GoTo MeetUp: Security by Default
Information security is important ; however, this knowledge helps few people. The number of connected general-purpose computers (== complexity) is growing every day, there are very real incidents from Heart or Cloudbleed to Stuxnet or problems with Toyota's on-board computer ( when the car does not stop ), and the situation does not get better on its own. It gets worse, because the “Internet of things” is startups that make physical infrastructure like light bulbsor door locks (SCADA developers cry with bloody tears). Because a huge amount of code is written in memory-unsafe languages. Because the education of developers is, as a rule, either about features (projects / etozhprototype), or about fundamental algorithms (which does not help understanding that the system does not work in a vacuum).
It seems that there are two main roots of the problem: this is an unsafe toolkit - for example, PL (C / C ++) and libraries (OpenSSL), and people. People forget about information security, think “we’ll release something, and then we'll figure it out”, they don’t understand the tradeoffs of their tools (everyone knows that “C is fast”, but few people know about memory unsafety and the scale of UB) etc. The first problem is now being solved by the community: safe languages like Rust and simple, understandable libraries like TweetNaCl are being developed. The second remains (after all, good tools still need to be taught, as well as appropriate thinking).
Therefore, we are conducting a mitap on
information security Security by Default.
We say "SbD" instead of "IB" because the latter is often associated with (1) evil security guards who seem to exist only to spoil the life of an ordinary developer and (2) with CTFs and a hacking culture.
We are talking more about security by default: both tools (a machine that can itself brake before an imminent collision, turned on after installing the firewall OS, a language with memory safety), and in people's thinking (think about non-post factum).
We split the mitap program into several blocks:
(also see ideas for reports at the end)
Industry: here, experienced experts from large companies will talk about their experience with fakaps (and review the industry), and how corporations bring safety to their projects. We will also discuss tools that make development (more) safe: from fuzzing to strong type systems.
Examples of discussion topics:
- Stuxnet , a malware that destroyed 20% of Iran’s nuclear centrifuges via SCADA
- Compromise of the entire database (name, photographs, financial data, etc.) of Ashley Madison , a dating site for married men
- Remote Code Execution on Pornhub
- Fuzzing dnsmasq with finding useful stack overflow
- How does "fearless concurrency" Rust work in practice
- How to prepare cryptography
- Designing secure interfaces: from browser to messenger
Personal safety: we’ll talk about how to control our data (Digital Fingerprint), discuss the legal issue (how to sue for abuse) and the question “I realized the problem, what should I do?”
Examples of discussion topics:
- How the incomplete implementation of Whatsapp e2e encryption makes it useless
- IoT-garage lock is blocked after a bad review of its owner on the manufacturer’s forum
- How CCC can produce fingerprints from photographs
- Is there any hope for desktop security?
- What is wrong with Telegram?
- Safety in small projects: we will analyze the cases of participants and listen to experienced startups. Let's discuss simple strategies to reduce risks.
We also welcome reports in Lightning Talk format and longer. In addition, we will be happy to discuss with everyone who is planning courses planned this summer as part of field schools .
- Interface Design Issues
- Dark patterns
- Green https lock
- Lufthansa 2904
Cryptography / trust
- Identity What is the root of trust and the source of the user's identity?
- Decentralization identity. Lessons learned from PKI and WOT. Keybase What's next?
Hazardous data processing practices (privacy, ethics)
- Alexa / Ok Google / Siri
- Storing passwords / tokens, etc.
- Using more data than necessary
Availability, Resiliency (Centralization)
- Lack of backups
- "The cloud does not fall"
- Died S3 - polinternet died
- Cloudbleed (and generally "Cloud TLS")
- Attempts to solve the problem of abstractions with new abstractions (feature creep backward compatibility time spent on non-features wasted)
- Hyper-backward compatibility (MS, Java, OpenSSL, TLS)
- ... and incompatibility (Linux ABI)
- X11: global input
- IoT (tesla powerwall, thermostats, excavators, tractors) - managed through the cloud
- Gapps is a remote-controlled rootkit attached to a person
- realtek encryption keys
- Intel ME
Curved Algorithms + Dangerous Coding Practices
- Insecure programming languages (without memory safety + sane defaults (immutability ...))
- Lack of reasonable testing and code review
- "It seems like it works"
- Sophisticated Interfaces for Developers (OpenSSL) - Source of Errors
- Heartbleed shellshock
- Languages with UB (C, C ++)
- Management requiring features at the expense of everything else: features> * / move fast, break things
- Explosive Galaxy Note 7
- Perverse incentives / economic sense: it’s easier to release a new boring product every% d than to build a good-fit
If you are already interested in information security, often find yourself advising people about it and even enjoy it - we would be glad to see you as a mentor: a person who can discuss problems and share his experience without unnecessary TLAs.