Your SlideShare is downloading. ×
0
passwords and botnets and zombies
passwords and botnets and zombies

oh my!
this talk is about

security
a lot of people think security is

hard
a lot of people think security is

hard
confusing
a lot of people think security is

hard
confusing

complicated
a lot of people think security is

not for you

hard

confusing
impossible

technical

frustrating
complicated

infuriatin...
but we all know that it’s

important
but we all know that it’s

important
and my job is to make it

easy
3 reasons
we need to talk about security:
almost 20% of the web runs on wordpress
almost 20% of the web runs on wordpress
lots of attacks on wordpress sites
almost 20% of the web runs on wordpress
lots of attacks on wordpress sites
security is fun and interesting
hello, my name is brennen
(@brennenbyrne)
I’m a founder of Clef
(getclef.com)
what is clef?
passwords and botnets and zombies

oh my!
how important is a single password?
could one password:

take down your site?
hurt your clients?
ruin your business?
endanger lives?
as wordpress becomes more important
so do our passwords.
the old way to break a password
virus with a keylogger

guess common passwords

advanced interrogation
in order to defend myself
don’t download viruses

ban IPs that are guessing wrong

don’t piss off enemy nation-states
if i’m good, i could also
use an admin username other than “admin”
post from author accounts, not admin
change the table p...
but attackers have gotten smarter
botnets
botnets are what happens
when your parents download viruses
their computers become

zombies
botnets attack sites

sites infect visitors’ computers

visitors join botnet

bigger botnet attacks more sites
botnets swarm and attack your site
from millions of different computers
don’t download viruses

ban IPs that are guessing wrong

don’t piss off enemy nation-states
botnets are the attackers’ response
to our better defenses
as wordpress becomes a better target
the incentives for breakin...
with new attacks come new defenses
bruteprotect
clef
but attack and response isn’t enough
passwords are a long-term problem
brain

vs.
computer
more services
online

and
longer, harder
passwords
hacks this year

Adobe
Twitter
Living Social
Evernote
Drupal
clef
wordpress security requires:
making security standard
increasing accessibility to security
dedication to casual user
secur...
weakness in the community is dangerous
questions?
Upcoming SlideShare
Loading in...5
×

Passwords and Botnets and Zombies (oh my!)

213

Published on

The WordPress community has a huge security challenge on the horizon. Now powering almost 20% of the Internet, WordPress lets us build businesses and lifestyles behind a single password. Protecting one site is hard, but the real challenge is making sure that distributed attacks across WordPress sites don't find unprotected sites to attack. In this talk, Brennen Byrne, the CEO of Clef, discusses the attacks and defenses being established in the new security paradigm and the new strategies being worked on to protect your site from the robot army.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
213
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Passwords and Botnets and Zombies (oh my!)"

  1. 1. passwords and botnets and zombies
  2. 2. passwords and botnets and zombies oh my!
  3. 3. this talk is about security
  4. 4. a lot of people think security is hard
  5. 5. a lot of people think security is hard confusing
  6. 6. a lot of people think security is hard confusing complicated
  7. 7. a lot of people think security is not for you hard confusing impossible technical frustrating complicated infuriating painful
  8. 8. but we all know that it’s important
  9. 9. but we all know that it’s important and my job is to make it easy
  10. 10. 3 reasons we need to talk about security:
  11. 11. almost 20% of the web runs on wordpress
  12. 12. almost 20% of the web runs on wordpress lots of attacks on wordpress sites
  13. 13. almost 20% of the web runs on wordpress lots of attacks on wordpress sites security is fun and interesting
  14. 14. hello, my name is brennen (@brennenbyrne)
  15. 15. I’m a founder of Clef (getclef.com)
  16. 16. what is clef?
  17. 17. passwords and botnets and zombies oh my!
  18. 18. how important is a single password?
  19. 19. could one password: take down your site? hurt your clients? ruin your business? endanger lives?
  20. 20. as wordpress becomes more important so do our passwords.
  21. 21. the old way to break a password
  22. 22. virus with a keylogger guess common passwords advanced interrogation
  23. 23. in order to defend myself
  24. 24. don’t download viruses ban IPs that are guessing wrong don’t piss off enemy nation-states
  25. 25. if i’m good, i could also use an admin username other than “admin” post from author accounts, not admin change the table prefix of my databases be careful about who i give permissions
  26. 26. but attackers have gotten smarter
  27. 27. botnets
  28. 28. botnets are what happens when your parents download viruses
  29. 29. their computers become zombies
  30. 30. botnets attack sites sites infect visitors’ computers visitors join botnet bigger botnet attacks more sites
  31. 31. botnets swarm and attack your site from millions of different computers
  32. 32. don’t download viruses ban IPs that are guessing wrong don’t piss off enemy nation-states
  33. 33. botnets are the attackers’ response to our better defenses as wordpress becomes a better target the incentives for breaking it rise
  34. 34. with new attacks come new defenses
  35. 35. bruteprotect
  36. 36. clef
  37. 37. but attack and response isn’t enough
  38. 38. passwords are a long-term problem
  39. 39. brain vs. computer
  40. 40. more services online and longer, harder passwords
  41. 41. hacks this year Adobe Twitter Living Social Evernote Drupal
  42. 42. clef
  43. 43. wordpress security requires: making security standard increasing accessibility to security dedication to casual user secure defaults
  44. 44. weakness in the community is dangerous
  45. 45. questions?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×