In the spring of 2014 starttls.info was launched. A simple service to measure and grade the RFC 3207 STARTTLS support of the mailservers for any given domain, it was quickly embraced by ACLU and EFF. Used as a reference site, major service providers around the world were persuaded very quickly to implemented support for RFC 3207.
This talk will summarize the history & current status of worldwide RFC3207 adoption. It will also look at upcoming solutions that will further enhance the security of email and keep the bad guys from unlawfully intercepting & monitoring your private communication.
Above average interested in Passwords. The guy who has convinced the Norwegian government to recommend (& soon standardize) the use of RFC 3207 STARTTLS, as the first country in the world to do so. Engineering Responsible Data Governance - A Privacy by Design Primer The data “gate keepers” – companies that gather and process data using technologies ranging from mobile/wearable devices to Big Data – have the opportunity to be the guardians of privacy. This role can be realized only through the work of practitioners that can design for data security and privacy. While RSA Conference sparked the vision in my minds of management, this session calls upon the DefCon community to make it happen. This talk uses case studies to explore Privacy by Design (PbD), a systems engineering approach that accounts for privacy throughout a lifecycle. Attendees will learn how to apply the seven principles of PbD to account for privacy concerns while delivering on a system’s business requirements. They will also learn how to become trusted advisors to organization working to integrate PbD into their development programs.
Steven F. Fox is an infosec polymath – bringing a cross-disciplinary, international perspective to the practice of information security; combining his security architecture/engineering, consulting, an IT Audit and systems engineering expertise with principles from behavioral/organizational psychology to address security challenges. He is a blogger covering IT Governance, Risk Management and IT-Business fusion topics. He also volunteers his time to the Ponemon Institute and Circle City Con.