Information security trends (IV)

In the future, all industries and fields will be digitalized, and all aspects of life cannot be separated from information technology. Different information technologies are intertwined to form a huge information world, which is much larger and more complex than our current Internet. Security problems are also complicated and serious. At that time, the vulnerabilities on my PC were very small. Think about it. In the past, your computer was intruded into and your rice cooker was intruded into. In the past, it was slow to access the Internet, and you will be given a meal later.

In this case, why should we use information technology? The title of this page is "Information Technology is a fox ". You know what it is, that is, you know that she may harm you, but you cannot help yourself. Why? Or because it is good enough to make you willing to take the risk.

When I was in high school, I learned photography and used film. In the summer, I had to hide myself in the dark room. Nowadays, they are all digital cameras. It's easy to watch with the camera. When I went to college, everyone used "Walk-Man" to listen to Walkman Cd AND MD. Now all MP3 files in a matchbox are ready, and the price is cheap.

I bought a second-hand CF card online. Take it back and use the data recovery software. There are several photos of criminal cases on the scene, with bloodshot spots. He also shot the victim. I don't know which police station has eliminated this card. If the investigation is initiated, some people must be affected. This kind of thing will not happen in the Age of film. But today, new problems have emerged.

What are these? Is a fox. It's amazing that you can't give up. However, sugar clothing is delicious and shells are difficult to block. With the rapid development of information technology, supporting security is hard to keep up. How many years after the car was invented, do you think about it? With seat belts and airbags, how many people will be killed in a car accident every year? If so many people die in a car accident every year, are they still driving? This is the essence of the fox.

During the World Cup this year, it was suggested that RFID should be installed on each player to precisely locate the players in real time and serve as an auxiliary basis for the referee. Although this was not done in the end, sooner or later the day will arrive (Note: Later, we learned that the marathon has started to use RFID to track the positions of contestants ).

(Here, I will omit several slides to explain RFID security issues)

I just talked about science fiction. In the real world, you can see new hot spots in the next several years: security issues of wireless communication technologies such as Wi-Fi, Bluetooth, WiMax, and UWB, and security issues of RFID, security issues of consumer personal electronic products, security issues of digital household appliances, and so on.

The more information technology is used in human society, the more wealth and honors will be carried by digital media. The more risks there will be information security risks, the more important information security technologies will be, the more important this career is.

There is now a foreign profession called security consultants to protect your real-world security. Services for enterprises and individuals. I guess: in the future, there may be information security consultants like this. It may also be quite popular, just like private doctors and lawyers outside China. Step 4: Information Security Enterprises may disappear, but the information security profession will never disappear-as long as humans still use information technology.

Thank you.

The above four "mantalk" are based on the PPT and remarks given at that time. At that time, there must be more than that, but the general meaning is that the question is "How long can a red flag be played. At that time, Vista just came out. After a preliminary study, I also thought about how long the red flag can be played. So I shared some ideas with you through the B105 Salon.

If you only focus on the technology, you will think that the red flag will fall if you cannot do it today. If you do so tomorrow, you will think that the red flag will continue to flow. However, from the general rule of things development, the red flag will never fall into a new and new way.

It's like digging oil. At the beginning, there was a lot of oil and it was easy to dig. Just a shovel was sprayed, so the distinction was not obvious. Later, the oil gradually fell short, and the hard-to-be-dug oil fields also needed to be dug. What should I do if some oil is dug up? Don't forget, before the oil digging, this shovel is a coal mining, before the coal mining, this shovel is a soil mining. There is no oil at the foot, and there is still helium on the head.

This is my opinion at the time, and I still think so. But now we are more confident. Because today, even from a technical point of view, the red flag can be played for several days.

I wrote in a Blog last year that for some types of vulnerabilities, DEP + ALSR + SEHOP is already on the cloud. Later, I spoke about security vulnerabilities in SSCON 2009 in the next ten years and proposed ways to combat these vulnerabilities in the future. There are roughly two categories: pornographic and violent. I also showed you a very yellow PoC (thanks for the arrangement of vessial, saving me the trouble of writing it ). The PoC is used because it is very PoC, harmless, and just a clear problem.

Yuange posted a picture (http://seclists.org/fulldisclosure/2010/Jan/614) on Full Disclosure that day, I didn't see that picture, but from the line of information left in Full Disclosure, it may also be a "very yellow" approach. However, it should have gone beyond the PoC category. This is probably the reason, so the image is not visible now. However, we can at least tell you that the red flag is still floating.