RB2: AusCERT podcast: Peter Gutmann's keynote address

0 Comments

May 20, 2009 --

The computer security industry has sometimes been compared unfavourably to the fashion industry, putting up flamboyant defences where it doesn't make any difference while paying no attention to the open barn door behind the curtain.

Why do we allow three retries for passwords instead of two, or four, or thirty-eight? How effective are SSH fingerprints? And how's the ol' PKI thing doing?

This talk will look at some widespread examples of defending where the enemy isn't, including the underlying threat models (or lack thereof), the effectiveness of the defences, and the real-world pressures and externalities that affect them, along with various modest proposals for alternative approaches.

| Play in Popup | Download

User login

Recent podcasts

Risky Business #224 -- Lost source and open relays: 2012 is here

Symantec and McAfee kick off the year of the Dragon with some decent lulz…
Risky Business #223 -- Summer edition: Drones pwned?

Russians owned our pumps. Persians pwned our drones.
Risky Business #222 -- Never pay for roaming data again

How to turn your Kindle into a free, global SSH and IRC modem...
Risky Business #221 -- Browser GFX security with Ben Hawkes

Does the hype match the reality?
Risky Business #220 -- All your Macs are belong to Snare

Rootkitting OS X, fun with EFI bootloaders and more...

Hosted by:

RB2: AusCERT podcast: Peter Gutmann's keynote address

User login

Recent podcasts

Hosted by:

Recent comments