Your current filters are…
Each year, thousands of technophiles descend upon Austin, bringing Internet-connected laptops, phones and tablets with them, and most of them think very little about keeping their personal communications secure. Open wireless networks in the convention center – and in hotels, bars and coffee shops – offer a convenient way to keep in touch with home, but also leave any data that is transmitted over those networks open to snooping by malicious individuals. In this session, host of Revision3 podcast Hak.5 and regular contributor on the TWiT network, Darren Kitchen, will walk attendees through live demonstrations of many ways in which their personal data are vulnerable while connected to the Internet at SXSW, and the steps they can take to keep that data private and safe. The tips and information from this session will benefit those who attend not only while they are at SXSW, but any time they sit down at their own local coffee shop and open up their laptop to fire off some email.
by Wade Holmes
The move to cloud computing is still froth with questions about the confidentiality, integrity and availability of data moved to the cloud. These questions, and their answers, differ depending on the cloud entry point chosen by the end-user. Potential cloud entry points include Infrastructure-as-a-Service, Platform-as-a-Service, or Software-as-a-Service (IaaS, PaaS, or SaaS) cloud computing solutions. This presentation will review the current state of affairs around cloud computing security, and delve into security considerations end-users should make for each of the differing cloud solution entry points. This session is part of the Big Data Track is sponsored by Gemalto.
by Paul Judge
The popularity of Twitter and Facebook make them attractive targets for attackers. The viral features and open APIs make it an efficient medium for attackers. In this talk, we discuss the scale and history of malicious activity on Twitter and Facebook. Based on a comprehensive research study, we demonstrate how attackers respond rapidly to the large increases of users driven by celebrity attention. We highlight popular attack techniques across trending topics, URL shorteners, fake accounts, photo tagging, and fake apps. We show how malware has been designed to steal social network credentials and use them to carry out automated attacks. In order to safeguard the future and usefulness of these platforms, the community and industry must combat these threats and control this malicious activity. We explore ways to safeguard individual users and brands. We also suggest approaches that social network providers should take to improve the security of their networks. This session is part of the Big Data Track sponsored by Gemalto.
What do modern day cybersecurity attacks look like? This panel will evaluate of the current state and evolution of cybersecurity, and discuss how big data plays a role in understanding where to dig in and monitor for suspicious activity. Attacks are financed by governments and organized crime, combining various attack techniques that skirt traditional tools — come learn how to keep your company off the front page of The New York Times. While this session will highlight hands-on tactics, the panel is intended to stretch the audience and invite them to engage with panelists on concepts that are forward-looking and challenge the mundane.
Cloud computing has made the move from new concept to technology that your mother uses. We now are entrusting so many different types of data to the cloud from financial statements and credit card numbers to our music collection and private emails. Yet how secure is the cloud and how much control do we have over the data that we entrust to it? If that data is stolen, will we know and what can we do? Who has jurisdictional authority over the data we store and under what circumstances can it be given away? This panel will try to answer these questions and more as we explore the impact of the cloud and what it means for personal identity and security.
From Brain.A to Stuxnet: we've been fighting PC viruses for 25 years now. What was once an annoyance has become a sophisticated tool for crime and espionage. Computer security expert Mikko Hypponen tells us how we got into this mess and shows us the way out.
This panel will explore the interplay between user privacy, social networking sites, law enforcement, and the teams of people that are tasked with both enforcing and protecting the users of these sites. We'll discuss best practices for protecting your company and your users and if you are a frequent user of social networking sites, you can learn how minimize the information that can be exposed about you in your travels online. We'll show you how we fight for the users, every day.
by Michael Bruemmer, Joseph DeMarco, Joe Ross, Terry Hemeyer and Monika Jedrzejowska
Over the past year, 90% of businesses have been hit by at least one IT security breach. What does this mean? Businesses should consider breaches a statistical certainty and be prepared. Breaches are not the only thing to worry about–most security incidents are not cyber-attacks, but process or other non-hacker issues, like employee activities outside the firm. And it’s not just an IT problem. The manner in how breaches occur, how companies respond and ensuing media coverage can destroy a brand, impacting the whole business. Today, leaders must know about technologies that enable companies to quickly respond and protect customers, plus communication techniques to ensure their brand weathers the storm. In this panel, you’ll hear from experts regarding crisis communications, legal issues and consumer concerns in the event of a breach. Learn how to be ready with a smart plan that includes proactive protection, company preparedness, customer communications and media outreach.
by Dan Miller and Isaac Chapa
Start warming up your vocal chords. With an expected growth rate of 13 percent for 2012, voice authentication is going to be the biometric protocol of choice as businesses, government organizations and consumers look for ways to further protect personal identities and secure data.
Why voice biometrics?
Your voice is as unique as a fingerprint. It cannot be lost, stolen or forgotten. Voice authentication doesn’t need expensive equipment or fancy software to implement – just a telephone connection. Your voice can be captured in less than a minute and verified in less than 5 seconds.
This panel will discuss recent advancements in voice biometrics, the current strengths and limitations of the technology and how businesses, government organizations and others are implementing the technology to protect customer identities, financial transactions and more.
On Thursday, June 2, 2011, LulzSecurity.com registered for CloudFlare — a service designed to make any website faster and more secure. One hour after they registered, they published 3.5 million usernames and passwords allegedly stolen from Sony Pictures' website.
For the next three weeks, LulzSec claimed to hack organizations ranging from the CIA, to the US Senate, to the Arizona Immigration Police. In the meantime, law enforcement, cyber vigilantes, and rival hackers worked to unmask LulzSec and launch major attacks of their own to knock LulzSecurity.com offline. CloudFlare watched it all from the heart of the crossfire.
We've received permission from LulzSec to tell exactly what it's like to be one of the most notorious hacking groups of all time and how to keep your site online when the whole world is trying to shut you down. This is the inside story.
The internet is a virtual playground for all kinds of bullies, those in it just for the "lulz" to those in it for the cold hard cash. This workshop will demonstrate how you can use ESAPI to protect your application from attacks that could lead to serious breaches from attackers ranging from script kiddies to the advanced persistent threat by examining high profile attacks and the defenses against them. Using examples such as the recent Sony and Citibank breaches we will examine how you can protect your app from the same type of attacks and also how you can leverage the components in ESAPI to detect the threat and react to it before it becomes a breach.
The benevolent Internet promotes expression, collaboration and experimentation. But the current legal scheme can make the Internet a place where digital tracks persist long after their intended use. In a world of d0xing and h8ing, we face a critical juncture for reconciling freedom of speech with privacy.
This panel will review of norms of online and offline conduct and suggest possible ways of striking a balance, without breaking the Internet along the way.
1. Reputation Bankruptcy may be an option to rehabilitate a ruined reputation in the reputation economy, and a solution to peer-to-peer privacy problems.
2. (Re)Contextualization has pros and cons as a remedy in a legal scheme when third-party online speech is treated differently from printed speech.
3. Disownership of Content: Should "disown this" features become the norm, allowing users to release content into the wild?
4. Ephemerality: Should certain types of content be designed to degrade over time?
9th–13th March 2012