positivity and helpfulness I’ve seen in response to my 0-day tweets. We’re planning a detailed blog (except the actual exploit, we’re keeping that close hold until patching can happen) for next week and will probably submit to a con or two.

3

4

46

Philip Martin

@SecurityGuyPhil

4 years

@nathanielpopper There is no one person or team at Coinbase that is required to operate the systems that manage keys. There is no one geography that is critical to key operations (we follow the asteroid principle of resilience design: no one small asteroid should impact our storage systems) 5/6

3

0

44

Philip Martin

@SecurityGuyPhil

2 years

Really excited for this! Introducing Coinbase Security Prompt — a safer and easier way of signing into Coinbase by @coinbase

0

5

44

Philip Martin

@SecurityGuyPhil

3 years

The rise of ransomware has been horrible to behold. Recent high profile attacks on Colonial Pipeline and food processing giant JBS have led to knee jerk calls to ban cryptocurrencies because the attackers demanded to be paid in Bitcoin. /1

10

14

40

Philip Martin

@SecurityGuyPhil

2 years

7/ You can find more details in our updated blog post here:

3

7

42

Philip Martin

@SecurityGuyPhil

4 years

@nathanielpopper Coinbase from the start has built systems with a Security First mindset, and we've focused on ensuring our systems are never in a position where a critical person or even a critical team could put customer funds at risk. 3/6

1

0

40

Philip Martin

@SecurityGuyPhil

2 years

2/ During our investigation, we identified a Coinbase employee who we suspected improperly shared confidential information about Coinbase’s asset listings. We also identified two non-Coinbase individuals this person appeared to be working with.

2

6

40

Philip Martin

@SecurityGuyPhil

2 years

6/ We strongly urge others in the space to hold themselves to these same standards, even if it might be difficult at first. Trust is never given - it is earned.

4

2

38

Philip Martin

@SecurityGuyPhil

4 years

@nathanielpopper We do this by focusing on redundancy and resilience in the design, implementation and operation of key storage systems. There is no one person or team at Coinbase that has access to keys. There is no one person or team at Coinbase that has unilateral control of keys. 4/6

1

0

36

Philip Martin

@SecurityGuyPhil

3 years

1/ ATOs are a real problem. Nearly 25% of U.S. households have been victims, financial losses average $12,000, according to <.01% of Coinbase users experience these events, but they are the most complex cases we deal with

Laura Shin

@laurashin

3 years

Hm, the way this story is framed, it appears to blame Coinbase, but the real culprit is the mobile carriers (or customers having insecure email passwords). By the time Coinbase is involved, it’s too late and there’s pretty much nothing they can do

21

7

91

10

34

Philip Martin

@SecurityGuyPhil

2 years

4/ We appreciate the DOJ’s recognition of our help in holding these individuals accountable.

1

3

35

Philip Martin

@SecurityGuyPhil

2 years

5/ We are committed to doing our part to ensure that all market participants have access to the same information, which is critical to advancing our mission of promoting economic freedom. We do not hesitate to take action when we find wrongdoing.

1

2

34

Philip Martin

@SecurityGuyPhil

5 years

Really proud of the Coinbase Security team for putting on a successful blockchain-focused CTF at Defcon ()! Great participation both at the conference and online. We're keeping the CTF site open, so feel free to try your hand!

37

5

23

Philip Martin

@SecurityGuyPhil

5 years

About to go on stage @codeblue_jp ! Obligatory @elkentaro selfie.

123

0

29

Philip Martin

@SecurityGuyPhil

3 years

Nope. We have hundreds of reports of this specific message from non-coinbase customers (feel free to report stuff to security @coinbase .com). However scammers have been extra active in recent months. Here are some ways we’re pushing back and what you can do too:

ashkan soltani

@ashk4n

3 years

Did @coinbase have an undisclosed breach? I keep getting phishing txts to my registered Coinbase number. Could be the result of a 3rd party breach ( @Facebook ?) but also seems targeted - other Coinbase users are getting them too

3

1

7

2

9

30

Philip Martin

@SecurityGuyPhil

2 years

I’m not much of a TV guy, but just saw this spot from our marketing team and it was too good not to share. In crypto winters it’s important to find your reasons to be calm…

Coinbase Calm

✅ Subscribe to our channel here: https://www.youtube.com/channel/UCofTOFX4QuhT8OY-3-fFRFw/?sub_confirmation=1► To own a piece of the future visit Coinbase: h...

www.youtube.com

0

3

22

Philip Martin

@SecurityGuyPhil

8 years

I just published “On Phone Numbers and Identity”

4

19

20

Philip Martin

@SecurityGuyPhil

1 year

Check out a new in depth look at the Euler exploit coming out of our Unit 0x team. Part one (looking at the exploit) is below, part two coming early next week!

Euler Compromise Investigation - Part 1 - The Exploit

Alabama Voters Stand with Crypto

www.coinbase.com

0

6

17

Philip Martin

@SecurityGuyPhil

5 years

We just started automatically protecting accounts and emailing customers when we detect a 3rd party data breach that may impact customer account security!

0

5

20

Philip Martin

@SecurityGuyPhil

7 months

Only scammers demand you pay only with gift cards. Only scammers demand you pay only with Zelle. How about instead: “Only scammers pressure you to do things before you understand them”? If in doubt, take a beat, talk to a friend, be skeptical.

FTC

@FTC

7 months

Only scammers demand you pay only with crypto. Learn more at

0

2

5

2

17

Philip Martin

@SecurityGuyPhil

3 years

Ransomware isn’t going away even if cryptocurrencies are banned, so it’s important we focus on what will successfully put ransomware in its place. Read more about how we should address the ransomware crisis in my recent post here: /3

2

0

15

Philip Martin

@SecurityGuyPhil

3 years

some of the really great work our threat intelligence team does!

Peter Kacherginsky

@_iphelix

3 years

Over the past two weeks, Coinbase has been monitoring multiple blockchain security incidents involving a cross-chain protocol, Poly Network and a Japanese crypto exchange @Liquid_global .

1

2

28

3

0

17

Philip Martin

@SecurityGuyPhil

7 months

Excited to chat with @teddyfuse and @hongkim__ about how Coinbase does institutional grade custody!

Bitwise

@BitwiseInvest

7 months

Tune in Friday at 2:30pm ET for a discussion of custody of bitcoin in ETFs with Bitwise President ( @teddyfuse ), CTO ( @hongkim__ ), and Coinbase’s Chief Security Officer ( @SecurityGuyPhil )

7

15

52

3

15

Philip Martin

@SecurityGuyPhil

7 years

I just published “Update on Meltdown and Spectre”

7

4

13

Philip Martin

@SecurityGuyPhil

5 years

2/ For now, we uploaded the second sample we referenced in the initial tweets (b639bca...) to VT, so have fun taking that apart! For reference, the chain was 0-day -> 23017a55... -> b639bca....

0

1

13

Philip Martin

@SecurityGuyPhil

3 years

But if cryptocurrency went away tomorrow would ransomware end? No. What we need to eradicate this scourge is a more nuanced, multi-pronged strategy that gets to the root cause of the problem. /2

1

0

11

Philip Martin

@SecurityGuyPhil

2 years

10/ They may also cherry pick cold storage addresses and ask us to restore those if they didn’t see enough cold storage activity in a given period…but you all tend to keep us busy enough that we haven’t needed to go there.

0

12

Philip Martin

@SecurityGuyPhil

6 years

I'm hiring a security engineering manager at Coinbase (). SF or Chicago. This is the team that owns, among other things, our cold storage implementation () Come build things at a company that really cares about security.

Why You Need a Physical Vault to Secure a Virtual Currency

Cryptocurrency exchange Coinbase stores its customers' bitcoin offline, using an elaborate process that breaks apart encryption codes and stores them on paper.

www.wired.com

0

2

11

Philip Martin

@SecurityGuyPhil

3 years

Solid take on a nuanced issue.

Nicole Perlroth

@nicoleperlroth

3 years

New: Surprise! Bitcoin is not as anonymous as cybercriminals think. In some ways it's actually been a blessing to law enforcement. with the best @eringriffith @ktbenner

30

126

283

1

11

Philip Martin

@SecurityGuyPhil

7 years

I just published “Moving to Expect-CT”

2

11

Philip Martin

@SecurityGuyPhil

2 years

7/ You may be wondering why Coinbase doesn’t move all funds on-chain every year. Well, we’ve built systems and processes that allow our auditors to assess control over keys without that and then they can randomly sample just a small subset of addresses each year.

3

1

9

Philip Martin

@SecurityGuyPhil

3 years

4/ Ultimately, the best way for a consumer to protect themselves against ATOs anywhere is to use the strongest 2fa available (sms < totp < yubikey) and a password manager. See also:

Kryptowährungen sicher aufbewahren

Sie können Ihre digitale Sicherheit mit nur wenigen Schritten drastisch verbessern

www.coinbase.com

3

2

9

Philip Martin

@SecurityGuyPhil

8 years

I just published “How to safely store digital currency with Coinbase”

2

3

8

Philip Martin

@SecurityGuyPhil

7 years

I'll be speaking at @shakacon on IR in a containerized, ephemeral, immutable world. Come join us in beautiful HI!

2

7

Philip Martin

@SecurityGuyPhil

6 years

“The PWNed Watch: Security at Coinbase is a top priority and that includes helping protect our employees’ personal information. This is a prototype for an optional tool for Coinbase employees to register their personal information to…” — @NamrataGanatra

0

2

8

Philip Martin

@SecurityGuyPhil

2 years

8/ In short: at key generation time, we sign a message with the private key, allowing us to prove we generated it. We then exhaustively define our cold storage system controls so auditors can test those controls (e.g. all cold storage keys are backed up before being put into use)

1

0

6

Philip Martin

@SecurityGuyPhil

2 years

3/ First, assets have different serialization methods and not all assets have a built-in message signing capability. So in order to sign messages you’d need to implement custom code for assets that don’t have that function.

1

0

7

Philip Martin

@SecurityGuyPhil

7 years

I just published “Coinbase Loves Bug Bounties”

0

2

7

Philip Martin

@SecurityGuyPhil

3 years

Finally, we write a lot more about how to recognize scams on the Coinbase blog and you can check out the brand new Crypto Security Basics article by the amazing @the_mullinator at .

How to keep your crypto secure

You can dramatically improve your digital security with just a few easy steps

www.coinbase.com

1

0

7

Philip Martin

@SecurityGuyPhil

2 years

4/ This is important because there is nothing auditors hate more than custom processes. It leads to the potential for gaps, which can call into question the entire audit. So auditors will always look for the lowest common denominator for their audit procedures.

1

0

7

Philip Martin

@SecurityGuyPhil

5 years

The Future of ATO #blackhat #cryptocurrency via @SlideShare

The Future of ATO

The Future of ATO - Download as a PDF or view online for free

www.slideshare.net

0

2

7

Philip Martin

@SecurityGuyPhil

2 years

5/ Second, I would consider it bad practice to build a high security asset storage system with a mode that allows for arbitrary serialized payloads to be signed. That would be a function begging for abuse by an attacker.

1

0

7

Philip Martin

@SecurityGuyPhil

8 years

Accepted at Blackhat Arsenal! I'll be presenting

GitHub - Phillipmartin/gopassivedns: PassiveDNS in Go

PassiveDNS in Go. Contribute to Phillipmartin/gopassivedns development by creating an account on GitHub.

github.com

1

6

Philip Martin

@SecurityGuyPhil

2 years

9/ Come audit time, the auditors verify the controls are functioning as intended, verify the signed messages and review cold restores over the audit period to make sure we moved enough funds over time to provide appropriate assurance.

1

0

5

Philip Martin

@SecurityGuyPhil

6 years

Really love this thread. So often when we look at a security problem in blockchain @coinbase we think hard about history. It rarely repeats but rhymes all the time. Thanks for the perspective @philvenables

Phil Venables

@philvenables

6 years

Technology. A thread. In the late 1980’s I was a developer using virtualized systems and containers, software defined networks, thin-client end points that could graphically render serialized content in a standard mark-up language.

8

167

352

0

6

Philip Martin

@SecurityGuyPhil

2 years

2/ At scale, differences in listed assets really start to drag on you in a bunch of ways. One of the ways is audit procedures. While in theory you can sign a message with any private key, there are some practical blockers to that.

1

0

5

Philip Martin

@SecurityGuyPhil

3 years

3/ We know we have a lot of work to do to make the experience better for those customers who do experience an ATO, and we’ve launched live phone support immediately as a first step.

2

1

5

Philip Martin

@SecurityGuyPhil

3 years

We saw a huge spike in scam calls spoofing Coinbase’s support number, so we added that number to the Do Not Originate list. Remember: Coinbase does not make unsolicited outbound calls. If you get a call claiming to be from Coinbase then hang up, it’s a scam.

2

0

5

Philip Martin

@SecurityGuyPhil

3 years

Coinbase *does* send SMS notifications. Any links we send in messages about your account will always be for domains and not use URL shorteners. If you see an SMS that does otherwise, it’s a scam, forward it to 7726 (SPAM) to report it.

2

0

5

Philip Martin

@SecurityGuyPhil

6 years

Cryptocurrency Security: where “but does that really happen outside the NSA?” becomes “oh crap, that just happened!”. If that sounds like fun, you should check out

1

2

4

Philip Martin

@SecurityGuyPhil

3 years

@CoinbaseSupport is the only account on twitter that you should interact with if you’re looking for support. If a twitter account other than that one offers you support then report it (to twitter or us), it’s a scam.

1

0

3

Philip Martin

@SecurityGuyPhil

4 years

@octal @nathanielpopper Yep, fully agree on the need for a crypto security standard. This is something we’re working on, but cue obligatory XKCD standards comic. We do have a SOC2, type II that covers key mgmt for our custody business, but those are detailed/sensitive and not broadly shareable docs...

0

4

Philip Martin

@SecurityGuyPhil

2 years

6/ Even arbitrary text-only payloads would be an interesting loophole to try to exploit.

1

0

3

Philip Martin

@SecurityGuyPhil

6 years

This is perhaps the most scientific treatment I’ve ever seen of breach impact forecast. Bravo @Magoo

Ryan McGeehan

@Magoo

6 years

I took a crack at forecasting monthly revenue impact a specific SaaS company would face if they experienced a security incident and it was handled (very well | ok | horribly). Would love helpful feedback. Thanks!

1

26

43

1

0

3

Philip Martin

@SecurityGuyPhil

7 years

@estark37 @patricktoomey Yup, found the PR at Cc @Scott_Helme would be great if threw a warning on comma v semicolon

Update Expect-CT to use separator in spec by ptoomey3 · Pull Request #367 · github/secure_headers

All PRs: Has tests Documentation updated Update Expect-CT to use separator specified in the current spec It seems like semicolons were maybe specified at some point, since various articles writ...

github.com

0

3

Philip Martin

@SecurityGuyPhil

7 years

@mmurray I think the Democratic Party gig is much harder. Everyone @coinbase understands that security is foundational; not as sure about DNC.

0

1

3

Philip Martin

@SecurityGuyPhil

8 years

My team and I are doing a Reddit AMA today at 10 am PDT. Join us!

0

4

3

Philip Martin

@SecurityGuyPhil

6 years

Some of the great work the security team at Coinbase does all the time. Sound like fun? Come join us...

Coinbase 🛡️

@coinbase

6 years

Users of the Electrum Wallet, a popular desktop Bitcoin client, have been under a persistent attack since December 2018. Coinbase Blockchain Security Engineer, Peter Kacherginsky, has been tracking the phishing campaigns on the Electrum network. Read more:

31

157

321

0

3

Philip Martin

@SecurityGuyPhil

8 years

Keystone Metrics in DevOps: The 30 Day Project @ Coinbase

0

1

2

Philip Martin

@SecurityGuyPhil

8 years

Awesome job @alexcpsec !

0

1

Philip Martin

@SecurityGuyPhil

6 years

@Ronin43 @brian_armstrong @Helghardt We use several physical sources of randomness xor’d together to generate the stream of random data we use for keygen. One of those sources is actually based on quantum tunneling of photons. Not quite light from Andromeda, but still pretty cool.

1

0

2

Philip Martin

@SecurityGuyPhil

3 years

Coinbase support will never do any of the above, so if you hear any of those then hang up, it’s a scam. Feel free to tell us how you encountered the scam so we can disrupt these scammers: security @coinbase .com.

1

0

2

Philip Martin

@SecurityGuyPhil

5 years

@julianor OS X

0

2

Philip Martin

@SecurityGuyPhil

5 years

@5aelo @mozsec @coinbase a little more context here:

Philip Martin

@SecurityGuyPhil

5 years

1/ A little more context on the Firefox 0-day reports. On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees.

15

376

898

1

0

2

Philip Martin

@SecurityGuyPhil

7 years

@jmoconnor415 @coinbase @globalsign @CiscoSecurity Thanks @jmoconnor415 we've been working in takedowns for these domains and certs since they flagged in our systems around 3 AM (PST). Still pending actions from the various involved parties (including @globalsign )

0

2

Philip Martin

@SecurityGuyPhil

3 years

When interacting with someone that claims to be Coinbase support, look out for the following red flags: Asking for control of your computer Asking you to install software (e.g. TeamViewer) Asking for your password or 2fa codes Asking you to send cryptocurrency anywhere

1

0

2

Philip Martin

@SecurityGuyPhil

8 years

You can find the slides for my @DerbyCon talk on DNS monitoring at . Video is at

DNS in IR: Collection, Analysis and Response

DNS in IR: Collection, Analysis and Response - Download as a PDF or view online for free

www.slideshare.net

0

2

Philip Martin

@SecurityGuyPhil

7 years

Come help us continue to get Security right as we scale.

0

2

Philip Martin

@SecurityGuyPhil

8 years

@hmhackmaster I've had this request enough that we're cleaning it up and will publish in the next couple days.

1

0

1

Philip Martin

@SecurityGuyPhil

8 years

@rwitoff Such an awesome exercise. Can't control when an incident happens, only how prep'd we are. #security #practice

0

1

Philip Martin

@SecurityGuyPhil

8 years

@jumbograms Awesome! That is exactly what I was going for.

0

1

Philip Martin

@SecurityGuyPhil

7 years

@estark37 @patricktoomey Will update Coinbase tomorrow

0

1

Philip Martin

@SecurityGuyPhil

7 years

@timpastoor @lightcoin @diiorioanthony @ErikVoorhees Google Fi also seems to be a cut above the legacy carriers in terms of social engineering resistance. Also good international coverage.

0

1

Philip Martin

@SecurityGuyPhil

7 years

@cryps1s Heh. Buy me a beer, I'll tell you stories.

0

1

Philip Martin

@SecurityGuyPhil

6 years

@Helghardt @brian_armstrong We actually talk a fair bit about keygen in this wired article: . In general, you’re right that there are a ton of considerations and edge cases in this kind of real world application of cryptography.

Why You Need a Physical Vault to Secure a Virtual Currency

Cryptocurrency exchange Coinbase stores its customers' bitcoin offline, using an elaborate process that breaks apart encryption codes and stores them on paper.

www.wired.com

0

1

Philip Martin

@SecurityGuyPhil

7 years

@zmanian I do, and am chatting with @paddyucl

0

1