SlideShare a Scribd company logo

Security is sexy again

Download as ODP, PDF
Vitor Domingos
Vitor Domingos

presented at @IDC Security Information event

Technology
1 of 37
Security is sexy again ------ no, not that kind of sexy by Vitor Domingos @ IDC -Information Security
 
 
 
 
Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - mobilemonday founder - videocaster - ex failed entrepreneur - ex ITIJ / MJ - ex CGD - ex forumB2B - ex Maxitel - ex Jazztel
VERY IMPORTANT AGENDA - First - Second - Third
 
 
 
OLD SCHOOL - anti virus - IDS, firewall, scanners - encryption, DMZ, password enforcement - data protection & security governance - some other commercial bullshit bingo - social engineering
 
 
NEW SCHOOL - social engineering and hacking - id theft (banks) - phishing, spoofing, vishing, brandjacking - spam, bot networks, malware, pharming - XSS (twitter) - private data harvesting (facebook)
 
 
 
 
Security Menace History 1.0 – FUN - Virus, Stealing Information 2.0 – MONEY - Worms, Trojans, Virus 3.0 – MONEY 2.0 - DDoS, Trojans, ID Theft 4.0 – MARKETING FarmVille, Mafia Wars, Data Theft
Security is (now) personal 1.0 - Direct - One-on-One - Hardware/Software 2.0 - Cloud - Distributed - Social - Personal
Firewall History 1 Gen – Packet Filter 2 Gen – Application Layer 3 Gen – Stateful Filter 4 Gen – Semantic 5 Gen – Personal
Security got smaller and distributed USB PEN SD Card Phone Smartphone Cloud SaaS IaaS NaaS DaaS ...
 
Phones ... - 15 years of pure unsecurity and few exploits - mobile is the most personal and private item we own - phones are now computers, the personal kind - they even run full operating systems
What's in ... - phone calls; - addressbook; - emails; - sms; - mms; - browser history; - pictures and some documents; - calendar; - gps tracking data; - shop details; - credit card info; - other sync evilness
 
GSM Cracked - A51 Rainbowtable cracking software (reflextor.com/trac/a51) - GSM interception software (airprobe.org) - Software defined radio (gnuradio.org) - Cheap radion software (ettus.com/products)
 
2010 - UTMS cracked (on paper) - Sandwich attack - MMS Remote Exploit - iPhone SMS Remote Exploit - Bluetooth Spamming and Attacks (bluesnarfing, bluebug, bluebugging) -$18 bluetooth sniffer - Bluetooth audio flow to headset interception - Over the air wire tapping - ... and what about flash ? :)
 
 
Future (risks?) - Near Field Communications 2008: hacking NFC phones, URI spoofing, NDEF worm; 2010: Nokia announces that all phones will be NFC ready - Mobile javascript in the browser (2000 called and they want to block javascript all again) - Phone SSL, VPN - Location Based something - gowalla//forsquare problems
Future (risks?) - Spyware disguised as apps (cydia iphone appstore, android apps) - Virus/Worm/Botnet - iphone; vodafone memory card spyware bug on android phones - Tinyurl problems (?) - Social phishing from fake call centers - Data Leaks - Startups with little security concerns
New world out (t)here - Earth calling security, hello ? - Fresh new start (cloud, distributed, mobile, web) - Think global - Same old-school practices apply; new skills - SME/SMB - Security as a Service
 
 
 

Recommended

Embedded Systems Security News 2011/05
Embedded Systems Security News 2011/05Embedded Systems Security News 2011/05
Embedded Systems Security News 2011/05AurMiana
 
Embedded Systems Security News 2011/06
Embedded Systems Security News 2011/06Embedded Systems Security News 2011/06
Embedded Systems Security News 2011/06AurMiana
 
Wireless Patents for Standards & Applications 1Q 2015
Wireless Patents for Standards & Applications 1Q 2015Wireless Patents for Standards & Applications 1Q 2015
Wireless Patents for Standards & Applications 1Q 2015Alex G. Lee, Ph.D. Esq. CLP
 
Windows 8 Platform NFC Development
Windows 8 Platform NFC DevelopmentWindows 8 Platform NFC Development
Windows 8 Platform NFC DevelopmentAndreas Jakl
 
NFS - Company presentation 2015
NFS - Company presentation 2015NFS - Company presentation 2015
NFS - Company presentation 2015Near Field Solutions
 
NFC Patents Data for Standards & Applications 4Q 2011
NFC Patents Data for Standards & Applications 4Q 2011 NFC Patents Data for Standards & Applications 4Q 2011
NFC Patents Data for Standards & Applications 4Q 2011 Alex G. Lee, Ph.D. Esq. CLP
 
Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Pierre Metivier
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overviewPrivateWave Italia SpA
 

Recommended

Embedded Systems Security News 2011/05
Embedded Systems Security News 2011/05Embedded Systems Security News 2011/05
Embedded Systems Security News 2011/05AurMiana
 
Embedded Systems Security News 2011/06
Embedded Systems Security News 2011/06Embedded Systems Security News 2011/06
Embedded Systems Security News 2011/06AurMiana
 
Wireless Patents for Standards & Applications 1Q 2015
Wireless Patents for Standards & Applications 1Q 2015Wireless Patents for Standards & Applications 1Q 2015
Wireless Patents for Standards & Applications 1Q 2015Alex G. Lee, Ph.D. Esq. CLP
 
Windows 8 Platform NFC Development
Windows 8 Platform NFC DevelopmentWindows 8 Platform NFC Development
Windows 8 Platform NFC DevelopmentAndreas Jakl
 
NFS - Company presentation 2015
NFS - Company presentation 2015NFS - Company presentation 2015
NFS - Company presentation 2015Near Field Solutions
 
NFC Patents Data for Standards & Applications 4Q 2011
NFC Patents Data for Standards & Applications 4Q 2011 NFC Patents Data for Standards & Applications 4Q 2011
NFC Patents Data for Standards & Applications 4Q 2011 Alex G. Lee, Ph.D. Esq. CLP
 
Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Pierre Metivier
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overviewPrivateWave Italia SpA
 
Tap into NFC Showcase - Shanghai
Tap into NFC Showcase - ShanghaiTap into NFC Showcase - Shanghai
Tap into NFC Showcase - ShanghaiNFC Forum
 
NFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
NFC Patents for Smartphone Mobile Payments Licensing Potential AssessmentNFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
NFC Patents for Smartphone Mobile Payments Licensing Potential AssessmentAlex G. Lee, Ph.D. Esq. CLP
 
Near Field Communication (NFC)
Near Field Communication (NFC)Near Field Communication (NFC)
Near Field Communication (NFC)Seminar Links
 
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...Lillie Coney
 
Hacking Smartcards & RFID
Hacking Smartcards & RFIDHacking Smartcards & RFID
Hacking Smartcards & RFIDDevnology
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapHai Nguyen
 
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...Identive
 
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?Andreas Jakl
 
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...IRJET Journal
 
Dissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaDissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaAvinash Sinha
 
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside NXP MIFARE Team
 
Mobile devices
Mobile devicesMobile devices
Mobile devicesSayani Majumder
 
Tap into NFC Meetup - Boston
Tap into NFC Meetup - Boston Tap into NFC Meetup - Boston
Tap into NFC Meetup - Boston NFC Forum
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing BotBellaj Badr
 
Voice communication security
Voice communication securityVoice communication security
Voice communication securityFabio Pietrosanti
 
Android App
Android AppAndroid App
Android AppOnlineUser4
 
Automating Your Life: A look at NFC
Automating Your Life: A look at NFC Automating Your Life: A look at NFC
Automating Your Life: A look at NFC Mitchell Muenster
 
IoT - Understanding internet of things
IoT - Understanding internet of thingsIoT - Understanding internet of things
IoT - Understanding internet of thingsveerababu penugonda(Mr-IoT)
 
Lei & ugin
Lei & uginLei & ugin
Lei & uginuginwong.com
 
Catolica EBP - Talk
Catolica EBP - TalkCatolica EBP - Talk
Catolica EBP - TalkVitor Domingos
 

More Related Content

What's hot

Tap into NFC Showcase - Shanghai
Tap into NFC Showcase - ShanghaiTap into NFC Showcase - Shanghai
Tap into NFC Showcase - ShanghaiNFC Forum
 
NFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
NFC Patents for Smartphone Mobile Payments Licensing Potential AssessmentNFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
NFC Patents for Smartphone Mobile Payments Licensing Potential AssessmentAlex G. Lee, Ph.D. Esq. CLP
 
Near Field Communication (NFC)
Near Field Communication (NFC)Near Field Communication (NFC)
Near Field Communication (NFC)Seminar Links
 
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...Lillie Coney
 
Hacking Smartcards & RFID
Hacking Smartcards & RFIDHacking Smartcards & RFID
Hacking Smartcards & RFIDDevnology
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapHai Nguyen
 
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...Identive
 
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?Andreas Jakl
 
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...IRJET Journal
 
Dissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaDissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaAvinash Sinha
 
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside NXP MIFARE Team
 
Tap into NFC Meetup - Boston
Tap into NFC Meetup - Boston Tap into NFC Meetup - Boston
Tap into NFC Meetup - Boston NFC Forum
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing BotBellaj Badr
 
Voice communication security
Voice communication securityVoice communication security
Voice communication securityFabio Pietrosanti
 
Automating Your Life: A look at NFC
Automating Your Life: A look at NFC Automating Your Life: A look at NFC
Automating Your Life: A look at NFC Mitchell Muenster
 

What's hot (20)

Tap into NFC Showcase - Shanghai
Tap into NFC Showcase - ShanghaiTap into NFC Showcase - Shanghai
Tap into NFC Showcase - Shanghai
 
NFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
NFC Patents for Smartphone Mobile Payments Licensing Potential AssessmentNFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
NFC Patents for Smartphone Mobile Payments Licensing Potential Assessment
 
Near Field Communication (NFC)
Near Field Communication (NFC)Near Field Communication (NFC)
Near Field Communication (NFC)
 
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
LConey-Journal_of_Physical_Security-Article_The-Ability-to-Defend-Against-the...
 
Hacking Smartcards & RFID
Hacking Smartcards & RFIDHacking Smartcards & RFID
Hacking Smartcards & RFID
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmap
 
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
Identive Group | Press Release | Identive Group's RFID and Near Field Communi...
 
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
Which new scenarios are enabled by Windows 10 for NFC, Bluetooth LE & Beacons?
 
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
IRJET- Identification of Location of Laptop Devices using Raspberry Pi Mo...
 
Dissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaDissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinha
 
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
NXP MIFARE Webinar: Innovation Road Map: Present Improved- Future Inside
 
Mobile devices
Mobile devicesMobile devices
Mobile devices
 
Tap into NFC Meetup - Boston
Tap into NFC Meetup - Boston Tap into NFC Meetup - Boston
Tap into NFC Meetup - Boston
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing Bot
 
Voice communication security
Voice communication securityVoice communication security
Voice communication security
 
Android App
Android AppAndroid App
Android App
 
Automating Your Life: A look at NFC
Automating Your Life: A look at NFC Automating Your Life: A look at NFC
Automating Your Life: A look at NFC
 
IoT - Understanding internet of things
IoT - Understanding internet of thingsIoT - Understanding internet of things
IoT - Understanding internet of things
 

Viewers also liked

2011 the mobilemovement
2011 the mobilemovement2011 the mobilemovement
2011 the mobilemovementuginwong.com
 
слайд шоу
слайд шоуслайд шоу
слайд шоуlyudmila
 
Harvardmd comunication
Harvardmd comunicationHarvardmd comunication
Harvardmd comunicationVitor Domingos
 
Introduction Of Party Poker Rakeback
Introduction Of Party Poker RakebackIntroduction Of Party Poker Rakeback
Introduction Of Party Poker Rakebackuginwong.com
 
AWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onAWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onVitor Domingos
 

Viewers also liked (7)

Lei & ugin
Lei & uginLei & ugin
Lei & ugin
 
Catolica EBP - Talk
Catolica EBP - TalkCatolica EBP - Talk
Catolica EBP - Talk
 
2011 the mobilemovement
2011 the mobilemovement2011 the mobilemovement
2011 the mobilemovement
 
слайд шоу
слайд шоуслайд шоу
слайд шоу
 
Harvardmd comunication
Harvardmd comunicationHarvardmd comunication
Harvardmd comunication
 
Introduction Of Party Poker Rakeback
Introduction Of Party Poker RakebackIntroduction Of Party Poker Rakeback
Introduction Of Party Poker Rakeback
 
AWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-onAWS ground zero; EC2 & S3 hands-on
AWS ground zero; EC2 & S3 hands-on
 

Similar to Security is sexy again

Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityVitor Domingos
 
NMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizika
NMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizikaNMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizika
NMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizikaNew Media Inspiration
 
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011Zarafa
 
Is your privacy, private?
Is your privacy, private?Is your privacy, private?
Is your privacy, private?DionShawMSPM
 
IoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthingsIoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthingsEd Pimentel
 
Mobile changes everything, no one is safe
Mobile changes everything, no one is safeMobile changes everything, no one is safe
Mobile changes everything, no one is safeJorge Sebastiao
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef
 
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.Jan Geirnaert
 
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011shawn_merdinger
 
Vulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesVulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesCSCJournals
 
Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09vafopoulos
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthAGILLY
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
551_MH_overview_handout.ppt
551_MH_overview_handout.ppt551_MH_overview_handout.ppt
551_MH_overview_handout.pptNiloyMondal10
 
The New frontiers in Information Security
The New frontiers in Information SecurityThe New frontiers in Information Security
The New frontiers in Information SecurityVineet Sood
 
Mobile device security
Mobile device securityMobile device security
Mobile device securityLisa Herrera
 

Similar to Security is sexy again (20)

Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile Security
 
NMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizika
NMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizikaNMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizika
NMI15 Filip Chytrý – Internet věcí a jeho potenciální bezpečnostní rizika
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
 
Is your privacy, private?
Is your privacy, private?Is your privacy, private?
Is your privacy, private?
 
IoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthingsIoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthings
 
Mobile changes everything, no one is safe
Mobile changes everything, no one is safeMobile changes everything, no one is safe
Mobile changes everything, no one is safe
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online Security
 
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
 
Vulnerabilities in Mobile Devices
Vulnerabilities in Mobile DevicesVulnerabilities in Mobile Devices
Vulnerabilities in Mobile Devices
 
Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient Truth
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devices
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
 
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptxCS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
 
551_MH_overview_handout.ppt
551_MH_overview_handout.ppt551_MH_overview_handout.ppt
551_MH_overview_handout.ppt
 
The New frontiers in Information Security
The New frontiers in Information SecurityThe New frontiers in Information Security
The New frontiers in Information Security
 
Mobile device security
Mobile device securityMobile device security
Mobile device security
 

More from Vitor Domingos

Methods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingMethods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingVitor Domingos
 
Failure the mother of all success
Failure the mother of all successFailure the mother of all success
Failure the mother of all successVitor Domingos
 
How to crunch data into beautiful graphics
How to crunch data into beautiful graphicsHow to crunch data into beautiful graphics
How to crunch data into beautiful graphicsVitor Domingos
 
Social Network Panorama
Social Network PanoramaSocial Network Panorama
Social Network PanoramaVitor Domingos
 
PT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVPT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVVitor Domingos
 
Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingVitor Domingos
 
Confraria Security 17 June - Cloud Security
Confraria Security 17 June - Cloud SecurityConfraria Security 17 June - Cloud Security
Confraria Security 17 June - Cloud SecurityVitor Domingos
 
Products, Services or Platforms
Products, Services or PlatformsProducts, Services or Platforms
Products, Services or PlatformsVitor Domingos
 

More from Vitor Domingos (11)

Methods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud ComputingMethods Digital Away Day at Guildford - Cloud Computing
Methods Digital Away Day at Guildford - Cloud Computing
 
My experience
My experienceMy experience
My experience
 
Failure the mother of all success
Failure the mother of all successFailure the mother of all success
Failure the mother of all success
 
How to crunch data into beautiful graphics
How to crunch data into beautiful graphicsHow to crunch data into beautiful graphics
How to crunch data into beautiful graphics
 
Social Network Panorama
Social Network PanoramaSocial Network Panorama
Social Network Panorama
 
PT Google Technical User Group - Google TV
PT Google Technical User Group - Google TVPT Google Technical User Group - Google TV
PT Google Technical User Group - Google TV
 
Portuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd MeetingPortuguese Cloud Computing Architects - 2nd Meeting
Portuguese Cloud Computing Architects - 2nd Meeting
 
Open Data
Open DataOpen Data
Open Data
 
Confraria Security 17 June - Cloud Security
Confraria Security 17 June - Cloud SecurityConfraria Security 17 June - Cloud Security
Confraria Security 17 June - Cloud Security
 
handivi presentation
handivi presentationhandivi presentation
handivi presentation
 
Products, Services or Platforms
Products, Services or PlatformsProducts, Services or Platforms
Products, Services or Platforms
 

Recently uploaded

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 

Recently uploaded (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 

Security is sexy again

  • 1. Security is sexy again ------ no, not that kind of sexy by Vitor Domingos @ IDC -Information Security
  • 2.  
  • 3.  
  • 4.  
  • 5.  
  • 6. Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - mobilemonday founder - videocaster - ex failed entrepreneur - ex ITIJ / MJ - ex CGD - ex forumB2B - ex Maxitel - ex Jazztel
  • 7. VERY IMPORTANT AGENDA - First - Second - Third
  • 8.  
  • 9.  
  • 10.  
  • 11. OLD SCHOOL - anti virus - IDS, firewall, scanners - encryption, DMZ, password enforcement - data protection & security governance - some other commercial bullshit bingo - social engineering
  • 12.  
  • 13.  
  • 14. NEW SCHOOL - social engineering and hacking - id theft (banks) - phishing, spoofing, vishing, brandjacking - spam, bot networks, malware, pharming - XSS (twitter) - private data harvesting (facebook)
  • 15.  
  • 16.  
  • 17.  
  • 18.  
  • 19. Security Menace History 1.0 – FUN - Virus, Stealing Information 2.0 – MONEY - Worms, Trojans, Virus 3.0 – MONEY 2.0 - DDoS, Trojans, ID Theft 4.0 – MARKETING FarmVille, Mafia Wars, Data Theft
  • 20. Security is (now) personal 1.0 - Direct - One-on-One - Hardware/Software 2.0 - Cloud - Distributed - Social - Personal
  • 21. Firewall History 1 Gen – Packet Filter 2 Gen – Application Layer 3 Gen – Stateful Filter 4 Gen – Semantic 5 Gen – Personal
  • 22. Security got smaller and distributed USB PEN SD Card Phone Smartphone Cloud SaaS IaaS NaaS DaaS ...
  • 23.  
  • 24. Phones ... - 15 years of pure unsecurity and few exploits - mobile is the most personal and private item we own - phones are now computers, the personal kind - they even run full operating systems
  • 25. What's in ... - phone calls; - addressbook; - emails; - sms; - mms; - browser history; - pictures and some documents; - calendar; - gps tracking data; - shop details; - credit card info; - other sync evilness
  • 26.  
  • 27. GSM Cracked - A51 Rainbowtable cracking software (reflextor.com/trac/a51) - GSM interception software (airprobe.org) - Software defined radio (gnuradio.org) - Cheap radion software (ettus.com/products)
  • 28.  
  • 29. 2010 - UTMS cracked (on paper) - Sandwich attack - MMS Remote Exploit - iPhone SMS Remote Exploit - Bluetooth Spamming and Attacks (bluesnarfing, bluebug, bluebugging) -$18 bluetooth sniffer - Bluetooth audio flow to headset interception - Over the air wire tapping - ... and what about flash ? :)
  • 30.  
  • 31.  
  • 32. Future (risks?) - Near Field Communications 2008: hacking NFC phones, URI spoofing, NDEF worm; 2010: Nokia announces that all phones will be NFC ready - Mobile javascript in the browser (2000 called and they want to block javascript all again) - Phone SSL, VPN - Location Based something - gowalla//forsquare problems
  • 33. Future (risks?) - Spyware disguised as apps (cydia iphone appstore, android apps) - Virus/Worm/Botnet - iphone; vodafone memory card spyware bug on android phones - Tinyurl problems (?) - Social phishing from fake call centers - Data Leaks - Startups with little security concerns
  • 34. New world out (t)here - Earth calling security, hello ? - Fresh new start (cloud, distributed, mobile, web) - Think global - Same old-school practices apply; new skills - SME/SMB - Security as a Service
  • 35.  
  • 36.  
  • 37.