Usability Related Observations Practical Security Hints Danny De - - PowerPoint PPT Presentation

usability related
SMART_READER_LITE
LIVE PREVIEW

Usability Related Observations Practical Security Hints Danny De - - PowerPoint PPT Presentation

Oct 28, 2023 265 likes •341 views

Usability Related Observations Practical Security Hints Danny De Cock, PhD, sr. Research Manager Applied Cryptography 25 March 2018, #hackatonamring, Nrburg, Germany Slides: http://godot.be/slides While establishing correct location

slide-1
SLIDE 1

Usability Related Observations Practical Security Hints

Danny De Cock, PhD, sr. Research Manager Applied Cryptography 25 March 2018, #hackatonamring, Nürburg, Germany Slides: http://godot.be/slides

slide-2
SLIDE 2

While establishing correct location

Thema des Vortrags · Name Referent · 12.10.2017 · Seite 2

Address at coordinates:

  • 1350 Massachusetts Ave, Harvard

University, Cambridge, MA 02138

Latitude 50.335567515 Longitude 6.945383879 Battery: 67% Frame rate: 30 FPS

Camera

  • n/off

Camera Front/Rear Flash

  • n/off

Rotate Image Audio

  • n/off

Take Snapshot Large Map, Small video Small map, Large video

Live view

slide-3
SLIDE 3

Once correct location has been established

Thema des Vortrags · Name Referent · 12.10.2017 · Seite 3

Address at coordinates:

  • 1350 Massachusetts Ave, Harvard

University, Cambridge, MA 02138

Latitude 50.335567515 Longitude 6.945383879 Battery: 67% Frame rate: 30 FPS

Camera

  • n/off

Camera Front/Rear Flash

  • n/off

Rotate Image Audio

  • n/off

Take Snapshot Large Map, Small video Small map, Large video

Live view

Snapshot view

slide-4
SLIDE 4

Alternative Extra PODO, Kickstarter project

Thema des Vortrags · Name Referent · 12.10.2017 · Seite 4

Size: 1.5" x 1.5" x 1.3" (4.5 x 4.5 x 3 cm) Weight: 1.5 oz (43 g) Sensor: 5 MP (2.2 μm pixels) Video: 720p 30fps Lens: 90° wide-angle, glass Memory: 8 GB 8-LED ring Bluetooth connectivity Accelerometer Rechargeable battery (up to 1.5 hrs. video)

slide-5
SLIDE 5

Practical Security Hints

  • Never hard code any security features

Security algorithms + protocols + keys should be configurable

  • Security ‘out of the box’ is impossible

Goal: nearly-zero configuration, granny proof user interface

  • All secure applications require the

installation of a code-signed app

Application should be certified and originate from trustworthy source + same applies to over-the-air updates

  • Registration of device is critical

Device authentication is more important than user authentication

Thema des Vortrags · Name Referent · 12.10.2017 · Seite 5

slide-6
SLIDE 6
  • Contact details:

Danny.DeCock@esat.kuleuven.be

Thema des Vortrags · Name Referent · 12.10.2017 · Seite 6