Passwords and Botnets and Zombies (oh my!)

309
-1

Published on

The WordPress community has a huge security challenge on the horizon. Now powering almost 20% of the Internet, WordPress lets us build businesses and lifestyles behind a single password. Protecting one site is hard, but the real challenge is making sure that distributed attacks across WordPress sites don't find unprotected sites to attack. In this talk, Brennen Byrne, the CEO of Clef, discusses the attacks and defenses being established in the new security paradigm and the new strategies being worked on to protect your site from the robot army.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
309
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Passwords and Botnets and Zombies (oh my!)

  1. 1. passwords and botnets and zombies
  2. 2. passwords and botnets and zombies oh my!
  3. 3. this talk is about security
  4. 4. a lot of people think security is hard
  5. 5. a lot of people think security is hard confusing
  6. 6. a lot of people think security is hard confusing complicated
  7. 7. a lot of people think security is not for you hard confusing impossible technical frustrating complicated infuriating painful
  8. 8. but we all know that it’s important
  9. 9. but we all know that it’s important and my job is to make it easy
  10. 10. 3 reasons we need to talk about security:
  11. 11. almost 20% of the web runs on wordpress
  12. 12. almost 20% of the web runs on wordpress lots of attacks on wordpress sites
  13. 13. almost 20% of the web runs on wordpress lots of attacks on wordpress sites security is fun and interesting
  14. 14. hello, my name is brennen (@brennenbyrne)
  15. 15. I’m a founder of Clef (getclef.com)
  16. 16. what is clef?
  17. 17. passwords and botnets and zombies oh my!
  18. 18. how important is a single password?
  19. 19. could one password: take down your site? hurt your clients? ruin your business? endanger lives?
  20. 20. as wordpress becomes more important so do our passwords.
  21. 21. the old way to break a password
  22. 22. virus with a keylogger guess common passwords advanced interrogation
  23. 23. in order to defend myself
  24. 24. don’t download viruses ban IPs that are guessing wrong don’t piss off enemy nation-states
  25. 25. if i’m good, i could also use an admin username other than “admin” post from author accounts, not admin change the table prefix of my databases be careful about who i give permissions
  26. 26. but attackers have gotten smarter
  27. 27. botnets
  28. 28. botnets are what happens when your parents download viruses
  29. 29. their computers become zombies
  30. 30. botnets attack sites sites infect visitors’ computers visitors join botnet bigger botnet attacks more sites
  31. 31. botnets swarm and attack your site from millions of different computers
  32. 32. don’t download viruses ban IPs that are guessing wrong don’t piss off enemy nation-states
  33. 33. botnets are the attackers’ response to our better defenses as wordpress becomes a better target the incentives for breaking it rise
  34. 34. with new attacks come new defenses
  35. 35. bruteprotect
  36. 36. clef
  37. 37. but attack and response isn’t enough
  38. 38. passwords are a long-term problem
  39. 39. brain vs. computer
  40. 40. more services online and longer, harder passwords
  41. 41. hacks this year Adobe Twitter Living Social Evernote Drupal
  42. 42. clef
  43. 43. wordpress security requires: making security standard increasing accessibility to security dedication to casual user secure defaults
  44. 44. weakness in the community is dangerous
  45. 45. questions?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×