Passwords and Botnets and Zombies (oh my!)

  • 94 views
Uploaded on

The WordPress community has a huge security challenge on the horizon. Now powering almost 20% of the Internet, WordPress lets us build businesses and lifestyles behind a single password. Protecting …

The WordPress community has a huge security challenge on the horizon. Now powering almost 20% of the Internet, WordPress lets us build businesses and lifestyles behind a single password. Protecting one site is hard, but the real challenge is making sure that distributed attacks across WordPress sites don't find unprotected sites to attack. In this talk, Brennen Byrne, the CEO of Clef, discusses the attacks and defenses being established in the new security paradigm and the new strategies being worked on to protect your site from the robot army.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
94
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
8
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. passwords and botnets and zombies
  • 2. passwords and botnets and zombies oh my!
  • 3. this talk is about security
  • 4. a lot of people think security is hard
  • 5. a lot of people think security is hard confusing
  • 6. a lot of people think security is hard confusing complicated
  • 7. a lot of people think security is not for you hard confusing impossible technical frustrating complicated infuriating painful
  • 8. but we all know that it’s important
  • 9. but we all know that it’s important and my job is to make it easy
  • 10. 3 reasons we need to talk about security:
  • 11. almost 20% of the web runs on wordpress
  • 12. almost 20% of the web runs on wordpress lots of attacks on wordpress sites
  • 13. almost 20% of the web runs on wordpress lots of attacks on wordpress sites security is fun and interesting
  • 14. hello, my name is brennen (@brennenbyrne)
  • 15. I’m a founder of Clef (getclef.com)
  • 16. what is clef?
  • 17. passwords and botnets and zombies oh my!
  • 18. how important is a single password?
  • 19. could one password: take down your site? hurt your clients? ruin your business? endanger lives?
  • 20. as wordpress becomes more important so do our passwords.
  • 21. the old way to break a password
  • 22. virus with a keylogger guess common passwords advanced interrogation
  • 23. in order to defend myself
  • 24. don’t download viruses ban IPs that are guessing wrong don’t piss off enemy nation-states
  • 25. if i’m good, i could also use an admin username other than “admin” post from author accounts, not admin change the table prefix of my databases be careful about who i give permissions
  • 26. but attackers have gotten smarter
  • 27. botnets
  • 28. botnets are what happens when your parents download viruses
  • 29. their computers become zombies
  • 30. botnets attack sites sites infect visitors’ computers visitors join botnet bigger botnet attacks more sites
  • 31. botnets swarm and attack your site from millions of different computers
  • 32. don’t download viruses ban IPs that are guessing wrong don’t piss off enemy nation-states
  • 33. botnets are the attackers’ response to our better defenses as wordpress becomes a better target the incentives for breaking it rise
  • 34. with new attacks come new defenses
  • 35. bruteprotect
  • 36. clef
  • 37. but attack and response isn’t enough
  • 38. passwords are a long-term problem
  • 39. brain vs. computer
  • 40. more services online and longer, harder passwords
  • 41. hacks this year Adobe Twitter Living Social Evernote Drupal
  • 42. clef
  • 43. wordpress security requires: making security standard increasing accessibility to security dedication to casual user secure defaults
  • 44. weakness in the community is dangerous
  • 45. questions?