Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secure Blogging
Search
Kyle Maxwell
June 20, 2013
Technology
0
140
Secure Blogging
Presented at CryptoParty DFW.
Kyle Maxwell
June 20, 2013
Tweet
Share
More Decks by Kyle Maxwell
See All by Kyle Maxwell
In the Lair of the Beholder
krmaxwell
0
95
Using Python to Fight Cybercrime
krmaxwell
2
220
Incident Patterns
krmaxwell
0
380
Hackertainment
krmaxwell
1
220
Threat Intelligence for Incident Response
krmaxwell
0
170
From Minion to Engineer
krmaxwell
0
110
Why XOR Crypto Sucks
krmaxwell
0
200
Open Source Threat Intelligence - Shakacon
krmaxwell
1
880
Grabbing fresh evil bits: Maltrieve
krmaxwell
1
150
Other Decks in Technology
See All in Technology
生成AIの強みと弱みを理解して、生成AIがもたらすパワーをプロダクトの価値へ繋げるために実践したこと / advance-ai-generating
cyberagentdevelopers
PRO
1
180
AWS CDKでデータリストアの運用、どのように設計する?~Aurora・EFSの実践事例を紹介~/aws-cdk-data-restore-aurora-efs
mhrtech
4
660
話題のGraphRAG、その可能性と課題を理解する
hide212131
4
1.5k
スプリントゴールにチームの状態も設定する背景とその効果 / Team state in sprint goals why and impact
kakehashi
2
100
ネット広告に未来はあるか?「3rd Party Cookie廃止とPrivacy Sandboxの効果検証の裏側」 / third-party-cookie-privacy
cyberagentdevelopers
PRO
1
130
急成長中のWINTICKETにおける品質と開発スピードと向き合ったQA戦略と今後の展望 / winticket-autify
cyberagentdevelopers
PRO
1
160
マネジメント視点でのre:Invent参加 ~もしCEOがre:Inventに行ったら~
kojiasai
0
470
君は隠しイベントを見つけれるか?
mujyun
0
300
AWS re:Inventを徹底的に楽しむためのTips / Tips for thoroughly enjoying AWS re:Invent
yuj1osm
1
570
新卒1年目が向き合う生成AI事業の開発を加速させる技術選定 / ai-web-launcher
cyberagentdevelopers
PRO
7
1.5k
プロダクト成長に対応するプラットフォーム戦略:Authleteによる共通認証基盤の移行事例 / Building an authentication platform using Authlete and AWS
kakehashi
1
150
独自ツール開発でスタジオ撮影をDX!「VLS(Virtual LED Studio)」 / dx-studio-vls
cyberagentdevelopers
PRO
1
180
Featured
See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
264
13k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.7k
Designing on Purpose - Digital PM Summit 2013
jponch
115
6.9k
RailsConf 2023
tenderlove
29
880
Visualization
eitanlees
144
15k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
The Power of CSS Pseudo Elements
geoffreycrofte
72
5.3k
Building a Modern Day E-commerce SEO Strategy
aleyda
38
6.9k
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
Code Review Best Practice
trishagee
64
17k
KATA
mclloyd
29
13k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Transcript
Secure Blogging Kyle Maxwell @kylemaxwell
All opinions are my own. I believe in free speech
and the absolute right to secure, private communication. But don't be a jerk about this, okay? Disclosure Time
Threat model Who is your adversary? What can they do?
Technical Measures
Hiding your IP address Tor > VPN > Proxy http://www.megaleecher.net/uploads/secure-torrents.jpg
Operating systems Try not to use Windows. OS X or
Linux or Chrome OS are better choices
Microblogging (Twitter) is useful for many Static blog platforms: Jekyll
or Octopress Platform choices
Geolocation Go to your Twitter settings right now. "Tweet location:
Add a location to my Tweets" Then "Delete all location information" Don't ever turn that back on.
Image metadata EXIF data isn't just about your camera &
light conditions. It includes geolocation. http://photodb.illusdolphin.net/en/about/read-and-save-geo-location/
Operational Security
Pseudonymity (not anonymity) TELL NO ONE. NO ONE. And don't
reuse it. This burns people every day.
Social Networks
Personal Metadata http://blog.shutupandcode.net/?p=460
Don't click that link Clicking leads to phishing. Phishing leads
to exploiting. Exploiting leads to suffering.
Links https://mailman.stanford.edu/pipermail/liberationtech/ http://nationalsecurityzone.org/site/digital-security-basics-for-journalists/ https://www.eff.org/wp/blog-safely https://we.riseup.net/riseuphelp+en/radical-servers Contact
[email protected]
@kylemaxwell