Sponsor Spotlight:
Join our Announcements List
Thursday, December 4th, 2008: Why Is Security Hard?
Presenter: Matthew Dons
Approaches to Security: Raising more questions than answers
Matthew Dons gave a thought provoking presentation that kept
the audience reflecting on their own approaches to security.
Matthew ambitiously attempted to explain issues of security
to a computer club audience by taking a broad perspective
rather than concentrating on specific software applications
and operating systems. Of course, as security themes, such as,
software complexity, misguided design, trust and security
theater were touched upon, one fairly well known software
company often served as a classic example.
Following are some of the security resources that Mathew recommends:
Websites:
Non-technical Books:
“Secrets And Lies” by Bruce Schneiner
If you buy one book on security, get this one.
“Beyond Fear” by Bruce Schneiner
If you buy two books on security, get this along with the above…
“The Art Of Deception” by Kevin Mitnik
“Hackers’ Handbook 3.0” By Dr. K
Semi-technical Books:
“Security Engineering” by Ross Anderson
“Hacking Exposed Series” by various authors
“The Best of 2600: A Hacker Odyssey” edited by Emmanuel Goldstein
Technical Books:
“Applied Cryptography” by Bruce Schneiner
“Hacking: The Art Of Exploitation” by Jon Erickson
The meeting was promoted on the TPC website “Upcoming Events”
and on the TPC mailing list with the following description :
Thursday, December 4th, 2008: Why Is Security Hard?
Presenter: Matthew Dons
New security technologies are appearing on a daily basis, yet little progress
seems to being made. Why is this? The quick answer is that security is hard.
A more useful answer is that security is hard and people regularly forget that
it is hard. This talk will look at the technological, social and economic aspects
of security with an aim to helping attendees choose security products,
configurations and policies for everything from booking a holiday online to
implementing building access control systems. Real-world examples will be
given throughout, including those that are not limited to just computer security.
No previous knowledge of security is required to understand this talk, as
everything will be described from basic principles. Unlike most talks on security,
this one will look at security from the point of view of the attacker, not just the
defender. Ample time will be given for any security questions that attendees may have.
Bio:
Matthew Dons has been an active member of the international security community
for several years. He has spoken at security conferences in the UK, Europe and
the US on diverse topics, including the history of cryptography, security token systems
and the philosophy of security.
Looking for information about older TPC events?
Between meetings, you can keep up with what is happening with TPC by participating in the club newsgroups and mailing lists This is a handy way to stay informed, look for information, or share your knowledge and tips.
