SlideShare uma empresa Scribd logo

Security? Who cares! - Brett Hardin

Security B-Sides
Security B-Sides

In the beginning, people inherently distrusted the Internet, however, Social Networking has changed this. People now enter information without even thinking of how it will affect them. This presentation will explain the shift in trust, with real-life examples, and what we as the security community need to do to change.

TecnologiaNegócios
1 de 18
Baixar para ler offline
Security? Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF
Who Am I Brett Hardin @miscsecurity Old Lives: ✓Pen Tester ✓Security Researcher Currently: ✓Product Manager Brett Hardin - BsidesSF 2
• Inviting my Dad to LinkedIn Brett Hardin - BsidesSF 3
Disconnected Generation • “Older” Generations don’t get it. • “Younger” Generations do. • Do They? Brett Hardin - BsidesSF 4
Geo Location • Geo Location becoming more available. • Open APIs make this Scary Brett Hardin - BsidesSF 5
Permission Based Systems • When you tweet out your Foursquare check-ins (some people even do this automatically), it essentially makes Foursquare an asymmetric network. And believe it or not, some people are doing that without really thinking about it. Or they’re doing it because it’s easier to gain friends/followers on an asymmetric network. • Connecting them to non-permission based systems. Brett Hardin - BsidesSF 6
Brett Hardin - BsidesSF 7
Brett Hardin - BsidesSF 8
A mayor you say? Brett Hardin - BsidesSF 9
http://foursquare.com/venue/1404526 Brett Hardin - BsidesSF 10
• Share a bunch of information with people you don’t care about. • “Connect” with old friends • Flog the dead horse. Brett Hardin - BsidesSF 11
DOD okays use of Social Networks • February 26, 2010 • DOD okays use of Social Networks • (http://www.defense.gov/NEWS/DTM%2009-026.pdf) • “Scary Precedent”? • http://wefollow.com/twitter/military Brett Hardin - BsidesSF 12
• Who has heard of Blippy? Brett Hardin - BsidesSF 13
Social Demographics being harvested • To identify “creditworthy” customers, CC companies are beginning to harvest info from social networking sites. • http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14
! Security as a Process • How many times have you heard this? • It’s not working! • We need new concepts. • People will continue to get compromised. Brett Hardin - BsidesSF 15
Are we doing our Job? (Raise your hands) • Who here works for a company who creates software? • Who here, be honest, has an actual SDLC process? • Who started one? Brett Hardin - BsidesSF 16
What can we do? • Work Harder? • Complain? • Drop It? • http://www.youtube.com/watch?v=6qIgVrOy9vM • “It’s over Johnny, It’s Over!” • “Nothing is Over! Nothing!” Brett Hardin - BsidesSF 17
Where to Begin? • I don’t know. • Embrace it? • Public Networks are Public Brett Hardin - BsidesSF 18

Recomendados

The Reality Behind Your Webpresence
The Reality Behind Your WebpresenceThe Reality Behind Your Webpresence
The Reality Behind Your Webpresencecdoval
 
Creating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaCreating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaOnline Marketing Summit
 
Will Social Media For Work
Will Social Media For WorkWill Social Media For Work
Will Social Media For WorkChase Reeves
 
Online 2012 presentation
Online 2012 presentationOnline 2012 presentation
Online 2012 presentationPhil Bradley
 
Digital footprints fetc13
Digital footprints fetc13Digital footprints fetc13
Digital footprints fetc13Susan M. Bearden
 
Personal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsPersonal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsKivi Leroux Miller
 
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal ReputationElizabeth Keserauskis
 
My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...Farra Trompeter, Big Duck
 

Recomendados

The Reality Behind Your Webpresence
The Reality Behind Your WebpresenceThe Reality Behind Your Webpresence
The Reality Behind Your Webpresencecdoval
 
Creating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaCreating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaOnline Marketing Summit
 
Will Social Media For Work
Will Social Media For WorkWill Social Media For Work
Will Social Media For WorkChase Reeves
 
Online 2012 presentation
Online 2012 presentationOnline 2012 presentation
Online 2012 presentationPhil Bradley
 
Digital footprints fetc13
Digital footprints fetc13Digital footprints fetc13
Digital footprints fetc13Susan M. Bearden
 
Personal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsPersonal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsKivi Leroux Miller
 
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal ReputationElizabeth Keserauskis
 
My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...Farra Trompeter, Big Duck
 
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Darin Reffitt
 
Citizen Lobbying
Citizen LobbyingCitizen Lobbying
Citizen LobbyingDemocracyforAmerica
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingElement Three
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media PresentationPCM creative
 
Getting LinkedIn - 2014
Getting LinkedIn - 2014Getting LinkedIn - 2014
Getting LinkedIn - 2014Invenio Advisors, LLC
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...News Leaders Association's NewsTrain
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking DayEric Schwartzman
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership Eric Schwartzman
 
Social Networking
Social NetworkingSocial Networking
Social NetworkingPhil Bradley
 
You, the online brand
You, the online brandYou, the online brand
You, the online brandAlex de Carvalho
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wangariessumi
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small BusinessElaine W Krause
 
Who is watching facebook
Who is watching facebookWho is watching facebook
Who is watching facebookUC Santa Barbara
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 

Mais conteúdo relacionado

Mais procurados

Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Darin Reffitt
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingElement Three
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media PresentationPCM creative
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...News Leaders Association's NewsTrain
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership Eric Schwartzman
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wangariessumi
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small BusinessElaine W Krause
 

Mais procurados (13)

Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
 
Citizen Lobbying
Citizen LobbyingCitizen Lobbying
Citizen Lobbying
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in Marketing
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media Presentation
 
Getting LinkedIn - 2014
Getting LinkedIn - 2014Getting LinkedIn - 2014
Getting LinkedIn - 2014
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking Day
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership
 
Social Networking
Social NetworkingSocial Networking
Social Networking
 
You, the online brand
You, the online brandYou, the online brand
You, the online brand
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wang
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small Business
 
Who is watching facebook
Who is watching facebookWho is watching facebook
Who is watching facebook
 

Destaque

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 

Destaque (6)

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike Bailey
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex Hutton
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent Threats
 

Mais de Security B-Sides

2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Security B-Sides
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineSecurity B-Sides
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsSecurity B-Sides
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldSecurity B-Sides
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?Security B-Sides
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the faceSecurity B-Sides
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Security B-Sides
 
Efficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationEfficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationSecurity B-Sides
 
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Security B-Sides
 
Vulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsVulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsSecurity B-Sides
 
A future security landscape
A future security landscapeA future security landscape
A future security landscapeSecurity B-Sides
 

Mais de Security B-Sides (20)

The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource tools
 
2009 Zacon Haroon Meer
2009 Zacon Haroon Meer2009 Zacon Haroon Meer
2009 Zacon Haroon Meer
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the Gold
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the face
 
Make Tea Not War
Make Tea Not WarMake Tea Not War
Make Tea Not War
 
OWASP Proxy
OWASP ProxyOWASP Proxy
OWASP Proxy
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)
 
Exploitation
ExploitationExploitation
Exploitation
 
Layer 2 Hackery
Layer 2 HackeryLayer 2 Hackery
Layer 2 Hackery
 
Efficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationEfficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering information
 
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
 
Vulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsVulnerability Management Scoring Systems
Vulnerability Management Scoring Systems
 
TCP Sorcery
TCP SorceryTCP Sorcery
TCP Sorcery
 
A future security landscape
A future security landscapeA future security landscape
A future security landscape
 

Último

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 

Último (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Security? Who cares! - Brett Hardin

  • 1. Security? Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF
  • 2. Who Am I Brett Hardin @miscsecurity Old Lives: ✓Pen Tester ✓Security Researcher Currently: ✓Product Manager Brett Hardin - BsidesSF 2
  • 3. • Inviting my Dad to LinkedIn Brett Hardin - BsidesSF 3
  • 4. Disconnected Generation • “Older” Generations don’t get it. • “Younger” Generations do. • Do They? Brett Hardin - BsidesSF 4
  • 5. Geo Location • Geo Location becoming more available. • Open APIs make this Scary Brett Hardin - BsidesSF 5
  • 6. Permission Based Systems • When you tweet out your Foursquare check-ins (some people even do this automatically), it essentially makes Foursquare an asymmetric network. And believe it or not, some people are doing that without really thinking about it. Or they’re doing it because it’s easier to gain friends/followers on an asymmetric network. • Connecting them to non-permission based systems. Brett Hardin - BsidesSF 6
  • 7. Brett Hardin - BsidesSF 7
  • 8. Brett Hardin - BsidesSF 8
  • 9. A mayor you say? Brett Hardin - BsidesSF 9
  • 11. • Share a bunch of information with people you don’t care about. • “Connect” with old friends • Flog the dead horse. Brett Hardin - BsidesSF 11
  • 12. DOD okays use of Social Networks • February 26, 2010 • DOD okays use of Social Networks • (http://www.defense.gov/NEWS/DTM%2009-026.pdf) • “Scary Precedent”? • http://wefollow.com/twitter/military Brett Hardin - BsidesSF 12
  • 13. • Who has heard of Blippy? Brett Hardin - BsidesSF 13
  • 14. Social Demographics being harvested • To identify “creditworthy” customers, CC companies are beginning to harvest info from social networking sites. • http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14
  • 15. ! Security as a Process • How many times have you heard this? • It’s not working! • We need new concepts. • People will continue to get compromised. Brett Hardin - BsidesSF 15
  • 16. Are we doing our Job? (Raise your hands) • Who here works for a company who creates software? • Who here, be honest, has an actual SDLC process? • Who started one? Brett Hardin - BsidesSF 16
  • 17. What can we do? • Work Harder? • Complain? • Drop It? • http://www.youtube.com/watch?v=6qIgVrOy9vM • “It’s over Johnny, It’s Over!” • “Nothing is Over! Nothing!” Brett Hardin - BsidesSF 17
  • 18. Where to Begin? • I don’t know. • Embrace it? • Public Networks are Public Brett Hardin - BsidesSF 18