Hackers are people too
Download as PPTX, PDF2 likes415 views
This document summarizes Amanda Berlin's talk on hackers and the information security community in 5 parts. It discusses that while there are "black hat" and "grey hat" hackers, there are also positive aspects like "white hat" hackers who work to improve security, conferences that raise money for charity, and communities that help with substance abuse and mentoring. It provides 10 steps anyone can take to help improve public perception of hackers and information security, such as using social media to spread awareness, being respectful to others, and educating the public on basic computer security practices. The document encourages involvement in local media and computer user groups to differentiate ethical from unethical hacking activities and help more users protect themselves.
Hackers are people too
- 1. Hackers Are People Too http://bit.ly/SvWVb0
- 2. Part I: Intro Amanda Berlin @InfoSystir
- 3. Stuff I do
- 4. My idea, inspiration, and why I’m here Evil hackers at Derbycon Around the world in 80 cons Jayson Street at BsidesCMH (Columbus, Ohio) 2014 drwhom and support from friends/community
- 5. Part II: The Prep
- 8. Article made pretty • http://imgur.com/gallery/n81cq
- 9. Freak Out
- 10. Get the article out there It was harder than I thought
- 11. Talk to people • Talk to friends not in IT • ….wait, not sure I have any FEEDBACK!
- 12. Positive Feedback “Amanda, our community is honored to have you in it. Being part of the InfoSec community means sharing and improving each other and those we care about, work with, and work for.” @WolfFlight “Interesting perspective..keep blogging!” “insert more positive feedback here”
- 13. Negative Feedback “This post was put together by a script kiddie.” “As a former hacker, I read the first image, thought it was retarded, didn't look at anything else, and downvoted.”
- 14. Questions & Stuff “…Question: how does the average computer user know which security software to use so they Don’t get hacked?” “What are the different kinds of hats?” “How do I know if software comes with spyware?” “I thought all hackers were bad…” “You mean people get paid to do that?!?!”
- 15. The Hacker All the hats
- 16. The White Hat • “A white hat hacker breaks security for non-malicious reasons” • CEH, CISSP, OSCP, OSCE, CPTE, etc • Blue, Red, Purple
- 17. The Black Hat • A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain“ • A.K.A
- 18. The Grey Hat • “A grey hat hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect”
- 19. Part III: What’s Out There
- 20. The Good • DerbyCon 2011 raised over $13,000 for the Hackers for Charity foundation, over double that of other conferences. In both 2012 and 2013 they raised over $30,000!! • BloodKode at Defcon continues to grow and take blood donations. • EFF
- 21. The Good cont. • Anonymous catches pedophiles/cartels • Takes down terrorist and hate group sites
- 22. The Good cont. • Mubix runs #ProjectMentor for free infosec hands on learning • http://www.projectmentor.net/
- 23. The Good cont. • Someone is sending me to training • THANK YOU • THANK YOU • THANK YOU • Support/guidance from the community
- 24. The Good cont. Thought Leaders
- 25. The Good cont. Substance Abuse Help http://www.room362.com/blog/2014/05/26/go-home- infosec-youre-drunk/ “ShmooCon runs an AA meeting at the con” http://nathanheafner.com/home/2014/05/29/infosec-i- didnt-fly-accross-the-sea-to-see-you-mumble-and- stumble-on-stage/ http://theocddiaries.com/well-being/drinking-at-security- cons/
- 26. The Good cont.
- 27. The Bad
- 28. The Ugly
- 29. Part IV: What you can do A.K.A. The 10 step program
- 30. Step 1: Proactive Media Organizing a con? “A conference is just an admission that you want somebody to join you in your troubles.” - Will Rogers
- 31. Step 2: Don’t Be a Dbag At a con or online . . . . ‘nuff said
- 32. Step 3: The big time Local papers & TV National news. Just mention it!
- 33. Step 4: Teh Webz Social Media - Twitter, FB, imgur, reddit, youtube, etc...
- 34. Step 5: Preach the word! • Start talking about – What we do – What we protect – Cool stuff in the community
- 35. Step 6: Get them involved Start differentiating white/black hats Secure their own data Get other organizations to look into security (http://solidmonster.com/)
- 36. Step 7: Distribute the information • Canned responses • Password guides • Common sense security
- 37. Step 7: Do it for the children!!! • @Hak4kidz
- 38. Step 8: Show your passion • Break out of your shell, hard to do but worth it • Eve Adams (@HackerHuntress): Attack Paths: Breaking Into Infosec From IT Or Other Totally Different Fields • Cue awkwardness (@rattis & @secureholio)
- 39. Step 9: Surprise!! Random acts of infosec
- 40. Step 10: Man up Don’t be an ass to normal users “Your customer doesn’t care how much you know until they know how much you care. ~ Damon Richards”
- 41. Sum it up 1. Include local media 2. No douchbags allowed 3. Mention it everywhere 4. Teh Webz 5. Social Media 6. Involve & Teach users 7. Canned responses 8. Talk to people irl 9. Pay it forward 10. Be nice to your users/customers
- 42. Part V: Closing
- 43. YAY! • If you enjoyed my first talk buy me a drink (after talks of course)
- 44. BOO! • If you didn’t you still can buy me a drink
- 45. Contact info • @infosystir • Infosystir.blogspot.com
- 46. Questions? • Click to add text