Summer in the City

This month, we're going to have a lightning talk session - so we're looking for your contribution! - 5 minute presentation - German or English - topic of your choice: ruby, rails, software development, hardware projects, your next conference trip or your latest fun project; show pictures, videos, or code, do a live demo, or simply talk about your favorite subject (no need for powerpoint)

If you would like to claim a 5 minute slot, get in touch: https://github.com/rughh/planning/issues/37

Spontaneous contributions are welcome as well (provided we have enough time)

Temas

Lightning Talks

Lightning Talks

  1. @KlausTrainer - End-to-End Arguments in System Design
  2. @catrinmsj - Entwickler und die anderen - guckt doch mal ins Nachbarbüro
  3. @LAndreas - System call interception
  4. @toadle - The end of developer-days. - Ab wann braucht der Markt eigentlich keine Entwickler mehr?
  5. @halfbyte - How do you keep your dependencies up to date?
Beefing up your password security - why cracking the passwords of your colleagues is a good thing to do.

Security folks urge us to use strong passwords all the time. The common approach to ensure this in a corporate environment is to implement password policies. You know, these annoying rules that do not let you choose your favorite password anymore. Plus, the stuff that forces you to change your now not so favorite password every 90 days.

In the past years, there has been some controversy within the security community whether our beloved password policies actually make sense. That is, do they lead to better passwords, or do they just frustrate the users and maybe even lead to weaker passwords. Well, guess what: As it turns out, not all is good about password policies.

In this talk, I will share some experience from running a password cracking service in a corporate environment. The service was implemented in addition to a common password policy. The goal was to raise awareness and to strengthen the passwords of my colleagues. Results show that passwords which are compliant with complex policies nevertheless can be cracked within minutes. We will see how dramatic the effect of poor password hashing is to this type of attacks, and how you can run such a service without being hated by all of your colleagues :)

Participantes: (19)

titanoboa
Eventos: 40
Temas: 2

Sarah Langheinrich
Eventos: 23
Temas: 0

Marjan Bachtiari
Eventos: 16
Temas: 0

Klaus Trainer
Eventos: 26
Temas: 3

Manuel Wiedenmann
Eventos: 7
Temas: 1

Tim Adler
Eventos: 8
Temas: 2

Thilo-Alexander Ginkel
Eventos: 10
Temas: 1

Nina Siessegger
Eventos: 29
Temas: 1

Daniel Gruenthal
Eventos: 31
Temas: 0

Andreas Litt
Eventos: 26
Temas: 0

Organizer

Joschka Schulz
Eventos: 43
Temas: 2

Ben Rexin
Eventos: 64
Temas: 6

Peter Golm
Eventos: 23
Temas: 0

Waldemar
Eventos: 68
Temas: 0

Simon Fröhler
Eventos: 24
Temas: 0

Jens Wille
Eventos: 1
Temas: 0

Jonas Möller
Eventos: 4
Temas: 0

Marc
Eventos: 8
Temas: 0

Peter Schröder
Eventos: 82
Temas: 12

Mapa