Скачать с ютуб The green padlock of doom, or why no one trusts us anymore - Meadow Ellis в хорошем качестве

The green padlock of doom, or why no one trusts us anymore - Meadow Ellis

I want to talk about trust (or lack of it) in technology, conflicting messages and losing battles to make the regular user safe. I want to compress in this talk my observations, research and some proofs (with some finger pointing!) on how a lot of what we are doing to make the Internet safe is good and sound but it misses the mark when it reaches the untrained end user. I will present a brief but comprehensive overview of the DNS(sec) system, how well it was designed in terms of trust and how it's being misused, then move on with doing a similar overview of HTTPS/TLS and Certificate Authorities and try to find where the trust in that system is lost and finish with a bang about encrypting everything, everywhere. The purpose of this talk is to draw the attention of infosec community, both those who implement the security and those who decide about it, that the normal user will only ever see the green padlock and get into trouble. I strongly believe that we can do more to help them be safe.