Disclaimer: I nodded off, and missed the first fifteen minutes of it.
With that said, I have doubts about whether it could have been much better than what I actually did see. Maybe somebody will tell me what amazing things I could have seen there that I failed to see in the last 45.
- Most applications use insecure communications
- Edward Snowden figured out that TOR isn’t sekur
- TPM is infiltrated
- A brower makes it harder to use a self-signed cert than it is for someone malicious to get a signed cert that the browser won’t complain about
- Hardware manufacturers are lazy
- Fuck you, right? Okay?
Yes, the last one is snark pure and simple, but it is one of my pet peeves. No, actually it isn’t right, and what you said doesn’t get smart just because you asked me if it was right after you said it.
My two major points:
1. Not all communications need to be secure, even if many endpoint devices have the muscle to support that. There’s a reason SIP uses UDP. There’s also a reason your mother uses http:// when she watches that cute cat video for the eightieth time.
2. It’s completely unrealistic to expect vendors to change to meet your amazing idea about the way things ought to be done.