budi rahardjo, profile picture
Uploaded bybudi rahardjo
PPT, PDF526 views

Trusting The Trust

The document discusses the concept of trust in various digital contexts. It raises questions about trusting social networks, banks, governments, code, and partners. It also discusses factors that can undermine trust, such as malware, hackers, and fraud. Finally, it suggests that reducing risks requires attention to people, processes, technology, and independent review over time.

Embed presentation

Downloaded 28 times
Trusting the Trust Budi Rahardjo budi@indocisc.com http://rahard.wordpress.com Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009
Trust vs. Security [no 100% secure system] march 2009 BR - trusting the trust
Security vs. … Convenience Performance Business Requirement
Failing the trust Malicious software ; virus, worm, … Malicious users ; crackers, attackers, … Fraud ; disgruntled employees, … Indentity theft ; unauthenticated users, … march 2009 BR - trusting the trust
identity theft [facebook, friendster, … social networks do you trust your “ friends ”?] march 2009 BR - trusting the trust
“On the internet, nobody knows you’re a dog”
Authentication Authentication factors What you have (card, token) What you know (password, pin, id) What you are (biometrics) Electronic transaction requirement 2 factor-authentication
Do you trust your bank? march 2009 BR - trusting the trust
[“borrowed” slides on skimmer attached on an ATM machine of a local bank. Sorry, I cannot add the slides here since I don’t know the owner of the slides to ask/acknowledge.] march 2009 BR - trusting the trust
Do you trust your e-government? [election jokes, e-gov, e-proc] march 2009 BR - trusting the trust
[Examples of bad 2009 election campaign posters are available at http://janganbikinmalu2009.com] march 2009 BR - trusting the trust
Can you trust your code ? march 2009 BR - trusting the trust
Open Source is better, IF … march 2009 BR - trusting the trust
you play with your code [read Ken Thompson, "Reflections on Trusting Trust" ACM , September 1995] march 2009 BR - trusting the trust
Reflections on trusting trust Self reproducing code “Learning” program Create trojaned compiler compile a “bug” version when detect a pattern
meaning … skill is important [awareness too] march 2009 BR - trusting the trust
Reducing Risks Anti virus, 2 factors authentication, … march 2009 BR - trusting the trust
Reducing Risks But … really … people , process , & technology
Reducing Risks Review periodically by independent , trusted 3 rd party How do you trust your partner?
Thank you for trusting me :) Budi Rahardjo [email_address]
 

More Related Content

PDF
Brand Trust The Six Drivers of Trust
bymext Consulting
 
PDF
Great Place to Work(R) Institute
byBest Workplaces Conference
 
PDF
The Missing Link In Your Employee Engagement Strategy
byLimeade
 
PPTX
Dynamics Of Trust
byNonVerbals Consulting
 
PDF
Happiness at Work
byLinkedIn Learning Solutions
 
DOCX
Leadership & Trust
byJames Cook Univeristy Australia, Singapore Campus
 
PDF
Employees Have Spoken - 7 Actions HR Should Take
byCornerstone OnDemand
 
ODP
Seven steps to building a trusting workplace
byIdoinspire
 
Brand Trust The Six Drivers of Trust
bymext Consulting
 
Great Place to Work(R) Institute
byBest Workplaces Conference
 
The Missing Link In Your Employee Engagement Strategy
byLimeade
 
Dynamics Of Trust
byNonVerbals Consulting
 
Happiness at Work
byLinkedIn Learning Solutions
 
Leadership & Trust
byJames Cook Univeristy Australia, Singapore Campus
 
Employees Have Spoken - 7 Actions HR Should Take
byCornerstone OnDemand
 
Seven steps to building a trusting workplace
byIdoinspire
 

More from budi rahardjo

PDF
Uji Keamanan Penetration Testing Itu Tidak Ilmiah
bybudi rahardjo
 
PDF
Dealing with Hoax
bybudi rahardjo
 
PDF
Peluang IoT di Indonesia
bybudi rahardjo
 
PDF
Kronologis penganiayaan timmy
bybudi rahardjo
 
PDF
Identity Theft
bybudi rahardjo
 
PPTX
Klik and Modar: social engineering dengan menggunakan URL Bait
bybudi rahardjo
 
PDF
A very short Introduction to Software Security
bybudi rahardjo
 
PDF
The Joy of Programming (short version)
bybudi rahardjo
 
PDF
IoT: Dari Hobby ke Profesi
bybudi rahardjo
 
PDF
Security in COVID-19 Era
bybudi rahardjo
 
PDF
Keaslian Dokumen Digital
bybudi rahardjo
 
PDF
How to Train Electronics Rockstars
bybudi rahardjo
 
PDF
Technology-based Startup
bybudi rahardjo
 
PDF
Bdg software uploaded
bybudi rahardjo
 
PPTX
How to train Electronics Rockstars
bybudi rahardjo
 
PDF
Strategi Industri Telematika Indonesia
bybudi rahardjo
 
PDF
Product development 2021
bybudi rahardjo
 
PDF
Topik Penelitian Keamanan Informasi
bybudi rahardjo
 
PPTX
Network Sniffing
bybudi rahardjo
 
PDF
To teach is ... (On Teaching)
bybudi rahardjo
 
Uji Keamanan Penetration Testing Itu Tidak Ilmiah
bybudi rahardjo
 
Dealing with Hoax
bybudi rahardjo
 
Peluang IoT di Indonesia
bybudi rahardjo
 
Kronologis penganiayaan timmy
bybudi rahardjo
 
Identity Theft
bybudi rahardjo
 
Klik and Modar: social engineering dengan menggunakan URL Bait
bybudi rahardjo
 
A very short Introduction to Software Security
bybudi rahardjo
 
The Joy of Programming (short version)
bybudi rahardjo
 
IoT: Dari Hobby ke Profesi
bybudi rahardjo
 
Security in COVID-19 Era
bybudi rahardjo
 
Keaslian Dokumen Digital
bybudi rahardjo
 
How to Train Electronics Rockstars
bybudi rahardjo
 
Technology-based Startup
bybudi rahardjo
 
Bdg software uploaded
bybudi rahardjo
 
How to train Electronics Rockstars
bybudi rahardjo
 
Strategi Industri Telematika Indonesia
bybudi rahardjo
 
Product development 2021
bybudi rahardjo
 
Topik Penelitian Keamanan Informasi
bybudi rahardjo
 
Network Sniffing
bybudi rahardjo
 
To teach is ... (On Teaching)
bybudi rahardjo
 

Recently uploaded

PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
Fortify Your Digital Defenses with ServiceNow Security Operations by Suma Soft
byGavin Ellis
 
PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PDF
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
PPTX
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
PDF
January Patch Tuesday
byIvanti
 
PDF
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PDF
2006 IEEE International Solid-State Circuits Conference
bySlide_N
 
PDF
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
PPTX
Accelerate Innovation with Engineering R&D Services
byChetu
 
PPTX
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
PDF
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
PPTX
Microsoft Azure News - January 2026 - BAUG
byDaniel Toomey
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
Fortify Your Digital Defenses with ServiceNow Security Operations by Suma Soft
byGavin Ellis
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
January Patch Tuesday
byIvanti
 
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
2006 IEEE International Solid-State Circuits Conference
bySlide_N
 
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
Accelerate Innovation with Engineering R&D Services
byChetu
 
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
Microsoft Azure News - January 2026 - BAUG
byDaniel Toomey
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 

Trusting The Trust

  • 1.
    Trusting the Trust Budi Rahardjo budi@indocisc.com http://rahard.wordpress.com Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009
  • 2.
    Trust vs. Security [no 100% secure system] march 2009 BR - trusting the trust
  • 3.
    Security vs.… Convenience Performance Business Requirement
  • 4.
    Failing thetrust Malicious software ; virus, worm, … Malicious users ; crackers, attackers, … Fraud ; disgruntled employees, … Indentity theft ; unauthenticated users, … march 2009 BR - trusting the trust
  • 5.
    identity theft [facebook, friendster, … social networks do you trust your “ friends ”?] march 2009 BR - trusting the trust
  • 6.
    “On the internet, nobody knows you’re a dog”
  • 7.
    Authentication Authentication factorsWhat you have (card, token) What you know (password, pin, id) What you are (biometrics) Electronic transaction requirement 2 factor-authentication
  • 8.
    Do you trust your bank? march 2009 BR - trusting the trust
  • 9.
    [“borrowed” slides onskimmer attached on an ATM machine of a local bank. Sorry, I cannot add the slides here since I don’t know the owner of the slides to ask/acknowledge.] march 2009 BR - trusting the trust
  • 10.
    Do you trustyour e-government? [election jokes, e-gov, e-proc] march 2009 BR - trusting the trust
  • 11.
    [Examples of bad2009 election campaign posters are available at http://janganbikinmalu2009.com] march 2009 BR - trusting the trust
  • 12.
    Can you trust your code ? march 2009 BR - trusting the trust
  • 13.
    Open Source isbetter, IF … march 2009 BR - trusting the trust
  • 14.
    you play with your code [read Ken Thompson, "Reflections on Trusting Trust" ACM , September 1995] march 2009 BR - trusting the trust
  • 15.
    Reflections on trustingtrust Self reproducing code “Learning” program Create trojaned compiler compile a “bug” version when detect a pattern
  • 16.
    meaning … skill is important [awareness too] march 2009 BR - trusting the trust
  • 17.
    Reducing Risks Antivirus, 2 factors authentication, … march 2009 BR - trusting the trust
  • 18.
    Reducing Risks But… really … people , process , & technology
  • 19.
    Reducing Risks Review periodically by independent , trusted 3 rd party How do you trust your partner?
  • 20.
    Thank you fortrusting me :) Budi Rahardjo [email_address]
  • 21.