DEFCON17 - Fail Panel

  • 574 views
Uploaded on

David Mortman CSO in Residence, Echelon One …

David Mortman CSO in Residence, Echelon One
Rich Mogull Securosis
Dave Maynor Founder & CTO Errata Security
Larry Pesce Pauldotcom.com
Robert "RSnake" Hansen ha.ckers.org
James "Myrcurial" Arlen

We're baaaack. Yup that's right, some of the biggest mouths in Information Security and once again, we will show you all new of security FAIL. Our panelists will demonstrate innovative hacking techniques in naked wireless networking, GPS, intranet routing, web based applications and goats.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
574
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Security Heretic: We’re Doing It Wrong James Arlen aka Myrcurial DEFCON 17
  • 2. I’m tired of looking silly. 2008-10-08 Security Heretic: We're Doing It Wrong 2
  • 3. 2008-10-08 Security Heretic: We're Doing It Wrong 3
  • 4. Really tired. 2008-10-08 Security Heretic: We're Doing It Wrong 4
  • 5. Security “Industry” = 2008-10-08 Security Heretic: We're Doing It Wrong 5
  • 6. We can change that. 2008-10-08 Security Heretic: We're Doing It Wrong 6
  • 7. We can change that. We can fix that. 2008-10-08 Security Heretic: We're Doing It Wrong 7
  • 8. We can change that. We can fix that. But it’s going to really irritate people. 2008-10-08 Security Heretic: We're Doing It Wrong 8
  • 9. We can change that. We can fix that. But it’s going to really irritate people. In a good way. 2008-10-08 Security Heretic: We're Doing It Wrong 9
  • 10. The Past 2008-10-08 Security Heretic: We're Doing It Wrong 10
  • 11. "Those that fail to learn from history, are doomed to repeat it." - Winston Churchill 2008-10-08 Security Heretic: We're Doing It Wrong 11
  • 12. »  Guilds »  Seals »  Obfuscation »  Physical security 2008-10-08 Security Heretic: We're Doing It Wrong 12
  • 13. Computer Security 2008-10-08 Security Heretic: We're Doing It Wrong 13
  • 14. »  Theories »  1970s »  Multics »  US Military »  Cambridge University »  Research Microkernels 2008-10-08 Security Heretic: We're Doing It Wrong 14
  • 15. The Religion 2008-10-08 Security Heretic: We're Doing It Wrong 15
  • 16. Religion Re*li"gion (r[-e]*l[i^]j"[u^]n), n. [F., from L. religio; cf. religens pious, revering the gods, Gr. 'ale`gein to heed, have a care. Cf. Neglect.] 4. Strictness of fidelity in conforming to any practice, as if it were an enjoined rule of conduct. [R.] Webster's Revised Unabridged Dictionary, © 1996, 1998 MICRA, Inc. 2008-10-08 Security Heretic: We're Doing It Wrong 16
  • 17. Best Practices 2008-10-08 Security Heretic: We're Doing It Wrong 17
  • 18. Common Practices 2008-10-08 Security Heretic: We're Doing It Wrong 18
  • 19. Habitual Responses 2008-10-08 Security Heretic: We're Doing It Wrong 19
  • 20. Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein 2008-10-08 Security Heretic: We're Doing It Wrong 20
  • 21. 2008-10-08 Security Heretic: We're Doing It Wrong 21
  • 22. 2008-10-08 Security Heretic: We're Doing It Wrong 22
  • 23. Proselytize Pros"e*ly*tize, v. t. [imp. & p. p. proselytized; p. pr. & vb. n. Proselytizing.] To convert to some religion, system, opinion, or the like; to bring, or cause to come, over; to proselyte. Webster's Revised Unabridged Dictionary, © 1996, 1998 MICRA, Inc. 2008-10-08 Security Heretic: We're Doing It Wrong 23
  • 24. 2008-10-08 Security Heretic: We're Doing It Wrong 24
  • 25. 2008-10-08 Security Heretic: We're Doing It Wrong 25
  • 26. 2008-10-08 Security Heretic: We're Doing It Wrong 26
  • 27. 2008-10-08 Security Heretic: We're Doing It Wrong 27
  • 28. 2008-10-08 Security Heretic: We're Doing It Wrong 28
  • 29. 2008-10-08 Security Heretic: We're Doing It Wrong 29
  • 30. 2008-10-08 Security Heretic: We're Doing It Wrong 30
  • 31. How many CPE hours will you gain for questioning your religion? 2008-10-08 Security Heretic: We're Doing It Wrong 31
  • 32. 2008-10-08 Security Heretic: We're Doing It Wrong 32
  • 33. 2008-10-08 Security Heretic: We're Doing It Wrong 33
  • 34. Actually, I’m claiming this presentation as CPE hours. You should too. 2008-10-08 Security Heretic: We're Doing It Wrong 34
  • 35. Sshhhhh… Maybe they won’t notice the topic. 2008-10-08 Security Heretic: We're Doing It Wrong 35
  • 36. The Vendors 2008-10-08 Security Heretic: We're Doing It Wrong 36
  • 37. Professional Services 2008-10-08 Security Heretic: We're Doing It Wrong 37
  • 38. Hardware and Software 2008-10-08 Security Heretic: We're Doing It Wrong 38
  • 39. Pundits and the Media 2008-10-08 Security Heretic: We're Doing It Wrong 39
  • 40. The Dogma 2008-10-08 Security Heretic: We're Doing It Wrong 40
  • 41. Dogma Dog"ma, n.; pl. E. Dogmas, L. Dogmata. [L. dogma, Gr. ?, pl. ?, fr. ? to think, seem, appear; akin to L. decet it is becoming. Cf. Decent.] 3. A doctrinal notion asserted without regard to evidence or truth; an arbitrary dictum. Webster's Revised Unabridged Dictionary, © 1996, 1998 MICRA, Inc. 2008-10-08 Security Heretic: We're Doing It Wrong 41
  • 42. The iPod Data Thief 2008-10-08 Security Heretic: We're Doing It Wrong 42
  • 43. The Complex Password 2008-10-08 Security Heretic: We're Doing It Wrong 43
  • 44. “Blood on the Walls” Metrics 2008-10-08 Security Heretic: We're Doing It Wrong 44
  • 45. The answer is “No” 2008-10-08 Security Heretic: We're Doing It Wrong 45
  • 46. No Personal Use 2008-10-08 Security Heretic: We're Doing It Wrong 46
  • 47. I’m only responsible for logical security 2008-10-08 Security Heretic: We're Doing It Wrong 47
  • 48. The Renaissance 2008-10-08 Security Heretic: We're Doing It Wrong 48
  • 49. Individual Contributions 2008-10-08 Security Heretic: We're Doing It Wrong 49
  • 50. Research and Development 2008-10-08 Security Heretic: We're Doing It Wrong 50
  • 51. Synthesis Syn"the*sis, n.; pl. Syntheses. [L., a mixture, properly, a putting together, Gr. ?, fr. ? to place or put together; sy`n with + ? to place. See Thesis.] 3. (Logic) The combination of separate elements of thought into a whole, as of simple into complex conceptions, species into genera, individual propositions into systems; -- the opposite of analysis. Webster's Revised Unabridged Dictionary, © 1996, 1998 MICRA, Inc. 2008-10-08 Security Heretic: We're Doing It Wrong 51
  • 52. Enlightenment 2008-10-08 Security Heretic: We're Doing It Wrong 52
  • 53. The Ninety-Five Theses 2008-10-08 Security Heretic: We're Doing It Wrong 53
  • 54. The Twelve Step Program 2008-10-08 Security Heretic: We're Doing It Wrong 54
  • 55. Reduced to 9 steps for irony. 2008-10-08 Security Heretic: We're Doing It Wrong 55
  • 56. 1. Admitting the problem. 2008-10-08 Security Heretic: We're Doing It Wrong 56
  • 57. 2. Admitting our complicity. 2008-10-08 Security Heretic: We're Doing It Wrong 57
  • 58. 3. Reasserting ethics. 2008-10-08 Security Heretic: We're Doing It Wrong 58
  • 59. 4. Regaining our self-respect. 2008-10-08 Security Heretic: We're Doing It Wrong 59
  • 60. 5. Finding a new path. 2008-10-08 Security Heretic: We're Doing It Wrong 60
  • 61. 6. Eating our own dog-food. 2008-10-08 Security Heretic: We're Doing It Wrong 61
  • 62. 7. Re-discovering passion. 2008-10-08 Security Heretic: We're Doing It Wrong 62
  • 63. 8. Communicating for success. 2008-10-08 Security Heretic: We're Doing It Wrong 63
  • 64. 9. Owning the suck. 2008-10-08 Security Heretic: We're Doing It Wrong 64
  • 65. NOT: Pwning teh 5uC|<0rz. 2008-10-08 Security Heretic: We're Doing It Wrong 65
  • 66. That’s a different talk altogether. 2008-10-08 Security Heretic: We're Doing It Wrong 66
  • 67. Q&A followup: myrcurial@100percentgeek.net 2008-10-08 Security Heretic: We're Doing It Wrong 67