SlideShare ist ein Scribd-Unternehmen logo

Social and Mobile and Cloud OH MY!

InnoTech
InnoTech

Presented at InnoTech Oklahoma by Tyler Shields on 11-3-2011. All rights reserved.

Technologie
1 von 32
What is the same with these twitter accounts?
They have all been hacked!
Social Networking
Mobile Computing
Mobile Computing
The Cloud
The Times They Are a Changing..
I’m Secure, I Have A Firewall!
Malware Is for PCs!
Viral Adoption Refers to a system architecture that can be adopted incrementally, and gains momentum as it scales. http://dl.media.mit.edu/viral/viral.pdf - Viral Communications, Media Laboratory Research Draft May 19 th 2003
New Age Malware • Decentralized • Interconnected • Mobile • Quick Content Publishing • Decentralized • Interconnected • Mobile • Has Access to Data
KoobFace • Social media worm • Propagation via Facebook messages • Propagation via Facebook wall posts • Spams your friend list to an “update for Adobe Flash” • Installs pay per install malware on target • Infected computers operate as a botnet
I Know EXACTLY Where All My Data Lives Sure it’s Safe in the Cloud!
The Path Your Data Takes Approved Cloud Vendor The Office Central Sub-Cloud Vendor Server Sub-Cloud Vendor The Calendar Mirrored via Google Laptop – Stolen At The Airport The Lost iPhone The Hacked Home PC Google Docs To Indirect: Ooops Did I Say Share With remote That on Facebook?! Co-Worker
Own The Borg, Own The WORLD! In 2009, Twitter gets COMPLETELY owned… TWICE! Brute force password attack of targeted user reveals a password of “Happiness” – User is a Twitter admin… OWNED! A French hacker owns the Yahoo email account of a user on twitter. He then resets that users twitter password and views the email in the Yahoo account. User is a twitter admin… OWNED!
Own The Borg, Own The WORLD! 6/19/11 1:54 PM: Dropbox pushes code breaking authentication 6/19/11 5:46 PM: Dropbox pushes fix to authentication bug What can YOU do with four hours of access to every user’s data?!
I Know Exactly What My Code Does! Besides, Application Permissions Keep Me Safe!
Code Reuse, Outsourcing, And Third Party Libraries Most Code Is: Reused Outsourced Third Party Libraries (with source) Third Party Libraries (binary format) Your vendors don’t know what their code does either!
• • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • •
WSJ Article Discloses NJ Prosecutor’s Investigation JD-GUI Pandora App Publish Blog Post • Location • Bearing Investigate Other • Altitude Applications • Android ID Publish second blog posting with updated findings regarding permissions and other apps Pandora Removes Ad Libraries
Here’s Some Numbers… 53,000 Applications Analyzed Android Market: ~48,000 3rd Party Markets: ~5,000 Permissions Requested Average: 3 Most Requested: 117 Top “Interesting” Permissions GPS information: 24% (11,929) Read Contacts: 8% (3,626) Send SMS: 4% (1,693) Receive SMS: 3% (1262) Record Audio: 2% (1100) Read SMS: 2% (832) Process Outgoing Calls: % (323) Use Credentials : 0.5% (248)
Here’s Some Numbers… Third Party Libraries Total Third Party Libraries: ~83,000 Top Shared Libraries com.admob 38% (18,426 apps ) org.apache 8% ( 3,684 apps ) com.google.android 6% ( 2,838 apps ) com.google.ads 6% ( 2,779 apps ) com.flurry 6% ( 2,762 apps ) com.mobclix 4% ( 2,055 apps ) com.millennialmedia 4% ( 1,758 apps) com.facebook 4% ( 1,707 apps)
Of Course It’s Secure, It’s Got A Password On It!
Passwords and Password Reuse Passwords STINK! • Passwords < 6 characters long ~30% • Passwords from limited alpha-numeric key set ~60% • Used names, slang words, dictionary words trivial passwords, consecutive digits, etc. ~50% • Not only a user problem • Secret questions – bad idea! • SQL Injection compromises up 43% year over year • HBGary, Xfactor, Fox.Com, PBS, FBI, Pron.com, … • Sony, Sony, Sony… oh.. Yeah.. SONY! • Password reuse? http://www.scmagazineus.com/hacker-attacks-against-retailers-up-43-percent/article/214125/
The Golden Rule
The Golden Rule
In Summary Mobile The perimeter is dead Must secure from the data out Computing will be ubiquitous and hidden Social The perfect breeding ground for malware Passwords STINK! Cloud The path of data is uncontrollable You can’t rely on permissions – It just won’t work Securing ALL of your code is the only real defense
Mobile + Social + Cloud = A New Security Paradigm Think Different
Email: tshields@veracode.com @txs

Empfohlen

Hacking
HackingHacking
HackingKarañ Lavharé
 
Online Privacy: How to Protect Your Activity and Communications
Online Privacy: How to Protect Your Activity and CommunicationsOnline Privacy: How to Protect Your Activity and Communications
Online Privacy: How to Protect Your Activity and CommunicationsStephanie Wilkinson - Full Stack Developer
 
SMBCE: all about mobile
SMBCE: all about mobileSMBCE: all about mobile
SMBCE: all about mobileLisa Colton
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social EngineeringNutan Kumar Panda
 
How private is your privacy?
How private is your privacy?How private is your privacy?
How private is your privacy?Jerric Lyns John
 
Wanna-cry Ransome ware
Wanna-cry Ransome wareWanna-cry Ransome ware
Wanna-cry Ransome wareABHAY PATHAK
 
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมาโครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมาOnwadee18
 
Phishing
PhishingPhishing
PhishingSreekanth Narendran
 

Empfohlen

Hacking
HackingHacking
HackingKarañ Lavharé
 
Online Privacy: How to Protect Your Activity and Communications
Online Privacy: How to Protect Your Activity and CommunicationsOnline Privacy: How to Protect Your Activity and Communications
Online Privacy: How to Protect Your Activity and CommunicationsStephanie Wilkinson - Full Stack Developer
 
SMBCE: all about mobile
SMBCE: all about mobileSMBCE: all about mobile
SMBCE: all about mobileLisa Colton
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social EngineeringNutan Kumar Panda
 
How private is your privacy?
How private is your privacy?How private is your privacy?
How private is your privacy?Jerric Lyns John
 
Wanna-cry Ransome ware
Wanna-cry Ransome wareWanna-cry Ransome ware
Wanna-cry Ransome wareABHAY PATHAK
 
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมาโครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมาOnwadee18
 
Phishing
PhishingPhishing
PhishingSreekanth Narendran
 
Developer’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerDeveloper’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerAnonDownload
 
The dark side of IA
The dark side of IAThe dark side of IA
The dark side of IABedis ElAchèche
 
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a HackerDigital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a HackerTennessee Bureau of Investigation
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolShubham Mittal
 
Pegasus, A spyware
Pegasus, A spywarePegasus, A spyware
Pegasus, A spywareManash Kumar Mondal
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
Hacking
HackingHacking
HackingDianna Marie Manalo
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniperhellishyard9256
 
Developer’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerDeveloper’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerAnonDownload
 
Rv defcon25 osint tactics on source code intelligence - simon roses
Rv defcon25 osint tactics on source code intelligence - simon rosesRv defcon25 osint tactics on source code intelligence - simon roses
Rv defcon25 osint tactics on source code intelligence - simon rosesreconvillage
 
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1Onwadee18
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocentdanish3
 
Online safety 101
Online safety 101Online safety 101
Online safety 101Greg Bold
 
5 biggest cyber attacks and most famous hackers
5 biggest cyber attacks and most famous hackers5 biggest cyber attacks and most famous hackers
5 biggest cyber attacks and most famous hackersRoman Antonov
 
Cybersecurity of students
Cybersecurity of studentsCybersecurity of students
Cybersecurity of studentsConstantinos Loizou (Msc Engineer)
 
Power Point Hacker
Power Point HackerPower Point Hacker
Power Point Hackeryanizaki
 
News letter aug 11
News letter aug 11News letter aug 11
News letter aug 11captsbtyagi
 
Sp tech festdallas - office 365 groups - planner session
Sp tech festdallas - office 365 groups - planner sessionSp tech festdallas - office 365 groups - planner session
Sp tech festdallas - office 365 groups - planner sessionInnoTech
 
Share point saturday access services 2015 final 2
Share point saturday access services 2015 final 2Share point saturday access services 2015 final 2
Share point saturday access services 2015 final 2InnoTech
 
Power apps presentation
Power apps presentationPower apps presentation
Power apps presentationInnoTech
 
Disaster Recovery Plan - Quorum
Disaster Recovery Plan - QuorumDisaster Recovery Plan - Quorum
Disaster Recovery Plan - QuorumInnoTech
 
What I Wish I Knew Before I Signed that Contract - San Antonio
What I Wish I Knew Before I Signed that Contract - San Antonio What I Wish I Knew Before I Signed that Contract - San Antonio
What I Wish I Knew Before I Signed that Contract - San Antonio InnoTech
 

Weitere ähnliche Inhalte

Was ist angesagt?

Developer’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerDeveloper’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerAnonDownload
 
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a HackerDigital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a HackerTennessee Bureau of Investigation
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolShubham Mittal
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniperhellishyard9256
 
Developer’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerDeveloper’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerAnonDownload
 
Rv defcon25 osint tactics on source code intelligence - simon roses
Rv defcon25 osint tactics on source code intelligence - simon rosesRv defcon25 osint tactics on source code intelligence - simon roses
Rv defcon25 osint tactics on source code intelligence - simon rosesreconvillage
 
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1Onwadee18
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocentdanish3
 
Online safety 101
Online safety 101Online safety 101
Online safety 101Greg Bold
 
5 biggest cyber attacks and most famous hackers
5 biggest cyber attacks and most famous hackers5 biggest cyber attacks and most famous hackers
5 biggest cyber attacks and most famous hackersRoman Antonov
 
Power Point Hacker
Power Point HackerPower Point Hacker
Power Point Hackeryanizaki
 
News letter aug 11
News letter aug 11News letter aug 11
News letter aug 11captsbtyagi
 

Was ist angesagt? (17)

Developer’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerDeveloper’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messenger
 
The dark side of IA
The dark side of IAThe dark side of IA
The dark side of IA
 
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a HackerDigital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
Digital Deadly Force: How A Tech Expert Lost his Digital Life to a Hacker
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence Tool
 
Pegasus, A spyware
Pegasus, A spywarePegasus, A spyware
Pegasus, A spyware
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013
 
Hacking
HackingHacking
Hacking
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniper
 
Developer’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messengerDeveloper’s silence raises concern about surespot encrypted messenger
Developer’s silence raises concern about surespot encrypted messenger
 
Rv defcon25 osint tactics on source code intelligence - simon roses
Rv defcon25 osint tactics on source code intelligence - simon rosesRv defcon25 osint tactics on source code intelligence - simon roses
Rv defcon25 osint tactics on source code intelligence - simon roses
 
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
โครงงานการพัฒนาเว็บไซต์เรื่อง Hacking ชลธิชา.อรวดี.อรอุมา1
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocent
 
Online safety 101
Online safety 101Online safety 101
Online safety 101
 
5 biggest cyber attacks and most famous hackers
5 biggest cyber attacks and most famous hackers5 biggest cyber attacks and most famous hackers
5 biggest cyber attacks and most famous hackers
 
Cybersecurity of students
Cybersecurity of studentsCybersecurity of students
Cybersecurity of students
 
Power Point Hacker
Power Point HackerPower Point Hacker
Power Point Hacker
 
News letter aug 11
News letter aug 11News letter aug 11
News letter aug 11
 

Andere mochten auch

Sp tech festdallas - office 365 groups - planner session
Sp tech festdallas - office 365 groups - planner sessionSp tech festdallas - office 365 groups - planner session
Sp tech festdallas - office 365 groups - planner sessionInnoTech
 
Share point saturday access services 2015 final 2
Share point saturday access services 2015 final 2Share point saturday access services 2015 final 2
Share point saturday access services 2015 final 2InnoTech
 
Power apps presentation
Power apps presentationPower apps presentation
Power apps presentationInnoTech
 
Disaster Recovery Plan - Quorum
Disaster Recovery Plan - QuorumDisaster Recovery Plan - Quorum
Disaster Recovery Plan - QuorumInnoTech
 
What I Wish I Knew Before I Signed that Contract - San Antonio
What I Wish I Knew Before I Signed that Contract - San Antonio What I Wish I Knew Before I Signed that Contract - San Antonio
What I Wish I Knew Before I Signed that Contract - San Antonio InnoTech
 
User requirements is a fallacy
User requirements is a fallacyUser requirements is a fallacy
User requirements is a fallacyInnoTech
 
Using Business Intelligence to Bring Your Data to Life
Using Business Intelligence to Bring Your Data to LifeUsing Business Intelligence to Bring Your Data to Life
Using Business Intelligence to Bring Your Data to LifeInnoTech
 
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...InnoTech
 
Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?InnoTech
 

Andere mochten auch (9)

Sp tech festdallas - office 365 groups - planner session
Sp tech festdallas - office 365 groups - planner sessionSp tech festdallas - office 365 groups - planner session
Sp tech festdallas - office 365 groups - planner session
 
Share point saturday access services 2015 final 2
Share point saturday access services 2015 final 2Share point saturday access services 2015 final 2
Share point saturday access services 2015 final 2
 
Power apps presentation
Power apps presentationPower apps presentation
Power apps presentation
 
Disaster Recovery Plan - Quorum
Disaster Recovery Plan - QuorumDisaster Recovery Plan - Quorum
Disaster Recovery Plan - Quorum
 
What I Wish I Knew Before I Signed that Contract - San Antonio
What I Wish I Knew Before I Signed that Contract - San Antonio What I Wish I Knew Before I Signed that Contract - San Antonio
What I Wish I Knew Before I Signed that Contract - San Antonio
 
User requirements is a fallacy
User requirements is a fallacyUser requirements is a fallacy
User requirements is a fallacy
 
Using Business Intelligence to Bring Your Data to Life
Using Business Intelligence to Bring Your Data to LifeUsing Business Intelligence to Bring Your Data to Life
Using Business Intelligence to Bring Your Data to Life
 
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
 
Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?
 

Ähnlich wie Social and Mobile and Cloud OH MY!

Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Tyler Shields
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal Jaskaran Narula
 
Pichman privacy, the dark web, &amp; hacker devices i school (1)
Pichman privacy, the dark web, &amp; hacker devices i school (1)Pichman privacy, the dark web, &amp; hacker devices i school (1)
Pichman privacy, the dark web, &amp; hacker devices i school (1)Stephen Abram
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionJosh Sokol
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyb coatesworth
 
What is a Hacker (part 1): Types, tools and techniques
What is a Hacker (part 1): Types, tools and techniquesWhat is a Hacker (part 1): Types, tools and techniques
What is a Hacker (part 1): Types, tools and techniquesKlaus Drosch
 
Attacks on the cyber world
Attacks on the cyber worldAttacks on the cyber world
Attacks on the cyber worldNikhil Tripathi
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and EthicsMohsin Riaz
 
Virus trojanworm
Virus trojanwormVirus trojanworm
Virus trojanwormJenMorri
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?TechGenie
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Andris Soroka
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
Zombie browsers spiced with rootkit extensions - DefCamp 2012
Zombie browsers spiced with rootkit extensions - DefCamp 2012Zombie browsers spiced with rootkit extensions - DefCamp 2012
Zombie browsers spiced with rootkit extensions - DefCamp 2012DefCamp
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud ComputingMitesh Katira
 
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social MediaSocial Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social MediaTyler Shields
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBarcamp Kerala
 

Ähnlich wie Social and Mobile and Cloud OH MY! (20)

Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal
 
Pichman privacy, the dark web, &amp; hacker devices i school (1)
Pichman privacy, the dark web, &amp; hacker devices i school (1)Pichman privacy, the dark web, &amp; hacker devices i school (1)
Pichman privacy, the dark web, &amp; hacker devices i school (1)
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in Action
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
What is a Hacker (part 1): Types, tools and techniques
What is a Hacker (part 1): Types, tools and techniquesWhat is a Hacker (part 1): Types, tools and techniques
What is a Hacker (part 1): Types, tools and techniques
 
Cyber Security Fundamentals
Cyber Security FundamentalsCyber Security Fundamentals
Cyber Security Fundamentals
 
Attacks on the cyber world
Attacks on the cyber worldAttacks on the cyber world
Attacks on the cyber world
 
Internet security
Internet securityInternet security
Internet security
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and Ethics
 
Virus trojanworm
Virus trojanwormVirus trojanworm
Virus trojanworm
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012
 
C 7
C 7C 7
C 7
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of things
 
Zombie browsers spiced with rootkit extensions - DefCamp 2012
Zombie browsers spiced with rootkit extensions - DefCamp 2012Zombie browsers spiced with rootkit extensions - DefCamp 2012
Zombie browsers spiced with rootkit extensions - DefCamp 2012
 
C 7
C 7C 7
C 7
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud Computing
 
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social MediaSocial Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social Media
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 Hacking
 

Mehr von InnoTech

"So you want to raise funding and build a team?"
"So you want to raise funding and build a team?""So you want to raise funding and build a team?"
"So you want to raise funding and build a team?"InnoTech
 
Artificial Intelligence is Maturing
Artificial Intelligence is MaturingArtificial Intelligence is Maturing
Artificial Intelligence is MaturingInnoTech
 
What is AI without Data?
What is AI without Data?What is AI without Data?
What is AI without Data?InnoTech
 
Courageous Leadership - When it Matters Most
Courageous Leadership - When it Matters MostCourageous Leadership - When it Matters Most
Courageous Leadership - When it Matters MostInnoTech
 
The Gathering Storm
The Gathering StormThe Gathering Storm
The Gathering StormInnoTech
 
Sql Server tips from the field
Sql Server tips from the fieldSql Server tips from the field
Sql Server tips from the fieldInnoTech
 
Quantum Computing and its security implications
Quantum Computing and its security implicationsQuantum Computing and its security implications
Quantum Computing and its security implicationsInnoTech
 
Converged Infrastructure
Converged InfrastructureConverged Infrastructure
Converged InfrastructureInnoTech
 
Making the most out of collaboration with Office 365
Making the most out of collaboration with Office 365Making the most out of collaboration with Office 365
Making the most out of collaboration with Office 365InnoTech
 
Blockchain use cases and case studies
Blockchain use cases and case studiesBlockchain use cases and case studies
Blockchain use cases and case studiesInnoTech
 
Blockchain: Exploring the Fundamentals and Promising Potential
Blockchain: Exploring the Fundamentals and Promising Potential Blockchain: Exploring the Fundamentals and Promising Potential
Blockchain: Exploring the Fundamentals and Promising Potential InnoTech
 
Using rest to create responsive html 5 share point intranets
Using rest to create responsive html 5 share point intranetsUsing rest to create responsive html 5 share point intranets
Using rest to create responsive html 5 share point intranetsInnoTech
 
Making the most of search in share point and office 365 sharepoint tech...
Making the most of search in share point and office 365 sharepoint tech...Making the most of search in share point and office 365 sharepoint tech...
Making the most of search in share point and office 365 sharepoint tech...InnoTech
 
Workflow solutions best practices and mistakes to avoid
Workflow solutions best practices and mistakes to avoidWorkflow solutions best practices and mistakes to avoid
Workflow solutions best practices and mistakes to avoidInnoTech
 
Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?InnoTech
 
Fueling Growth with the Digital Workplace - UT Southwestern
Fueling Growth with the Digital Workplace - UT SouthwesternFueling Growth with the Digital Workplace - UT Southwestern
Fueling Growth with the Digital Workplace - UT SouthwesternInnoTech
 
MinRole and SharePoint 2016
MinRole and SharePoint 2016MinRole and SharePoint 2016
MinRole and SharePoint 2016InnoTech
 
Asking better questions
Asking better questionsAsking better questions
Asking better questionsInnoTech
 
What I Wish I Knew Before I Signed that Contract
What I Wish I Knew Before I Signed that ContractWhat I Wish I Knew Before I Signed that Contract
What I Wish I Knew Before I Signed that ContractInnoTech
 

Mehr von InnoTech (20)

"So you want to raise funding and build a team?"
"So you want to raise funding and build a team?""So you want to raise funding and build a team?"
"So you want to raise funding and build a team?"
 
Artificial Intelligence is Maturing
Artificial Intelligence is MaturingArtificial Intelligence is Maturing
Artificial Intelligence is Maturing
 
What is AI without Data?
What is AI without Data?What is AI without Data?
What is AI without Data?
 
Courageous Leadership - When it Matters Most
Courageous Leadership - When it Matters MostCourageous Leadership - When it Matters Most
Courageous Leadership - When it Matters Most
 
The Gathering Storm
The Gathering StormThe Gathering Storm
The Gathering Storm
 
Sql Server tips from the field
Sql Server tips from the fieldSql Server tips from the field
Sql Server tips from the field
 
Quantum Computing and its security implications
Quantum Computing and its security implicationsQuantum Computing and its security implications
Quantum Computing and its security implications
 
Converged Infrastructure
Converged InfrastructureConverged Infrastructure
Converged Infrastructure
 
Making the most out of collaboration with Office 365
Making the most out of collaboration with Office 365Making the most out of collaboration with Office 365
Making the most out of collaboration with Office 365
 
Blockchain use cases and case studies
Blockchain use cases and case studiesBlockchain use cases and case studies
Blockchain use cases and case studies
 
Blockchain: Exploring the Fundamentals and Promising Potential
Blockchain: Exploring the Fundamentals and Promising Potential Blockchain: Exploring the Fundamentals and Promising Potential
Blockchain: Exploring the Fundamentals and Promising Potential
 
Using rest to create responsive html 5 share point intranets
Using rest to create responsive html 5 share point intranetsUsing rest to create responsive html 5 share point intranets
Using rest to create responsive html 5 share point intranets
 
Making the most of search in share point and office 365 sharepoint tech...
Making the most of search in share point and office 365 sharepoint tech...Making the most of search in share point and office 365 sharepoint tech...
Making the most of search in share point and office 365 sharepoint tech...
 
Workflow solutions best practices and mistakes to avoid
Workflow solutions best practices and mistakes to avoidWorkflow solutions best practices and mistakes to avoid
Workflow solutions best practices and mistakes to avoid
 
Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?Business leaders are engaging labor differently - Is your IT ready?
Business leaders are engaging labor differently - Is your IT ready?
 
AI 3.0
AI 3.0AI 3.0
AI 3.0
 
Fueling Growth with the Digital Workplace - UT Southwestern
Fueling Growth with the Digital Workplace - UT SouthwesternFueling Growth with the Digital Workplace - UT Southwestern
Fueling Growth with the Digital Workplace - UT Southwestern
 
MinRole and SharePoint 2016
MinRole and SharePoint 2016MinRole and SharePoint 2016
MinRole and SharePoint 2016
 
Asking better questions
Asking better questionsAsking better questions
Asking better questions
 
What I Wish I Knew Before I Signed that Contract
What I Wish I Knew Before I Signed that ContractWhat I Wish I Knew Before I Signed that Contract
What I Wish I Knew Before I Signed that Contract
 

Kürzlich hochgeladen

Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 

Kürzlich hochgeladen (20)

Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 

Social and Mobile and Cloud OH MY!

  • 1.
  • 2. What is the same with these twitter accounts?
  • 3. They have all been hacked!
  • 8. The Times They Are a Changing..
  • 9. I’m Secure, I Have A Firewall!
  • 10.
  • 12. Viral Adoption Refers to a system architecture that can be adopted incrementally, and gains momentum as it scales. http://dl.media.mit.edu/viral/viral.pdf - Viral Communications, Media Laboratory Research Draft May 19 th 2003
  • 13. New Age Malware • Decentralized • Interconnected • Mobile • Quick Content Publishing • Decentralized • Interconnected • Mobile • Has Access to Data
  • 14. KoobFace • Social media worm • Propagation via Facebook messages • Propagation via Facebook wall posts • Spams your friend list to an “update for Adobe Flash” • Installs pay per install malware on target • Infected computers operate as a botnet
  • 15. I Know EXACTLY Where All My Data Lives Sure it’s Safe in the Cloud!
  • 16. The Path Your Data Takes Approved Cloud Vendor The Office Central Sub-Cloud Vendor Server Sub-Cloud Vendor The Calendar Mirrored via Google Laptop – Stolen At The Airport The Lost iPhone The Hacked Home PC Google Docs To Indirect: Ooops Did I Say Share With remote That on Facebook?! Co-Worker
  • 17. Own The Borg, Own The WORLD! In 2009, Twitter gets COMPLETELY owned… TWICE! Brute force password attack of targeted user reveals a password of “Happiness” – User is a Twitter admin… OWNED! A French hacker owns the Yahoo email account of a user on twitter. He then resets that users twitter password and views the email in the Yahoo account. User is a twitter admin… OWNED!
  • 18. Own The Borg, Own The WORLD! 6/19/11 1:54 PM: Dropbox pushes code breaking authentication 6/19/11 5:46 PM: Dropbox pushes fix to authentication bug What can YOU do with four hours of access to every user’s data?!
  • 19. I Know Exactly What My Code Does! Besides, Application Permissions Keep Me Safe!
  • 20. Code Reuse, Outsourcing, And Third Party Libraries Most Code Is: Reused Outsourced Third Party Libraries (with source) Third Party Libraries (binary format) Your vendors don’t know what their code does either!
  • 21. • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • •
  • 22.
  • 23. WSJ Article Discloses NJ Prosecutor’s Investigation JD-GUI Pandora App Publish Blog Post • Location • Bearing Investigate Other • Altitude Applications • Android ID Publish second blog posting with updated findings regarding permissions and other apps Pandora Removes Ad Libraries
  • 24. Here’s Some Numbers… 53,000 Applications Analyzed Android Market: ~48,000 3rd Party Markets: ~5,000 Permissions Requested Average: 3 Most Requested: 117 Top “Interesting” Permissions GPS information: 24% (11,929) Read Contacts: 8% (3,626) Send SMS: 4% (1,693) Receive SMS: 3% (1262) Record Audio: 2% (1100) Read SMS: 2% (832) Process Outgoing Calls: % (323) Use Credentials : 0.5% (248)
  • 25. Here’s Some Numbers… Third Party Libraries Total Third Party Libraries: ~83,000 Top Shared Libraries com.admob 38% (18,426 apps ) org.apache 8% ( 3,684 apps ) com.google.android 6% ( 2,838 apps ) com.google.ads 6% ( 2,779 apps ) com.flurry 6% ( 2,762 apps ) com.mobclix 4% ( 2,055 apps ) com.millennialmedia 4% ( 1,758 apps) com.facebook 4% ( 1,707 apps)
  • 26. Of Course It’s Secure, It’s Got A Password On It!
  • 27. Passwords and Password Reuse Passwords STINK! • Passwords < 6 characters long ~30% • Passwords from limited alpha-numeric key set ~60% • Used names, slang words, dictionary words trivial passwords, consecutive digits, etc. ~50% • Not only a user problem • Secret questions – bad idea! • SQL Injection compromises up 43% year over year • HBGary, Xfactor, Fox.Com, PBS, FBI, Pron.com, … • Sony, Sony, Sony… oh.. Yeah.. SONY! • Password reuse? http://www.scmagazineus.com/hacker-attacks-against-retailers-up-43-percent/article/214125/
  • 30. In Summary Mobile The perimeter is dead Must secure from the data out Computing will be ubiquitous and hidden Social The perfect breeding ground for malware Passwords STINK! Cloud The path of data is uncontrollable You can’t rely on permissions – It just won’t work Securing ALL of your code is the only real defense
  • 31. Mobile + Social + Cloud = A New Security Paradigm Think Different