Media, Popular Misconceptions, and the CSI Effect – What Does It Mean for InfoSec and Tech Policy?

Presented at HOPE X (2014), July 18, 2014, 11 a.m. (60 minutes).

Forensics is tedious and occasionally mind numbing. Exploit discovery and development is extremely detail oriented, and requires strong coding skills. Good Blue Team defensive strategy and implementation is team based, precise, and careful. But put a white lab coat on and, apparently, it's all magic! From Abby's "It's commercial encryption, so it's Cracked!" to CSI's famous, "Enhance! Magnify! Enhance!," the tropes of the popular entertainment world follow Arthur C. Clarke's famous saying" "Sufficiently advanced technology is indistinguishable from magic." So let's make all techs wizards! How does this popular view of tech wizardry help our hacker world? How does it hurt us, when we have to enter the courtroom, either as an expert witness, or as a defendant? How can you, when put into one of these situations, defuse these tropes and make them work for you, or at least not hurt you? Does this distorted world view hurt or help technical people, companies, organizations, and agencies, in the world of tech policy, governmental regulations, and National Security Letters? Let's talk.


Presenters:

  • Joshua Marpet
    Joshua Marpet is an adjunct professor at Wilmington University, where he teaches digital forensics, Linux, ethical hacking, and the ethics of information security, among other courses. He has been featured in Scientific American, the Miami Herald, Hurriyet News, Gizmodo, Techcrunch, EBRU-TV, and many other media outlets. Joshua is an internationally respected digital forensics expert and a former senior information security analyst for the Federal Reserve Bank of Philadelphia. He is also a former police officer from St. Tammany's Parish sheriff's office, and a former volunteer firefighter from New Jersey. In other words, he's done all of his childhood dream jobs except astronaut, and he's working on that!
  • Sandy Clark / Mouse as Sandy Clark (Mouse)
    Sandy Clark (Mouse) has been taking things apart since the age of two, and still hasn't learned to put them back together. She is a security researcher and Ph.D. candidate at the University of Pennsylvania. Her research focuses on understanding the mechanisms driving the computer security arms race and in modeling the cyber-security ecosystem. A founding member of TOOOL-USA, she also enjoys infrastructure hacking and exploring the myriad fascinating and unexpected ways that systems interact.

Links: