Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & - - PowerPoint PPT Presentation

fig leaf security
SMART_READER_LITE
LIVE PREVIEW

Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & - - PowerPoint PPT Presentation

May 05, 2023 428 likes •1.09k views

Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A chance to meet our heroes! like Simple Nomad! thegnome: we expected thegnome: we got beard this is my rant.. The infosec industry ZA infosec

slide-1
SLIDE 1

“Fig Leaf Security”

@haroonmeer - 2011

slide-2
SLIDE 2

#disclaimer

slide-3
SLIDE 3

Who am i ? & Why this talk?

slide-4
SLIDE 4
slide-5
SLIDE 5

A chance to meet

  • ur heroes!
slide-6
SLIDE 6

like Simple Nomad!

slide-7
SLIDE 7
slide-8
SLIDE 8

thegnome: we expected

slide-9
SLIDE 9

thegnome: we got

slide-10
SLIDE 10

this is my rant..

beard

slide-11
SLIDE 11
  • The infosec industry
  • ZA infosec research
slide-12
SLIDE 12

InfoSec: We Suck

slide-13
SLIDE 13

and it’s our fault

slide-14
SLIDE 14

No ?

slide-15
SLIDE 15

Bet on your architecture?

slide-16
SLIDE 16

Write code for a living?

slide-17
SLIDE 17

So we build secure networks, but can’t protect our most prized user and we write code, that we know cant stand up to security testing?

slide-18
SLIDE 18

but nobody can write secure code

slide-19
SLIDE 19

Right?

slide-20
SLIDE 20

Wrong!

slide-21
SLIDE 21

<Brief Digression>

(sub-rant)

slide-22
SLIDE 22

Do you know these men?

slide-23
SLIDE 23

we hero worship the wrong guys..

slide-24
SLIDE 24

</Brief Digression>

(sub-rant)

slide-25
SLIDE 25

but nobody can write secure code

slide-26
SLIDE 26
  • k. not

(secure and usable)

slide-27
SLIDE 27

Really?

slide-28
SLIDE 28

sendmail vs qmail ? djbdns vs bind ?

slide-29
SLIDE 29

So why did we think otherwise?

slide-30
SLIDE 30

Charlatans

slide-31
SLIDE 31

fig leaves!

slide-32
SLIDE 32

Application Testing..

slide-33
SLIDE 33

“Halting Problem!”

slide-34
SLIDE 34

“patching is a hard” problem

slide-35
SLIDE 35

Management don’t buy in!

slide-36
SLIDE 36

AV’s and V’s

slide-37
SLIDE 37

Why the double standard?

slide-38
SLIDE 38

We (seem to) only fight the fights we can (kinda) win

slide-39
SLIDE 39

aka: “buying what ppl are selling”

slide-40
SLIDE 40

hiding behind our fig leaves..

slide-41
SLIDE 41

http://blog.thinkst.com/2011/03/our-upcoming-security-apocalypse.html

slide-42
SLIDE 42

“You & Your Research”

http://www.cs.virgina.edu/~robins/YouAndYourResearch.html

slide-43
SLIDE 43
slide-44
SLIDE 44

So why don’t we do more?

slide-45
SLIDE 45

it’s hard..

slide-46
SLIDE 46

easy to start.. (ideas are cheap)

slide-47
SLIDE 47
slide-48
SLIDE 48

Research Fig Leaves

slide-49
SLIDE 49

XXX is lame

slide-50
SLIDE 50

Academic masturbation!

slide-51
SLIDE 51

“doesn’t impress me”

Stephan Fry: Advice to a younger self.

slide-52
SLIDE 52

Distraction

slide-53
SLIDE 53

http://www.acceleratingfuture.com/ michael/blog/images/Amusing- Ourselves-To-Death.jpgText

slide-54
SLIDE 54
slide-55
SLIDE 55

“Amusing ourselves to Death”

slide-56
SLIDE 56
slide-57
SLIDE 57

No Interesting Problems..

slide-58
SLIDE 58

“Work on stuff that matters” “New Threats to Privacy”

slide-59
SLIDE 59

There are important battles to fight..

slide-60
SLIDE 60

“Don’t just be the guy who tweeted about it”

slide-61
SLIDE 61

Don’t just fight the fights we can (kinda)win

slide-62
SLIDE 62

Fight the fights that need fighting

slide-63
SLIDE 63

We need to produce more than we consume..

slide-64
SLIDE 64

We need you

haroon@thinkst.com @haroonmeer