Security? Who cares! - Brett Hardin

  • Published on
    15-May-2015

  • View
    1.695

  • Download
    3

Embed Size (px)

DESCRIPTION

In the beginning, people inherently distrusted the Internet, however, Social Networking has changed this. People now enter information without even thinking of how it will affect them. This presentation will explain the shift in trust, with real-life examples, and what we as the security community need to do to change.

Transcript

<ul><li> 1. Security?Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF </li></ul> <p> 2. Who Am IBrett Hardin@miscsecurity Old Lives: Pen TesterSecurity Researcher Currently: Product Manager Brett Hardin - BsidesSF2 3. Inviting my Dad to LinkedIn Brett Hardin - BsidesSF3 4. DisconnectedGeneration Older Generations dont get it. Younger Generations do. Do They?Brett Hardin - BsidesSF4 5. Geo Location Geo Location becoming more available. Open APIs make this Scary Brett Hardin - BsidesSF5 6. Permission BasedSystems When you tweet out your Foursquare check-ins (some people even do thisautomatically), it essentially makes Foursquare an asymmetric network. Andbelieve it or not, some people are doing that without really thinking about it.Or theyre doing it because its easier to gain friends/followers on anasymmetric network. Connecting them to non-permission basedsystems.Brett Hardin - BsidesSF 6 7. Brett Hardin - BsidesSF 7 8. Brett Hardin - BsidesSF 8 9. A mayor yousay? Brett Hardin - BsidesSF 9 10. http://foursquare.com/venue/1404526 Brett Hardin - BsidesSF 10 11. Share a bunch of information with peopleyou dont care about. Connect with old friends Flog the dead horse.Brett Hardin - BsidesSF 11 12. DOD okays use ofSocial Networks February 26, 2010 DOD okays use of Social Networks (http://www.defense.gov/NEWS/DTM%2009-026.pdf) Scary Precedent? http://wefollow.com/twitter/military Brett Hardin - BsidesSF12 13. Who has heardof Blippy? Brett Hardin - BsidesSF 13 14. Social Demographicsbeing harvested To identify creditworthy customers, CC companies are beginning to harvest info from social networking sites. http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14 15. ! Security as a Process How many times have you heard this? Its not working! We need new concepts. People will continue to get compromised.Brett Hardin - BsidesSF 15 16. Are we doing our Job? (Raise your hands) Who here works for a company whocreates software? Who here, be honest, has an actual SDLCprocess? Who started one?Brett Hardin - BsidesSF16 17. What can we do? Work Harder? Complain? Drop It? http://www.youtube.com/watch?v=6qIgVrOy9vM Its over Johnny, Its Over! Nothing is Over! Nothing! Brett Hardin - BsidesSF 17 18. Where to Begin? I dont know. Embrace it? Public Networks are PublicBrett Hardin - BsidesSF 18 </p>