Hello folks,
Welcome to the security box, podcast 217. Before we give you the notes for this podcast, I have an announcement about last week’s program.
I was just notified that podcast 216’s initial release was only 7 seconds in length. I have no idea since I put up the initial file, at least I thought I did. This has been corrected, and I apologize for the inconvenience this caused you! The direct download which we’re providing here in this post was correct and we aired the correct file on replay, so we’ll just move fforward. Maybe I uploaded the wrong file.
Now, let’s talk about this week’s edition of the program.
We did confirm that the rss has the file and we should have a full release.
If you do not have RSS, please use this 179.3mb file if you need it.
Also, if you would like to download the podcast for 216 which was last week, please use this 206.8mb file if you need it.
I’m providing it again so you don’t have to go back and download it through the other post if you need it.
Also, you may use the TSB directory if this issue should happen again. If it does, please contact me as soon as you see it so we may reissue the program.
Now, on with this week’s show notes!
Hello folks, welcome to the security box, podcast 217. Its been a long time since we did how notes, as NCSAM doesn’t necessarily need show notes per see. We’ve got a great topic on something I blogged and we talked about awhile back about the braille space. No, not the way braille is written as you know it, but a hexidecimal character used to cause havoc. We’ll explain on this podcast.
Besides that, we’re going to have the news, the notes, the landscape, answers to trivia and more.
Please feel free to participate. Starting with this podcast, we’re going to have our click to call wigit available so you can feel free to use it to call the comment line and leave your message or talk to us, depending on availability.
Thanks so much for listening to the program, and we hope you enjoy!
The braille space
When writing braille, it is no different than writing print. But braille can be written with hexidecimal characters just like other languages using a computer keyboard.
We found an article talking about the fact that this braille character is used to actually hide file extensions, and you think you’re opening one type of file, but opening another.
On September 16, 2024: Robert Stepp responded to the email I sent him iquiring to the braille space as a character, and he wrote the following.
Hi,
There is nothing special about a “braille” space. The 0x2800 character is simply a space in the 8-dot braille page of Unicode (three bytes in UTF-8). Apparently 0x2800 is interesting because is shows as nothing but is parsed as non-whitespace. A bogus filename SomeName.pdfxxxxxxxxxxxxxxxxxxxx.hta where x is the braille space, when written to a FileName box (whose length is too short to show the final .hta without scrolling) appears to be a .pdf file when it is actually a .hta (private malware) file. Any Unicode character, not known by Windows controls to be whitespace (space, thin-space, zero-width- space, etc) would work just as well for this visualization spoof.
To read the entire blog post including the article which will lead to our discussion, I did not know there was something called a braille space is the article in which I wrote, linking to the article from Bleeping Computer.
For those that just want to dive in to the Bleeping computer article, Windows vulnerability abused braille “spaces” in zero-day attacks will be your article.
Thanks Bob for your great insite! Its much appreciated.
Contacting the podcast
If you would like to contact the podcast folk, please use the following info which goes to Jared and can be shared with the rest of the contributors as needed:
- Email/imessage: or which go to Jared.
- Text or WhatsApp: 804-442-6975
- Call the comment line at (888) 405-7524 or use the click to call button located in the show notes. If available, Jared can take your call below. You may also call long distance by calling (818) 527-4754.
Supporting the podcast
If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.
Internet Radio affiliates airing our program
Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!
See you on another edition of the podcast!