October: AI and Trust / Dumb Ransomware, Big Chaos

We’re happy to welcome our fellow groups Leading Cyber Ladies Toronto and OWASP Toronto to join us for this month’s special edition joint meetup and networking session!

Live and in-person at TMU + Live-Streamed on Discord

Date: Wednesday, October 29th
Time: 6:00 PM
In-Person Location: Room #103 at George Vari Engineering and Computing Centre (TMU), 245 Church Street, Toronto
Registration: Not required
Live-Stream: Although TASK is always best in-person, we will stream live again on Discord @ https://discord.gg/aXfY76xgVJ.

Topic: AI and Trust
Speaker: Bruce Schneier

Trusting a friend and trusting a service are fundamentally different. The former is personal and intimate, while the latter is impersonal and can scale to all of human society. The companies behind the current generative AI systems are poised to exploit that difference. Their intimate conversational nature will cause us to think of them as friends when they are actually services, and trusted confidants when they will actually be working against us. Moreover, any serious AI application requires us to be sure that the models are secure. The second is a matter of technology. The first is a matter of policy.

Bruce Schneier is an internationally renowned security technologist, called a "security guru" by the Economist. He is the New York Times best-selling author of 14 books -- including A Hacker's Mind -- as well as hundreds of articles, essays, and academic papers. His influential newsletter Crypto-Gram and blog Schneier on Security are read by over 250,000 people. Schneier is a fellow at the Berkman-Klein Center for Internet and Society at Harvard University, a Lecturer in Public Policy at the Harvard Kennedy School, a board member of the Electronic Frontier Foundation and AccessNow, and an advisory board member of EPIC and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.

Topic: Nicky - The Dumbest Ransomware You’ll Ever Respect
Speaker: Lee Kagan

Here’s the thing: not every security breakthrough comes wrapped in elite code and fancy research papers. Sometimes it looks like a hungover C# project written in 15 minutes — and still wipes the floor with every so-called “next-gen” endpoint product.

Meet Nicky: my deeply unimpressive ransomware that somehow became a five-year industry roast. It’s named after the movie Little Nicky  because it “nicks your files,” but don’t let the name fool you — this thing has been quietly  helping me show organizations from SMBs to insanely massive companies yell at their endpoint and security service purchases for refunds.  

In this talk, I’m finally going public-ish with it. You’ll see Nicky run  in a controlled lab, learn how something so stupid keeps slipping through billion-dollar defenses, and more importantly, takeaways for fighting ransomware that’s actually out there.

I’ll also show off a collection of free, weird, and brutally effective defensive tools and counterattack techniques — the kind of stuff you’ll never find on a Gartner report. Expect laughter, disbelief, and a few uncomfortable truths with plenty of bad words.

Lee Kagan is a long-time offensive security researcher, builder of purple teams, breaker of marketing claims, and loves long walks on a beach in autumn. Known for his technical depth and “say-it-how-it-is” delivery, Lee’s spent years showing organizations how to detect the stuff their tools swear doesn’t exist or will catch next upgrade on the roadmap maybe whenever who knows when.  He writes dumb code that makes smart points and believes in teaching through blunt truth, not fear or buzzwords.

When he’s not writing malware “for science,” he’s probably explaining why security isn’t a product, it’s a process — usually with pint and cigarette  in hand.

We look forward to see you all there!
The TASK Steering Committee