In what may be the greatest technical shift the Internet has seen, three of the network's major foundations are being overhauled simultaneously: IPv6, DNSSEC and the creation of hundreds of new top-level domains. Two of these technologies are direct responses to the artificial scarcity of names and addresses on the Internet, and one is meant to address the lack of trust we have in the Internet's fundamental architecture. Unfortunately the unexpected secondary effects of these changes have not been appropriately explored, and enterprise IT and risk teams need to come to grips with the fact that the products and processes they have honed over the last decade will not serve them well in the next.
This talk will provide a quick background of these technologies and the direct security impacts faced by network administrators today, even if you're "not using that yet". (Hint: You probably are, you just don't know it.) A great deal of modern fraud, spam and brand abuse infrastructure is based upon assumptions from the IPv4/old gTLD world, and we will explore which of these protections are completely useless and which can be retrofitted to provide some value. We will then explore the indirect impacts on monitoring, compliance, intrusion detection and prevention, and the future of enterprise architecture and defense.
Alex Stamos is the CTO of Artemis, the division of NCC Group that is taking on hard security problems starting with the .Secure gTLD. He was the co-founder of iSEC Partners, one of the world's premier security consultancies and also a part of NCC Group. Alex has spent his career building or improving secure, trustworthy systems, and is a noted expert in Internet infrastructure, cloud computing and mobile security. He is a frequently request speaker at conferences such as Black Hat, Defcon, Amazon ZonCon, Microsoft Blue Hat, FS-ISAC and Infragard. He holds a BSEE from the University of California, Berkeley and his personal security writings are available at http://unhandled.com.
Tom Ritter is a Security Consultant at iSEC Partners, a strategic digital security organization, performing application and system penetration testing and analysis for multiple platforms and environments. He graduated from Stevens Institute of Technology with a Masters in Computer Science; prior to iSEC, he has worked as a Security Engineer at a lead security consulting company and a Team Lead in .Net and SQL Server Development for a Financial Services Company. He has presented at security conferences in Europe, North and South America and is involved in IETF Working Groups relating the internet-standard secure protocols. His research interests are centered around cryptography, anonymity, and privacy.