Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rational Security

Rational Security

When the technical ignorance of investigative journalists puts their informants in harms way, when poorly designed software infrastructures causes millions of customer passwords and credit cards to be leaked, it's time to take a rational approach to security.

Olivier Lacan

January 30, 2014
Tweet

More Decks by Olivier Lacan

Other Decks in Technology

Transcript

  1. Delivered-To: olivier@envylabs.com Received: by 10.182.22.44 with SMTP id a12csp9111obf; Wed,

    29 Jan 2014 01:13:43 -0800 (PST) X-Received: by 10.14.104.6 with SMTP id h6mr8010251eeg.29.1390986823044; Wed, 29 Jan 2014 01:13:43 -0800 (PST) Return-Path: <a0e768ea.qcv.ro7.2h.6I51JT+olivier=envylabs.com@bnc.mailjet.com> Received: from o120.p4.mailjet.com (o120.p4.mailjet.com. [178.33.221.120]) by mx.google.com with ESMTP id y5si2949719eee.186.2014.01.29.01.13.42 for <olivier@envylabs.com>; Wed, 29 Jan 2014 01:13:43 -0800 (PST) Received-SPF: pass (google.com: domain of a0e768ea.qcv.ro7.2h.6I51JT +olivier=envylabs.com@bnc.mailjet.com designates 178.33.221.120 as permitted sender) client- ip=178.33.221.120; Authentication-Results: mx.google.com; spf=pass (google.com: domain of a0e768ea.qcv.ro7.2h.6I51JT+olivier=envylabs.com@bnc.mailjet.com designates 178.33.221.120 as permitted sender) smtp.mail=a0e768ea.qcv.ro7.2h.6I51JT +olivier=envylabs.com@bnc.mailjet.com; dkim=pass header.i=hello=3Dtakeoffconf.com@bnc.mailjet.com DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/simple; q=dns/txt; d=bnc.mailjet.com; i=hello=3Dtakeoffconf.com@bnc.mailjet.com; s=mailjet; h=message-id:mime-version:content-type:from:reply-to:to:subject:date:precedence; bh=VFLqqno5lk/OS8Olf0rBH8HvL/I=; b=almIW1DIcvkj8Lnhg182BD5tOvLzXg8ScyoqJE6P1NCRufiiGOmFUwyGEKtDDkeUbP6fboHZMzgsxervINno6TrsWTe2eCqO2OJV VK1FzzPQGmqzc2Ml8WaUOiXYITl4VyGlavhDxIMgY9npTDYeZpyAC4MiMNkpMnfTtHINSgw= Message-Id: <a0e768ea.qcv.ro7.2h.6I51JT@mailjet.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="B_ALT_52e8c62c2e4c4" From: =?utf-8?Q?TakeOff_Conference?= <hello@takeoffconf.com> Reply-To: <hello@takeoffconf.com> To: olivier@envylabs.com Subject: =?utf-8?Q?Tonight_and_Tomorrow_at_Take_Off?= Date: Wed, 29 Jan 2014 10:13:16 +0100 Precedence: bulk ! This is a multi-part message in MIME format. Your email application may not support this format. ! --B_ALT_52e8c62c2e4c4 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit ! Taking Off in two weeks. Stay tuned. Be Epic.
  2. ① No encryption. ② No granularity. ③ No self destruct.

    ④ Hard to rotate. ⑤ Lose one, lose all. Death List Five
  3. If someone really wants your data, and they have time

    & money, they’ll get it. (especially if you elected them)