Completed
Timing Attacks Brute forcing cryptographic functions via time taken to execute
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Security Theatre
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Security Theatre @thomas_shone
- 3 Denial
- 4 Internet of Things
- 5 SAMSUNG
- 6 Most popular software It's not what you think
- 7 OpenX Backdoored for almost a year
- 8 Versioning Projects with bad versioning also have some of the worst security issues
- 9 Automatic Patching If your software comes with automatic upgrading, people will use it
- 10 Plugins and Templates If an update needs manual changes for plugins or template, no one updates
- 11 The hardest part of security is not writing secure code
- 12 without vulnerability Vulnerability research and security updates
- 13 I trust that the network is configured properly and secure Good system administrators
- 14 I trust you are who you say you are TLS Certificate Peer Verification or Authentication
- 15 I trust your computer is not compromised ????
- 16 I trust that the user won't be the weak link Training and procedures
- 17 Weakening Compromising encryption or hashing is about reducing time to crack
- 18 Implementation A bad implementation helps reduce the time to crack
- 19 2 Factor Authentication composer require pragmarx/google2fa
- 20 Avoid old tutorials on encryption scott/e9319254c8ecbad4f227
- 21 One way encoding Comparisons / Integrity Checks
- 22 Timing Attacks Brute forcing cryptographic functions via time taken to execute
- 23 is critical in encryption Used for key generation and nonces
- 24 Weak password reset processes Can you Google the answer? How do you handle customer support reset?
- 25 Patching Strategy If a dependency prevents updating, resolve it now
- 26 Don't become comfortable Comfort breeds contempt
- 27 Training Strategy Have a process for dealing with account locks and resets
- 28 Compromise Strategy Have a plan before you need it
- 29 Information
- 30 Decouple roles Databases, servers, domains, roles, ...
- 31 Get behind PSR-9 & 10
- 32 Group Performance