SlideShare uma empresa Scribd logo

Security? Who cares! - Brett Hardin

Security B-Sides
Security B-Sides

In the beginning, people inherently distrusted the Internet, however, Social Networking has changed this. People now enter information without even thinking of how it will affect them. This presentation will explain the shift in trust, with real-life examples, and what we as the security community need to do to change.

TecnologiaNegócios
1 de 18
Baixar para ler offline
Security? Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF
Who Am I Brett Hardin @miscsecurity Old Lives: ✓Pen Tester ✓Security Researcher Currently: ✓Product Manager Brett Hardin - BsidesSF 2
• Inviting my Dad to LinkedIn Brett Hardin - BsidesSF 3
Disconnected Generation • “Older” Generations don’t get it. • “Younger” Generations do. • Do They? Brett Hardin - BsidesSF 4
Geo Location • Geo Location becoming more available. • Open APIs make this Scary Brett Hardin - BsidesSF 5
Permission Based Systems • When you tweet out your Foursquare check-ins (some people even do this automatically), it essentially makes Foursquare an asymmetric network. And believe it or not, some people are doing that without really thinking about it. Or they’re doing it because it’s easier to gain friends/followers on an asymmetric network. • Connecting them to non-permission based systems. Brett Hardin - BsidesSF 6
Brett Hardin - BsidesSF 7
Brett Hardin - BsidesSF 8
A mayor you say? Brett Hardin - BsidesSF 9
http://foursquare.com/venue/1404526 Brett Hardin - BsidesSF 10
• Share a bunch of information with people you don’t care about. • “Connect” with old friends • Flog the dead horse. Brett Hardin - BsidesSF 11
DOD okays use of Social Networks • February 26, 2010 • DOD okays use of Social Networks • (http://www.defense.gov/NEWS/DTM%2009-026.pdf) • “Scary Precedent”? • http://wefollow.com/twitter/military Brett Hardin - BsidesSF 12
• Who has heard of Blippy? Brett Hardin - BsidesSF 13
Social Demographics being harvested • To identify “creditworthy” customers, CC companies are beginning to harvest info from social networking sites. • http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14
! Security as a Process • How many times have you heard this? • It’s not working! • We need new concepts. • People will continue to get compromised. Brett Hardin - BsidesSF 15
Are we doing our Job? (Raise your hands) • Who here works for a company who creates software? • Who here, be honest, has an actual SDLC process? • Who started one? Brett Hardin - BsidesSF 16
What can we do? • Work Harder? • Complain? • Drop It? • http://www.youtube.com/watch?v=6qIgVrOy9vM • “It’s over Johnny, It’s Over!” • “Nothing is Over! Nothing!” Brett Hardin - BsidesSF 17
Where to Begin? • I don’t know. • Embrace it? • Public Networks are Public Brett Hardin - BsidesSF 18

Recomendados

The Reality Behind Your Webpresence
The Reality Behind Your WebpresenceThe Reality Behind Your Webpresence
The Reality Behind Your Webpresencecdoval
 
Creating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaCreating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaOnline Marketing Summit
 
Will Social Media For Work
Will Social Media For WorkWill Social Media For Work
Will Social Media For WorkChase Reeves
 
Online 2012 presentation
Online 2012 presentationOnline 2012 presentation
Online 2012 presentationPhil Bradley
 
Digital footprints fetc13
Digital footprints fetc13Digital footprints fetc13
Digital footprints fetc13Susan M. Bearden
 
Personal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsPersonal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsKivi Leroux Miller
 
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal ReputationElizabeth Keserauskis
 
My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...Farra Trompeter, Big Duck
 

Recomendados

The Reality Behind Your Webpresence
The Reality Behind Your WebpresenceThe Reality Behind Your Webpresence
The Reality Behind Your Webpresencecdoval
 
Creating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaCreating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaOnline Marketing Summit
 
Will Social Media For Work
Will Social Media For WorkWill Social Media For Work
Will Social Media For WorkChase Reeves
 
Online 2012 presentation
Online 2012 presentationOnline 2012 presentation
Online 2012 presentationPhil Bradley
 
Digital footprints fetc13
Digital footprints fetc13Digital footprints fetc13
Digital footprints fetc13Susan M. Bearden
 
Personal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsPersonal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsKivi Leroux Miller
 
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal ReputationElizabeth Keserauskis
 
My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...Farra Trompeter, Big Duck
 
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Darin Reffitt
 
Citizen Lobbying
Citizen LobbyingCitizen Lobbying
Citizen LobbyingDemocracyforAmerica
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingElement Three
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media PresentationPCM creative
 
Getting LinkedIn - 2014
Getting LinkedIn - 2014Getting LinkedIn - 2014
Getting LinkedIn - 2014Invenio Advisors, LLC
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...News Leaders Association's NewsTrain
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking DayEric Schwartzman
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership Eric Schwartzman
 
Social Networking
Social NetworkingSocial Networking
Social NetworkingPhil Bradley
 
You, the online brand
You, the online brandYou, the online brand
You, the online brandAlex de Carvalho
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wangariessumi
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small BusinessElaine W Krause
 
Who is watching facebook
Who is watching facebookWho is watching facebook
Who is watching facebookUC Santa Barbara
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 

Mais conteúdo relacionado

Mais procurados

Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Darin Reffitt
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingElement Three
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media PresentationPCM creative
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...News Leaders Association's NewsTrain
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership Eric Schwartzman
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wangariessumi
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small BusinessElaine W Krause
 

Mais procurados (13)

Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
 
Citizen Lobbying
Citizen LobbyingCitizen Lobbying
Citizen Lobbying
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in Marketing
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media Presentation
 
Getting LinkedIn - 2014
Getting LinkedIn - 2014Getting LinkedIn - 2014
Getting LinkedIn - 2014
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking Day
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership
 
Social Networking
Social NetworkingSocial Networking
Social Networking
 
You, the online brand
You, the online brandYou, the online brand
You, the online brand
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wang
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small Business
 
Who is watching facebook
Who is watching facebookWho is watching facebook
Who is watching facebook
 

Destaque

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 

Destaque (6)

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike Bailey
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex Hutton
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent Threats
 

Mais de Security B-Sides

2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Security B-Sides
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineSecurity B-Sides
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsSecurity B-Sides
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldSecurity B-Sides
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?Security B-Sides
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the faceSecurity B-Sides
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Security B-Sides
 
Efficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationEfficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationSecurity B-Sides
 
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Security B-Sides
 
Vulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsVulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsSecurity B-Sides
 
A future security landscape
A future security landscapeA future security landscape
A future security landscapeSecurity B-Sides
 

Mais de Security B-Sides (20)

The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource tools
 
2009 Zacon Haroon Meer
2009 Zacon Haroon Meer2009 Zacon Haroon Meer
2009 Zacon Haroon Meer
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the Gold
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the face
 
Make Tea Not War
Make Tea Not WarMake Tea Not War
Make Tea Not War
 
OWASP Proxy
OWASP ProxyOWASP Proxy
OWASP Proxy
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)
 
Exploitation
ExploitationExploitation
Exploitation
 
Layer 2 Hackery
Layer 2 HackeryLayer 2 Hackery
Layer 2 Hackery
 
Efficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationEfficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering information
 
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
 
Vulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsVulnerability Management Scoring Systems
Vulnerability Management Scoring Systems
 
TCP Sorcery
TCP SorceryTCP Sorcery
TCP Sorcery
 
A future security landscape
A future security landscapeA future security landscape
A future security landscape
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Security? Who cares! - Brett Hardin

  • 1. Security? Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF
  • 2. Who Am I Brett Hardin @miscsecurity Old Lives: ✓Pen Tester ✓Security Researcher Currently: ✓Product Manager Brett Hardin - BsidesSF 2
  • 3. • Inviting my Dad to LinkedIn Brett Hardin - BsidesSF 3
  • 4. Disconnected Generation • “Older” Generations don’t get it. • “Younger” Generations do. • Do They? Brett Hardin - BsidesSF 4
  • 5. Geo Location • Geo Location becoming more available. • Open APIs make this Scary Brett Hardin - BsidesSF 5
  • 6. Permission Based Systems • When you tweet out your Foursquare check-ins (some people even do this automatically), it essentially makes Foursquare an asymmetric network. And believe it or not, some people are doing that without really thinking about it. Or they’re doing it because it’s easier to gain friends/followers on an asymmetric network. • Connecting them to non-permission based systems. Brett Hardin - BsidesSF 6
  • 7. Brett Hardin - BsidesSF 7
  • 8. Brett Hardin - BsidesSF 8
  • 9. A mayor you say? Brett Hardin - BsidesSF 9
  • 11. • Share a bunch of information with people you don’t care about. • “Connect” with old friends • Flog the dead horse. Brett Hardin - BsidesSF 11
  • 12. DOD okays use of Social Networks • February 26, 2010 • DOD okays use of Social Networks • (http://www.defense.gov/NEWS/DTM%2009-026.pdf) • “Scary Precedent”? • http://wefollow.com/twitter/military Brett Hardin - BsidesSF 12
  • 13. • Who has heard of Blippy? Brett Hardin - BsidesSF 13
  • 14. Social Demographics being harvested • To identify “creditworthy” customers, CC companies are beginning to harvest info from social networking sites. • http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14
  • 15. ! Security as a Process • How many times have you heard this? • It’s not working! • We need new concepts. • People will continue to get compromised. Brett Hardin - BsidesSF 15
  • 16. Are we doing our Job? (Raise your hands) • Who here works for a company who creates software? • Who here, be honest, has an actual SDLC process? • Who started one? Brett Hardin - BsidesSF 16
  • 17. What can we do? • Work Harder? • Complain? • Drop It? • http://www.youtube.com/watch?v=6qIgVrOy9vM • “It’s over Johnny, It’s Over!” • “Nothing is Over! Nothing!” Brett Hardin - BsidesSF 17
  • 18. Where to Begin? • I don’t know. • Embrace it? • Public Networks are Public Brett Hardin - BsidesSF 18