Video

Defcon 21 – Torturing Open Government Systems for Fun, Profit and Time Travel

Description: “I’m from the government and I’m here to help you” takes on a sinister new meaning as jurisdictions around the world stumble over each other to ‘set the people’s data free’. NYC boasts in subway ads that ‘our apps are whiz kid certified’ (i.e. third party) which of course translates to ‘we didn’t pay for them, and don’t blame us if somebody got it wrong and the bus don’t come.’ This session reports on my (and other people’s) research aimed at prying out data that you’re probably not supposed to have from Open Government Systems around the world. For example, Philadelphia, PA cavalierly posted the past 7 years of political contribution receipts which contained the full names and personal addresses of thousands of people, some of whom probably didn’t want that information to be out there in such a convenient form. The entire database was also trivially downloadable as a CSV file and analysis of it yielded some fascinating and unexpected information. Referring back to classic computer science and accounting principles like ‘least privilege’ and ‘segregation of duties’ the presentation will suggest some ways to have our Open Data cake without letting snoopy people eat it.

Tom Keenan (@drfuture) wrote his first machine and assembler language programs in 1965 and by 1972 was working as a systems programmer on the KRONOS and MULTICS operating systems. This led to a long career as a computer science professor, media commentator and writer about the human side of technology. He helped design one of the first automated DNA sequencing machines as well as a system for personal identification based on typing rhythm. He has a Masters in Engineering and a Doctorate from Columbia University and has held a number of credentials including CISSP but doesnít feel the need for that now. An award-winning journalist, he co-authored the 1984 CBC Radio IDEAS series “Crimes of the Future” and is currently writing a book on creepiness to be published by OR Books.

Show More

Phannarith

Mr. OU Phannarith is one of the well-known cybersecurity experts in Cambodia and the region. He is the founder of the first leading information security website (www.secudemy.com) in Cambodia. He has been invited to present in global conferences, forums, and seminars and he was awarded in Information Security Leadership Achievements (ISLA) in 2016 by (ISC)2 and in December 2012 as one of the top 10 Chief Information Security Officers (CISO) in ASEAN by the International Data Group (IDG). Mr. OU has been the Professor specializing in Cybersecurity.

Related Articles

Back to top button