Data is a big thing now a days. Data is everywhere. Data is collected on almost as many places. And a lot of people want to access your data. But why exactly is your data important? What can people / companies do with it? How can I keep my data safe. or that of my company? How do criminals get to your data? and most importantly, what can you do to avoid the fact that they steal your data?

1. Open solutions, smarter people
Security
You are also part of the game
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

2. Open solutions, smarter people
Who is that guy?
• Bert Desmet
• 23 years old
• Fedora – Ambassador, mentor, packager
• Loadays – Co organizer
• Numius – System Engineer, Consultant
• Devnox – Developer, System Engineer

3. Open solutions, smarter people
Today's topics
• I'm a good hacker.
• Why I love USB sticks.
• Remember your password?
• Shhhhhhht!

4. Open solutions, smarter people
I am a good hacker.

5. Open solutions, smarter people
No tech hacking?

6. Open solutions, smarter people
Shoulder surfing

7. Open solutions, smarter people
Dumpster diving

8. Open solutions, smarter people
Social engineering

9. Open solutions, smarter people
Taking pictures

10. Open solutions, smarter people
Why I love USB sticks.

11. Open solutions, smarter people
They are easy

12. Open solutions, smarter people
And small

13. Open solutions, smarter people
They are easily..
• Forgotten
• Stolen

14. Open solutions, smarter people
Some thoughts about it
• Encrypt your sensitive data
• Never put passwords on your system
• Use the intranet
• Never leave your portable gear alone
• Never forget your gear

15. Open solutions, smarter people
Some statistics
• 53% of UK workers lost portable devices
– >50% at a drinking venue
• Taxis and public transport
• 1 lost data record cost more than $187
– 70% indirect cost
• Lost costumers

16. Open solutions, smarter people
Remember your password?

17. Open solutions, smarter people
How to choose a password
• Avoid using dictionary words
• Use special characters and numbers
• Change your password every month
• Blah blah blah

18. Open solutions, smarter people
How to choose a password
• Avoid using dictionary words
• Use special characters and numbers
• Change your password every month
• Blah blah blah

19. Open solutions, smarter people
Entropy
• H : Entropy
• N : Possible symbols
• Length of string
H= L∗log2 N

20. Open solutions, smarter people
Example time!
• This is.obviously a.bad passw0rd:-(
– L : 35
– W : 94
– H : ±230
• PrXyc.N(n4k77#L!eVdAfp9
– L : 23
– W : 94
– H : ±151

21. Open solutions, smarter people
Time to crack a password
• [[Guesses before string is found = 2H]]
• This is.obviously a.bad passw0rd:-(
– 2230 = 1.72543659 × 1069
– 1000 guesses /s = 5.5 x 1058 years
• PrXyc.N(n4k77#L!eVdAfp9
– 2151 = 2.85449539 × 1045
– 1000 guesses /s = 9 × 1034 years

22. Open solutions, smarter people
Password Strenght

23. Open solutions, smarter people
Lastpass
• Fully encrypted
• Generate extremely hard passwords
• Choose a good master password!

24. Open solutions, smarter people
Some tips
• Never store passwords on pc
• Never use autologin

25. Open solutions, smarter people
Shhhhhhhht!

26. Open solutions, smarter people
I want you to shut up!

27. Open solutions, smarter people
Security through obscurity
• Don't tell anyone
• Security based on secrecy

28. Open solutions, smarter people
Kerckhoffs' doctrine
• Security can't depend on secrecy

29. Open solutions, smarter people
Reality
• There are always leaks
– By accident
– Deliberately
• Try to keep 'secrets'

30. Open solutions, smarter people
Wait! There is more!

31. Open solutions, smarter people
In a perfect world..

32. Open solutions, smarter people
There is always a hole.

33. Open solutions, smarter people
I like onions

34. Open solutions, smarter people
Multi Level Security
• Multiple systems
• Building fort Knox
• You are the first line of defense

35. Open solutions, smarter people
Extra! Extra!

36. Open solutions, smarter people
Something you have..

37. Open solutions, smarter people
Yubikey

38. Open solutions, smarter people
I preach.
And I practice.

39. Open solutions, smarter people
Questions?
• Bert Desmet
• Security, you are also part of the game
• Mail: Bert@devnox.eu
• Twitter: @bdesmet_
• Website: http://blog.bdesmet.be
• Website: http://www.devnox.eu
• This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

40. Open solutions, smarter people
Sources
• Chess game: http://www.flickr.com/photos/seeminglee/1479932683/
• Closed vault: http://www.flickr.com/photos/mstyne/3654056683/
• Open vault: http://www.flickr.com/photos/spotsgot/156025944/
• Onion: http://www.flickr.com/photos/inferis/107293622/
• Laptop + usb stick: http://www.flickr.com/photos/wstryder/2780310027/
• New York Public Library: http://www.flickr.com/photos/paul_lowry/2616820493/
• Statistics on loosing gear: http://www.securestix.com/bad_news.php
• Shoulder surfing: http://www.flickr.com/photos/bonzoesc/209474964/
• Dumpster: http://www.flickr.com/photos/urbanjacksonville/1803065217/
• Telephone call: http://www.flickr.com/photos/lst1984/994531885/
• Taking pictures: http://www.flickr.com/photos/glenpooh/708845839/
• Xkcd joke: http://xkcd.com/936/
• Shut up: http://www.flickr.com/photos/lorenia/934705558/
• 3way handhake: http://media.photobucket.com/image/3%20way%20handshake/Haley_Bug/Mission%20Trip%20Choir%20Tour%202006/100_0087.jpg?o=1
• Yubikey: http://www.flickr.com/photos/thofle/3206443137/
• Special thanks to: Johnny Long

41. Open solutions, smarter people