Ax Sharma is Senior Security Researcher at Sonatype and engineer, who is passionate about perpetual learning. He is an expert in vulnerability research, software development, and web app security.
In his spare time, he loves exploiting vulnerabilities, ethically, and educating a wide range of audiences. He’s an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
In Ask Me Anything session with the Hacker Noon community, he shared his views on security issues, what episode of Black Mirror represents the privacy issues over the Internet the most and more!
1. Dangers of of phishing attacks on governmental structures
"The greatest danger, therefore, varies - from identity theft occurring at a local drivers’ licensing office, because of phishing; to election fraud at multiple counties/jurisdictions.
Technological solutions and security controls in a workplace are a must, but most attacks succeed due to some form of human error, therefore cybersecurity trainings (which are fun and not preachy/boring lectures; I know there’s Curricula, Ninjio, etc. who provide these in an interactive format…) for your employees are recommended."
2. How safe is it to share your Netflix account with several people?
"We’ve done it at some point in lives (college! ;)) but it’s not recommended.
Legal implications aside (i.e. Netflix’s terms may not allow it), you don’t know how the other person will handle your username/password. Will they share this with another ‘close’ friend without you knowing it?
Where will they “store” it? A piece of paper, or, for example, in their email account which has a really weak password? The attack surface simply expands."
3. Tips on staying secure while using video conferencing tools to work remotely?
"Limit the exposure of your video conferencing links and phone numbers (limited invites), password-protect the meetings, and vet your audience. But if I’m honest, this can’t be fully solved, in the context of Zoombombing. These “tips” are also futile for open-to-all webinars.
Zoombombing isn’t a technological vulnerability in my opinion but stems from the weakness in our “social interaction” protocols which we haven’t learned to adapt to, when interacting over the internet.
Much like anybody at an in-person meetup could “troll,” so can one online. The problem is, of course, online events have even lower standards of accountability and make anonymity easily viable."
4. The one thing to change in how the Internet works for everyone?
"Probably decelerate the path the internet is heading towards. The internet of 1990s feels very different from 2020. Of course, change is inevitable, but it should be for the better."
5. Which episode of Black Mirror represents the privacy issues in the Internet the best?
"Let’s start with Nosedive?"