Sort by:  

Conference:  Defcon 31
Authors: Cory Doctorow

The enshittification of the internet follows a predictable trajectory: first, platforms are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die. It doesn't have to be this way. Enshittification occurs when companies gobble each other up in an orgy of mergers and acquisitions, reducing the internet to "five giant websites filled with screenshots of text from the other four" (credit to Tom Eastman!), which lets them endlessly tweak their back-ends to continue to shift value from users and business-customers to themselves. The government gets in on the act by banning tweaking by users - reverse-engineering, scraping, bots and other user-side self-help measures - leaving users helpless before the march of enshittification. We don't have to accept this! Disenshittifying the internet will require antitrust, limits on corporate tweaking - through privacy laws and other protections - and aggressive self-help measures from alternative app stores to ad blockers and beyond!
Authors: David Gee, Tomasz Pietrek

tldr - powered by Generative AI

NATS and Kubernetes can be used together to create a powerful multi-cloud solution with hyper-connectivity capabilities.
  • NATS is a communication substrate technology that can be used for request-reply and Pub-Sub messaging.
  • NATS can be combined with Kubernetes to create a hyperscale solution without the need for a service mesh or complex overlay network.
  • The latest JetStream features allow for state-based services such as key/value and persistent messaging.
  • NATS can be used to create a complex topology that extends all the way to the edge, even over conference Wifi.
  • Audience participation is encouraged through a demo app and a prize giveaway.
Authors: Jorge Palma

tldr - powered by Generative AI

The presentation discusses the importance of building sustainable, carbon-aware cloud-native apps and reducing carbon emissions for k8s workloads using the CNCF open-source project KEDA.
  • Sustainability in the technology space requires reducing emissions while facing greater demand to build scalable applications
  • Green software principles include energy efficiency, hardware efficiency, and carbon awareness
  • Carbon intensity is the measure of the amount of carbon produced in order for the energy that we use to be created
  • The carbon-aware scalar for KEDA uses demand shaping to scale workloads based on the carbon intensity of the infrastructure where they're running
  • The carbon-aware scalar is implemented using a Kubernetes operator that reads infrastructure provider's data from a config map
  • The carbon-aware scalar is an open-source wrapper for public sources of data
  • The carbon-aware scalar allows users to define carbon emission thresholds and maximum replicas
  • The project is being developed for CADA core and users are encouraged to join the sustainability efforts
  • Join the CNCF sustainability tag and check the links for more information
Authors: Syue Siang Su

tldr - powered by Generative AI

The presentation discusses the importance of smart contract security in blockchain technology and the need for reverse engineering and control flow graph construction to ensure correct executing logics.
  • Blockchain technology allows developers to define rules and create applications with automatic verification through smart contracts.
  • Front-end security issues in web3 can affect back-end security.
  • Reverse engineering and control flow graph construction are necessary for smart contract security.
  • Tools such as the Third Eye, Truffle, and ConsenSys can aid in auditing smart contract code.
  • Constructing a control flow graph helps to understand program flow and ensure correct executing logics.
Authors: Jessica Robinson

tldr - powered by Generative AI

The evolution of the security practitioner and leader in the future to keep up with the pace of the ever-growing cybersecurity industry.
  • The complexity of cybersecurity defense and proactive innovation requires a collaborative change in thinking.
  • Adapting to the industry's pace influences security strategies, creativity, and culture in companies and the industry.
  • Effective leadership is crucial in protecting businesses, communities, and people's way of life.
  • The CSO role is a leadership growth area that requires modeling integrity and making tough decisions.
  • Partnering with other executives and prioritizing security bugs in software engineering are essential in application security.
Authors: Adarsh Nair, Greeshma M R

Metaverse is the concept where rather than just viewing digital content, users can immerse themselves in a space where digital and physical worlds merge. Because of advances in digital technology, we are opening ourselves up to the possibility of being in a universe that is infinite. To mould this virtual environment in this new era of digital inquiry, it is necessary to make use of technology that focusses on privacy. However, just as there are some inherent risks and security issues with the Internet as it exists today, there will be risks that will need to be addressed as we move forward into a world of digital connection. Cybercriminals, obviously, are going to be a part of the metaverse and attempts to steal people's personal information and identities will be made. Identity thefts, unauthorized data collection, ransomware attacks, social engineering attacks, impact on mental health and perceptions, increase in deepfakes and so on, are few of the risks that this paper present. Identity theft could become even more prevalent in the metaverse unless strong security measures are enacted. It already runs as a multibillion-dollar industry, with the number of cases increasing by more than 50% from 2020's figures. Hackers can utilize virtual reality headsets and controllers to steal personal information, such as fingerprints and iris scanning, as well as facial geometries, from people who use them. Ransomware attackers could deny you access to your bank accounts or other critical platforms.The metaverse requires us to give up more personal information than we are used to — more than we currently do while using the internet — and this greatly raises the risk.People can be psychologically manipulated into revealing private information through social engineering. Hackers wishing to sell personal information on the Dark Web could potentially profit from the vast amounts of personal data that will be stored in the metaverse. Since metaverse is an immersive experience, the manipulated, disturbing visual content potentially spread by malicious elements can have higher impact than those consumed via the current web. People's perception of the actual world can be affected by the foundational technologies in virtual and augmented reality, according to a study by Stanford University researchers. Creating deepfakes of your metaverse avatar could be more plausible, which are a threat to the society that thrives on information consumption.As we move toward a world where nearly everything is done digitally, the risks of digital interaction will also increase. Passwords and usernames are no longer sufficient to prevent cyberattacks when viewed from a metaverse perspective. A comprehensive authentication solution can promise a more secure interaction and guarantee better user experience.
Authors: Lisa Nee

Quantum computing has been a fast growing technology that brings rewards and risks.  In the wrong hands, threat actors can decrypt codes that would take weeks or months. On the other side is quantum cryptography that, while still in development, could enable both the sender and recipient notifications of any eavesdropping which may satisfy privacy concerns of the transfer of data to the US which are subject to the US Patriot Act that enable government seizure of data without legal proceedings or notice. This discussion will introduce a high level basic understanding of quantum computing, international data transfer issues and quantum cryptography as a potential privacy solution, and begin the discussion of whether if and when such technology is available, is it part of an individual's privacy right to have the technology available or create a serious threat to national security and anti-terrorism.
Conference:  Transform X 2022
Authors: Jason Matheny, Alexandr Wang

Learn how Dr. Jason Matheny, CEO of the RAND Coporation, and his team of researchers seek to make the world safer and more secure, healthier and more prosperous providing insights on advanced technology to policymakers. Dr. Matheny will sit down with Scale CEO and Co-Founder Alexandr Wang to discuss many of the urgent challenges facing AI, healthcare, and public policy today. They discuss advances in synthetic biology and AI, including DeepMind's AlphaFold, have an enormous upside potential for medicine, but also pose a threat because it makes this technology more available for bad actors. Dr. Methany will also cover large language models and code generation tools, and how they will make developers and governments more efficient and more capable. He will also talk about whether AI’s offensive or defensive capabilities are more advantageous, and why public sector adoption of machine learning capabilities is so important. Other topics he will cover include how to ensure the US is a desirable destination for STEM talent including AI researchers, and how private sector technologists can provide value to policymakers to better understand technology and make more informed policy decisions. Dr. Matheny has served as Deputy Director of National Security, in other senior roles in the security field, and in various capacities in the healthcare industry.
Conference:  Transform X 2022
Authors: Dr. Craig Martell, Alexandr Wang

tldr - powered by Generative AI

The speaker discusses the importance of getting data right for successful implementation of AI in the Department of Defense. They also highlight the need for integrating cutting-edge technologists into the defense industrial base and the potential of AI in logistics.
  • AI is happening massively across the Department of Defense, but getting the data right allows for building a Marketplace that does AI correctly
  • Integrating cutting-edge technologists into the defense industrial base is crucial for successful implementation of AI
  • Reinforcement learning techniques can be applied to logistics challenges in the Department of Defense for massive taxpayer impact
Conference:  Transform X 2022
Authors: Dileep Thazhmon, Henrique Dubugras

tldr - powered by Generative AI

The panel discusses how leading FinTech companies are leveraging AI to transform their business operations and create a better customer experience in the spend management space.
  • Spend management involves supervising all supplier relationships and company purchasing to identify every dollar spent and get the most out of it.
  • New, customer-first vendors are disrupting the spend management industry with technology.
  • Henrique Dubugras and Dileep Thazhmon discuss how they created Brex and Jeeves to reinvent the space and apply AI to the correct parts of each organization.
  • Conduit offers technology-enabled solutions and services to help organizations deliver seamless personalized experiences while scaling operations, growing revenue, and reducing costs.