SeaGL speaker Q&A: Charlotte Tan

Charlotte gives her talk titled, “SSL/TLS Primer” on Saturday afternoon.

Q: Could you please introduce yourself and tell us a little about your background?

A: I’m a software developer, currently at ExtraHop Networks, and I’ve been working on networking appliances my entire professional life. I’ve spent way too much time writing single-purpose hash tables, staring at hex dumps, and scanning packet captures. As someone whose work has benefited a lot from open source, I thought it was past time to contribute something more!

Q: Without tipping your hand on the actual talk, can you give us an idea of what we might expect?

A: TLS is the most widely used cryptographic protocol, and most software developers will run into it at some point, but it can be intimidating! My ambitious goal is to demystify parts of it from the high-level motivations down to the nitty-gritty details on the wire.

Q: Is this your first visit to SeaGL? If so, what are your expectations? If not, can you give us your impressions of the event?

A: This is my first visit! It’s the nature of the software industry that you tend to specialize, so I always appreciate the chance to hear from a wide variety of people doing different things. I’m loving the scope of the talks on the docket!

Q: Do you want to rant about network security?

A: Yes! With the recent DNS outage due to a DDoS attack, internet of things vendors need to get their bananas together and implement basic things like randomized default passwords and (at least) basic authentication and encryption! ISPs also need to take responsibility for mitigations like reverse path check for spoofing and reflection attacks. There aren’t many simple solutions, but as the internet grows, we need to think very hard about the security implications of end to end connectivity.