Security Theatre

Thomas Shone

Saturday 4 November 2017 from 14:30 to 15:20

Talk in English - UK at ScotlandPHP 2017
View Slides: https://www.slideshare.net/xsist10/security-theatre-scotland-php
Short URL: https://joind.in/talk/0a184 (QR-Code (opens in new window))

Avg. Rating

This is not your normal security talk. Sure we talk about secure communication and the importance of hashing and encrypting (and why rolling your own is never a solution). We might even get frisky and cover some more interesting topics like true randomness, timed attacks and social engineering.

But what we're here to learn about is the state of online security. Based on the results from a 4 year research project to see just how vulnerable the average website is. Theodore Sturgeon famously said 90% of everything is crud, we'll get to see just how close we come to that number. So if you're ready to see how scary the dark depths of security can be and just how scary it is when you look up and see all the leaky boats above us is, this is for you.

Comments

Comments are closed.

Peter McDonald at 15:34 on 4 Nov 2017

Fantastic talk. Quite eye opening and embedded a lot of thoughts about security.

Now to go to the doctors for some anti depressants.

Daniel Craigie at 15:35 on 4 Nov 2017

Very entertaining and informative talk full of hints and tips (and graphs).

I will definitely keep an eye out for more in the future.

Ken Guest at 22:48 on 4 Nov 2017

Amazing talk - quite an eyeopener and reminder of what's important security-wise as a developer and also what's important from a release management aspect in relation to security management. Very thought provoking.

Jack Mallon at 10:58 on 5 Nov 2017

Very eye-opening! What if a good source of information on keeping update with security threats?

Richard Black at 14:39 on 5 Nov 2017

Very engaging speaker, and a very interesting (if slightly terrifying) talk. Lots of food for thought

Jason Collins at 09:21 on 6 Nov 2017

Very honest, frank and detailed talk. Enjoyed it thoroughly from start to end! I'm sure everyone this took something away.

David Towers at 10:03 on 6 Nov 2017

Well delivered, and very useful topic... especially useful stats on how quickly security issues are found within new releases and why we should be up to date!

Jaap Migchels at 10:35 on 6 Nov 2017

Absolutely brilliant, could have easily listened another hour of this, loads of surprising results.

Lukas Giegerich at 10:38 on 6 Nov 2017

Superb talk.

Clear, well paced and spoken, easy to follow and very, very funny. Also, terrifying.

thiago marini at 13:05 on 6 Nov 2017

Great talk!

Alistair Burns at 15:35 on 6 Nov 2017

I really enjoyed the style of delivery of this talk, and it was really interesting to see how many people don't upgrade their software libraries, unless the upgrades require zero changes to the code!

Craig McCreath at 14:18 on 7 Nov 2017

He warned us it'd be depressing but it was fantastic! Really engaging and very well produced with a lot to take away.

Andy Gaskell at 14:53 on 8 Nov 2017

Great talk, entertaining and engaging. I like the metaphor threaded through it.