Upgrade to Pro — share decks privately, control downloads, hide ads and more …

NPO 要知道的資訊安全

Allen Own
June 29, 2015
1
250

NPO 要知道的資訊安全

20150629 NetTuesday

Allen Own

June 29, 2015
Tweet

More Decks by Allen Own

See All by Allen Own
20140714 SITCON Camp 揭開駭客的神祕面紗
allenown
2
600
PHPConf 2013 - 矛盾大對決
allenown
32
24k
PHPConf 2013 - 我的密碼沒加密,你的呢?
allenown
6
800
BoT2013 海量資料時代的網路分析
allenown
4
550
The Internet is (NOT) safe - WebConf Taiwan 2013
allenown
58
11k

Featured

See All Featured
Faster Mobile Websites
deanohume
305
30k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
26
1.9k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
173
51k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
28
2.2k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.9k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
960
Building Flexible Design Systems
yeseniaperezcruz
328
38k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
How to Think Like a Performance Engineer
csswizardry
22
1.3k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
365
25k
GraphQLとの向き合い方2022年版
quramy
44
13k
Automating Front-end Workflow
addyosmani
1366
200k

Transcript

  1. /10⯁Ά⿬ỉⶳⰖయ֞ Ⓕᡳᜇ Allen Own [email protected] Ⴍચ౗ᯍ═ϫᐊ㏗֡ܦ

  2. ⳝ⓱≼ύ ␃ុᙏ "MMFO0XO  ࿵ৢடᬕ%&7$03&घ⨭㉅ BMMFOPXO!EFWDPSF ٪᧫㓲ஆൖፎ)*5$0/ᐥ฾࿜ܓ ொ㉅㡩㓲ஆሟᇌစ᝖ՁᎵơᣑ⼈ᡄ⮜

  3. Hacks In Taiwan Conference Community 2015/8/28 ~ 29 தԝݚڀӃ

  4. None
  5. None

  6. http://www.flickr.com/photos/42514833@N07/5246970893/ Cyberwar

  7. http://en.wikipedia.org/wiki/Liebig's_law_of_the_minimum

  8. ⶳయΦϨ⥝ᴑ Φأ㔑㏄ ΦϨể᷒ᎇ Φ໏Ⲑᒩ ᣑ⼆ᡄ⮚ ሲ⒣⭥⌕ ྭⱻ⭝ᵍ ⳻୷⼎ृ ˰̲ᣬ⌕ ⋸๾ྭⱻ

    ˰̲⢥᱙ ቆͥ㈠ⱙ สغずය

  9. Πⵠ㦖

  10. ☱ٳڠධ֧ᷔ᷒৺ݥ 10

  11. ٜⷍỉᦉ⾾᣼ⱒ Ø ٤Βᴟ╹ֽת೸ӲრᄚԺृگ Ø ृگ⯉ՓᰃṞᵑ㕸 Ø Җᐩ㋳θơͧҖ٩ါჽơʬᘟ⼟⨭য়ぞ*1 Ø ឧ೸ⱶᴚ㡢Ӭ̛㡮㡣՚ஆ࿶⻇Ӭஈ⼟⨭ፖׁ

  12. ฎฯᦡᡂ⍮Ⱅ 29.9% 6.4% 9.6% 13.1% 15.1% 25.9% Cross-Site Scripting SQL

    Injection Business Logic Flaw Cross-Site Request Forgery Information Leakage Others

  13. ⯁Ά⿬዗ኄ⓱ỉ༰⎖ɗ⯫㣟ɗႽ᠎ Ⴞ▏໭ฤӛ૊㏄⃥

  14. 㘓ా૏Уểᆩᦡᡂ㦖

  15. 㘓ా૏Уểᆩᦡᡂ㦖 Ø %BZ Ø ㆢஂሟᇌṕᕵἤ₳ơᣑ⼈㡦 ဪԺ㌬ዏ೽ො㞾 Ø %BZ Ø ἤ₳≕⊶ፄቭ⁰෇㡦்ဪϙ

    ⪒ḑ⾠Ձٓჿො㞾

  16. %BZ"UUBDL ㊝ ఺ Ἅ ᘭ ể ᆩ ᦡ ᡂ ቴ

    ౲ ዗ ኄ ℨ ๿ ગ ⯋ ᘳ ᆘ ᇒ И ⑻ ໏ ㍫

  17. %BZ"UUBDL ㊝ ఺ Ἅ ᘭ ዓ ؐ ᏼ ጥ ℨ

    ๿ ׷ ᑭ ᝒ ಇ ᏼ ጥ ቴ ౲ ዗ ኄ ℨ ๿ ગ ⯋ ᘳ ᆘ ᇒ И ⑻ ໏ ㍫

  18. ῜Ⅻ๞ࠎㄐװҎ⭈ℨ๿ Ø ℻ฐඦݘずԺፄቭ⁰෇ Ø ἤ₳ፄቭ⁰෇ϙ⪒ḑ⾠̶ Ø ߲⮜⼈⼱ϙ⪒⁰෇ဪԺխᬝᣩដ Ø ᆼ஺░ᬝᣩដሟᇌ⁰෇ Ø

    ሟᇌௗ፫ፄቭḑ░ᬝΒᴟ␹
  19. None
  20. None
  21. None

  22. Big Data ગ⯋ᘳ֞⎛⹜ᆘᇒ

  23. ᴊόỉⶳయጥ㕚㐖 Ø #JH%BUBዏ̧㡦㓲ஆ˥٩̩՗ᴟ㌪℀ơয়⬕ᕻˏᖤ℻Ҽ׈㡦 ௏ቂϫ̹ᓹơ*1Wơᴖ╾өʼᴺḑ⋣ⶦ⼟⨭რᄚ㡦ဪԺөʼ ᴺፒ৙௓ˏᖤږፒᣩដƢ Ø 4IPEBOIUUQXXXTIPEBOIRDPN Ø ;PPN&ZFIUUQXXX[PPNFZFPSH Ø

    *OUFSOFU$FOTVTIUUQJOUFSOFUDFOTVTCJUCVDLFUPSH
  24. None
  25. None
  26. None
  27. None
  28. None

  29. ⶳయΦϨᆲⰘ

  30. ሟᇌ␹ ⳽୷⭶ё ⋣⃳ ⳽ቛൻ #PUOFU #PUOFUሯᇜ

  31. ሟᇌ␹ ⳽୷⭶ё ⋣⃳ ⳽ቛൻ #PUOFU #PUOFUሯᇜ

  32. None
  33. None
  34. None
  35. None

  36. ጥମ▕㦖〔፽♉ᶲ⭉ጥコ㦖 Ø ⋣ⶦ⭶ёơ⳽୷⭶ё˥ፒ୷ө㐹㋵㡦ᴖ╾٩ⓗࡻ᨟⭶ ёௐ╿ӧβ╾Ө⋣Ƣ Ø *P5ḑዏ̧㡦ஔ㌱ơ₺࿵෇⪓⏀⨴٩⼙⋣㡦˥ፒ⩰ӧ βḑ㐹㋵Ƣ Ø ̹ᓹơஔˆᠮ⴦ḑ⭶ё㡦₳⃶ዅʵዅ෋ᮚӧஈ㡮

  37. Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ዗ኄ⓱

  38. Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ዗ኄ⓱

  39. Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ዗ኄ⓱

  40. 5BLFBXBZT Ø כୖ҆ϵ฾ཌྷ㡦୷ө຀ፄቭׁ฿ұ⼕୷⪓ Ø ٵ෇⭶ёḒፒ٩ⓗ࿜᨟ሟᇌṕᕵ㡦⴦ӧ˘խӔᏱ㉬ ⋣ⶦʲ୷өἤ₳ृگ㡦࿡ዅ╹⨭㋥㌡ᡄ⮜ทӻʲ⌀ Ø ̹ᓹ฿㏪՟ஂ⳽୷˱̳⢦᱙401㡦˂ʺ⬕֒˱խơ ˱ˆơ˱ทḑٵ㏧⢦᱙㏧ṕ㡦Νਗᣑ⼈ᡄ⮜ơ୷ө ᣬ␑ơቆͦ㈢ⱛ℻Ƣ

  41. 2"

  42. ⭈ֆⲄ፧㦑44-య֞

  43. None