lecture: Spectre & Co. For Mere Mortals
How To Explain Risk To Muggles
A new language is needed to explain tough bits of computer science and engineering like Meltdown, Spectre, Rowhammer und Ko. simpler without diluting security properties. This talk will provide footage/imagery for such an endeavour, metaphorically speaking.
With vulnerabilities, exploits, and risks getting more complex by the week, it becomes increasingly difficult to explain central new developments in security to laymen. What's more, even a lot of IT and sometimes security folks struggle with understanding Meltdown, Spectre, Rowhammer, or KRACK in sufficient detail to soundly evaluate their impact on a specific infrastructure.
In the last months, I have played with and researched different kinds of allegories that can help Jane and John Doe grasp the risk brought by, say, Spectre, to their AWS-hosted pie recipe server - or human rights activists and other educated tech-laypeople better judge their exposure. For junior security researchers the metaphors I am proposing can help with a racing start into an exciting new topic, or world.
Caution: Presentation will contain bars, drinks, and might contain traces of the inevitable cat.
Start time: 17:00