Upgrade to Pro — share decks privately, control downloads, hide ads and more …

NPO 要知道的資訊安全

Allen Own
June 29, 2015
1
240

NPO 要知道的資訊安全

20150629 NetTuesday

Allen Own

June 29, 2015
Tweet

More Decks by Allen Own

See All by Allen Own
20140714 SITCON Camp 揭開駭客的神祕面紗
allenown
2
580
PHPConf 2013 - 矛盾大對決
allenown
32
24k
PHPConf 2013 - 我的密碼沒加密,你的呢?
allenown
6
790
BoT2013 海量資料時代的網路分析
allenown
4
550
The Internet is (NOT) safe - WebConf Taiwan 2013
allenown
58
11k

Featured

See All Featured
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
27
840
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Rails Girls Zürich Keynote
gr2m
94
13k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k
Building a Scalable Design System with Sketch
lauravandoore
459
33k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
Writing Fast Ruby
sferik
627
61k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
Keith and Marios Guide to Fast Websites
keithpitt
409
22k
Building Flexible Design Systems
yeseniaperezcruz
327
38k

Transcript

  1. /10⯁Ά⿬ỉⶳⰖయ֞ Ⓕᡳᜇ Allen Own [email protected] Ⴍચ౗ᯍ═ϫᐊ㏗֡ܦ

  2. ⳝ⓱≼ύ ␃ុᙏ "MMFO0XO  ࿵ৢடᬕ%&7$03&घ⨭㉅ BMMFOPXO!EFWDPSF ٪᧫㓲ஆൖፎ)*5$0/ᐥ฾࿜ܓ ொ㉅㡩㓲ஆሟᇌစ᝖ՁᎵơᣑ⼈ᡄ⮜

  3. Hacks In Taiwan Conference Community 2015/8/28 ~ 29 தԝݚڀӃ

  4. None
  5. None

  6. http://www.flickr.com/photos/42514833@N07/5246970893/ Cyberwar

  7. http://en.wikipedia.org/wiki/Liebig's_law_of_the_minimum

  8. ⶳయΦϨ⥝ᴑ Φأ㔑㏄ ΦϨể᷒ᎇ Φ໏Ⲑᒩ ᣑ⼆ᡄ⮚ ሲ⒣⭥⌕ ྭⱻ⭝ᵍ ⳻୷⼎ृ ˰̲ᣬ⌕ ⋸๾ྭⱻ

    ˰̲⢥᱙ ቆͥ㈠ⱙ สغずය

  9. Πⵠ㦖

  10. ☱ٳڠධ֧ᷔ᷒৺ݥ 10

  11. ٜⷍỉᦉ⾾᣼ⱒ Ø ٤Βᴟ╹ֽת೸ӲრᄚԺृگ Ø ृگ⯉ՓᰃṞᵑ㕸 Ø Җᐩ㋳θơͧҖ٩ါჽơʬᘟ⼟⨭য়ぞ*1 Ø ឧ೸ⱶᴚ㡢Ӭ̛㡮㡣՚ஆ࿶⻇Ӭஈ⼟⨭ፖׁ

  12. ฎฯᦡᡂ⍮Ⱅ 29.9% 6.4% 9.6% 13.1% 15.1% 25.9% Cross-Site Scripting SQL

    Injection Business Logic Flaw Cross-Site Request Forgery Information Leakage Others

  13. ⯁Ά⿬዗ኄ⓱ỉ༰⎖ɗ⯫㣟ɗႽ᠎ Ⴞ▏໭ฤӛ૊㏄⃥

  14. 㘓ా૏Уểᆩᦡᡂ㦖

  15. 㘓ా૏Уểᆩᦡᡂ㦖 Ø %BZ Ø ㆢஂሟᇌṕᕵἤ₳ơᣑ⼈㡦 ဪԺ㌬ዏ೽ො㞾 Ø %BZ Ø ἤ₳≕⊶ፄቭ⁰෇㡦்ဪϙ

    ⪒ḑ⾠Ձٓჿො㞾

  16. %BZ"UUBDL ㊝ ఺ Ἅ ᘭ ể ᆩ ᦡ ᡂ ቴ

    ౲ ዗ ኄ ℨ ๿ ગ ⯋ ᘳ ᆘ ᇒ И ⑻ ໏ ㍫

  17. %BZ"UUBDL ㊝ ఺ Ἅ ᘭ ዓ ؐ ᏼ ጥ ℨ

    ๿ ׷ ᑭ ᝒ ಇ ᏼ ጥ ቴ ౲ ዗ ኄ ℨ ๿ ગ ⯋ ᘳ ᆘ ᇒ И ⑻ ໏ ㍫

  18. ῜Ⅻ๞ࠎㄐװҎ⭈ℨ๿ Ø ℻ฐඦݘずԺፄቭ⁰෇ Ø ἤ₳ፄቭ⁰෇ϙ⪒ḑ⾠̶ Ø ߲⮜⼈⼱ϙ⪒⁰෇ဪԺխᬝᣩដ Ø ᆼ஺░ᬝᣩដሟᇌ⁰෇ Ø

    ሟᇌௗ፫ፄቭḑ░ᬝΒᴟ␹
  19. None
  20. None
  21. None

  22. Big Data ગ⯋ᘳ֞⎛⹜ᆘᇒ

  23. ᴊόỉⶳయጥ㕚㐖 Ø #JH%BUBዏ̧㡦㓲ஆ˥٩̩՗ᴟ㌪℀ơয়⬕ᕻˏᖤ℻Ҽ׈㡦 ௏ቂϫ̹ᓹơ*1Wơᴖ╾өʼᴺḑ⋣ⶦ⼟⨭რᄚ㡦ဪԺөʼ ᴺፒ৙௓ˏᖤږፒᣩដƢ Ø 4IPEBOIUUQXXXTIPEBOIRDPN Ø ;PPN&ZFIUUQXXX[PPNFZFPSH Ø

    *OUFSOFU$FOTVTIUUQJOUFSOFUDFOTVTCJUCVDLFUPSH
  24. None
  25. None
  26. None
  27. None
  28. None

  29. ⶳయΦϨᆲⰘ

  30. ሟᇌ␹ ⳽୷⭶ё ⋣⃳ ⳽ቛൻ #PUOFU #PUOFUሯᇜ

  31. ሟᇌ␹ ⳽୷⭶ё ⋣⃳ ⳽ቛൻ #PUOFU #PUOFUሯᇜ

  32. None
  33. None
  34. None
  35. None

  36. ጥମ▕㦖〔፽♉ᶲ⭉ጥコ㦖 Ø ⋣ⶦ⭶ёơ⳽୷⭶ё˥ፒ୷ө㐹㋵㡦ᴖ╾٩ⓗࡻ᨟⭶ ёௐ╿ӧβ╾Ө⋣Ƣ Ø *P5ḑዏ̧㡦ஔ㌱ơ₺࿵෇⪓⏀⨴٩⼙⋣㡦˥ፒ⩰ӧ βḑ㐹㋵Ƣ Ø ̹ᓹơஔˆᠮ⴦ḑ⭶ё㡦₳⃶ዅʵዅ෋ᮚӧஈ㡮

  37. Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ዗ኄ⓱

  38. Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ዗ኄ⓱

  39. Ўᐎࣞ ㏄᪪ᯓ ⶳጓำ Ϯᖱ Ўᐎࣞ Ўᐎࣞ ዗ኄ⓱

  40. 5BLFBXBZT Ø כୖ҆ϵ฾ཌྷ㡦୷ө຀ፄቭׁ฿ұ⼕୷⪓ Ø ٵ෇⭶ёḒፒ٩ⓗ࿜᨟ሟᇌṕᕵ㡦⴦ӧ˘խӔᏱ㉬ ⋣ⶦʲ୷өἤ₳ृگ㡦࿡ዅ╹⨭㋥㌡ᡄ⮜ทӻʲ⌀ Ø ̹ᓹ฿㏪՟ஂ⳽୷˱̳⢦᱙401㡦˂ʺ⬕֒˱խơ ˱ˆơ˱ทḑٵ㏧⢦᱙㏧ṕ㡦Νਗᣑ⼈ᡄ⮜ơ୷ө ᣬ␑ơቆͦ㈢ⱛ℻Ƣ

  41. 2"

  42. ⭈ֆⲄ፧㦑44-య֞

  43. None