It’s a given that the use of cryptography is a good thing to protect confidentiality and privacy of one’s online activities. However, there are a variety of pieces of information and metadata that can still be useful to attribute the individual using the crypto. This talk will cover OPSEC concerns with using crypto (and when not to use it). Additionally, a tool for random generation of self-signed certs will be discussed.
John Bambenek is Manager of Threat Systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He has been engaged in security for 15 years researching security threats. He is a published author of several articles, book chapters and one book. He has contributed to IT security courses and certification exams covering such subjects as penetration testing, reverse engineering malware, forensics, and network security. He has participated in many incident investigations spanning the globe. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of criminal entities. @bambenek