Wednesday 4 October 16:00 - 17:30, Small talks
Neil Schwartzman (CAUCE)
On 25 May 2018, the European Union General Data Protection Regulation http://ec.europa.eu/justice/data-protection/reform/index_en.htm comes into effect.
WHOIS, one of the data systems critical to anti-abuse work, is profoundly affected by these new privacy laws. Some personal data, for example the email addresses of registrants, may be redacted from WHOIS.
To further complicate matters, ICANN has re-designed the WHOIS publication protocol, and there is a simultaneous move to switch to the new method, RDAP, which is currently being rolled-out. https://www.icann.org/news/announcement-2017-09-05-en
There are several groups within ICANN dealing with the changes envisioned to make WHOIS GDPR-compliant, none more hands-on than the GNSO RSD PDP working group, currently in discussions as to how best to comply with the GDPR, while maintaining a viable WHOIS service https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
Please join us for a discussion of all aspects of these impending changes.
Neil Schwartzman is a management consultant working with such clients as Apple Inc. and Mailchimp Inc. and has been involved in cybersecurity since 1994, when he wrote the world's first distributed spam filtering software.
Mr Schwartzman is the Executive Director of the Internet's oldest end-use advocacy group, the Coalition Against Unsolicited Commercial Email (CAUCE.org). In this capacity, he has been the Co-chair of the Messaging Anti-Abuse Working Group's (M3AAWG.org) Awards, Hosting, and Public Policy Committees, a founding member of the UCENet (a.k.a. The London Action Plan), a representative to the Anti-Phishing Working Group, the Stop Spam Alliance and the Anti-Spyware Coalition, and an appointed member of Canada's Federal Ministerial Task Force on Spam.
In 2012, he helped spearhead a yearlong external review and augmentation of cybersecurity and messaging anti-abuse best practices of the Organization of Economic Co-operation and Development's Anti-spam Toolkit undertaken by the London Action Plan, Industry Canada, MAAWG and CAUCE and presented these findings to the OECD, in Paris, France. He has participated in working groups of the U.S. Federal Communications Committee's 'Communications Security, Reliability and Interoperability Council' II and III specifically focused on the impact of malware and botnets.
Schwartzman won the first annual M3AAWG.org Mary Litynski Award for lifetime achievement in his work in anti-abuse.
Tiberius Axinte (Bitdefender)
This paper provides an in-depth analysis of the macOS version of the APT28 component known as XAgent. We will dissect the…
John Graham-Cumming (Cloudflare)
In February 2017, Cloudflare was revealed to have been leaking private information including HTTP headers, cookies and POST data…
Juan Andres Guerrero-Saade (Kaspersky Lab)
Costin Raiu (Kaspersky Lab)
Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt…