Salvatore D'Agostino In the end, every technology boils down to what mankind can do to sustain the balance of life. The choice is ours - to be good or bad!
I held a top secret security clearance for 28 years and my data was stolen twice...one in the DOE IPP breach and also in the 2016 OPM breach. Protecting one's identity and finances is a 24/7 job. I've lost 10s of thousands, and I'm constantly in compromising and embarrassing situations with my credit. Normal American amenities like Grubhib and a home mortgage are something I'm giving up on.
"Into whatsoever operating systems I enter, I will enter to help the buggy, and I will abstain from all intentional wrong-doing and harm, especially from abusing the repositories of opensource or proprietary."
He is incorrect on one point, even in 2013 (when this speech was delivered) Amazon Web Services was looking at how to secure the IoT (full disclosure: I work in AWS Security). AWS has gone to a lot of trouble to supply those pesky things that developers don't like to worry about, such as security, storage, analytics, processing, and the like. For a cost that is generally lower than hosting your own dedicated servers AWS can do the heavy lifting that developers tend to be so bad at. After all, who has time to be fully conversant in writing code that addresses all the many different aspects of security, much less to update that code when a new vulnerability turns up? Just write the code to make the thing work, and let the specialists at Amazon or Microsoft or Google keep it safe. When there is a new vulnerability it will affect hundreds of their customers at once and will get addressed quickly. Unfortunately it's still cheaper to have some poor H1B contractor slap something together and shove it out the door. Executives still need to get over the 'penny wise, pound foolish' mindset and plan for life beyond the next quarter's financial report.
I would focus on demanding accountability on car systems. Car systems are closed at present. Publish how to hack a car and don't just get a job at Ford after you do it. Force them to allow a USERSPACE / KERNEL-space / Engine-Space separation to start with.
Thank you Joshua, for the good speech. I have a personal feedback. I am actually looking for an inspiring talk. But I think this talk is more about a personal story. Maybe you could tell more that relate to IoT. Thanks and hope you take this as constructive advice.
But hey, cow kills more people each year than shark. Just kidding :3. It's kinda depressing where we're heading to especially knowing that I'm majoring in IT currently.
This speech was a wake up call
"In this sea every sociopath is your next door neighbor. It doesn't matter what most would do. It matters what one would do."
"the very things you use to keep bad guys out of your house can be converted to let them in"
Salvatore D'Agostino In the end, every technology boils down to what mankind can do to sustain the balance of life. The choice is ours - to be good or bad!
Very sobering thoughts. We love our interconnectivity, but the cost may be too high.
simply brilliant ... question... its been close to 2 years.. any change you see?
Yogendra Joshi it's worse now after 3 years
I held a top secret security clearance for 28 years and my data was stolen twice...one in the DOE IPP breach and also in the 2016 OPM breach. Protecting one's identity and finances is a 24/7 job. I've lost 10s of thousands, and I'm constantly in compromising and embarrassing situations with my credit. Normal American amenities like Grubhib and a home mortgage are something I'm giving up on.
EXCELLENT WORK, how did www sec cos get behind 8ball? G
If there was a Hippocratic oath for developers, I don't think I would agree to it...
* *devious grin* *
"Into whatsoever operating systems I enter, I will enter to help the buggy, and I will abstain from all intentional wrong-doing and harm, especially from abusing the repositories of opensource or proprietary."
MrC0MPUT3R But intentional wrong-doing and harm(more trolling, really) is tons of fun. I love doing it. I don't want to agree not to.
***** I know what you mean. Especially when everything is so... *_*breathy_* *_whisper*_* _exposed_
He is incorrect on one point, even in 2013 (when this speech was delivered) Amazon Web Services was looking at how to secure the IoT (full disclosure: I work in AWS Security). AWS has gone to a lot of trouble to supply those pesky things that developers don't like to worry about, such as security, storage, analytics, processing, and the like. For a cost that is generally lower than hosting your own dedicated servers AWS can do the heavy lifting that developers tend to be so bad at. After all, who has time to be fully conversant in writing code that addresses all the many different aspects of security, much less to update that code when a new vulnerability turns up? Just write the code to make the thing work, and let the specialists at Amazon or Microsoft or Google keep it safe. When there is a new vulnerability it will affect hundreds of their customers at once and will get addressed quickly.
Unfortunately it's still cheaper to have some poor H1B contractor slap something together and shove it out the door. Executives still need to get over the 'penny wise, pound foolish' mindset and plan for life beyond the next quarter's financial report.
is this an AWS ad?
I would focus on demanding accountability on car systems. Car systems are closed at present. Publish how to hack a car and don't just get a job at Ford after you do it. Force them to allow a USERSPACE / KERNEL-space / Engine-Space separation to start with.
keepbuilding
The IOS model needs an independent eighth security layer between 5 and 6
Thank you Joshua, for the good speech. I have a personal feedback. I am actually looking for an inspiring talk. But I think this talk is more about a personal story. Maybe you could tell more that relate to IoT. Thanks and hope you take this as constructive advice.
Great
But hey, cow kills more people each year than shark. Just kidding :3. It's kinda depressing where we're heading to especially knowing that I'm majoring in IT currently.
wake up call we can be hacked
I Think Someone thinks there Tony Stark.
0