This document discusses issues with voting machine security and election integrity in the United States. It notes that major voting machine companies like ES&S, Dominion, and Hart still rely on outdated and insecure technology, with vulnerabilities like easy-to-guess default passwords and hundreds of thousands of lines of insecure source code. The document also outlines other security problems like a lack of paper audits trails and patching, as well as corruption within the voting machine industry. Overall, it argues that the current electronic voting systems in the US are insecure and cannot guarantee fair and accurate elections.
Given at the BugCrowd conference in January 2019, this was the first time for doing this deck.:
For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated.
1) The document discusses artificial intelligence and machine learning in the context of information security. It provides definitions of artificial intelligence, machine learning, and how they relate to the infosec industry.
2) It argues that the infosec industry needs to apply artificial intelligence and machine learning to address challenges like protecting against human errors and dealing with the growing volume of data and new technologies. However, AI relies on access to large amounts of data which raises privacy concerns.
3) It envisions how technology may continue to evolve in areas like fintech, IoT, smart systems and more, and argues that the infosec industry needs to start solving these challenges with AI now rather than continuing to discuss the same issues for the next 25
This document outlines the agenda and content for a presentation on breaking into the cybersecurity/IT industry. The presenter discusses the history of computing and how the industry has evolved over time. They emphasize the importance of understanding core technical concepts and gaining hands-on experience through certifications, side projects, volunteering, and bug bounty programs. The presentation encourages networking on platforms like LinkedIn and developing personal brands to become more competitive in a challenging job market. Diversity and soft skills are also highlighted as important factors for success in this field.
This talk will focus on a concept first described as “the internet of things” and subsequently as the “internet of everything” and “the programmable world/internet.”
Wiki Web Way (Practical Manual to Earn Money on Internet)AbundioTeca
Instruction Set, Tools and Resources, which, interacting with each other, are different Methods Applied to Earn Coins in the Target Network. Goal, Create self-employment Indefinite; Internetician.
Machine Learning for Non-technical Peopleindico data
Machine learning is one of the most promising and most difficult to understand fields of the modern age. Here are the slides from Slater Victoroff's (CEO of indico) talk at General Assembly Boston for non-technical folks on how to separate the signal from the noise -- stay tuned for the next time he speaks:
https://generalassemb.ly/education/machine-learning-for-non-technical-people
Given at the BugCrowd conference in January 2019, this was the first time for doing this deck.:
For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated.
1) The document discusses artificial intelligence and machine learning in the context of information security. It provides definitions of artificial intelligence, machine learning, and how they relate to the infosec industry.
2) It argues that the infosec industry needs to apply artificial intelligence and machine learning to address challenges like protecting against human errors and dealing with the growing volume of data and new technologies. However, AI relies on access to large amounts of data which raises privacy concerns.
3) It envisions how technology may continue to evolve in areas like fintech, IoT, smart systems and more, and argues that the infosec industry needs to start solving these challenges with AI now rather than continuing to discuss the same issues for the next 25
This document outlines the agenda and content for a presentation on breaking into the cybersecurity/IT industry. The presenter discusses the history of computing and how the industry has evolved over time. They emphasize the importance of understanding core technical concepts and gaining hands-on experience through certifications, side projects, volunteering, and bug bounty programs. The presentation encourages networking on platforms like LinkedIn and developing personal brands to become more competitive in a challenging job market. Diversity and soft skills are also highlighted as important factors for success in this field.
This talk will focus on a concept first described as “the internet of things” and subsequently as the “internet of everything” and “the programmable world/internet.”
Wiki Web Way (Practical Manual to Earn Money on Internet)AbundioTeca
Instruction Set, Tools and Resources, which, interacting with each other, are different Methods Applied to Earn Coins in the Target Network. Goal, Create self-employment Indefinite; Internetician.
Machine Learning for Non-technical Peopleindico data
Machine learning is one of the most promising and most difficult to understand fields of the modern age. Here are the slides from Slater Victoroff's (CEO of indico) talk at General Assembly Boston for non-technical folks on how to separate the signal from the noise -- stay tuned for the next time he speaks:
https://generalassemb.ly/education/machine-learning-for-non-technical-people
The document discusses the history and development of the Internet. It begins by explaining what the Internet is - a globally connected network that transmits data via various media like wireless, fiber optics, and more. It then discusses how the Internet has transformed over time from a static network in its early days to today where it enables sharing of vast amounts of information, communication, and content creation. The document also covers the emergence of web 2.0 and social media, and how mobile connectivity is shaping the current Internet revolution. It concludes by providing tips for safe Internet usage.
The document discusses the rise of the Internet of Things (IoT) and its implications. It notes that the IoT represents a major shift where the Internet now connects not just virtual applications but billions of physical devices. This expansion has been enabled by Moore's Law, which has made sensors and computing power cheaper and smaller, Koomey's Law which has reduced the energy needs of devices, and Metcalfe's Law which means the network becomes more valuable as more devices connect. The possibilities of the IoT are vast but it also raises privacy concerns that must be addressed. Overall, the IoT heralds a new era where data and experiences, not just technology, will be increasingly important.
Lee Rainie, director of Internet and Technology research at the Pew Research Center, gave the Holmes Distinguished Lecture at Colorado State University on April 13, 2018. He discussed the research the Center conducted with Elon University’s Imagining the Internet Center about the future of the internet and the way digital technologies will spread to become the “internet of everywhere” and “artificial intelligence” everywhere. He also explored the ways in which experts say this will create improvements in people’s lives and the new challenges – including privacy, digital divides, anti-social behavior and stress tests for how human social and political systems adapt.
This document provides information about a student named Amanjot Kaur with roll number 115337 studying in section N2. It then discusses the topic of strengths and weaknesses of computers. It covers various types of computers, what computers can be used for, and details on using the web, email, instant messaging, and media. It also outlines characteristics, strengths and weaknesses of internal computer packages, television/computers, and electronic surveys.
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
This particular presentation covers, at a high level, our national cybersecurity initiative. The content targets prospective high school students and delves into areas of computer science, information systems, and policy.
This document discusses privacy challenges related to emerging technologies like big data, merged realities, and cognitive computing. It provides an overview of these technologies and their implications for privacy. The role of information professionals in addressing privacy issues is also examined. Key points discussed include how new technologies often conflict with privacy, the global scale of data collection, and how technology could also help manage privacy concerns.
ICT causes social ills by MUET Unit KISASKisas Muet
(1) ICT is the cause of today's many social ills such as addiction, obsession, and depression. (2) ICT causes addiction through unlimited access to the internet, online games, gambling, and pornography. It has led to online game addiction and neglect of children in some cases. (3) ICT causes obsession with celebrities and trends through social media which encourages stalking and fashion obsession that does not align with cultural values. It has led to celebrity worship syndrome. (4) ICT causes depression by enabling comparisons to unrealistic social media lives, cyberbullying, and lack of social media attention and likes. It has led to issues like low self-esteem, trauma,
Emerging media technologies provide both benefits and risks according to the document. On the positive side, mobile communication has conquered the world and provides connectivity, safety, and satisfaction. However, issues around privacy, social control, and psychological impacts are concerns as intelligent networks, the internet of things, and robots/agents become more advanced and integrated into daily life. The future may see greater manipulation and loss of individual autonomy if these trends are not addressed properly.
AI - Artificial Intelligence - Implications for LibrariesBrian Pichman
What does the world of AI (artificial intelligence) mean for libraries? Can AI replace library services or how can libraries leverage the technology for more streamlined services. From Smart Houses, to Robots, to technology yet to be mainstreamed, this session will cover it all to help you better prepare and plan for the future.
Advantages of disadvantages of using the computerMissNDuncan
Computers provide advantages like speed, reliability, communication between devices, and large storage capacity. However, disadvantages include potential health risks from improper usage, privacy violations if records are unprotected, computer crimes like hacking, and reduced employment as computers automate tasks.
How Machine Learning is Shaping Digital Marketingindico data
Dan Kuster held a workshop at General Assembly Boston on how machine learning is changing -- and improving -- the way digital marketers do their jobs.
Overview:
"Machine learning allows a marketer to target people based on an actual understanding of their interests, habits, and personality, rather than typical demographic data. To get more concrete here, machine learning lets you say: I want to target people that have posted a picture of a guitar in the last three months, or: I want to target people with the INTP personality type that posted something angry about Bernie Sanders recently.
It also allows marketers to look strategically at the content they use to engage their audience and reflect on what works and what doesn't work in a scientific way. If you make 30 posts with very different engagement rates, you can use your own intuition, but then also scientifically vet the wording of your message to get a sense ahead of time about how engaging it may be."
How technology impacts our lives ( finished)Devon Saysell
Technology has greatly impacted our lives in many ways. Basic home technologies like TV, computers, and phones allow people to stay informed about news and events and communicate with others. Without these technologies, people would be isolated from world events and unable to contact others in emergencies. Portable devices owned by most teens like cell phones and mp3 players also enable communication and help in emergencies. Cars and public transportation expand people's access to resources and attractions in other towns. Machines are used in hospitals, industries, homes, and schools to help people learn, receive medical care, and live their lives. The world relies on technology to support its population and future technological advances will continue making lives easier.
The document discusses several topics related to science, technology, and national development in the Philippines, including:
- A brief history of computers in the Philippines from the 1960s to present day, including major companies like IBM and Intel that introduced computers.
- The concepts of technology transfer and different types of technology from emerging to established. Technology transfer involves processes like promotion, development, assessment, and commercialization.
- The large impact of information and communication technologies (ICT) on fields like education, communication, scientific exploration, the economy, and knowledge management by processing and disseminating information.
- The Philippine Electronic Commerce Act of 2000 which recognizes the importance of ICT for nation-building and supports its availability
This document discusses the future of artificial intelligence and its role in society over the next 20 years. It imagines that by 2038, digital assistants like Cortana will help automate many daily tasks like waking up, getting ready, scheduling appointments and meetings, and providing health monitoring. AI-powered technologies like mixed reality, self-driving vehicles, and drones will be integrated into daily life. While AI will optimize time and productivity, its growth also raises complex questions that society must address around its impact on jobs, privacy, security, and other issues.
The document discusses the impact of technology on psychology and society. It covers how technology has transformed society and increased connectivity through social networking. It also discusses how gaming can impact cognition, noting that violent video games may briefly increase aggressiveness in children and regular exposure could make them "meaner". However, gaming may also improve visual attention and spatial reasoning skills. The document examines different perspectives on technology and looks at trends in technology use across generations.
Pew Internet Director Lee Rainie delivered the keynote presentation at WorldFuture 2012 in Toronto on Friday, July 27. The presentation, based on his latest book, Networked: The New Social Operating System (co-authored with Barry Wellman), discussed the findings of the most recent expert surveys on the future of teens’ brains, the future of universities, the future of money, the impact of Big Data, the battle between apps and the Web, the spread of gamification, and the impact of smart systems on consumers.
This document summarizes a presentation on implementing AI with big data. It discusses how AI is currently being used to solve problems by taking various types of input data like text, images, audio and labeling the data. Supervised machine learning is driving most of the economic value of AI today by training models on large labeled datasets. The document contrasts artificial intelligence, machine learning and deep learning. It also compares machine learning to statistics and discusses the importance of data volume for AI. Big data engineering topics like data cleansing, self-service analytics, storage and streaming are covered. Finally, the document briefly mentions applications of AI in different industries today.
The document discusses several key ICT trends worldwide:
1. Open innovation and crowdsourcing, where companies collaborate with outside partners and the public to generate ideas. Examples given include a juice company collaborating on new flavors and an open smartphone platform.
2. Reality sensing, which analyzes existing data like mobile phone and sensor data to measure events in real-time. Examples include traffic monitoring and flu tracking.
3. Empowering energy efficiency, with consumers and businesses seeking more sustainable energy solutions. Examples include devices that generate power from human motion and smart homes that monitor energy usage.
4. Human interface trends like emotions in robots, brain-wave controlled devices, and new semantic search engines
Intranets and intranet projects - a few ideas and practical things learned.Jonas Söderström
The document discusses lessons learned from intranet projects. It warns that intranet projects often involve internal politics between departments and that one department may claim to be more important than the overall organization. It also notes that intranets are typically run by people focused on words who have little understanding of pictures and are suspicious of them. Another lesson is that calendar features on intranets are rarely used by employees to check schedules, but instead are used by departments to advertise their activities to the rest of the organization. The document recommends using news stories or social features instead of calendars for this purpose. It also discusses challenges with personalizing content and the risk of one person incorrectly tagging information.
Red vs. Blue Why we’ve been getting it wrong for 25 yearsEC-Council
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Flupa UX Days 2018 | Sara Wachter-Boettcher (EN)Flupa
DESIGNING INCLUSIVE PRODUCTS
Conférence de Sara Wachter-Boettcher
Même si nos projets commencent toujours avec de très bonnes intentions, on se retrouve souvent avec des produits pilotés par des stéréotypes toxiques qui sont véhiculés dans la culture tech : des balances connectées qui déduisent que tout le monde veut perdre du poids, des formulaires qui ne correspondent pas aux personnes transgenres, des bots lecteurs de curriculum qui désavantagent les femmes,les systèmes de reconnaissance faciale qui n’arrivent pas à identifier les personnes de couleur…
Aujourd’hui, la technologie a pris une place centrale dans le quotidien de nos utilisateurs jusqu’à aller dans le moindre recoin de leur intimité, nous avons notre part de responsabilité par nos décisions lorsque ces produits incluent ou rejettent des utilisateurs. Durant cette keynote, Sara Wachter-Boettcher expliquera comment la culture de l’industrie tech est en train de créer des produits qui exploitent des préjugés, manipulent et blessent des utilisateurs, mais nuisent également à la démocratie. Elle nous présentera également le comportement à adopter pour éviter de créer ce type de produit : comment concevoir des hypothèses dans notre processus de travail, vérifier que les décisions prises autour du produit soient correctes auprès de différents utilisateurs et différentes situations, avoir des discussions avec ses équipes et les entreprises et poursuivre une démarche de conception plus éthique et inclusive pour notre industrie.
Plus d'infos sur : uxday.flupa.eu/designing-inclusive-products
The document discusses the history and development of the Internet. It begins by explaining what the Internet is - a globally connected network that transmits data via various media like wireless, fiber optics, and more. It then discusses how the Internet has transformed over time from a static network in its early days to today where it enables sharing of vast amounts of information, communication, and content creation. The document also covers the emergence of web 2.0 and social media, and how mobile connectivity is shaping the current Internet revolution. It concludes by providing tips for safe Internet usage.
The document discusses the rise of the Internet of Things (IoT) and its implications. It notes that the IoT represents a major shift where the Internet now connects not just virtual applications but billions of physical devices. This expansion has been enabled by Moore's Law, which has made sensors and computing power cheaper and smaller, Koomey's Law which has reduced the energy needs of devices, and Metcalfe's Law which means the network becomes more valuable as more devices connect. The possibilities of the IoT are vast but it also raises privacy concerns that must be addressed. Overall, the IoT heralds a new era where data and experiences, not just technology, will be increasingly important.
Lee Rainie, director of Internet and Technology research at the Pew Research Center, gave the Holmes Distinguished Lecture at Colorado State University on April 13, 2018. He discussed the research the Center conducted with Elon University’s Imagining the Internet Center about the future of the internet and the way digital technologies will spread to become the “internet of everywhere” and “artificial intelligence” everywhere. He also explored the ways in which experts say this will create improvements in people’s lives and the new challenges – including privacy, digital divides, anti-social behavior and stress tests for how human social and political systems adapt.
This document provides information about a student named Amanjot Kaur with roll number 115337 studying in section N2. It then discusses the topic of strengths and weaknesses of computers. It covers various types of computers, what computers can be used for, and details on using the web, email, instant messaging, and media. It also outlines characteristics, strengths and weaknesses of internal computer packages, television/computers, and electronic surveys.
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
This particular presentation covers, at a high level, our national cybersecurity initiative. The content targets prospective high school students and delves into areas of computer science, information systems, and policy.
This document discusses privacy challenges related to emerging technologies like big data, merged realities, and cognitive computing. It provides an overview of these technologies and their implications for privacy. The role of information professionals in addressing privacy issues is also examined. Key points discussed include how new technologies often conflict with privacy, the global scale of data collection, and how technology could also help manage privacy concerns.
ICT causes social ills by MUET Unit KISASKisas Muet
(1) ICT is the cause of today's many social ills such as addiction, obsession, and depression. (2) ICT causes addiction through unlimited access to the internet, online games, gambling, and pornography. It has led to online game addiction and neglect of children in some cases. (3) ICT causes obsession with celebrities and trends through social media which encourages stalking and fashion obsession that does not align with cultural values. It has led to celebrity worship syndrome. (4) ICT causes depression by enabling comparisons to unrealistic social media lives, cyberbullying, and lack of social media attention and likes. It has led to issues like low self-esteem, trauma,
Emerging media technologies provide both benefits and risks according to the document. On the positive side, mobile communication has conquered the world and provides connectivity, safety, and satisfaction. However, issues around privacy, social control, and psychological impacts are concerns as intelligent networks, the internet of things, and robots/agents become more advanced and integrated into daily life. The future may see greater manipulation and loss of individual autonomy if these trends are not addressed properly.
AI - Artificial Intelligence - Implications for LibrariesBrian Pichman
What does the world of AI (artificial intelligence) mean for libraries? Can AI replace library services or how can libraries leverage the technology for more streamlined services. From Smart Houses, to Robots, to technology yet to be mainstreamed, this session will cover it all to help you better prepare and plan for the future.
Advantages of disadvantages of using the computerMissNDuncan
Computers provide advantages like speed, reliability, communication between devices, and large storage capacity. However, disadvantages include potential health risks from improper usage, privacy violations if records are unprotected, computer crimes like hacking, and reduced employment as computers automate tasks.
How Machine Learning is Shaping Digital Marketingindico data
Dan Kuster held a workshop at General Assembly Boston on how machine learning is changing -- and improving -- the way digital marketers do their jobs.
Overview:
"Machine learning allows a marketer to target people based on an actual understanding of their interests, habits, and personality, rather than typical demographic data. To get more concrete here, machine learning lets you say: I want to target people that have posted a picture of a guitar in the last three months, or: I want to target people with the INTP personality type that posted something angry about Bernie Sanders recently.
It also allows marketers to look strategically at the content they use to engage their audience and reflect on what works and what doesn't work in a scientific way. If you make 30 posts with very different engagement rates, you can use your own intuition, but then also scientifically vet the wording of your message to get a sense ahead of time about how engaging it may be."
How technology impacts our lives ( finished)Devon Saysell
Technology has greatly impacted our lives in many ways. Basic home technologies like TV, computers, and phones allow people to stay informed about news and events and communicate with others. Without these technologies, people would be isolated from world events and unable to contact others in emergencies. Portable devices owned by most teens like cell phones and mp3 players also enable communication and help in emergencies. Cars and public transportation expand people's access to resources and attractions in other towns. Machines are used in hospitals, industries, homes, and schools to help people learn, receive medical care, and live their lives. The world relies on technology to support its population and future technological advances will continue making lives easier.
The document discusses several topics related to science, technology, and national development in the Philippines, including:
- A brief history of computers in the Philippines from the 1960s to present day, including major companies like IBM and Intel that introduced computers.
- The concepts of technology transfer and different types of technology from emerging to established. Technology transfer involves processes like promotion, development, assessment, and commercialization.
- The large impact of information and communication technologies (ICT) on fields like education, communication, scientific exploration, the economy, and knowledge management by processing and disseminating information.
- The Philippine Electronic Commerce Act of 2000 which recognizes the importance of ICT for nation-building and supports its availability
This document discusses the future of artificial intelligence and its role in society over the next 20 years. It imagines that by 2038, digital assistants like Cortana will help automate many daily tasks like waking up, getting ready, scheduling appointments and meetings, and providing health monitoring. AI-powered technologies like mixed reality, self-driving vehicles, and drones will be integrated into daily life. While AI will optimize time and productivity, its growth also raises complex questions that society must address around its impact on jobs, privacy, security, and other issues.
The document discusses the impact of technology on psychology and society. It covers how technology has transformed society and increased connectivity through social networking. It also discusses how gaming can impact cognition, noting that violent video games may briefly increase aggressiveness in children and regular exposure could make them "meaner". However, gaming may also improve visual attention and spatial reasoning skills. The document examines different perspectives on technology and looks at trends in technology use across generations.
Pew Internet Director Lee Rainie delivered the keynote presentation at WorldFuture 2012 in Toronto on Friday, July 27. The presentation, based on his latest book, Networked: The New Social Operating System (co-authored with Barry Wellman), discussed the findings of the most recent expert surveys on the future of teens’ brains, the future of universities, the future of money, the impact of Big Data, the battle between apps and the Web, the spread of gamification, and the impact of smart systems on consumers.
This document summarizes a presentation on implementing AI with big data. It discusses how AI is currently being used to solve problems by taking various types of input data like text, images, audio and labeling the data. Supervised machine learning is driving most of the economic value of AI today by training models on large labeled datasets. The document contrasts artificial intelligence, machine learning and deep learning. It also compares machine learning to statistics and discusses the importance of data volume for AI. Big data engineering topics like data cleansing, self-service analytics, storage and streaming are covered. Finally, the document briefly mentions applications of AI in different industries today.
The document discusses several key ICT trends worldwide:
1. Open innovation and crowdsourcing, where companies collaborate with outside partners and the public to generate ideas. Examples given include a juice company collaborating on new flavors and an open smartphone platform.
2. Reality sensing, which analyzes existing data like mobile phone and sensor data to measure events in real-time. Examples include traffic monitoring and flu tracking.
3. Empowering energy efficiency, with consumers and businesses seeking more sustainable energy solutions. Examples include devices that generate power from human motion and smart homes that monitor energy usage.
4. Human interface trends like emotions in robots, brain-wave controlled devices, and new semantic search engines
Intranets and intranet projects - a few ideas and practical things learned.Jonas Söderström
The document discusses lessons learned from intranet projects. It warns that intranet projects often involve internal politics between departments and that one department may claim to be more important than the overall organization. It also notes that intranets are typically run by people focused on words who have little understanding of pictures and are suspicious of them. Another lesson is that calendar features on intranets are rarely used by employees to check schedules, but instead are used by departments to advertise their activities to the rest of the organization. The document recommends using news stories or social features instead of calendars for this purpose. It also discusses challenges with personalizing content and the risk of one person incorrectly tagging information.
Red vs. Blue Why we’ve been getting it wrong for 25 yearsEC-Council
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Flupa UX Days 2018 | Sara Wachter-Boettcher (EN)Flupa
DESIGNING INCLUSIVE PRODUCTS
Conférence de Sara Wachter-Boettcher
Même si nos projets commencent toujours avec de très bonnes intentions, on se retrouve souvent avec des produits pilotés par des stéréotypes toxiques qui sont véhiculés dans la culture tech : des balances connectées qui déduisent que tout le monde veut perdre du poids, des formulaires qui ne correspondent pas aux personnes transgenres, des bots lecteurs de curriculum qui désavantagent les femmes,les systèmes de reconnaissance faciale qui n’arrivent pas à identifier les personnes de couleur…
Aujourd’hui, la technologie a pris une place centrale dans le quotidien de nos utilisateurs jusqu’à aller dans le moindre recoin de leur intimité, nous avons notre part de responsabilité par nos décisions lorsque ces produits incluent ou rejettent des utilisateurs. Durant cette keynote, Sara Wachter-Boettcher expliquera comment la culture de l’industrie tech est en train de créer des produits qui exploitent des préjugés, manipulent et blessent des utilisateurs, mais nuisent également à la démocratie. Elle nous présentera également le comportement à adopter pour éviter de créer ce type de produit : comment concevoir des hypothèses dans notre processus de travail, vérifier que les décisions prises autour du produit soient correctes auprès de différents utilisateurs et différentes situations, avoir des discussions avec ses équipes et les entreprises et poursuivre une démarche de conception plus éthique et inclusive pour notre industrie.
Plus d'infos sur : uxday.flupa.eu/designing-inclusive-products
Presentation 'a web application security' challengeDinis Cruz
This document outlines a challenge to improve web application security in Portugal and elsewhere. It proposes focusing on treating application security with respect, viewing it as a business advantage and competitive differentiator. It suggests 12 actions for government and industry, such as allowing ethical hacking, publishing security reviews, and improving legal liability. It notes current disclosure laws prevent discussing known vulnerabilities and that "group think" promotes complacency. The document aims to increase awareness of security issues and motivate organizations to prioritize application security.
2022 - Killer Bunny - TPRA Conference.pptxChris Roberts
This document discusses issues with the current cybersecurity landscape and proposes alternative approaches. It notes that while organizations try to comply with regulations by checking boxes, breaches continue to occur regularly. It criticizes the proliferation of new compliance requirements, frameworks, and vendors that benefit from this system rather than improving security. The document suggests prioritizing communication, cooperation, understanding contexts, and focusing on prevention over reaction to improve the situation.
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Steve Poole
Cybercrime how bad can it be? Organised attacks around the world in 2016 have shown how unprepared we are to deal with the growth of Cybercrime. In this talk learn a little about the scale of the challenge developers face from assaults on our systems. Be prepared to be appalled and scared. Fainting is not allowed. Discover how to fight back and see how you can change your behaviour and your code to defend against these attacks.
Your destiny is clear - it’s time to be come a Cyber Defender
Cybercrime and the Developer: How to Start Defending Against the Darker SideSteve Poole
In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviours you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
The document discusses several myths and tensions regarding digital media access, including the illusion of diversity from global internet access. While information can flow globally, people tend to pay attention only to what they care about and those similar to them, so their attention remains local and tribal. The document also addresses issues like privacy threats from oversharing and data tracking, the lack of neutrality in search engines and their algorithms, and the need to rewire digital spaces to enhance true diversity.
IAC21: Shedding Light on Dark Patterns.pdfNoreen Whysel
You’ve been there before. You thought you could trust someone with a secret. You thought it would be safe, but found out later that they blabbed to everyone. Or maybe they didn’t share it, but the way they used it felt manipulative. You gave more than you got and it didn’t feel fair. But now that it’s out there, do you even have control anymore?
Ok. Now imagine that person was your supermarket. Or your bank. Or your boss.
The document summarizes seven megatrends - Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, and Cybersecurity. It discusses the future of each trend, current trends, and open questions. Some benefits mentioned are improved collaboration, education, healthcare, safety, and business models. However, some risks include increased threats to privacy, job displacement, and security issues. The document recommends organizations consider how these trends could impact their operations and how to leverage new technologies while mitigating risks.
This document discusses various types of cyber crimes and their impacts. It begins by providing examples of common cyber crimes experienced by individuals, such as receiving phishing emails, downloading malware, or having accounts hacked. It then categorizes cyber crimes as those targeting individuals, property, or government. The document outlines specific types of cyber crimes like hacking, theft, stalking, and malware. It notes that cyber crimes cause significant economic damages globally, with the average cost per victim being $298. The United States experiences the highest costs of cyber crime of any country. Reasons why cyber criminals engage in these acts include financial gain, activism, and nation-state cyber warfare.
n the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security.
In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cyber criminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...Alexandre Sieira
The human mind evolved to draw quick conclusions for survival. Behavioral economists, like Daniel Kahneman and Dan Ariely, are publishing research on when, why and how decision making can be consistently and predictably irrational. You could say these researchers are reverse engineering the wetware, finding bugs and race conditions and disclosing them.People are key to an organization’s information security, even if you believe in the “people, processes and technology” tripod. People define and execute processes. People decide funding for, implement, operate and/or monitor the technology. Your adversaries are people. At least until we reach the AI singularity, that is.Until then, the aim of this talk is to present some of the counter-intuitive findings of behavioral economics research and their implications for how information security is handled at the organizational and market levels. Our hope is that the audience will find they could benefit from changing established, seemingly sensible and logical actions we all do to better match how the wetware actually works.
Presented at BSides SF on Feb. 28th, 2016.
This document discusses social engineering techniques used by attackers to manipulate targets. It defines social engineering as interpersonal manipulation to obtain information or access. Common techniques include creating detailed dossiers on targets using open-source intelligence, establishing trust through delayed validation or referencing unavailable individuals, and exploiting psychological weaknesses to elicit information. On-site attacks can be effective by adding perceived legitimacy. Countermeasures recommended include social media monitoring, call verification procedures, awareness training simulating dossier creation, and regular social engineering penetration testing.
William Cheswick Presentation - CSO Perspectives Roadshow 2015CSO_Presentations
This document summarizes William Cheswick's talk on computer security. Some key points:
1) Current security practices and technologies are not working well, as evidenced by constant data breaches and malware infections. Cheswick argues the status quo is "lousy" and we need to try harder.
2) Cheswick believes computer security can "win" by building platforms that cannot be compromised through user error alone. The goal is computers users can safely use without training.
3) Specific engineering goals are proposed, such as a "rock-solid client", trustworthy hardware, usable crypto, and reasonable expectations of results. The security of Grandma's computer is prioritized.
The Internet is on fire – don't just stand there, grab a bucket!Frode Hommedal
The Internet is on fire, and every connected device and user is at risk. How did we get here? By not seeing the dangers ahead, by being lazy and by not understanding the threats we are facing and the consequences of failing at building secure and robust infrastructure. This needs to change, and you need to contribute.
The document discusses how religion profoundly shaped ancient Egyptian society. It determined social classes and norms, with pharaohs and priests at the top due to their religious roles. Religion influenced traditions like marriage, which was expected to be monogamous, and fertility/procreation was highly valued. Career choices were often inherited, though some could become priests if chosen by the king. Overall, religious beliefs provided the central structure and framework for how Egyptians organized their lives.
The document discusses retail brands using social media in three parts. It first outlines three types of social media users - introverts, extroverts, and perverts. Second, it provides some data showing most social media followers are passive "stalkers", with fewer actively engaging. Finally, it discusses strategies for African retail brands on mobile social media, emphasizing community management and using data to understand influencers and conversations. The overall message is that social media requires a strategic, data-driven approach to community building.
The document discusses how computing is impacting all areas of society and the future. It makes three key points:
1) Computing is integrated into nearly all industries and fields of study. All subjects can benefit from including computing in their curriculum and all industries need IT workers.
2) Careers in computing are in high demand and pay well. Starting salaries for many computing jobs like data security analysts and mobile developers are comparable or higher than careers like engineering and law.
3) Computing will continue transforming society and industries in the future. Many technologies are emerging like virtual reality, drones, 3D printing and self-driving cars that will impact jobs, education and more. The future will be shaped by computing innovations and
Similar to Voting Systems - ISSA Chicago Presentation 2020 (20)
Presentation by Julie Topoleski, CBO’s Director of Labor, Income Security, and Long-Term Analysis, at the 16th Annual Meeting of the OECD Working Party of Parliamentary Budget Officials and Independent Fiscal Institutions.
The Antyodaya Saral Haryana Portal is a pioneering initiative by the Government of Haryana aimed at providing citizens with seamless access to a wide range of government services
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
6. Disclaimer…
The guy giving this presentation doesn’t have skin in this game…
• I don’t care if a Democrat, Republican, or John McAfee gets in…
• I’d rather you didn’t vote in the Constitution folks.
• This is your country…
• We gave it back to you
• It started out promising.
• It’s not looking so good...
• However, with Brexit back home, I really can’t say too much!
• What I DO care about is a fair fight…
– And you don’t have the mechanism in place for that.
7. If you were looking for a
feel-good pep talk…
This isn’t going to be it
You have been warned
10. "The integrity of our elections is directly tied to the machines we
vote on — the products that you make," they wrote.
"Despite shouldering such a massive responsibility there has been
a lack of meaningful innovation in the election vendor industry
and our democracy is paying the price."
(2019) Four senators…
For once, something we agree on…
16. Not Even Close…
The global average mean time to identify a data breach is 197 days.
The mean time to recover from a data breach is around 70 days.
76% of organizations were targeted by a phishing attack in the past 12 months.
75% companies say a data breach has caused a material disruption to business processes.
The global average cost of a breach is around $4m.
We are losing an average of 22.5 million records a DAY.
Statistically you now have a 33% chance of being breached in the next 24 months.
USA is still the most popular target, 57% of breaches, 97% of the data in last 24 months.
17. Globally
Top 30 breaches account for almost DOUBLE the Earths population…
Congratulations to us…
At least we’re thorough in losing everyone data…
TWICE!
18. EVEN in failure we manage to make a profit?!?
Ransomware services, for when the blinky shit fails
21. Adversaries Perspective…
Not only do I have a bigger toolbox than you do, I also have time, patience,
and the element of surprise on my side. You MUST be right ALL the time…
I only need to get lucky once.
22.
23. Invite Only CTF, Jan 2020
• Task:
– Compromise the Win10 platform and escape from the Virtual Machine
• Action:
– The team attempted BOTH objectives
– Completed BOTH objectives
– It took 68 seconds to do both
• Result:
– Win10 payout $25k
– Virtual machine payout $75k
– Split between team (different countries)
– Most went to charities
24.
25. Defenders Current Status
It’s not pretty…less tools, the technologies don’t readily coexist and
we’re spending ½ the time justifying what we DO do. We also have
policies, procedures and controls….all with less resources.
34. Narcissistic Reality
• Companies are no longer led by solving problems, they’re led by marketing messages.
• We charge down the latest buzzwords, fads, and breaches like a pack of rabid hyenas.
• We confuse clients with an increasing array of acronyms, product names and rarely simplify the message.
• Our companies no longer focus on protecting their charges, simply making more profit.
• Build, grow, get acquired and move on is NOT a sustainable view for any established enterprise.
• We hide behind FUD, hoodies, faceless attackers, while peppering our clients with AI, ML, Blockchain, and
other empty promises.
• The evolution of InfoSec to Cyber has NOT been done for the right reasons…
• AS an attacker, and adversary YOU have created the perfect conditions for ME to succeed.
37. We’re going to skip past the fact that the 2018’s midterms were a mess, we’ll ignore
some of the stuff so far this year, and assume that you already have a background IN
the voting systems themselves…
47. “The ES&S system is extraordinarily complex,
consisting of nearly 670,000 lines of source code
written in twelve programming languages for five
different hardware platforms.”
“The type of discovered security bugs strongly
suggests that ES&S did not perform an adequate
level of code analysis.”
“Using another tool, hundreds of potentially
exploitable software bugs were immediately
exposed.”
(Thanks, Micah Sherr, PhD)
50. Other Findings…
• Malicious software running on machines can steal votes with little risk of detection.
• Malicious software can modify records, audit logs, and counters kept by the machine.
• Forensics will find nothing amiss.
• Anyone with physical access to a machine can install malicious software. (<60 seconds)
• Anyone who has access to memory cards used in the machine can also install software.
• Poll workers and others often have long periods of unsupervised access to machines.
• Several targeted machine are susceptible to specific voting-machine viruses
• Malicious activity is easy to undertake during normal election activity.
• Remediation?
– Some of the issue can be eliminated by improving software,
– Others cannot be rectified without full hardware replacements.
– Significant changes to procedures would be needed to ensure security.
55. When a Regular Facepalm Just Isn’t Enough
The Presidential Facepalm
56. ES&S “Answers For Every Election Challenge”
“These companies’ litigiousness creates a barrier to competition that
becomes a barrier to improving our elections.”
Louisiana campaign finance records show that an ES&S lobbyist
in Baton Rouge has donated $13,250 to Edwards’ campaigns
since 2014.
Thanks: Jessica Huseman
58. Note:
Even though this points out ES&S’s flaws (only a few of them.)
The others (Dominion and Hart) also fail most levels of scrutiny…and
shouldn’t be sitting there congratulating themselves…
You’re ALL as bad as each other, and that’s part of the problem.
59. We don’t need anyone to “hack” our elections…
We’re fully capable of cocking it up on our own!
In Summary:
64. August 2019, Las Vegas…
1. Commercially-Available Voting System Hardware Remains Vulnerable to Attack
2. There is an Urgent Need for Paper Ballots and Risk-Limiting Audits
3. New Ballot Marking Device (BMD) Products are Vulnerable
4. Infrastructure and Supply Chain Issues Continue to Pose Significant Security Risks
PLEASE , take the time to download AND read the voting village report from DEF CON 27
68. Who To Blame?
Theoretical and empirical research on the effect of foreign electoral intervention has been
thin on the ground and weak until recently…
Since 2011 several studies have been conducted.
One study indicated that the country intervening in most foreign elections is:
• The United States with 81 interventions
• Russia (including the former Soviet Union) with 36 interventions
The estimates put interference from 1946 to 2000 at an average of once in every nine
competitive elections. (Most being through covert actions, BUT, on average able to shift the
voting share by about 3%...)
73. Communication Math
• It takes 1 minute to convince you to hand me your email…
• It takes 1 free offer to get your phone number…
• It takes 1 time to get you to click an email…
• It takes 1 connection with your Bluetooth or wireless…
• It takes 1 guess to work out you re-use your passwords…
• It takes 1 minute with your unattended electronics…
• It takes 1 connection on your social media networks…
YET…
• It takes 7-20 times to get through to you about awareness…
Therefore adversaries continue to win. Change the engagement model
74. 2019-2020 Passwords…
• 123456 (Still No1…)
• 123456789 (Moved UP from 3rd place last year)
• qwerty (Moved UP from 9th place last year)
• password (Fallen from 2nd place…)
• 1234567 (Too depressed to carry on…)
• 12345678
• 12345
• Iloveyou (I actually hate you at this point)
• 111111 (Congressman’s favorite…)
• 1111 (Voting machine favorite!)
• 123123
Seriously, we’re talking AI, bioengineering, nanotechnology, and
putting people on Mars, and yet this is STILL front and center?!?
75.
76. “…any civilization that had so far lost its head as to
need to include a set of detailed instructions for use
in a package of toothpicks, was no longer a
civilization in which I could live and stay sane.”
Douglas Adams, you are missed.
78. Just ONE Attack Vector…
• Last 4 years, around 1,500 healthcare companies have been hit with
ransomware.
• The 172 individual attacks from 2016 to 2019 affected 6.6 million
patients.
• The overwhelming majority of organizations affected were:
– Hospitals or clinics at 74%
– Elderly care providers accounted for 7%
– Dental (5%)
– Medical testing (2%)
– Health insurance, government health and medical supplies, all at 1%
• Researchers calculated the overall cost of the attacks at $157 million.
83. How About We JUST Talk?
Communication: Exchange ideas with each other…
Cooperation: Independent goals, with an aim to share data
Coordination: ALL rowing in same direction for once…
Collaboration: The whole is greater than the sum of its parts
94. All Of Us…
• Irrespective of your background.
• Irrespective of your race, creed, color, faith, or eye color.
• Absolutely irrespective of your orientation!
• Change takes ALL of us.
– This isn’t securities problem, it isn’t the researcher's fault, we
need to stop blaming the hackers.
– This isn’t the C-Suites blame to carry, nor is it the user's issue
to solve. Developers need to be out of the firing line as does
EVERYONE in the business.
• We ALL take some of the responsibility, therefore we ALL
have to solve it…together!
Oh let me SHOW you how many ways I may attack you….
It’s NOT pretty…it hasn’t been for a while, competing priorities OT vs. IT vs. IR…..it’s a mess and it’s not getting any easier.
I WANT our customers to talk about this too….(Scott/Shannon/Josh chime in and give us your perspectives and opinions…)
Taser the vendor….simple as that.
NO absolutes
NO guarantees
NO BS
Here’s a partial survey of what happened:
In South Carolina, machines were changing votes—a “calibration issue,” an election official told The State.
“In Georgia,” The Washington Post reported, “voters waited more than four hours to vote at an elementary school in suburban Atlanta, where some voting machines were not working at the start of the day.” (Problems were reported elsewhere in the state, too.)
The Detroit Free Press reported:
Michigan voters are being turned away from the polls, or left waiting in seemingly interminable lines, in various metro Detroit locations so far on Election Day.
Rex Nagy, a voter in Redford Township, said that his polling place at Pierce Middle School was relying on just one voting machine that he was told had not been tested before Tuesday morning. Everything was at a standstill while around 100 people waited for it to get fixed. From 7:50 a.m. to 9:30 a.m., Nagy saw about half the line leave to go to work, he said. Although Redford Township said the issue was resolved in around a half-hour, Nagy noted the line was still backed up.
According to USA Today, malfunctioning voting machines caused long lines at several precincts in Indiana.
Technical glitches were among the factors causing hours-long lines in Maricopa Country, Arizona.
In Hamilton County, Ohio, “voting machines unexpectedly rejected ballots that had not been completely filled out” in “Blue Ash, Colerain Township, Hyde Park, Walnut Hills, downtown Cincinnati, Monfort Heights and other locations,” according to the Cincinnati Enquirer. And the Cleveland Plain Dealer reported that “a computer glitch at Geauga County polling places caused the system to mark some Election Day voters as having already voted by absentee ballot.”
“Across New York City,” the AP noted, “reports of broken ballot scanners surfaced at several polling places. Turnout was so heavy at one packed precinct on Manhattan’s Upper West Side that the line to scan ballots stretched around a junior high school gym. Poll workers there told voters that two of the roughly half-dozen scanners were malfunctioning.”
According to Politico, “Glitchy paperless voting machines are affecting an untold number of early voting ballots in Texas and Georgia, raising the specter that two of the most closely watched races could be marred by questions about whether the vote count is accurate.”
Several US companies, and nobody’s good at being HONEST….
Which leads to this…..everyone’s blissfully unaware until we get our ASSES handed to us….
There ARE some folks who CARE and who want to make a difference!!
There ARE some folks who CARE and who want to make a difference!!
Quick to blame others, rarely do WE look in the mirror….
WE prefer to argue, to use lobbyist and to simply ignore the fact WE are to blame…
So, I guess WE have to go look in the mirror …..
Remember our childhood….
Healthcare, Critical Infrastructure….think what would happen if ransomware hit some of the COVID-19 labs? OR if someone decided to NOW let lose another version of
REMEMBER the voting village…..
People
Process
THEN
Technology
We’re ALL in this together…thanks Charles Schulz!
FAE, Fundamental Attribution Error, welcome to the end of days. Stop blaming the Russians UNTIL YOU REALLY KNOW!
START Looking in the mirror