Anant Shrivastava
@anantshri
When the Internet Bleeded
Submitted Apr 19, 2014
Section:
Full talk
Technical level:
Intermediate
The objective of the session is
- Provide a basic understanding of SSL / TLS related issues identified in and past year.
- Its wide spread implications for the new age internet
- What it means for the Developers and Administrators
Outline
The talk will talk about various TLS / SSL related bugs that are identified in past year.
- HeartBleed
- GNUTLS Bug
- Apple SSL Bug
- Lucky 13
- BEAST
- CRIME
These bugs have shaken the core premise of Secure communication. The talk will focus on bringing a basic understanding of these issues to the administrators or developers. Besides this the talk will also focus on some burning questions that are now raised in wild. Such as
- How secure are secure Socket Libraries?
- Is opensource code really secure?
- Is it really true that “given enough eyeballs, all bugs are shallow”?
- Should we move towards higher abstract languages?
and most important.
- What it really means for a Administrator / DevOps person
Speaker bio
- I am a server administrator gone rouge to become a security consultant.
- I have spoken and trained at multiple security focused conferences like Nullcon, c0c0n, ClubHack, g0s.
- Primarily focused towards web application security and Mobile Security.
- Active member of Null and Garage4Hackers open security Communities.
- Creator of Android Tamer.
- More about me here
Links
- http://www.clubhack.tv/2011/android-tammer-anant-shrivastava/
- http://anantshri.info/articles/android_cust_rom_security.html
- http://anantshri.info/articles/web_app_finger_printing.html
- http://github.com/anantshri/
Slides
http://www.slideshare.net/anantshri/when-the-internet-bleeded-rootconf-2014
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}