POPULARITY
2 episodes with eleanor saitta
2 episodes with eleanor saitta
2 episodes with eleanor saitta
2 episodes with eleanor saitta
This interview was recorded at GOTO Aarhus for GOTO Unscripted.gotopia.techRead the full transcription of this interview hereEleanor Saitta - International Security Researcher & Co-founder of Open Source Tool TrikeJez Humble - SRE at Google Cloud & Lecturer at UC BerkeleyRESOURCESEleanordymaxion.orglinkedin.com/in/dymaxion@Dymaxioninfosec.exchange/@dymaxionJezcontinuousdelivery.comgithub.com/jezhumblelinkedin.com/in/jez-humble@jezhumblesre.google/resourcesDESCRIPTIONWhether you're building a new system with an established team, trying to tame a legacy ecosystem, or starting from scratch, how you think about security and reliability has a big impact on how hard they are for you to achieve.In a candid conversation between security expert Eleanor Saitta and technology thought leader Jez Humble, the critical role of architectural clarity in ensuring robust security and resilience comes to the forefront. Saitta emphasizes the necessity of understanding and intentionally designing your architecture, highlighting the challenges faced by organizations in adapting to changing ecosystems. They discuss the dual aspects of security – external services and internal IT operations – shedding light on the potential risks associated with Windows and Office usage.Hear in this GOTO Unscripted talk about the significance of architectural awareness and basic IT hygiene in safeguarding organizations against security threats.RECOMMENDED BOOKSJez Humble & David Farley • Continuous DeliveryJez Humble, Joanne Molesky & Barry O'Reilly • Lean EnterpriseNicole Forsgren, Jez Humble & Gene Kim • AccelerateLiz Rice • Container SecurityLiz Rice • Kubernetes SecurityAaron Parecki • OAuth 2.0 SimplifiedAaron Parecki • OAuth 2.0 ServersErdal Ozkaya • Cybersecurity: The Beginner's GuideKim, Humble, Debois, Willis & Forsgren • The DevOps HandbookTwitterInstagramLinkedInFacebookLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted almost daily
This interview was recorded for GOTO Unscripted at GOTO Amsterdam.gotopia.techRead the full transcription of this interview hereEleanor Saitta - International Security Researcher & Co-founder of Open Source Tool TrikeAino Vonge Corry - Author of "Retrospectives Antipatterns"DESCRIPTIONIt's almost a given that you or your company will be hacked one day. How fast and how you react is the thing that makes the difference. Eleanor Saitta explains the ins and outs of an attack and what you should have in place to surpass it successfully. The interview is led by Aino Vonge Corry.RECOMMENDED BOOKSAino Vonge Corry • Retrospectives AntipatternsLiz Rice • Container SecurityLiz Rice • Kubernetes SecurityAaron Parecki • OAuth 2.0 SimplifiedAaron Parecki • OAuth 2.0 ServersAaron Parecki • The Little Book of OAuth 2.0 RFCsErdal Ozkaya • Cybersecurity: The Beginner's GuideRicher & Sanso • OAuth 2 in ActionWilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0TwitterLinkedInFacebookLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted almost daily
What does the future look like for queers? And what can we learn from queer history? In this episode I talk with Eleanor Saitta about how the current social media enviroment affects minorities, growing old as queer, and the value of intergenerational dialogue within the queer community. Eleanor Saitta is a hacker, designer, artist, writer, and barbarian. She makes a living and a vocation of understanding how complex transdiciplinary systems and stories fail and redesigning them to fail better. You can follow her at https://twitter.com/dymaxion Call for performers for the Attic Underground's season 3: https://docs.google.com/document/d/1aR_2EhVI7XgoOviZJku2jNU4GVSS2HASMEMBjezkx3g/edit?fbclid=IwAR2Kz4yW1CMFgtOtRpTHk_zEIIyApHmBj-bmu6w-S4959J6sX-Lnqd4mGGw The Attic: https://www.facebook.com/theatticfi/ https://www.instagram.com/theatticfi/ Follow Mira at: https://www.instagram.com/missvinylenvy/ https://twitter.com/miraeskelinen
Playing for Team Human today, cyber security expert Eleanor Saitta. Eleanor shares her deep knowledge on building secure and robust digital ecosystems. As Eleanor and Douglas converse on issues of privacy, encryption, and surveillance, a set of thought-provoking insights about online identity and human to human connection emerges. Does empathy scale across our cyber connections? Or is it confusion and distrust that are most apt to scale? Conversing over a shaky and intermittent VoIP connection, the question at hand seems to materialize within the interview. Luckily Saitta and Rushkoff overcome technical hurdles and find rapport and connection in a unique conversation that ultimately asks;What is real? How do I know I am me? Is it safe? Opening today’s episode, Douglas looks back on the life of friend, cyber culture pioneer, and co-founder of the Electronic Frontier Foundation John Perry Barlow. Rushkoff remembers Barlow and their shared optimism for cyberspace back in that hopeful moment before the commercialization and corporatization of the internet. Team Human features intro an outro music clips thanks to Fugazi and Dischord Records. Mid-show you heard music by Episode 68 guest Stacco Troncoso Join the team at Patreon to sustain this show in get access to live events, rewards, and access to the Team Human Slack Channel. See acast.com/privacy for privacy and opt-out information.
The O'Reilly Radar Podcast: Eleanor Saitta on security countermeasures at the human level, the relationship between security and design, and understanding security design as a separate discipline.This week's episode features a special cross-over conversation from the O'Reilly Security Podcast, which you can find on Stitcher, iTunes, SoundCloud, or RSS. O'Reilly's Courtney Nash chats with Eleanor Saitta, a security architect at Etsy. They talk about the importance of thinking of security in a human context and the increasingly critical relationship between security and design.Here are a few highlights: Detecting fraudulant patterns at the human level Look at banking fraud and fraud detection systems. Although financial malware is a real issue, and we are seeing more and more people who end up with malware running on their phones that then attacks bank authenticators or logs into their account and makes transfers. These are starting to be very real issues, let alone credit card numbers and all this kind of stuff. The biggest way that those attacks are stopped isn't by preventing code from running on people's machines, it's by detecting fraudulent patterns and transfers at the human level, and cutting things out at business rule levels, and much higher levels. In the worst case, it's someone goes into a bank physically and talks to someone, and has a conversation. That's just as much a part of the security countermeasure set as any number of anti-banking Trojan, anti-malware projects are. The relationship between security and design That whole process of coming into understanding the high risk world a little bit more was really, in some ways, it was really challenging for me because I'd spent probably eight years, nine years at that point when I first started getting involved in that community, doing big enterprise security. To come into this community and to realize that actually I know very little about how to create better security outcomes for human beings was an interesting thing to learn midway through my career. What it made me do was go back and think a lot about the relationship between security and design, and realize that one of the things that we need to do when we're building systems for, at the time, I was mostly thinking about high-risk people, but I've realized that this applies to any system. We need to understand not just what that user is worried about, but what the countermeasures that they can use to cancel out their adversaries attacks are, because we're dealing with that design space much more than we are with the code space. Now, if we can find things at the code level that give us new capabilities in that design space, that's amazing. So, being able to get rid of classes of low-level bugs, so we can stop thinking about them—great, that's a huge capability for the design space and the architecture space. All of the different things that we can do with cryptography, as far as using it to reduce the kinds of attacks that people can be subject to and giving them new invariants the system can let them use. Great, amazing capabilities, but the reason why they're interesting is because of how they shift that design space, and that has to be the thing that starts driving everything. Security design as a separate discipline There's a conversation between architecture and requirements and design. There has to be. None of these can act independently, but the thing that we don't see, the thing that I really don't see in the security community yet, is an understanding of security design as really a separate discipline. This is literally what I'm spending my time doing right now.
The O'Reilly Radar Podcast: Eleanor Saitta on security countermeasures at the human level, the relationship between security and design, and understanding security design as a separate discipline.This week's episode features a special cross-over conversation from the O'Reilly Security Podcast, which you can find on Stitcher, iTunes, SoundCloud, or RSS. O'Reilly's Courtney Nash chats with Eleanor Saitta, a security architect at Etsy. They talk about the importance of thinking of security in a human context and the increasingly critical relationship between security and design.Here are a few highlights: Detecting fraudulant patterns at the human level Look at banking fraud and fraud detection systems. Although financial malware is a real issue, and we are seeing more and more people who end up with malware running on their phones that then attacks bank authenticators or logs into their account and makes transfers. These are starting to be very real issues, let alone credit card numbers and all this kind of stuff. The biggest way that those attacks are stopped isn't by preventing code from running on people's machines, it's by detecting fraudulent patterns and transfers at the human level, and cutting things out at business rule levels, and much higher levels. In the worst case, it's someone goes into a bank physically and talks to someone, and has a conversation. That's just as much a part of the security countermeasure set as any number of anti-banking Trojan, anti-malware projects are. The relationship between security and design That whole process of coming into understanding the high risk world a little bit more was really, in some ways, it was really challenging for me because I'd spent probably eight years, nine years at that point when I first started getting involved in that community, doing big enterprise security. To come into this community and to realize that actually I know very little about how to create better security outcomes for human beings was an interesting thing to learn midway through my career. What it made me do was go back and think a lot about the relationship between security and design, and realize that one of the things that we need to do when we're building systems for, at the time, I was mostly thinking about high-risk people, but I've realized that this applies to any system. We need to understand not just what that user is worried about, but what the countermeasures that they can use to cancel out their adversaries attacks are, because we're dealing with that design space much more than we are with the code space. Now, if we can find things at the code level that give us new capabilities in that design space, that's amazing. So, being able to get rid of classes of low-level bugs, so we can stop thinking about them—great, that's a huge capability for the design space and the architecture space. All of the different things that we can do with cryptography, as far as using it to reduce the kinds of attacks that people can be subject to and giving them new invariants the system can let them use. Great, amazing capabilities, but the reason why they're interesting is because of how they shift that design space, and that has to be the thing that starts driving everything. Security design as a separate discipline There's a conversation between architecture and requirements and design. There has to be. None of these can act independently, but the thing that we don't see, the thing that I really don't see in the security community yet, is an understanding of security design as really a separate discipline. This is literally what I'm spending my time doing right now.
The O’Reilly Security Podcast: Systems, design, and emergent social structures.In this episode, I talk with Eleanor Saitta, a security architect at Etsy. We talk about how security isn’t really about what happens to computers—it’s about what happens to the people using those systems; the relationship between design and security; and shifting the industry’s focus to think about security as a product of shared human outcomes.Here are some highlights: Security is about what happens to people, not machines No one cares about what code is running on this machine or who authorized it or anything like that, except to the extent that it affects some human being. Now, because in many cases we don't have other options that don't involve interacting with some human being, we effectively do really care about what code runs on the machines. Of course, I don't want to pretend that the low level doesn't matter. Starting from that high level is beneficial in its ability to teach us what we actually do care about in the low level systems, and to highlight different ways of defending against attacks, or understanding attacks, that we wouldn't necessarily see if we only looked at the code. The relationship between design and security One of the things we hear about is security architecture and security design, where architecture is the big-scale stuff, and design is the little fiddly details. I'm not talking about that. I'm talking about the things that your UX team might be doing—looking at business rules in systems, looking at service design. Again, not from the technical sense, but from the sense that this is a piece of bureaucracy or an organization that's going to be interacting with human beings. What are the services that this bureaucracy or organization provides to these human beings, and what are the touchpoints for those interactions? It's designed way up at that high level, not at the level of the technical systems themselves. Security people understand this whole set of tactics they use to stay safe, but they don't necessarily understand how their tactics relate to people’s lives and the position from which they're interacting; they just think they're pre-existing things in the world. There's a real challenge there around how you get security people to see the things that they're already doing as structures and tactics and design responses that can then be [re]designed again. Security as a product of shared human outcomes [Etsy] is a really different kind of security organization, where the goal is not to be at all adversarial. In fact, a lot of effort has gone into getting away from that adversarial relationship. I think that as soon as everybody understands that, "Hey, we're all working for this collective good outcome," it's actually much easier to stay in that mindset of, "let's get there. Let's make sure that we don't get too off course." As long as you've got security as the gatekeepers in the combat boots who are going to stomp all over everything, it's not going to work. You have to have a collaborative approach.
The O’Reilly Security Podcast: Systems, design, and emergent social structures.In this episode, I talk with Eleanor Saitta, a security architect at Etsy. We talk about how security isn’t really about what happens to computers—it’s about what happens to the people using those systems; the relationship between design and security; and shifting the industry’s focus to think about security as a product of shared human outcomes.Here are some highlights: Security is about what happens to people, not machines No one cares about what code is running on this machine or who authorized it or anything like that, except to the extent that it affects some human being. Now, because in many cases we don't have other options that don't involve interacting with some human being, we effectively do really care about what code runs on the machines. Of course, I don't want to pretend that the low level doesn't matter. Starting from that high level is beneficial in its ability to teach us what we actually do care about in the low level systems, and to highlight different ways of defending against attacks, or understanding attacks, that we wouldn't necessarily see if we only looked at the code. The relationship between design and security One of the things we hear about is security architecture and security design, where architecture is the big-scale stuff, and design is the little fiddly details. I'm not talking about that. I'm talking about the things that your UX team might be doing—looking at business rules in systems, looking at service design. Again, not from the technical sense, but from the sense that this is a piece of bureaucracy or an organization that's going to be interacting with human beings. What are the services that this bureaucracy or organization provides to these human beings, and what are the touchpoints for those interactions? It's designed way up at that high level, not at the level of the technical systems themselves. Security people understand this whole set of tactics they use to stay safe, but they don't necessarily understand how their tactics relate to people’s lives and the position from which they're interacting; they just think they're pre-existing things in the world. There's a real challenge there around how you get security people to see the things that they're already doing as structures and tactics and design responses that can then be [re]designed again. Security as a product of shared human outcomes [Etsy] is a really different kind of security organization, where the goal is not to be at all adversarial. In fact, a lot of effort has gone into getting away from that adversarial relationship. I think that as soon as everybody understands that, "Hey, we're all working for this collective good outcome," it's actually much easier to stay in that mindset of, "let's get there. Let's make sure that we don't get too off course." As long as you've got security as the gatekeepers in the combat boots who are going to stomp all over everything, it's not going to work. You have to have a collaborative approach.
Eleanor is Etsy’s new Security Architect and "a hacker, designer, artist, writer, and barbarian." We talk with Eleanor about how to deal with data ethics and privacy.
James Bridle is a writer, artist, publisher and technologist usually based in London, UK. His work covers the intersection of literature, culture and the network. He has written for WIRED, ICON, Domus, Cabinet, the Atlantic and many other publications, and writes a regular column for the Observer newspaper on publishing and technology. In 2011, he coined the term “New Aesthetic”, and his ongoing research around this subject has been featured and discussed worldwide. His work, such as the Iraq War Historiography, an encyclopaedia of Wikipedia Changelogs, has been exhibited at galleries in the Europe, North and South America, Asia and Australia, and has been commissioned by organisations such as Artangel, Mu Eindhoven, and the Corcoran Gallery, Washington DC. Eleanor Saitta is a hacker, designer, artist and writer. She makes a living and a vocation of understanding how complex systems operate and redesigning them to work, or at least fail, better. Her work is transdisciplinary, using everything from... See acast.com/privacy for privacy and opt-out information.
In the post-Arab spring/occupy world we've seen a call to action for more tools to help acitivists do what they do. We've also seen a hodge-podge of tools being rolled out and touted as just what activists need. But security minded observers are not impressed. In fact, in some cases, they're horrified. In this podcast, which is plagued by a previously undetected Berlin wind, Eleanor Saitta sits down with me to go over the aspects of security and ethics that everyone involved should keep in mind as we develop and implement communication strategies for organizations and activists around the world.
Guest speaker: Peter Lamborn Wilson PROGRAM NOTES: [NOTE: The following quotations are by Peter Lamborn Wilson.] “Why are artists still meddling, or mediating, between people and their desires?” “All livelihoods are arts, from midwifery to war, nothing is mere labor.” [In reference to gift economies.] “The artist sacrifices talent for money. The audience sacrifices money for talent.” “One can no longer distinguish between cops and cop-culture, the media-induced hallucination of a society designed by its lawyers and police.” “Ten minutes in a video store should convince any impartial observer that we live in a police state of consciousness, far more pervasive than the Nazis.” “The first step in any real utopia is to look in the mirror and demand to know my true desires.” “I will argue that illegality means more than mere law-breaking. Illegality as a positive attribute of the Temporary Autonomous Zone implies that the very structure, or deepest motivation of the TAZ-group necessitates the overcoming of consensus values, and that this is true when even no statute or regulation has been broken.” “The Temporary Autonomous Zone should serve as the Matrix for the emergence of a Sorelian myth of uprising.” “The Temporary Autonomous Zone cannot be realized solely as a hedonic exercise any more than the revolution can be realized without dancing, as Emma Goldman put it.” “Today quilts. Tomorrow, perhaps, The Uprising!” Download MP3 PCs – Right click, select option Macs – Ctrl-Click, select option BrainMeats Podcast Episode 1 Occupy BrainMeats The inaugural episode of the BrainMeats podcast is devoted to the Occupy movement and what hackers and makers can do to support the protesters on the ground. Willow spoke over Skype to Ari Lacenski, Eleanor Saitta, Matthew Borgatti, Rubin Starset, and Smári McCarthy about the history of OWS, the meaning of illegibility within the movement, software tools for protesters, and more.
© 2020-2025 Ivy Podcast Discovery LLC
