n o i t s e c u r i t y w i t h o u t f r e e s o f t w a

N o I T s e c u r i t y w i t h o u t F r e e - PowerPoint PPT Presentation

Oct 23, 2022 •223 likes •357 views

N o I T s e c u r i t y w i t h o u t F r e e S o f t w a r e H o w o p e n n e s s c o n t r i b u t e s t o s e c u r i t y Max Mehl Programme Manager @mxmehl 3 July 2019

  1. N o I T s e c u r i t y w i t h o u t F r e e S o f t w a r e H o w o p e n n e s s c o n t r i b u t e s t o s e c u r i t y Max Mehl – Programme Manager – @mxmehl 3 July 2019 – Pass the SALT

  2. F r e e S o f t w a r e F o u n d a t i o n E u r o p e i s a c h a r i t y t h a t e mp o w e r s u s e r s t o c o n t r o l t e c h n o l o g y .

  3. F r e e S o f t w a r e U S E S T U D Y T h e s o f t w a r e c a n b e u s e d § § T h e s o f t w a r e a n d i t s c o d e c a n f o r a n y p u r p o s e b e a n a l y s e d b y a n y o n e w i t h o u t r e s t r i c t i o n s . S H A R E I M P R O V E T h e s o f t w a r e c a n b e s h a r e d T h e s o f t w a r e c a n b e m o d i fi e d w i t h o u t l i m i t a t i o n s . T h e p r i c e b y y o u o r o t h e r s t o g i v e b a c k d o e s n ’ t m a t t e r . t o t h e c o m m u n i t y . 3

  4. Wh a t i s I T s e c u r i t y ? „ S e c u r i t y i s n o t a p r o d u c t ; i t i t s e l f i s a p r o c e s s . “ – B r u c e S c h n e i e r i n „ S e c r e t & L i e s “ , 2 0 0 0 P h o t o g r a p h b y R a m a , W i k i m e d i a C o m m o n s , C c - b y - s a - 2 . 0 - f r

  5. I T s e c u r i t y a s a p r o c e s s T h e o b v i o u s C o d e fl a w s A t s e c o n d g l a n c e E n c r y p t i o n L i b r a r i e s N a s t y d e t a i l s 1 F i x i n g b u g s H u m a n f a c t o r B u s i n e s s s t r a t e g y 2 C u s t o m i s a t i o n S u p p o r t c y c l e s 3 L i a b i l i t y 5

  7. S e c u r i t y b e n e fi t s t h r o u g h F r e e S o f t w a r e T r a n s p a r e n c y f o r a l l O u t s i d e p r e s s u r e I n d e p e n d e n t s e c u r i t y a u d i t s Wh e n p u b l i s h i n g c o d e , o n e i n c r e a s e t r u s t , a l s o i n t e r n a l l y . b e t t e r l o o k a b i t c l o s e r . S h a r i n g s y n e r g i e s I n d e p e n d e n c e I s s u e s c a n b e s o l v e d o n o n e ’ s O t h e r u s e r s a n d t h e c o m m u n i t y o w n , o r a p r o j e c t f o r k e d i f t a k e i n t e r e s t a n d c o n t r i b u t e . n e c e s s a r y . 7

  8. F r e e S o f t w a r e i s a n e c e s s a r y , b u t n o t s u ffic i e n t c o mp o n e n t o f I T s e c u r i t y

  9. C o n s i d e r a t i o n s R e s p o n s i b i l i t i e s D e g r e e o f r e u s e Wh o i s r e s p o n s i b l e f o r s e c u r i t y i n U s a g e o f m a n y e x t e r n a l F r e e s h a r e d p r o j e c t s ? H o w t o d e a l w i t h S o f t w a r e m o d u l e s , o r r a t h e r e x t e r n a l l i b r a r i e s ? s m a l l e r b u t c u s t o m s o f t w a r e ? „ N a t i o n a l s e c u r i t y “ O t h e r c o mp o n e n t s I s t h e r e s o f t w a r e w h o s e r e l e a s e F r e e H a r d w a r e , r e p r o d u c i b l e w o u l d b e d i s a d v a n t a g e o u s ? b u i l d s , a n d o t h e r s e c u r i t y p r o c e s s e s a r e i m p o r t a n t a s w e l l . 9

  10. C o mmo n c o u n t e r a r g u me n t s „ F r e e S o f t w a r e o n l y w i t h n o n - c r i t i c a l t h i n g s ! “ „ P u b l i c s o u r c e c o d e = R i s k ” N O , “ s e c u r i t y b y o b s c u r i t y ” h a s N O , t r u s t a n d o p e n p r o c e s s e s b e e n p r o v e n w r o n g . S o u r c e c o d e a r e a l l t h e m o r e c r u c i a l f o r c r i t i c a l c a n o f t e n b e r e c o n s t r u c t e d . a n d p u b l i c i n f r a s t r u c t u r e . → K e r c k h o ff s ’ p r i n c i p l e „ F r e e S o f t w a r e i s o n l y b y a n d f o r h o b b y i s t s ! ” “ B u s i n e s s s e c r e t s ” N O , s e e L i n u x k e r n e l , R e d H a t , Y e s a n d n o , b u t u s u a l l y n o t A p a c h e , M i c r o s o f t , v i r t u a l i s a t i o n , p r o b l e m a t i c , o f t e n e v e n C M S s . . . b e n e fi c i a l . 10

  11. E x a mp l e H u a w e i F r e e S o f t w a r e f o s t e r s t r u s t ● C o n c e r n s w i t h 5 G i n f r a s t r u c t u r e I n d e p e n d e n t s e c u r i t y a u d i t s p o s s i b l e ● A g e n c i e s c a n s h a r e w o r k ● C o m p e t i t i o n a s a d d i t i o n a l p r e s s u r e ● A l s o i m p o r t a n t : r e p r o d u c a b i l i t y , f r e e ● h a r d w a r e U n r e a l i s t i c ? P e r h a p s t o d a y , b u t n o t i n t h e ● i n t e r m e d i a t e a n d l o n g t e r m . A d v a n t a g e s o f F r e e S o f t w a r e 11

  12. T h a n k y o u ! T h a n k s t o a l l F S F E s u p p o r t e r s w h o e n a b l e o u r w o r k . J o i n t h e m ! f s f e . o r g / s u p p o r t M a x M e h l | m a x . m e h l @f s f e . o r g | @m x m e h l ( M a s t o d o n , T w i t t e r . . . ) S l i d e s l i c e n c e d u n d e r C C B Y - S A 4 . 0 u n l e s s o t h e r w i s e s t a t e d M a t e r i a l I c o n s · v 3 . 0 . 1 · b y G o o g l e u n d e r A p a c h e L i c e n s e 2 . 0 F o n t A w e s o m e · v 4 . 7 . 0 · b y D a v e G a n d y u n d e r S I L O F L 1 . 1 I o n i c o n s · v 2 . 0 . 1 · b y B e n S p e r r y u n d e r M I T

Recommend

How Much Risk Is Too Much Risk? Boston SPIN January 20 th 2004 Tim Lister lister@acm.org The

How Much Risk Is Too Much Risk? Boston SPIN January 20 th 2004 Tim Lister lister@acm.org The

How Much Risk Is Too Much Risk? Boston SPIN January 20 th 2004 Tim Lister lister@acm.org The Atlantic Systems Guild, Inc. WHATS IT ALL ABOUT, ALFIE? WHATS IT ALL ABOUT, ALFIE? WHATS IT ALL ABOUT, ALFIE? WHATS IT ALL ABOUT, ALFIE?

976 views • 74 slides
Laboratory Quality Control Based on Risk Management James H. Nichols, Ph.D., DABCC, FACB

Laboratory Quality Control Based on Risk Management James H. Nichols, Ph.D., DABCC, FACB

Laboratory Quality Control Based on Risk Management James H. Nichols, Ph.D., DABCC, FACB Professor of Pathology Tufts University School of Medicine Medical Director, Clinical Chemistry Baystate Health System Springfield, Massachusetts

583 views • 47 slides
INTRODUCTION Chapter er 4 and 5 dealt with two aspects of the cognitive domain of language

INTRODUCTION Chapter er 4 and 5 dealt with two aspects of the cognitive domain of language

1 INTRODUCTION Chapter er 4 and 5 dealt with two aspects of the cognitive domain of language learning: 1. human learning processes 2. cognitive variations in learning-style and strategies. This chapter er and Chapter er 7 deal

429 views • 12 slides
International Consumption Risk Sharing: The Role of Good and Bad Volatility Jorge M. Uribe

International Consumption Risk Sharing: The Role of Good and Bad Volatility Jorge M. Uribe

International Consumption Risk Sharing: The Role of Good and Bad Volatility Jorge M. Uribe (Universidad del Valle & Riskcenter ) Helena Chuli a (Universitat de Barcelona & Riskcenter) IFABS 2018 Porto Conference International

538 views • 23 slides
In this video Why do we avoid inversions? Why do we avoid inversions? Three main reasons:

In this video Why do we avoid inversions? Why do we avoid inversions? Three main reasons:

In this video Why do we avoid inversions? Why do we avoid inversions? Three main reasons: 1) lack of understanding how to do them safely 2) fear of falling 3) fear of injury Headstand magic People who love headstand really

240 views • 7 slides
KIDS kidslab.dk The development of non-standard preferences Marco Piovesan, Dept. of Economics

KIDS kidslab.dk The development of non-standard preferences Marco Piovesan, Dept. of Economics

KIDS kidslab.dk The development of non-standard preferences Marco Piovesan, Dept. of Economics 10/01/2017 2 Heterogeneity of non-standard preferences Some people are generous, risk averse and patient Other people are selfish, risk loving

327 views • 8 slides
Experimental choices and field behavior on impatience, saving and smoking Matthias Sutter

Experimental choices and field behavior on impatience, saving and smoking Matthias Sutter

Latsis Symposium 2012 Economics on the Move Experimental choices and field behavior on impatience, saving and smoking Matthias Sutter University of Innsbruck and University of Gothenburg 1 Overview of talk Main paper (forthcoming

554 views • 34 slides
Overview Four supportive steps to help young children identify their feelings, learn healthy

Overview Four supportive steps to help young children identify their feelings, learn healthy

Overview Four supportive steps to help young children identify their feelings, learn healthy self-control and reduce challenging behavior. FLIP IT can be used for: targeted interventions for a child displaying specific behavioral concerns.

520 views • 20 slides
HEPATITIS AWARENESS MONTH WEBINAR 2020 04/27/2020 JANE PAN, EXECUTIVE DIRECTOR

HEPATITIS AWARENESS MONTH WEBINAR 2020 04/27/2020 JANE PAN, EXECUTIVE DIRECTOR

HEPATITIS AWARENESS MONTH WEBINAR 2020 04/27/2020 JANE PAN, EXECUTIVE DIRECTOR Janepan@hbi-dc.org www.HBI-DC.org About HBI-DC - 501(c)(3) nonprofit organization Vision: A world free from liver disease caused by viral hepatitis. Mission: n

111 views • 8 slides
REGULARITY FOR SINGULAR RISK-NEUTRAL VALUATION EQUATIONS Kolmogorov Equations in Physics and

REGULARITY FOR SINGULAR RISK-NEUTRAL VALUATION EQUATIONS Kolmogorov Equations in Physics and

REGULARITY FOR SINGULAR RISK-NEUTRAL VALUATION EQUATIONS Kolmogorov Equations in Physics and Finance Modena, Italy September 8-10, 2010 Marco Papi Engineering School - UCBM, Roma ( Italy ) m.papi@unicampus.it (based on joint work with C.

736 views • 39 slides
A structural risk-neutral model for pricing and hedging power derivatives FiME Research Centre

A structural risk-neutral model for pricing and hedging power derivatives FiME Research Centre

Position of the problem Spot model Pricing & hedging Risk premium vs error model Conclusion A structural risk-neutral model for pricing and hedging power derivatives FiME Research Centre Monthly Seminar - Paris Ren e A d, Luciano

1.25k views • 124 slides
Option Pricing with Semi-Markov Switching Lvy Process Financial Mathematics Lunch Talk Yi

Option Pricing with Semi-Markov Switching Lvy Process Financial Mathematics Lunch Talk Yi

Option Pricing with Semi-Markov Switching Lvy Process Financial Mathematics Lunch Talk Yi (Ivy) Zhang Department of Mathematics and Statistics University of Calgary February 26, 2019 Yi (Ivy) Zhang (Universities of Calgary) Option Pricing

516 views • 35 slides
Soft Actor-Critic Zikun Chen, Minghan Li Jan. 28, 2020 Soft Actor-Critic: Ofg-Policy Maximum

Soft Actor-Critic Zikun Chen, Minghan Li Jan. 28, 2020 Soft Actor-Critic: Ofg-Policy Maximum

Soft Actor-Critic Zikun Chen, Minghan Li Jan. 28, 2020 Soft Actor-Critic: Ofg-Policy Maximum Entropy Deep Reinforcement Learning with a Stochastic Actor Tuomas Haarnoja, Aurick Zhou, Pieter Abbeel, Sergey Levine Outline Problem: Sample

1.42k views • 62 slides
Kernel-based Reinforcement Learning in Robust Markov Decision Processes Shiau Hong Lim, Arnaud

Kernel-based Reinforcement Learning in Robust Markov Decision Processes Shiau Hong Lim, Arnaud

Kernel-based Reinforcement Learning in Robust Markov Decision Processes Shiau Hong Lim, Arnaud Autef Motivation Robust Markov Decision Process (MDP) framework Tackle model mismatch and parameter uncertainty Previously, for state

520 views • 13 slides
Specification of Concretization and Symbolization Policies in Symbolic Execution S ebastien

Specification of Concretization and Symbolization Policies in Symbolic Execution S ebastien

Specification of Concretization and Symbolization Policies in Symbolic Execution S ebastien Bardin joint work with Robin David, Josselin Feist, Laurent Mounier, Marie-Laure Potet, Thanh Dihn Ta, Jean-Yves Marion CEA LIST (Paris-Saclay,

862 views • 61 slides
Poverty Measurement and the Distribution of Deprivations among the Poor Sabina Alkire OPHI,

Poverty Measurement and the Distribution of Deprivations among the Poor Sabina Alkire OPHI,

Poverty Measurement and the Distribution of Deprivations among the Poor Sabina Alkire OPHI, Oxford James E. Foster George Washington University and OPHI, Oxford UNU-WIDER Conference on 'Inequality - measurement, trends, impacts, and

718 views • 44 slides
CS885 Reinforcement Learning Module 2: June 6, 2020 Maximum Entropy Reinforcement Learning

CS885 Reinforcement Learning Module 2: June 6, 2020 Maximum Entropy Reinforcement Learning

CS885 Reinforcement Learning Module 2: June 6, 2020 Maximum Entropy Reinforcement Learning Haarnoja, Tang et al. (2017) Reinforcement Learning with Deep Energy Based Policies, ICML . Haarnoja, Zhou et al. (2018) Soft Actor-Critic: Off-Policy

684 views • 24 slides
The Robustness of Go A study of Go and its ecosystem Agenda - What does it mean to be robust?

The Robustness of Go A study of Go and its ecosystem Agenda - What does it mean to be robust?

The Robustness of Go A study of Go and its ecosystem Agenda - What does it mean to be robust? - Robust features of Go - Fragile features of Go - Giving up - Well, actually: Erlang - A new hope About me Francesc Campoy (@francesc /

822 views • 57 slides
in 4 Steps Dr. Michle B. Nuijten Sounds like Newton/Nowton @MicheleNuijten m.b.nuijten@uvt.nl

in 4 Steps Dr. Michle B. Nuijten Sounds like Newton/Nowton @MicheleNuijten m.b.nuijten@uvt.nl

Checking Robustness in 4 Steps Dr. Michle B. Nuijten Sounds like Newton/Nowton @MicheleNuijten m.b.nuijten@uvt.nl http://mbnuijten.com My background. @MicheleNuijten 2 Today. Assessing and improving robustness of psychological science

427 views • 29 slides
Research Infrastructures ensuring the trust and quality of data Session 5A Simon Hodson,

Research Infrastructures ensuring the trust and quality of data Session 5A Simon Hodson,

ICRI 2018 Vienna 13 September 2018 Research Infrastructures ensuring the trust and quality of data Session 5A Simon Hodson, Executive Director, CODATA www.codata.org What contributes to quality and trust? What principles and practices are

409 views • 8 slides
Health Privacy Project at CDT Projects aim: Develop and promote workable privacy and

Health Privacy Project at CDT Projects aim: Develop and promote workable privacy and

12/1/2011 De Identification of De-Identification of Health Data under HIPAA: Potential Paths Forward Deven McGraw Director Health Privacy Project Director, Health Privacy Project November 30, 2011 Health Privacy Project at CDT

510 views • 9 slides
, , Weakly Supervised Classification Robust Learning and More: Robust Learning and More:

, , Weakly Supervised Classification Robust Learning and More: Robust Learning and More:

The Second Korea-Japan Machine Learning Workshop, Jeju, Korea Feb. 23, 2019 , , Weakly Supervised Classification Robust Learning and More: Robust Learning and More: Overview of Our Recent Advances Overview of Our Recent Advances Masashi

484 views • 29 slides
Configuring Infrastructure for the Cloud Automated planning & agents Paul Anderson

Configuring Infrastructure for the Cloud Automated planning & agents Paul Anderson

Configuring Infrastructure for the Cloud Automated planning & agents Paul Anderson <dcspaul@ed.ac.uk> KES AMSTA 2011 Friday, 1 July 2011 Background Several different communities have an interest in configuring some aspect of

637 views • 20 slides
SIMULATION OF VIRAL INFECTION PROPAGATION THROUGH AIR TRAVEL Ashok Srinivasan, University of West

SIMULATION OF VIRAL INFECTION PROPAGATION THROUGH AIR TRAVEL Ashok Srinivasan, University of West

SIMULATION OF VIRAL INFECTION PROPAGATION THROUGH AIR TRAVEL Ashok Srinivasan, University of West Florida Collaborators Sirish Namilae, Anuj Mubayi, Matthew Scotch, Robert Pahle, and C.D. Sudheer We use Blue Waters to analyze risk of infection

439 views • 27 slides

More recommend