Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Do you think you are secure?

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Jakub Gadkowski Jakub Gadkowski
April 07, 2016
Technology
0
100

Do you think you are secure?

Talk given during Emerce eRecruitment on April 7th 2016, with my co-speaker Gerard Arall.

Avatar for Jakub Gadkowski

Jakub Gadkowski

April 07, 2016
Tweet

More Decks by Jakub Gadkowski

See All by Jakub Gadkowski
Software Architecture Anti-patterns
Avatar for Jakub Gadkowski jakubgg
1
290
I want to be a Hacker v3.0
Avatar for Jakub Gadkowski jakubgg
0
220
I want to be a hacker... but I only look good in a white hat v2.0
Avatar for Jakub Gadkowski jakubgg
0
89
I want to be a hacker... but I only look good in a white hat
Avatar for Jakub Gadkowski jakubgg
0
270

Other Decks in Technology

See All in Technology
SREのプラクティスを用いた3領域同時 マネジメントへの挑戦 〜SRE・情シス・セキュリティを統合した チーム運営術〜
Avatar for coconala_engineer coconala_engineer
2
670
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
Avatar for Miki Matsumoto mikimatsumoto
0
260
CDKで始めるTypeScript開発のススメ
Avatar for つくぼし tsukuboshi
1
490
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
Avatar for SansanTech sansantech
PRO
3
2.5k
AI駆動開発を事業のコアに置く
Avatar for 鬼澤輔 tasukuonizawa
1
270
SREが向き合う大規模リアーキテクチャ 〜信頼性とアジリティの両立〜
Avatar for Kuniaki Moriya zepprix
0
460
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
340
プロダクト成長を支える開発基盤とスケールに伴う課題
Avatar for yuu26 yuu26
4
1.3k
インフラエンジニア必見!Kubernetesを用いたクラウドネイティブ設計ポイント大全
Avatar for 高棹大樹 daitak
1
370
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
Avatar for soudai sone soudai
PRO
12
5.6k
Webhook best practices for rock solid and resilient deployments
Avatar for Guillaume Laforge glaforge
2
300
AIエージェントに必要なのはデータではなく文脈だった/ai-agent-context-graph-mybest
Avatar for Jun Naito jonnojun
0
110

Featured

See All Featured
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1.1k
Ethics towards AI in product and experience design
Avatar for Skipper Chong Warson skipperchong
2
200
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
37
6.3k
Design in an AI World
Avatar for tapps tapps
0
140
Getting science done with accelerated Python computing platforms
Avatar for Jacob Tomlinson jacobtomlinson
2
120
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
3.6k
AI Search:
Where Are We & What Can We Do About It?
Avatar for Aleyda Solis aleyda
0
7k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
249
1.3M
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
49
9.9k
The Spectacular Lies of Maps
Avatar for Per Axbom axbom
PRO
1
520
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
273
21k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k

Transcript

  1. Do you think you are secure?

  2. Who are we?

  3. Of course I am

  4. None

  5. Passwords

  6. I changed all my passwords to “incorrect” So whenever I

    forget, it will tell me “Your password is incorrect.”

  7. Passwords

  8. Passwords I’m about to tell you a secret

  9. Passwords - common sense Image © 2015 BBC

  10. Passwords Source: https://haveibeenpwned.com/

  11. Weak Passwords Image © 2015 Carlaton White (Creative Commons BY-ND

    2.0) https://www. flickr.com/photos/92054945@N08/

  12. PIN

  13. Encryption ndPmgSsX6jyMdnb4wfoG DPdxVBWvpTP1XE2m3cKp mriRHefThSqohygZO5Pu mmxqNxY0tIjlmySpYNSz CMZgl2bDBUjqoGmWefKK aTv8rPhiz6PzUHtyv8mx tgVzfFmzKeSSpOSQrUho Qm5v9eyq2wlGkycx5HaU fTWh5DbBeFVHD0aupOWi

    ERTLn1XDxPBTQJScVJwg Hi Jakub, Below you will find an info on our new amazing product. I do not have to tell you that this is highly confidential. If this leaks we are in big trouble. Regards

  14. Software

  15. None

  16. Vulnerabilities Operative System Vulnerabilities Microsoft Windows 7 538 Microsoft Windows

    8 254 Microsoft Windows 10 84 Apple OS X 10.9 580 Apple OS X 10.10 282 Apple OS X 10.11 158 Ubuntu 13 81 Ubuntu 14 314 Ubuntu 15 137

  17. Vulnerabilities

  18. Mobiles

  19. Browsers

  20. I don’t care, I have an antivirus

  21. Antivirus

  22. Antivirus Reference: http://krebsonsecurity.com/2014/05/antivirus-is-dead-long-live-antivirus/

  23. Antivirus

  24. None

  25. Antivirus - common sense

  26. Physical access

  27. Unlocked devices

  28. Hacker USBs

  29. USB Killer

  30. Physical Access / Keys

  31. Trust issues

  32. LIST OF WI-FI’s I TRUST

  33. Untrusted networks

  34. Untrusted networks

  35. HTTP Data Data

  36. HTTPS

  37. Untrusted networks

  38. VPN

  39. Sniffing around

  40. Emerce Attendees

  41. Emerce Attendees

  42. Emerce Attendees

  43. Emerce Attendees

  44. Emerce Attendees

  45. Pentests Unvalidated Redirects and Forwards

  46. Thank you!

  47. Question time