Supply Chain Security — MIT 6.5660 Computer Security guest lecture

Скачать Supply Chain Security — MIT 6.5660 Computer Security guest lecture бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно Supply Chain Security — MIT 6.5660 Computer Security guest lecture или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Cкачать музыку Supply Chain Security — MIT 6.5660 Computer Security guest lecture бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео Supply Chain Security — MIT 6.5660 Computer Security guest lecture

This is a recording of a guest lecture I gave in MIT's 6.5660 Computer Security class (formerly 6.858) in May of 2023: https://css.csail.mit.edu/6.858/2023/ about supply chain security.

You can find the slides at https://jon.thesquareplanet.com/slide... (PDF: https://jon.thesquareplanet.com/slide.... The speaker notes have links to the original sources.

In the talk, I mention a list of people I'd recommend following. You can find that below. I generally link to people's websites where there is one so students can find the appropriate social media profile (or subscribe to blogs where applicable). The websites are often unimpressive or dated — prefer the social media channels where possible, as those are more likely to surface things written by other security folks that then get boosted by these people.

https://infosec.exchange/@SwiftOnSecu...
https://blog.cryptographyengineering....
https://filippo.io/
https://lock.cmpxchg8b.com/
https://infosec.exchange/@tqbf
https://scarybeastsecurity.blogspot.com/
https://securitycryptographywhatever....
https://ioc.exchange/@durumcrustulum
https://moxie.org/blog/
  / troyhunt
  / edgesecurity
https://thomasdullien.github.io/about/
  / lavados

This list is entirely subjective, biased, and will likely seem like an entirely random sample to many security folks. Many of the people on this list disagree with each other frequently. Many people should be on the list but aren't. And I'm sure some of them should be substituted for others that I forget right now. These are also people I've accumulated over the years, so there are almost certainly some that are less active in the security space now than they were, or have changed what they write about since when I first started following them. But hopefully it's a useful seed for finding more security content!

As for the question about "favorite attack" where I answer "near-miss hash collisions", here's one such example:   / 1648458205171953664  .

Chapters:

0:00:00 Lecture
0:57:46 Q&A
0:57:58 Does Amazon publish SBOMs?
0:59:03 What's your favorite kind of attack?
1:01:29 Why is it hard to know where things come from?
1:03:10 Advice for making a career in security
1:07:15 Does Amazon use SBOMs internally, and how big do they get?
1:08:27 Are supply chain security detected faster?
1:10:05 Can supply chain attacks be targeted?
1:10:53 How valuable is a PhD for a career in security?
1:12:57 What types of companies are looking for security engineers?
1:15:08 Useful classes/skills for a career in security?
1:19:42 What's your preferred text editor?