SlideShare una empresa de Scribd logo

Security? Who cares! - Brett Hardin

Security B-Sides
Security B-Sides

In the beginning, people inherently distrusted the Internet, however, Social Networking has changed this. People now enter information without even thinking of how it will affect them. This presentation will explain the shift in trust, with real-life examples, and what we as the security community need to do to change.

TecnologíaEmpresariales
1 de 18
Descargar para leer sin conexión
Security? Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF
Who Am I Brett Hardin @miscsecurity Old Lives: ✓Pen Tester ✓Security Researcher Currently: ✓Product Manager Brett Hardin - BsidesSF 2
• Inviting my Dad to LinkedIn Brett Hardin - BsidesSF 3
Disconnected Generation • “Older” Generations don’t get it. • “Younger” Generations do. • Do They? Brett Hardin - BsidesSF 4
Geo Location • Geo Location becoming more available. • Open APIs make this Scary Brett Hardin - BsidesSF 5
Permission Based Systems • When you tweet out your Foursquare check-ins (some people even do this automatically), it essentially makes Foursquare an asymmetric network. And believe it or not, some people are doing that without really thinking about it. Or they’re doing it because it’s easier to gain friends/followers on an asymmetric network. • Connecting them to non-permission based systems. Brett Hardin - BsidesSF 6
Brett Hardin - BsidesSF 7
Brett Hardin - BsidesSF 8
A mayor you say? Brett Hardin - BsidesSF 9
http://foursquare.com/venue/1404526 Brett Hardin - BsidesSF 10
• Share a bunch of information with people you don’t care about. • “Connect” with old friends • Flog the dead horse. Brett Hardin - BsidesSF 11
DOD okays use of Social Networks • February 26, 2010 • DOD okays use of Social Networks • (http://www.defense.gov/NEWS/DTM%2009-026.pdf) • “Scary Precedent”? • http://wefollow.com/twitter/military Brett Hardin - BsidesSF 12
• Who has heard of Blippy? Brett Hardin - BsidesSF 13
Social Demographics being harvested • To identify “creditworthy” customers, CC companies are beginning to harvest info from social networking sites. • http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14
! Security as a Process • How many times have you heard this? • It’s not working! • We need new concepts. • People will continue to get compromised. Brett Hardin - BsidesSF 15
Are we doing our Job? (Raise your hands) • Who here works for a company who creates software? • Who here, be honest, has an actual SDLC process? • Who started one? Brett Hardin - BsidesSF 16
What can we do? • Work Harder? • Complain? • Drop It? • http://www.youtube.com/watch?v=6qIgVrOy9vM • “It’s over Johnny, It’s Over!” • “Nothing is Over! Nothing!” Brett Hardin - BsidesSF 17
Where to Begin? • I don’t know. • Embrace it? • Public Networks are Public Brett Hardin - BsidesSF 18

Recomendados

The Reality Behind Your Webpresence
The Reality Behind Your WebpresenceThe Reality Behind Your Webpresence
The Reality Behind Your Webpresencecdoval
 
Creating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaCreating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaOnline Marketing Summit
 
Will Social Media For Work
Will Social Media For WorkWill Social Media For Work
Will Social Media For WorkChase Reeves
 
Online 2012 presentation
Online 2012 presentationOnline 2012 presentation
Online 2012 presentationPhil Bradley
 
Digital footprints fetc13
Digital footprints fetc13Digital footprints fetc13
Digital footprints fetc13Susan M. Bearden
 
Personal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsPersonal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsKivi Leroux Miller
 
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal ReputationElizabeth Keserauskis
 
My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...Farra Trompeter, Big Duck
 

Recomendados

The Reality Behind Your Webpresence
The Reality Behind Your WebpresenceThe Reality Behind Your Webpresence
The Reality Behind Your Webpresencecdoval
 
Creating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaCreating a More Personable Brand Through Social Media - Michael DeAloia
Creating a More Personable Brand Through Social Media - Michael DeAloiaOnline Marketing Summit
 
Will Social Media For Work
Will Social Media For WorkWill Social Media For Work
Will Social Media For WorkChase Reeves
 
Online 2012 presentation
Online 2012 presentationOnline 2012 presentation
Online 2012 presentationPhil Bradley
 
Digital footprints fetc13
Digital footprints fetc13Digital footprints fetc13
Digital footprints fetc13Susan M. Bearden
 
Personal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsPersonal - Professional Mix in Social Media: For Nonprofits
Personal - Professional Mix in Social Media: For NonprofitsKivi Leroux Miller
 
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal Reputation2-12-14 Women in Leadership: Building and Managing Your Personal Reputation
2-12-14 Women in Leadership: Building and Managing Your Personal ReputationElizabeth Keserauskis
 
My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...My Converging Life: Managing Your Personal and Professional Brand in Social M...
My Converging Life: Managing Your Personal and Professional Brand in Social M...Farra Trompeter, Big Duck
 
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Darin Reffitt
 
Citizen Lobbying
Citizen LobbyingCitizen Lobbying
Citizen LobbyingDemocracyforAmerica
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingElement Three
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media PresentationPCM creative
 
Getting LinkedIn - 2014
Getting LinkedIn - 2014Getting LinkedIn - 2014
Getting LinkedIn - 2014Invenio Advisors, LLC
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...News Leaders Association's NewsTrain
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking DayEric Schwartzman
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership Eric Schwartzman
 
Social Networking
Social NetworkingSocial Networking
Social NetworkingPhil Bradley
 
You, the online brand
You, the online brandYou, the online brand
You, the online brandAlex de Carvalho
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wangariessumi
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small BusinessElaine W Krause
 
Who is watching facebook
Who is watching facebookWho is watching facebook
Who is watching facebookUC Santa Barbara
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 

Más contenido relacionado

La actualidad más candente

Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Darin Reffitt
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingElement Three
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media PresentationPCM creative
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...News Leaders Association's NewsTrain
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership Eric Schwartzman
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wangariessumi
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small BusinessElaine W Krause
 

La actualidad más candente (13)

Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
Social Media and Personal Branding - updated slides for 12/04/2014 SoCal Pres...
 
Citizen Lobbying
Citizen LobbyingCitizen Lobbying
Citizen Lobbying
 
Gillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in MarketingGillian Muessig Game Changers in Marketing
Gillian Muessig Game Changers in Marketing
 
Imre Social Media Presentation
Imre Social Media PresentationImre Social Media Presentation
Imre Social Media Presentation
 
Getting LinkedIn - 2014
Getting LinkedIn - 2014Getting LinkedIn - 2014
Getting LinkedIn - 2014
 
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
Data-driven enterprise off your beat - Doug Caruso - Columbus, Ohio, NewsTrai...
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking Day
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership
 
Social Networking
Social NetworkingSocial Networking
Social Networking
 
You, the online brand
You, the online brandYou, the online brand
You, the online brand
 
Flipbook assign sue wang
Flipbook assign sue wangFlipbook assign sue wang
Flipbook assign sue wang
 
Social Media for Small Business
Social Media for Small BusinessSocial Media for Small Business
Social Media for Small Business
 
Who is watching facebook
Who is watching facebookWho is watching facebook
Who is watching facebook
 

Destacado

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 

Destacado (6)

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike Bailey
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex Hutton
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent Threats
 

Más de Security B-Sides

2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Security B-Sides
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineSecurity B-Sides
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsSecurity B-Sides
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldSecurity B-Sides
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?Security B-Sides
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the faceSecurity B-Sides
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Security B-Sides
 
Efficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationEfficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationSecurity B-Sides
 
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Security B-Sides
 
Vulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsVulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsSecurity B-Sides
 
A future security landscape
A future security landscapeA future security landscape
A future security landscapeSecurity B-Sides
 

Más de Security B-Sides (20)

The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource tools
 
2009 Zacon Haroon Meer
2009 Zacon Haroon Meer2009 Zacon Haroon Meer
2009 Zacon Haroon Meer
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the Gold
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the face
 
Make Tea Not War
Make Tea Not WarMake Tea Not War
Make Tea Not War
 
OWASP Proxy
OWASP ProxyOWASP Proxy
OWASP Proxy
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)
 
Exploitation
ExploitationExploitation
Exploitation
 
Layer 2 Hackery
Layer 2 HackeryLayer 2 Hackery
Layer 2 Hackery
 
Efficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering informationEfficient extraction of data using binary search and ordering information
Efficient extraction of data using binary search and ordering information
 
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
Community-oriented Computer Security Incident Response Teams (C-CSIRTS)
 
Vulnerability Management Scoring Systems
Vulnerability Management Scoring SystemsVulnerability Management Scoring Systems
Vulnerability Management Scoring Systems
 
TCP Sorcery
TCP SorceryTCP Sorcery
TCP Sorcery
 
A future security landscape
A future security landscapeA future security landscape
A future security landscape
 

Último

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 

Último (20)

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Security? Who cares! - Brett Hardin

  • 1. Security? Who Cares! Privacy is Dead Brett Hardin March 3, 2010 1 BsidesSF
  • 2. Who Am I Brett Hardin @miscsecurity Old Lives: ✓Pen Tester ✓Security Researcher Currently: ✓Product Manager Brett Hardin - BsidesSF 2
  • 3. • Inviting my Dad to LinkedIn Brett Hardin - BsidesSF 3
  • 4. Disconnected Generation • “Older” Generations don’t get it. • “Younger” Generations do. • Do They? Brett Hardin - BsidesSF 4
  • 5. Geo Location • Geo Location becoming more available. • Open APIs make this Scary Brett Hardin - BsidesSF 5
  • 6. Permission Based Systems • When you tweet out your Foursquare check-ins (some people even do this automatically), it essentially makes Foursquare an asymmetric network. And believe it or not, some people are doing that without really thinking about it. Or they’re doing it because it’s easier to gain friends/followers on an asymmetric network. • Connecting them to non-permission based systems. Brett Hardin - BsidesSF 6
  • 7. Brett Hardin - BsidesSF 7
  • 8. Brett Hardin - BsidesSF 8
  • 9. A mayor you say? Brett Hardin - BsidesSF 9
  • 11. • Share a bunch of information with people you don’t care about. • “Connect” with old friends • Flog the dead horse. Brett Hardin - BsidesSF 11
  • 12. DOD okays use of Social Networks • February 26, 2010 • DOD okays use of Social Networks • (http://www.defense.gov/NEWS/DTM%2009-026.pdf) • “Scary Precedent”? • http://wefollow.com/twitter/military Brett Hardin - BsidesSF 12
  • 13. • Who has heard of Blippy? Brett Hardin - BsidesSF 13
  • 14. Social Demographics being harvested • To identify “creditworthy” customers, CC companies are beginning to harvest info from social networking sites. • http://www.creditcards.com/credit-card-news/social-networking- social-graphs-credit-1282.php Brett Hardin - BsidesSF 14
  • 15. ! Security as a Process • How many times have you heard this? • It’s not working! • We need new concepts. • People will continue to get compromised. Brett Hardin - BsidesSF 15
  • 16. Are we doing our Job? (Raise your hands) • Who here works for a company who creates software? • Who here, be honest, has an actual SDLC process? • Who started one? Brett Hardin - BsidesSF 16
  • 17. What can we do? • Work Harder? • Complain? • Drop It? • http://www.youtube.com/watch?v=6qIgVrOy9vM • “It’s over Johnny, It’s Over!” • “Nothing is Over! Nothing!” Brett Hardin - BsidesSF 17
  • 18. Where to Begin? • I don’t know. • Embrace it? • Public Networks are Public Brett Hardin - BsidesSF 18