Sessions at SXSW Interactive 2011 about Security

View as grid

Your current filters are…

Saturday 12th March 2011

  • How Not to Get Pwned on Facebook

    by David Endler

    Social networks are a hacker's paradise. Today more so than ever, it's easy for bad guys(tm) to infect millions of people on Facebook, LinkedIn, and other social networks with little or no effort. Corporate espionage, bank account stealing worms and viruses, frustratingly hard to remove spyware - you name it, social networking makes it that much easier for these things to spread.

    This session will cover some of most effective and amusing techniques that hackers are using today to infect the masses. Focusing on a couple of the more popular social networks, we'll also walk through basic privacy and security checklists that everyone should use to fortify their accounts. Finally, if you suspect your computer is infected as the result of opening a file or visiting a strange link sent from your grandmother on Myspace, etc., this session will demonstrate how to most effectively scan and cleanse your system using free tools.

    LEVEL: Beginner

    At 3:30pm to 4:30pm, Saturday 12th March

    In Big Bend, Hyatt Regency Austin

Monday 14th March 2011

  • Geppetto's Army: Creating International Incidents with Twitter Bots

    by Greg Marra

    Twitter has proven to be an invaluable tool for communication during intense periods of political unrest and social suppression. When thousands of people tweet about oppressive regimes and violence against protesters, the outside world gets a chance to understand events on the ground.

    But what if none of those thousands of people were real, and the events never happened?

    Previous research has shown that Twitter bots can build up a following, garnering hundreds of emotionally invested followers who are fooled into believing the bots are real. A single puppetmaster could create hundreds of Twitter bots, letting them live perfectly normal and believable lives for months while they build up followers. Then one day, a careful crafted false story unfolds on the stage of social media, played out by a single director with hundreds of actors. Incidents like Balloon Boy demonstrate that powerful stories can become widespread before there is time for fact checking. Before anyone realizes all the TwitPics of the massacre are faked, the fake event will have made international headlines.

    This presentation will discuss the technical feasibility of such an attack on the global media infrastructure and discuss the implications of a news system that trusts "recent" over "reputable".

    LEVEL: Beginner

    At 9:30am to 10:30am, Monday 14th March

    In Creekside, Sheraton Austin Hotel at the Capitol

  • Authentication Fails = ID Thieves Succeed. What's Next?

    How does a retailer, bank or any business know they’re interacting with you & not an imposter? Consumers need thoughtful, scalable & user-friendly authentication solutions to stop ID theft & protect reputations & assets. We’ll discuss ID theft & authentication, lessons learned addressing these problems, & how technology + new approaches are paving the way forward. ID fraud & authentication are discussed together because the challenges they create, when one fails & the other succeeds, are endless. ID theft is caused by a failure of authentication & is a concern for ANY industry that handles valuable assets – like money, credit cards, SSN, health records, or World of Warcraft characters. ID theft is commonly talked about & feared, but not always understood. We’ll discuss what it means & how it’s executed. We’ll also share ID theft examples, from mundane to insane & prove that the systems that allow this to happen are clearly broken. When it comes to authentication, a thief can convince someone that they are you, but a thief cannot convince you that he is you – the heart of why consumer participation & strong authentication are so important. When consumers are allowed to participate in transactions, identity theft stops. Architects, engineers & companies have approached authentication in a variety of ways. We’ll go through technical examples & lessons learned from these schemes & show that challenges still exist. We’ll then discuss current innovations & the path forward.

    LEVEL: Intermediate

    At 12:30pm to 1:30pm, Monday 14th March

    In Salon C, Hilton Austin Downtown

  • Terrorism 2.0: Al Qaeda's Online Tools

    by Garrett Graff

    The web, it is often said, inherently benefits the insurgent. Thus it's no surprise that it's becoming the medium of choice for terrorists and violent extremist groups around the world.
    Tracing "terror 2.0" from the November 2008 attacks in Mumbai - arguably the first networked terrorist attack - up through the Times Square bomber, who was radicalized after watching online videos from Muslim cleric Anwar Al-Awlaki and others, this presentation will examine how terrorists are using the same tools we're developing for spreading information and social networking in the West for their own nefarious purposes - even sometimes live online to coordinate unfolding attacks.

    Learn how al Qaeda, the Iraq insurgency, Lashkar-e-Taiba, the Taliban, and even Russian organized crime is running scams, coordinating attacks, recruiting followers, raising money, and living their lives online alongside regular web users. For instance, the Taliban's website was, for a long period, hosted on a server in Houston, Texas, and al Qaeda's primary webmaster - who helped pass around online bomb-making guides, radical videos, downloadable extremist sermons, and hostage videos - turned out to be a 22-year-old geek in West London.

    LEVEL: Intermediate

    At 12:30pm to 1:30pm, Monday 14th March

    In TX Ballroom 5-7, Hyatt Regency Austin