Tag: security

This is the content tagged with security, here you can find content from the blog, projects and publications.

Blog

Privacy in machine learning: a concept now more formal and tangible

(Only spanish version) Data processing involves a myriad of problems, mostly in the processing phase. In this post we will talk about the solutions offered by cryptography.

Renovating my internal network

(Only spanish version) A week ago I renewed my home network, here I tell you how to configure a mesh router, the topology I used for my internal network and a very cool service I found, NextDNS.

Certificados digitales, ¿son seguras las páginas a las que nos conectamos?

El número de certificados digitales continúa creciendo y ha obligado a las organizaciones a evaluar cómo administran el ciclo de vida de sus certificados para evitar ataques debido a un mal uso de éstos.

Building your passwordless application

(Only Spanish version) The use of passwords as an authentication mechanism does not guarantee the security of our accounts. Although there is no definitive security measure, passwordless is a step forward in improving user security and convenience. Are we at the beginning of the end of passwords?

Passwordless: The end of passwords

(Only spanish version) The use of passwords as an authentication mechanism does not guarantee the security of our accounts. Although there is no definitive security measure, passwordless is a step forward in improving user security and convenience. Are we at the beginning of the end of passwords?

Self Sovereign Identity Centralized Identity under user control

(Only spanish version) Digital services have forced us to live surrounded by credentials. Their mismanagement by users or providers represents a danger to our privacy and can be very costly to store them. We continue to delve into a new technology focused on solving this: Self Sovereign Identity.

[CON] ¡Y se ARmó la Marimorena! Cybersecurity in Augmented Reality

Two month ago Miguel and I were giving a two hours workshop/talk in Valencia about augmented reality mixed with cybersecurity and the objective of improving the physical places and documents security.

[CON] TizonaConf: Cybersecurity in industrial environments

Day by day I’m getting used to going CONS on the weekends and the ones I like the most are the ones where I can feel a friendship mood surrounding the place and where people are open to talk, hangout and share.

[CON] ¿Qué hay detrás de los mayordomos virtuales?

Last Saturday, I was invited to talk about privacy in the x1RedMásSegura congress. This event aims to teach about the dangerous part of the internet and how to prevent the risks of surfing the net.

[CON] Espías domésticos: A talk about virtual voice assistants

This weekend I went Granada to speak in JASyP (Jornadas de Anonimato, Seguridad y Privacidad) about Virtual Voice Assistants. If you are near Granada or yo are curious about security and privacy, I recommend you to contact with them.

Publications

TALK

Cybersecurity 101

Cybersecurity may be something complex to define when you are an SME. It is even harder if you must plan it inside a budget because of its economic cost. In this talk, I introduce cybersecurity focusing in which objectives should be implemented first and which ones, I think, have better cost-efficiency in the security and resiliency of the company.

Passwordless: No password security paradigm

BBVA Next Technologies has celebrated in style the international cybersecurity day sharing their knowledge about new technologies and cybersecurity. In this presentation, I talk about how to integrate passwordless in an organization and the considerations we have to keep in mind.

Construyendo tu aplicación passwordless

After the las post about passwordless, we continue working in this technology line about FIDO2, a standard that allows build a web application compatible with the mayority of the browsers and authenticate us througth a dactilar sensor in our smartphone or laptop.

BBVA NEXT

Passwordless: The passwords end

Passwords are not a guaranty of security. Althougth, there is not a definitive method in the user or services authentication, passwordless is another step in order to improve security and usability. Are we in the start of the end of password authentication?

BBVA NEXT

Self Sovereign Identity Identidad centralizada bajo el control del usuario

We live surrounded by hundreds of credentials. A bad management, by users or providers, is a risk for our privacy and keeping them safe suppose a big cost.

¡Y se ARmó la Marimorena! Seguridad en Realidad Aumentada

Augmented Reality (AR) is a technology that allows us to show digital objects inside the physical reality using a special set of glasses or a smartphone. This appealing technology is closer than ever and in this workshop we would like to anticipate the future in an exercise of innovation.

Cybersecurity module in Quality, Audit and Security subject

External teacher in Valladolid University. This is the Quality, audit and security module of the Big Data Master degree. I talked about basic concepts of security and audit metodologies focused in projects with big amounts of data.

Análisis de seguridad de asistentes virtuales

Tizona addresses the issue of cybersecurity in industrial environments. Following my usual topics, I talked about smart assistants. Right now this kind of devices are not present in this kind of places, but it isn’t uncommon thinking about a near future where people are using this type of interfaces in order to manage complex tasks in the industry.

BBVA NEXT

Project Alias, privacy in virtual voice assistants

Privacy and voice assistans are not good friends. This is causing the creation of projects like Alias. This “parasites” taken control of the voice assistants helping to protect user privacy. Is this the final solution?

BBVA NEXT

Introducción a los mecanismos de privacidad basados en tecnología blockchain

There are several new cryptocoins in the market. Some of them have innovative properties which could change the market. In this document, the most important alternatives has been low level analyzed.

Phreaking is alive! Abusing GSM: Covert channels using AT commands

From the '60s and '70s, the hacker community started to design tools and procedures in order to take advantage of telephone networks (such as blue boxes, phreaking, etc.). These oldschool hacking stuff is coming back with the commercialitation of cheap open hardware which establish new threats.

BBVA NEXT

Tendencias en Certificación Digital

Certificate transparency is a change in the traditional digital certification mechanisms. Maybe it is not obvious for an user but companies like Google are going to force, througth this technology, how the big actors in the certification market should work.

← All tags