Other Category
May 20, 2009
RB2: AusCERT podcast: Peter Gutmann's keynote address
Presented by
Patrick Gray
CEO and Publisher
The computer security industry has sometimes been compared unfavourably to the fashion industry, putting up flamboyant defences where it doesn't make any difference while paying no attention to the open barn door behind the curtain.
Why do we allow three retries for passwords instead of two, or four, or thirty-eight? How effective are SSH fingerprints? And how's the ol' PKI thing doing?
This talk will look at some widespread examples of defending where the enemy isn't, including the underlying threat models (or lack thereof), the effectiveness of the defences, and the real-world pressures and externalities that affect them, along with various modest proposals for alternative approaches.
RB2: AusCERT podcast: Peter Gutmann's keynote address
0:00 / 0:00