I bit high level, but definitely a good talk. I think it is an eye-opener, as you tell that encryption alone is not enough.
If I must have a point of critic, I would say: explain it bit more on why encryption alone is not enough.
Clear, interesting slides, good use of bullet points, thanks for summary/intro, well defined sections/parts, bit longwinded in places but friendly tone, interesting subject, thank you for planning to publish the slides, rounded information (pros/cons/tips), good to understand (some familiarity with terms needed - AES, CBC), up to date content and background info, usable tips and practical advice, maybe include visual representation of aes encrypt/decrypt code (different elements used and their source - like for hybrid crypto), using slides to explain and answer questions effectively (without disrupting the flow of the presentation), maybe keep answers more concise/include the room more, clear code samples, well done on being critical of your own library, good timing and thanks for the references/resources
High level talk, but if you tried some things with mcrypt and public/private keys in the past it was nice to follow. Nice to see some parts from the PHP perspective.
A very good talk, but it felt a bit like a bummer when you told us, "do not try this your self, use a library like zend-crypt." I would have started with that and explained more about the way the encryption works. To many developers do not have any clue how public and private certificates work for example. But that might be to advanced for a 45 min talk?
If security is what you need? Then this is the best session, to get a good inside about what security is and how you should use it to store and transfer your data secure!
I felt that the level was pretty steep right out the gates, BUT the information presented was highly interesting and I can see how Enrico's approach to these encryption and authentication challenges could help out.
Thank you for this information!
Definitely got me interested to make a small experimental project to toy around with this information, despite the end conclusion being in the direction of "Just use zend-crypt. Don't bother doing this yourself".
Great talk. Very clearly structured, very clearly delivered. I learned a lot.
Just one point of feedback: You could do with a little less disclaimers (regarding being the last talk of the day and stuff) Everyone in that room is there voluntarily. Your talk is more than enough reward.
Definitely a great talk, the only problem was, my brain already took so much information to the day that is was hard to absorb this too. I think it will land in a few days if my brain processed a lot of other information :)
Nice insights though about choices one can make for speed and security.
Love to read the slides later on to easily catch and read up in my own time.
Comments
Comments are closed.
very high level. but very intresting
I bit high level, but definitely a good talk. I think it is an eye-opener, as you tell that encryption alone is not enough.
If I must have a point of critic, I would say: explain it bit more on why encryption alone is not enough.
Clear, interesting slides, good use of bullet points, thanks for summary/intro, well defined sections/parts, bit longwinded in places but friendly tone, interesting subject, thank you for planning to publish the slides, rounded information (pros/cons/tips), good to understand (some familiarity with terms needed - AES, CBC), up to date content and background info, usable tips and practical advice, maybe include visual representation of aes encrypt/decrypt code (different elements used and their source - like for hybrid crypto), using slides to explain and answer questions effectively (without disrupting the flow of the presentation), maybe keep answers more concise/include the room more, clear code samples, well done on being critical of your own library, good timing and thanks for the references/resources
Dude knows his stuff and builds the bridge between academic science and practical php, way to go Enrico!
High level talk, but if you tried some things with mcrypt and public/private keys in the past it was nice to follow. Nice to see some parts from the PHP perspective.
Great talk, which may have gone even more high level if you ask me.
A very good talk, but it felt a bit like a bummer when you told us, "do not try this your self, use a library like zend-crypt." I would have started with that and explained more about the way the encryption works. To many developers do not have any clue how public and private certificates work for example. But that might be to advanced for a 45 min talk?
If security is what you need? Then this is the best session, to get a good inside about what security is and how you should use it to store and transfer your data secure!
I felt that the level was pretty steep right out the gates, BUT the information presented was highly interesting and I can see how Enrico's approach to these encryption and authentication challenges could help out.
Thank you for this information!
Definitely got me interested to make a small experimental project to toy around with this information, despite the end conclusion being in the direction of "Just use zend-crypt. Don't bother doing this yourself".
Great talk. Very clearly structured, very clearly delivered. I learned a lot.
Just one point of feedback: You could do with a little less disclaimers (regarding being the last talk of the day and stuff) Everyone in that room is there voluntarily. Your talk is more than enough reward.
Definitely a great talk, the only problem was, my brain already took so much information to the day that is was hard to absorb this too. I think it will land in a few days if my brain processed a lot of other information :)
Nice insights though about choices one can make for speed and security.
Love to read the slides later on to easily catch and read up in my own time.
Very good talk if you want to know about security.
Speaker clearly knows his what he is talking about. I thought the level of detail was just right.