Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable


Published on

Presentation from NetSquared Vancouver's #Tech4Good Trends event for nonprofits in 2018.

Published in: Technology
  • Login to see the comments

  • Be the first to like this

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

  1. 1. Privacy & Security Strategies for Non-Profits Impacts of Meltdown & Spectre By Kris Constable @cqwww
  2. 2. Meltdown & Spectre Speculative execution (what's going to happen next) & side channel attacks (physical, electrical and/or mechanical characteristics – hardware) relating to CPUs (Intel, AMD & ARM) Meltdown: Kernel vs Userland Spectre: Segmentation between applications ... A helpful reminder you need a privacy & security strategy
  3. 3. What can you do? Have an organizational strategy and ensure compliance by measuring compliance
  4. 4. Patch all the things
  5. 5. Masscan & metasploit
  6. 6. Let's go through the layers of the OSI model. CERT suggests upgrading your CPU
  7. 7. Patch your operating systems (server, laptop, phone)
  8. 8. Download the latest version of your browser. I recommend something based off Google Chromium or Mozilla Firefox. I use Iridium and Firefox Focus. For chrome, type this in your URL: chrome://flags/#enable-site-per-process and click “enable” on “Strict site isolation.”
  9. 9. Block JavaScript and Flash by default NoScripts Ablock Plus or Ublock Origin Privacy Badger
  10. 10. Make sure you're using antivirus, including mac/osx users, and are using it properly
  11. 11. Restore from your backups
  12. 12. Or PrivaSecTech on Facebook
  13. 13. Questions? @cqwww