Data Breaches and Password Hashes
Everyone stores user data these days. What are your obligations to protect that data, and when have you been breached? These are not simple questions to answer--a falsely reported data breach at CCSF caused an international scandal in Jan. 2012. After explaining what a data breach is, I will present an analysis of a recent major attack that breached dozens of companies. I will explain the hashing techniques they used and what they should have used instead. I will compare the password hashes used by Linux, Windows, and Content Management Systems such as Wordpress and Drupal.
Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at CodeCamp, DEFCON, BayThreat, LayerOne, and Toorcon, and taught classes and seminars at many other schools and teaching conferences. He has a Ph.D. and a CISSP and a lot of other certifications, and a lot of computer and cables and firewalls and stuff.
- Not Interested