Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NPO 要知道的資訊安全
Search
Allen Own
June 29, 2015
1
240
NPO 要知道的資訊安全
20150629 NetTuesday
Allen Own
June 29, 2015
Tweet
Share
More Decks by Allen Own
See All by Allen Own
20140714 SITCON Camp 揭開駭客的神祕面紗
allenown
2
580
PHPConf 2013 - 矛盾大對決
allenown
32
24k
PHPConf 2013 - 我的密碼沒加密,你的呢?
allenown
6
790
BoT2013 海量資料時代的網路分析
allenown
4
550
The Internet is (NOT) safe - WebConf Taiwan 2013
allenown
58
11k
Featured
See All Featured
Adopting Sorbet at Scale
ufuk
73
9k
What's in a price? How to price your products and services
michaelherold
243
12k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
92
16k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
231
17k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.2k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
328
21k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
22k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
41
2.1k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k
Transcript
/10⯁ΆỉⶳⰖయ֞ Ⓕᡳᜇ Allen Own
[email protected]
Ⴍચᯍ═ϫᐊ㏗֡ܦ
ⳝ⓱≼ύ ␃ុᙏ "MMFO0XO ৢடᬕ%&7$03&घ⨭㉅ BMMFOPXO!EFWDPSF ٪᧫㓲ஆൖፎ)*5$0/ᐥܓ ொ㉅㡩㓲ஆሟᇌစՁᎵơᣑ⼈ᡄ⮜
Hacks In Taiwan Conference Community 2015/8/28 ~ 29 தԝݚڀӃ
None
None
http://www.flickr.com/photos/42514833@N07/5246970893/ Cyberwar
http://en.wikipedia.org/wiki/Liebig's_law_of_the_minimum
ⶳయΦϨ⥝ᴑ Φأ㔑㏄ ΦϨể᷒ᎇ ΦⲐᒩ ᣑ⼆ᡄ⮚ ሲ⒣⭥⌕ ྭⱻ⭝ᵍ ⳻୷⼎ृ ˰̲ᣬ⌕ ⋸ྭⱻ
˰̲⢥᱙ ቆͥ㈠ⱙ สغずය
Πⵠ㦖
☱ٳڠධ֧ᷔ᷒৺ݥ 10
ٜⷍỉᦉ⾾ⱒ Ø ٤Βᴟ╹ֽתӲრᄚԺृگ Ø ृگ⯉ՓᰃṞᵑ㕸 Ø Җᐩ㋳θơͧҖ٩ါჽơʬᘟ⼟⨭য়ぞ*1 Ø ឧⱶᴚ㡢Ӭ̛㡮㡣՚ஆ⻇Ӭஈ⼟⨭ፖׁ
ฎฯᦡᡂ⍮Ⱅ 29.9% 6.4% 9.6% 13.1% 15.1% 25.9% Cross-Site Scripting SQL
Injection Business Logic Flaw Cross-Site Request Forgery Information Leakage Others
⯁Άኄ⓱ỉ༰⎖ɗ⯫㣟ɗႽ Ⴞ▏ฤӛ㏄⃥
㘓ాУểᆩᦡᡂ㦖
㘓ాУểᆩᦡᡂ㦖 Ø %BZ Ø ㆢஂሟᇌṕᕵἤ₳ơᣑ⼈㡦 ဪԺ㌬ዏො㞾 Ø %BZ Ø ἤ₳≕⊶ፄቭ⁰㡦்ဪϙ
⪒ḑ⾠Ձٓჿො㞾
%BZ"UUBDL ㊝ Ἅ ᘭ ể ᆩ ᦡ ᡂ ቴ
ኄ ℨ ગ ⯋ ᘳ ᆘ ᇒ И ⑻ ㍫
%BZ"UUBDL ㊝ Ἅ ᘭ ዓ ؐ ᏼ ጥ ℨ
ᑭ ᝒ ಇ ᏼ ጥ ቴ ኄ ℨ ગ ⯋ ᘳ ᆘ ᇒ И ⑻ ㍫
ⅫࠎㄐװҎ⭈ℨ Ø ℻ฐඦݘずԺፄቭ⁰ Ø ἤ₳ፄቭ⁰ϙ⪒ḑ⾠̶ Ø ߲⮜⼈⼱ϙ⪒⁰ဪԺխᬝᣩដ Ø ᆼ░ᬝᣩដሟᇌ⁰ Ø
ሟᇌௗ፫ፄቭḑ░ᬝΒᴟ
None
None
None
Big Data ગ⯋ᘳ֞⎛⹜ᆘᇒ
ᴊόỉⶳయጥ㕚㐖 Ø #JH%BUBዏ̧㡦㓲ஆ˥٩̩ᴟ㌪℀ơয়⬕ᕻˏᖤ℻Ҽ㡦 ቂϫ̹ᓹơ*1Wơᴖ╾өʼᴺḑ⋣ⶦ⼟⨭რᄚ㡦ဪԺөʼ ᴺፒˏᖤږፒᣩដƢ Ø 4IPEBOIUUQXXXTIPEBOIRDPN Ø ;PPN&ZFIUUQXXX[PPNFZFPSH Ø
*OUFSOFU$FOTVTIUUQJOUFSOFUDFOTVTCJUCVDLFUPSH
None
None
None
None
None
ⶳయΦϨᆲⰘ
ሟᇌ ⳽୷⭶ё ⋣ ⳽ቛൻ #PUOFU #PUOFUሯᇜ
ሟᇌ ⳽୷⭶ё ⋣ ⳽ቛൻ #PUOFU #PUOFUሯᇜ
None
None
None
None
ጥମ▕㦖〔♉ᶲ⭉ጥコ㦖 Ø ⋣ⶦ⭶ёơ⳽୷⭶ё˥ፒ୷ө㐹㋵㡦ᴖ╾٩ⓗࡻ᨟⭶ ёௐ╿ӧβ╾Ө⋣Ƣ Ø *P5ḑዏ̧㡦ஔ㌱ơ₺⪓⏀⨴٩⼙⋣㡦˥ፒ⩰ӧ βḑ㐹㋵Ƣ Ø ̹ᓹơஔˆᠮḑ⭶ё㡦₳ዅʵዅᮚӧஈ㡮
Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ኄ⓱
Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ኄ⓱
Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ኄ⓱
5BLFBXBZT Ø כୖ҆ϵཌྷ㡦୷өፄቭׁ฿ұ⼕୷⪓ Ø ٵ⭶ёḒፒ٩ⓗ᨟ሟᇌṕᕵ㡦ӧ˘խӔᏱ㉬ ⋣ⶦʲ୷өἤ₳ृگ㡦ዅ╹⨭㋥㌡ᡄ⮜ทӻʲ⌀ Ø ̹ᓹ฿㏪՟ஂ⳽୷˱̳⢦᱙401㡦˂ʺ⬕֒˱խơ ˱ˆơ˱ทḑٵ㏧⢦᱙㏧ṕ㡦Νਗᣑ⼈ᡄ⮜ơ୷ө ᣬ␑ơቆͦ㈢ⱛ℻Ƣ
2"
⭈ֆⲄ፧㦑44-య֞
None