Security is sexy again ------ no, not that kind of sexy by Vitor Domingos @ IDC -Information Security
 
 
 
 
Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - ...
VERY IMPORTANT AGENDA - First - Second  - Third
 
 
 
OLD SCHOOL - anti virus - IDS, firewall, scanners - encryption, DMZ, password enforcement - data protection & security gov...
 
 
NEW SCHOOL - social engineering and hacking - id theft (banks) - phishing, spoofing, vishing, brandjacking - spam, bot net...
 
 
 
 
Security Menace History 1.0 – FUN -  Virus, Stealing Information 2.0 – MONEY - Worms, Trojans, Virus 3.0 – MONEY 2.0 - DDo...
Security is (now) personal 1.0 - Direct - One-on-One - Hardware/Software   2.0 - Cloud - Distributed - Social - Personal
Firewall History 1 Gen – Packet Filter 2 Gen – Application Layer 3 Gen – Stateful Filter 4 Gen – Semantic 5 Gen – Personal
Security got smaller and distributed USB PEN SD Card Phone Smartphone Cloud SaaS IaaS NaaS DaaS  ...
 
Phones ... - 15 years of pure unsecurity and few exploits - mobile is the most personal and private item we own - phones a...
What's in ... - phone calls;  - addressbook;  - emails;  - sms;  - mms;  - browser history;  - pictures and some documents...
 
GSM Cracked - A51 Rainbowtable cracking software (reflextor.com/trac/a51) - GSM interception software  (airprobe.org) - So...
 
2010 - UTMS cracked (on paper) - Sandwich attack - MMS Remote Exploit - iPhone SMS Remote Exploit - Bluetooth Spamming and...
 
 
Future (risks?) - Near Field Communications 2008: hacking NFC phones, URI spoofing, NDEF  worm; 2010: Nokia announces that...
Future (risks?) - Spyware disguised as apps (cydia iphone appstore, android apps) - Virus/Worm/Botnet - iphone; vodafone m...
New world out (t)here - Earth calling security, hello ? - Fresh new start (cloud, distributed, mobile, web) - Think global...
 
 
 
Upcoming SlideShare
Loading in …5
×

Security is sexy again

1,174
-1

Published on

presented at @IDC Security Information event

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,174
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security is sexy again

  1. 1. Security is sexy again ------ no, not that kind of sexy by Vitor Domingos @ IDC -Information Security
  2. 6. Vitor Domingos [email_address] http://vitordomingos.com - cloud computing & security consultant - thenextweb.com editor - mobilemonday founder - videocaster - ex failed entrepreneur - ex ITIJ / MJ - ex CGD - ex forumB2B - ex Maxitel - ex Jazztel
  3. 7. VERY IMPORTANT AGENDA - First - Second - Third
  4. 11. OLD SCHOOL - anti virus - IDS, firewall, scanners - encryption, DMZ, password enforcement - data protection & security governance - some other commercial bullshit bingo - social engineering
  5. 14. NEW SCHOOL - social engineering and hacking - id theft (banks) - phishing, spoofing, vishing, brandjacking - spam, bot networks, malware, pharming - XSS (twitter) - private data harvesting (facebook)
  6. 19. Security Menace History 1.0 – FUN - Virus, Stealing Information 2.0 – MONEY - Worms, Trojans, Virus 3.0 – MONEY 2.0 - DDoS, Trojans, ID Theft 4.0 – MARKETING FarmVille, Mafia Wars, Data Theft
  7. 20. Security is (now) personal 1.0 - Direct - One-on-One - Hardware/Software 2.0 - Cloud - Distributed - Social - Personal
  8. 21. Firewall History 1 Gen – Packet Filter 2 Gen – Application Layer 3 Gen – Stateful Filter 4 Gen – Semantic 5 Gen – Personal
  9. 22. Security got smaller and distributed USB PEN SD Card Phone Smartphone Cloud SaaS IaaS NaaS DaaS ...
  10. 24. Phones ... - 15 years of pure unsecurity and few exploits - mobile is the most personal and private item we own - phones are now computers, the personal kind - they even run full operating systems
  11. 25. What's in ... - phone calls; - addressbook; - emails; - sms; - mms; - browser history; - pictures and some documents; - calendar; - gps tracking data; - shop details; - credit card info; - other sync evilness
  12. 27. GSM Cracked - A51 Rainbowtable cracking software (reflextor.com/trac/a51) - GSM interception software (airprobe.org) - Software defined radio (gnuradio.org) - Cheap radion software (ettus.com/products)
  13. 29. 2010 - UTMS cracked (on paper) - Sandwich attack - MMS Remote Exploit - iPhone SMS Remote Exploit - Bluetooth Spamming and Attacks (bluesnarfing, bluebug, bluebugging) -$18 bluetooth sniffer - Bluetooth audio flow to headset interception - Over the air wire tapping - ... and what about flash ? :)
  14. 32. Future (risks?) - Near Field Communications 2008: hacking NFC phones, URI spoofing, NDEF worm; 2010: Nokia announces that all phones will be NFC ready - Mobile javascript in the browser (2000 called and they want to block javascript all again) - Phone SSL, VPN - Location Based something - gowalla//forsquare problems
  15. 33. Future (risks?) - Spyware disguised as apps (cydia iphone appstore, android apps) - Virus/Worm/Botnet - iphone; vodafone memory card spyware bug on android phones - Tinyurl problems (?) - Social phishing from fake call centers - Data Leaks - Startups with little security concerns
  16. 34. New world out (t)here - Earth calling security, hello ? - Fresh new start (cloud, distributed, mobile, web) - Think global - Same old-school practices apply; new skills - SME/SMB - Security as a Service
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×