A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Infojanitor – Virtual trust, Virtual Permission and the Illusion of Security Derbycon 2011 (Hacking Illustrated Series InfoSec Tutorial Videos)

Infojanitor – Virtual trust, Virtual Permission and the Illusion of Security
Derbycon 2011

This presentation will cover common issues implemented in existing technology, future technology and the allowance of applications to make human decisions without human interaction. Currently application developers are implementing applications with the ability to make human type choices that in some cases are not to the users benefit. This precedent in application implementation is causing multiple security issues across devices, services, and within applications that previously had no interaction with each other or networked environments. It is the underlying element that has been talked around by other security presenters due to its symptoms which are evident for the past few years but no one has identified it as the cause. This talk will also provide clear examples of how the implementation of virtual trust and permission are giving users an illusion of security which makes them feel secure even when they are not; Bruce Schneier calls it “Security Theater”. The talk hopes to provide security professionals and non-security professionals of all levels awareness of the issue so that they may be able to improve their security footprint, fend off digital snake oil salesmen, and protect their environment from elements and attack vectors that they had not considered before.

Back to Derbycon 2011 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast