Wake Up, Neo

Transcript

1. <EPAM> 1/61

2. Vernon Kidd, Therac-25 and Nancy Liveson <EPAM> 2/61

3. About me — Vladimir Ivanov — Designing Mobile-centric solutions for

   living <EPAM> 3/61

4. We're in a disaster <EPAM> 4/61

5. What is IT-Industry? — The sum of companies providing information

   and data based products and services added by IT- departments of other companies. <EPAM> 5/61

6. What is great about our industry? — We are growing

   despite Brexit, the US - China trade wars and others2 — The developers are paid far from minimum wages(3000 vs 330) 3 — The remote style is conquering the world 3 https://www.iotforall.com/infamous-iot-hacks/ 2 https://www.gartner.com/en/newsroom/press-releases/2019-01-28-gartner-says-global-it-spending-to-reach--3-8-trillio <EPAM> 6/61

7. However <EPAM> 7/61

8. However — Security is a disaster — Quality is a

   concern — Bad diversity and inclusion <EPAM> 8/61

9. Security <EPAM> 9/61

10. Security — Data breaches potentially affected > 1 billion users

    in 2018 — New breaches happen literally every day — Mobile application security is a big concern since 2011 <EPAM> 10/61

11. <EPAM> 11/61

12. <EPAM> 12/61

13. N26 — Same app for verification — Exposed secret information

    in the API — All powerful Support — No notification about secrets changes <EPAM> 13/61

14. Luckily everything is fixed, but impression... <EPAM> 14/61

15. Firebase misconfiguration — 2.6 million plaintext passwords and user IDs

    — 4 million+ PHI records — 25 million GPS location records — 50,000 financial records including banking, payment and Bitcoin transactions — 4.5 million+ Facebook, LinkedIn, Firebase, and corporate data store user tokens. <EPAM> 15/61

16. Vulnerabilities in Android — Download provider allows for accessing all

    downloads(which can be used to hijack OTA update) — Accessing protected data(like CookieData)7 7 https://ioactive.com/multiple-vulnerabilities-in-androids-download-provider-cve-2018-9468-cve-2018-9493- cve-2018-9546/ <EPAM> 16/61

17. IoT <EPAM> 17/61

18. Top IoT hacks of 20183 — Mirai Botnet — Jeep

    car hijacking — Owlet wifi Heart Monitor for Babies — Tesla stealing4 — Teledildonic 4 https://www.theverge.com/2018/10/22/18008514/tesla-model-s-stolen-key-fob-hack-watch-video 3 https://www.iotforall.com/infamous-iot-hacks/ <EPAM> 18/61

19. <EPAM> 19/61

20. Conclusion #1: We don't pay enough attention to the security.

    <EPAM> 20/61

21. Quality <EPAM> 21/61

22. <EPAM> 22/61

23. Business insider — Two popups — 25% of content is

    visible — The page restarts on accepting cookies — Debug output on the page <EPAM> 23/61

24. Frenchkit <EPAM> 24/61

25. Twitter App — Newsfeed still lags on Samsung S9 —

    8 cores are still not enough for twitter for smooth scroll! <EPAM> 25/61

26. Conclusion #2: Our apps are unstable, slow, creepy looking, lack

    functionality or become incredibly complex. <EPAM> 26/61

27. Inclusion <EPAM> 27/61

28. <EPAM> 28/61

29. If you lack diversity in your product teams, you're unable

    to build proper products <EPAM> 29/61

30. Terms — Inclusivity - ability of a group to include

    different people — Diversity - property of a group including different people <EPAM> 30/61

31. Gender diversity — Because it affects everybody. — It's not

    about social justice, wage gap, etc. <EPAM> 31/61

32. Some stats — Women occupy 7% of programming jobs in

    Russia, 20% in USA5 — Stackoverflow.com audience is only 9% women 6 6 https://www.ncwit.org/sites/default/files/resources/womenintechfactsfullreport_05132016.pdf 5 Different sources, like https://www.ncwit.org/sites/default/files/resources/womenintech_facts_fullreport_05132016.pdf , https://habr.com/en/company/moikrug/blog/329018/ <EPAM> 32/61

33. More stats... One large-scale study found that after about 12

    years, approximately 50 percent of women had left their jobs in STEM fields—mostly in computing or engineering (Glass, Sassler, Levitte & Michelmore, 2013). As Figure 1.6 indicates, only about 20 percent of women working in other non-STEM professional occupations left their fields during the 30-year span covered by the study. Women in STEM also were more likely to leave in the first few years of their career than women in non-STEM professions.6 6 https://www.ncwit.org/sites/default/files/resources/womenintechfactsfullreport_05132016.pdf <EPAM> 33/61

34. Somehow we push away women <EPAM> 34/61

35. <EPAM> 35/61

36. Death by a thousand cuts https://speakerdeck.com/vixentael/a-death-by- thousand-cuts?slide=5 <EPAM> 36/61

37. <EPAM> 37/61

38. <EPAM> 38/61

39. <EPAM> 39/61

40. Some guys even claim the girls are weaker in logical

    thinking... <EPAM> 40/61

41. Because they don't win the checkmate tournaments in 20th century!

    Facepalm <EPAM> 41/61

42. <EPAM> 42/61

43. <EPAM> 43/61

44. Conclusion #3 : Despite having insufficient developers we push away

    a group with most potential, which is plain stupid <EPAM> 44/61

45. Conclusion #3 : Despite having insufficient developers we push away

    a group with most potential, which is plain stupid BTW, there are agism, race prejudice and other problems, but gender is a worldwide thing. <EPAM> 45/61

46. If it's not enough... https://tonsky.me/blog/disenchantment/ <EPAM> 46/61

47. Life is Suffering <EPAM> 47/61

48. Amusement? <EPAM> 48/61

49. Responsibility <EPAM> 49/61

50. Slay a dragon!10 10 https://en.wikipedia.org/wiki/Princessanddragon <EPAM> 50/61

51. But how? <EPAM> 51/61

52. You make yourself strong, and knowledge and skill is your

    sword. <EPAM> 52/61

53. Pass a security training — https://training.cossacklabs.com/ — https://asap.kaspersky.com/en/ <EPAM> 53/61

54. Read a damn book! — iOS Application Security15 — Android

    Security Internals16 — Serious Crypto от @veorq — Cryptography Engineering от @schneierblog 16 https://nostarch.com/androidsecurity 15 https://nostarch.com/iossecurity <EPAM> 54/61

55. Attend to a damn course! — On udacity for example11

    11 https://www.udacity.com/course/applied-cryptography--cs387 <EPAM> 55/61

56. Encourage women and underrepresented folks — Cut the unacceptable behavior

    — Give women voice — Help WomenWhoCode, WomenInTech, InfluenceHER and other communities <EPAM> 56/61

57. Fight for quality — Require a UX engineer — Use

    dogfooding — Do not hesitate to object <EPAM> 57/61

58. Attend to a damn course! — In Udemy for example12

    12 https://www.udemy.com/sketchdesign/?altsc=381850 <EPAM> 58/61

59. So — Get ownership for your product13 — Standup for

    quality, security, inclusivity and other issues — Learn — Make the world around you a better place, at least not worse 13 https://www.amazon.com/Extreme-Ownership-U-S-Navy-SEALs-ebook/dp/B00VE4Y0Z2 <EPAM> 59/61

60. <EPAM> 60/61

61. Me — https://twitter.com/ vvsevolodovich ! — https://medium.com/ @dzigorium " —

    https://mobiusconf.com/cfp <EPAM> 61/61