Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Do you think you are secure?

Jakub Gadkowski
April 07, 2016
Technology
0
98

Do you think you are secure?

Talk given during Emerce eRecruitment on April 7th 2016, with my co-speaker Gerard Arall.

Jakub Gadkowski

April 07, 2016
Tweet

More Decks by Jakub Gadkowski

See All by Jakub Gadkowski
Software Architecture Anti-patterns
jakubgg
1
240
I want to be a Hacker v3.0
jakubgg
0
210
I want to be a hacker... but I only look good in a white hat v2.0
jakubgg
0
84
I want to be a hacker... but I only look good in a white hat
jakubgg
0
220

Other Decks in Technology

See All in Technology
Tech Blogを書きやすい環境づくり
lycorptech_jp
PRO
1
240
開発組織のための セキュアコーディング研修の始め方
flatt_security
3
2.4k
OpenID BizDay#17 KYC WG活動報告(法人) / 20250219-BizDay17-KYC-legalidentity
oidfj
0
240
【Developers Summit 2025】プロダクトエンジニアから学ぶ、 ユーザーにより高い価値を届ける技術
niwatakeru
2
1.4k
抽象化をするということ - 具体と抽象の往復を身につける / Abstraction and concretization
soudai
16
4.6k
Classmethod AI Talks(CATs) #16 司会進行スライド(2025.02.12) / classmethod-ai-talks-aka-cats_moderator-slides_vol16_2025-02-12
shinyaa31
0
110
白金鉱業Meetup Vol.17_あるデータサイエンティストのデータマネジメントとの向き合い方
brainpadpr
6
740
運用しているアプリケーションのDBのリプレイスをやってみた
miura55
1
720
The Future of SEO: The Impact of AI on Search
badams
0
190
RECRUIT TECH CONFERENCE 2025 プレイベント【高橋】
recruitengineers
PRO
0
160
プロセス改善による品質向上事例
tomasagi
2
2.5k
オブザーバビリティの観点でみるAWS / AWS from observability perspective
ymotongpoo
8
1.5k

Featured

See All Featured
BBQ
matthewcrist
87
9.5k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3k
GraphQLの誤解/rethinking-graphql
sonatard
68
10k
Designing for humans not robots
tammielis
250
25k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
7k
Faster Mobile Websites
deanohume
306
31k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
133
33k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
30
4.6k
Gamification - CAS2011
davidbonilla
80
5.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
Become a Pro
speakerdeck
PRO
26
5.1k

Transcript

  1. Do you think you are secure?

  2. Who are we?

  3. Of course I am

  4. None

  5. Passwords

  6. I changed all my passwords to “incorrect” So whenever I

    forget, it will tell me “Your password is incorrect.”

  7. Passwords

  8. Passwords I’m about to tell you a secret

  9. Passwords - common sense Image © 2015 BBC

  10. Passwords Source: https://haveibeenpwned.com/

  11. Weak Passwords Image © 2015 Carlaton White (Creative Commons BY-ND

    2.0) https://www. flickr.com/photos/92054945@N08/

  12. PIN

  13. Encryption ndPmgSsX6jyMdnb4wfoG DPdxVBWvpTP1XE2m3cKp mriRHefThSqohygZO5Pu mmxqNxY0tIjlmySpYNSz CMZgl2bDBUjqoGmWefKK aTv8rPhiz6PzUHtyv8mx tgVzfFmzKeSSpOSQrUho Qm5v9eyq2wlGkycx5HaU fTWh5DbBeFVHD0aupOWi

    ERTLn1XDxPBTQJScVJwg Hi Jakub, Below you will find an info on our new amazing product. I do not have to tell you that this is highly confidential. If this leaks we are in big trouble. Regards

  14. Software

  15. None

  16. Vulnerabilities Operative System Vulnerabilities Microsoft Windows 7 538 Microsoft Windows

    8 254 Microsoft Windows 10 84 Apple OS X 10.9 580 Apple OS X 10.10 282 Apple OS X 10.11 158 Ubuntu 13 81 Ubuntu 14 314 Ubuntu 15 137

  17. Vulnerabilities

  18. Mobiles

  19. Browsers

  20. I don’t care, I have an antivirus

  21. Antivirus

  22. Antivirus Reference: http://krebsonsecurity.com/2014/05/antivirus-is-dead-long-live-antivirus/

  23. Antivirus

  24. None

  25. Antivirus - common sense

  26. Physical access

  27. Unlocked devices

  28. Hacker USBs

  29. USB Killer

  30. Physical Access / Keys

  31. Trust issues

  32. LIST OF WI-FI’s I TRUST

  33. Untrusted networks

  34. Untrusted networks

  35. HTTP Data Data

  36. HTTPS

  37. Untrusted networks

  38. VPN

  39. Sniffing around

  40. Emerce Attendees

  41. Emerce Attendees

  42. Emerce Attendees

  43. Emerce Attendees

  44. Emerce Attendees

  45. Pentests Unvalidated Redirects and Forwards

  46. Thank you!

  47. Question time