Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Computer Insecurity Essentials
Transcript of Computer Insecurity Essentials
Attacks are frequent and widespread
Total harm is real but easily manged
Why do we in the 1st world largely get away with poor security both in computers and the physical world?
Why does it work?
Phishing & Social Engineering
Algorithm vs. Protocol vs Deployment
ZUI: Hard to use means rarely used
Skype, SSH only real successes
Even TLS/SSL/HTTPS rarely used
Design vs. Deployment
30% of computers botted!
DDOS Attack (Hello, Wikileaks)
But it's amazing how well we get along
Most people are pretty decent
The automation of good and evil
Smart parasites don't kill the host
Electronic Frontier Foundation
Computer Insecurity & Privacy
Throwing people in the mix
Liability and insurance won't work
Lulzsec & Anonymous exploit simple SQL injection attacks
90% with logo
Almost every security system will also block the access of authorized users
"A system should be made as secure is will be easy to use, but no more secure."
Click to Agree Contracts replacing the law
Trusted Computing & DRM
Cheap sensors coming everywhere
Strong cockpit doors
Capability Operating Systems
Apps in the cloud:
What does it look like?
to Personal Computing
No "reasonable expectation of privacy" says the supreme court, though some statutes
Moving to the cloud means...
Moving data out of your hands
We must think before doing something this dramatic with our software
A question of policy,
or a question of...
Scalability is the key
Surveillance didn't use to scale
Now AI takes it further...
from the future
Understanding natural language in bulk
Face and person recognition
and body language
Patterns of network
This leads to...
“Are you now or have you ever been...”
We don't know the sins of the future
Today, AI isn't very good at...
Mapping your social network
And fake linkedin, too!
lots of other
89% of files were
innocent, non-targeted American
And if you look at some security and privacy tools and some sites.
Accept that Advanced Persistent Threats can get ordinary users if targeted
Make security easy enough to use to get wide adoption
Block bulk surveillance mainly, less so targeted attacks
MITM-OFU, self-signed certs should be embraced
Ease of use is an essential part of computer security