stepping up conference 2013
DESCRIPTION
Presentation at Stepping Up 2013 (IIA) about online privacy and securityTRANSCRIPT
![Page 1: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/1.jpg)
STEPPING UP / IIA NZ Conference 2013 1STEPPING UP / IIA NZ Conference 2013
PRIVACY & SECURITY CHALLENGES IN AN INTERNET AGE
Vikram KumarMega [email protected]@vikram_nz
![Page 2: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/2.jpg)
STEPPING UP / IIA NZ Conference 2013 2STEPPING UP / IIA NZ Conference 2013
Talk scope
• Professionals and SMEs
• Online collaboration and communication (documents and emails primarily)
• Using the open Internet
• External threats
![Page 3: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/3.jpg)
STEPPING UP / IIA NZ Conference 2013 3STEPPING UP / IIA NZ Conference 2013
Information Integrity
Privacy +
• Confidentiality• Integrity• Availability• Authenticity• Non-repudiation
![Page 4: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/4.jpg)
STEPPING UP / IIA NZ Conference 2013 4STEPPING UP / IIA NZ Conference 2013
Threat Landscape
Human error +
• Non-targeted attacks• Automated kits• “Full take” by government agencies
• Targeted attacks• Criminals• Competitors or “partners” or activists• State sponsored or initiated
![Page 5: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/5.jpg)
STEPPING UP / IIA NZ Conference 2013 5STEPPING UP / IIA NZ Conference 2013
Major attack vectors
• Phishing, Spear Phishing
• Social engineering
• Purchase databases
• Device/Internet exploits
• Chained/escalated attacks
• Mobile and wifi
![Page 6: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/6.jpg)
STEPPING UP / IIA NZ Conference 2013 6STEPPING UP / IIA NZ Conference 2013
Problem is increasing
• Expectations and need for anytime/anywhere access to files
• Inability for corporate IT to deliver- the “Dropbox Effect”
• Bring Your Own Device, mobility
• Invisible, delayed impact
• Falling technology prices- especially storage
![Page 7: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/7.jpg)
STEPPING UP / IIA NZ Conference 2013 7
CRYPTO & MEGA
![Page 8: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/8.jpg)
STEPPING UP / IIA NZ Conference 2013 8STEPPING UP / IIA NZ Conference 2013
Crypto 101
![Page 9: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/9.jpg)
STEPPING UP / IIA NZ Conference 2013 9STEPPING UP / IIA NZ Conference 2013
MEGA
• ‘Cloud’ (Internet) file storage and collaboration• 50 GB free storage. Fastest in the world. Easy to use.• End-to-end, user controlled encryption
![Page 10: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/10.jpg)
STEPPING UP / IIA NZ Conference 2013 10STEPPING UP / IIA NZ Conference 2013
MEGA Statistics
• Launched 20 January 2013
• About 5 million service users
• 450 million files uploaded, 180 Gb/s bandwidth, 0.05% notices of alleged copyright infringement
• Hosted in Germany, Luxembourg, and NZ
• Exiting beta soon with new website, iOS app, synchronisation client
![Page 11: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/11.jpg)
STEPPING UP / IIA NZ Conference 2013 11STEPPING UP / IIA NZ Conference 2013
MEGA as a global company
Source: http://www.alexa.com/siteinfo/mega.co.nz
![Page 12: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/12.jpg)
STEPPING UP / IIA NZ Conference 2013 12STEPPING UP / IIA NZ Conference 2013
Defeating crypto
![Page 13: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/13.jpg)
STEPPING UP / IIA NZ Conference 2013 13STEPPING UP / IIA NZ Conference 2013
Crypto for the masses: lessons learnt
• It has to just work
• No compromises
• Network effect
• Privacy/confidentiality as a business model is viable
• Open source necessary for trust
![Page 14: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/14.jpg)
STEPPING UP / IIA NZ Conference 2013 14
THE FUTURE OF EMAIL
![Page 15: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/15.jpg)
STEPPING UP / IIA NZ Conference 2013 15STEPPING UP / IIA NZ Conference 2013
Email in a post-Snowden era
The death of email is vastly exaggerated.
3 emerging paths:• Peer-to-peer
• Integrated with standard web email
• Closed, secure sandbox
but most individuals will stay with free-for-advertising model.
![Page 16: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/16.jpg)
STEPPING UP / IIA NZ Conference 2013 16STEPPING UP / IIA NZ Conference 2013
MEGA’s secure communications approach
• Closed, secure model with end-to-end encryption
• Integrate with online file storage and collaboration
• Integrated messaging, voice, and video
• In the browser but other apps and services built on top of MEGA will provide multiple options
• Privacy but not anonymity
![Page 17: Stepping Up conference 2013](https://reader036.vdocuments.us/reader036/viewer/2022062706/557a3213d8b42a32248b4615/html5/thumbnails/17.jpg)
STEPPING UP / IIA NZ Conference 2013 17
THANK YOU
Questions / comments?