Keynote Address 1: The Art of Click-Jacking - Jeremiah Grossman
Keynote Address 2: Cyberwar is Bullshit - Marcus Ranum
- Delivering Identity Management 2.0 by Leveraging OPSS
- Bluepilling the Xen Hypervisor
- Pass the Hash Toolkit for Windows
- Internet Explorer 8 - Trustworthy Engineering and Browsing
- Full Process Reconsitution from Memory
- Hacking Internet Kiosks
- Analysis and Visualization of Common Packers
- A Fox in the Hen House - UPnP IGD
- Browser Exploits: A New Model for Browser Security
- Time for a Free Hardware Foundation?
- Mac OS Xploitation
- Hacking a Bird in The Sky 2.0
- How the Leopard Hides His Spots - OS X Anti-Forensics Techniques
Keynote Address 3: Dissolving an Industry as a Hobby - THE PIRATE BAY
- Pushing the Camel Through the Eye of a Needle
- An Effective Methodology to Enable Security Evaluation at RTL Level
- Remote Code Execution Through Intel CPU Bugs
- Next Generation Reverse Shell
- Build Your Own Password Cracker with a Disassembler and VM Magic
- Decompilers and Beyond
- Cracking into Embedded Devices and Beyond!
- Client-side Security
- Top 10 Web 2.0 Attacks
Google Tech Talks July 24, 2008 ABSTRACT Faculty Summit 2008 - Day 1 Geo API - Keith Golden One of the keys to the success of Google Maps is a rich API that can be used by outside developers
This page has links to interviews captured during the meeting of the Organisation for Economic Cooperation and Development on the Future of the Internet Economy, in Seoul, Korea, June 16-18, 2008. Foreign ministers, business leaders, technical experts, and representatives of civil society and academia conferred at this OECD ministerial event, with the goal of comparing experiences, seeking answers to common problems, and coordinating domestic and international policies.
A series of very interesting speakers and subjects.
Loose Change - Voting Hanky-Panky (All Americans must watch) - 140 mn - 18 mai 2006
Governments are installing computerized voting systems with no paper record to verify accuracy. Elections will be controlled by companies th...Governments are installing computerized voting systems with no paper record to verify accuracy. Elections will be controlled by companies that do not allow voters to inspect their software. If vote counting becomes privatized, there may be no way to get it back. Hightech vote fraud is already a reality. If you value your vote, you must get this information to your friends – and fast!«
A 23 minute documentary about how hackers are giving patriotic chinese internetusers the tools, strategy and targets to attack.
Dispatches - The Data Theft Scandal - 48 mn - 8 oct. 2006
Aired on the 5th of October 2006, Dispatches looks into how easy it is to obtain personal information from call centres in India. The amo...suite » Aired on the 5th of October 2006, Dispatches looks into how easy it is to obtain personal information from call centres in India. The amount of information that can be obtained and sold to anyone is frightening. Identity theft and fraud are just somethings that can come from this sort of criminal act. Will anti-fraud measures such as 'Chip & Pin' and National ID's protect us from our data being stolen?
Dispatches - Spinning Terror - 48 mn - 10 mars 2006
Channel4 - Dispatches
With Britain facing the greatest terrorist threat in our history, the nation trusts the government to devise policies to protect the nation... With Britain facing the greatest terrorist threat in our history, the nation trusts the government to devise policies to protect the nation. But Dispatches reporter Peter Oborne reveals that our trust may be misplaced. He presents the case that the government has reacted to the London bombings by rushing through anti-terror policies motivated by the desire to ward off tabloid criticism, gain electoral advantage and make the government look strong. - Welcome in the New World Order agenda everyone.
Votergate - The Presidential Election Special Edition (Election Fraud) - 36 mn - 3 mai 2006
www.votergate.tv - www.votergate.tv
Votergate, an action documentary, follows a young team on their nationwide investigation of the current problems with our voting systems and...suite » Votergate, an action documentary, follows a young team on their nationwide investigation of the current problems with our voting systems and elections procedures. Fast-paced and engaging, Votergate reveals the shocking story of how touchscreen voting systems are highly susceptible to hacking and how these systems are being implemented across the country without the proper checks and balances to insure accuracy and accountability.«
Hippies from Hell - 53 mn - 9 févr. 2006
IP Productions - http://hippies.waag.org/
Hippies from Hell are a group of hackers, techies, artists, writers and puzzlers. In the eighties they published hacker magazine Hacktic and...suite » Hippies from Hell are a group of hackers, techies, artists, writers and puzzlers. In the eighties they published hacker magazine Hacktic and in 1993 they started the first Dutch Internet-provider, xs4all, thus opening the Internet for the general public. Apart from this they throw wild parties and organize open-air hacker festivals, using the Internet as their social platform. On their mailing list they discuss almost every aspect of our technology infested society. The Dutch hackers, as the hippies were called initially, are a special group within the international hacker movement, which they helped create for a large part. In the film artists play with hardware, young hippies hack their school-calculators, lock pickers open locks without a key: hacking is not just fooling around with technology, it is an attitude, an activity, a verb. 2002/ 2003 HIPPIES FROM HELL 53 minutes English Subtitled -DUTCH spoken- IP-productions, directed by Ine Poppe ,
Reverse engineering techniques to find security bugs: A case study of the ANI - 61 mn - 22 mai 2007
Google Tech Talks May 21, 2007 ABSTRACT Alex Sotirov is a vulnerability engineer at determina. He will discuss some latest techniques...suite » Google Tech Talks May 21, 2007 ABSTRACT Alex Sotirov is a vulnerability engineer at determina. He will discuss some latest techniques in reverse engineering software to find vulnerabilities. Particularly, he'll discuss his technique that lead him to find the ANI bug (a critical new bug in WinXP and Vista). Alex will describe the tools he uses for reverse engineering and show how he reverse engineered ANI Bug. He will continue to discussed Windows security mechanisms (ASLR, /GS) and describe how ANI exploit bypasses them.«
Voltage Security, in conjunction with the Computer History Museum and RSA hosted a panel discussion to honour the inventions, inventors, historical milestones and the future of Public Key Cryptography (PKC). The event was MC'd by John Markoff, senior writer of the New York Times and the panel was moderated by Steven Levy, author and senior editor of Newsweek. Panelists included Whitfield Diffie, Martin
information security before and after encryption In the 1970s, the world of information security was transformed by public-key cryptography, the radical revision of cryptographic thinking that allowed people with no prior contact to communicate securely. Public key solved security problems born of the revolution in information technology that characterized the 20th century and made Internet commerce possible. Security problems rarely stay solved, however. Continuing growth in computing, networking, and wireless--including applications made possible by improvements in security have given rise to new security problems. Where is this going? Diffie, a key figure in the discovery public-key cryptography, will trace the growth of information security through the 20th Century and into the 21st.«
Information security for defense Information Assurance (IA) are the methods for managing the risks to information assets. IA practitioners seek to protect the confidentiality, integrity, and availability of data and their delivery systems, whether the data are in storage, in processing, or in transit, and whether threatened by malice or accident. IA’s includes reliability and emphasizes risk management over tools and tactics. IA includes privacy, regulatory compliance, audits, business continuity, and disaster recovery. IA draws from fraud examination, forensic science, military science, management science, systems engineering, security engineering, and criminology in addition to computer science. IA is a superset of information security. IA protects and defends information systems by ensuring availability, integrity, authentication, confidentiality and non-repudiation. It provides for restoration of information systems by incorporating protection, detection, recovery and reaction capabilities. It protects information against unauthorized disclosure, transfer, modification or destruction, whether accidental or intentional.«
Information security awareness Virus and worm attacks that spread through holes in popular consumer software emphasize the role the online public must play in preserving the safety and integrity of the Internet. To protect the network commons, more users must engage in safe online behavior by such actions as controlling their private information, updating software security patches, downloading protective software, and filtering their email. While network security remains an abstract notion to the general public, online consumers can understand the issue in terms of their personal privacy behavior, actions that result in the undesired disclosure of information and unwanted intrusions on their personal cyberspace. In her talk, Professor Rifon will discuss a social-psychological approach to understanding Internet user privacy and security safety related behaviors.«
Google TechTalks April 13, 2006 Mike Andrews Mike Andrews is a senior consultant who specializes in software security and leads the web application security assessments and Ultimate Web Hacking classes for Foundstone. ABSTRACT It all started out as a place to share physics documents, but has grown into potentially mankind's largest and most complex creation. The World Wide Web is a lot of things - a soapbox for everyone, a giant shopping mall, an application platform, and unfortunately a hacker's playground. As more applications get "web-ified" moving from the desktop or legacy systems onto the web, attackers follow the vulnerabilities. Without sophisticated tools or "1337 5x1llz", web applications are now the most attacked technology, with the majority of attacks categorized as "easily exploitable". So, before your application is placed out into one of the most hostile environments, how do you stop your software from being "0wn3d" by the 14 year old in their blacked-out bedroom, or being used by a Russian crime cartel? In this TechTalk, Mike Andrews will look at how web applications are attacked, walk through a testing framework for evaluating the security of an application and take some deep-dives into a few interesting and common vulnerabilities and how they can be exploited.«
Google TechTalks January 24, 2006 Phillip Hallam-Baker Dr Hallam-Baker is a leading designer or Internet security protocols and has made substantial contributions to the HTTP Digest Authentication mechanism, XKMS, SAML and WS-Security. He is currently working on the DKIM email signing protocol, federated identity systems and completing his first book, The dotCrime Manifesto which sets out a comprehensive strategy for defeating Internet crime. Dr Hallam-Baker has a degree in Electronic Engineering from Southampton University and a doctorate in Computer Science from the Nuclear Physics Laboratory at Oxford University. ABSTRACT Internet Crime is a serious and growing problem. Phishing, Advance Fee and Consumer fraud continue to grow at alarming rates. Internet crime is a business that makes huge profits for some. But despite the fact that security has regularly polled as almost every type of Internet user's top priority over the past ten years, almost none of the security mechanisms developed in response are effectively controlling Internet crime.«