Online Privacy and Security
46
ONLINE PRIVACY AND SECURITY A PRACTICAL GUIDE BY ALEX HYER
-
Upload
alex-hyer -
Category
Technology
-
view
42 -
download
0
Transcript of Online Privacy and Security
ONLINE PRIVACY AND SECURITYA PRACTICAL GUIDE BY ALEX HYER
INTRODUCTIONWHO CARES AND WHY
WHY CARE?
• Largely personal/situational• Values• Activities• Paranoia
• Future Proofing• Passive Monitoring• Theft Protection
PRIVACY = SECURITY
• Unknown data cannot be used against you• Known data can be misconstrued• Legals things now may become illegal
Cost-Reward of Privacy
Difficulty Effectiveness
Cost
Rewa
rd
Cost-Reward of Privacy
Difficulty Effectiveness
Cost
Rewa
rdEveryone
The Concerned
The Cautious
The Paranoid
Criminals and
Dissidents
INTUITIONA HIGH-LEVEL SUMMARY OF HOW ONLINE SECURITY WORKS
GOAL
• Send private message/data• No one can view but intended recipient
• Prove message was from you• Uniquely sign message
KEYS
• Private Key• Sign your messages and decrypt others’ messages• For your eyes only• Encrypt and guard
• Public Key• Encrypt messages to you• For everyone• Often on public servers for download
ASYMMETRIC ENCRYPTION
Hello World
iQEcBAE…
Hello WorldPrivate Key Public Key
Encryption
Hello World Private Key hQEMA0l.
.. Public Key Hello World
Signing
PGP BLOCK
ENCRYPTED W/ PUBLIC KEYhQEMA0l5rOqhZR0XAQgAldtO8qyeZKNtYWyOHlAPMO9xPZCWz8y+o4GQPZmNjPtI1kc820MNeXM9kyHL0/dMLSWcNd/tpjbKnSEj5e+MRSnJF58t5HJs6AH1FQdeMc34gYIC3Mb08/Ekdyx3kA79fl5ctyWQPneM4HkROzPcpfEYrOaFxQ1B28PF9oZe3pxsfXMkuGZtqHYm1GbZdmIjtoEx12vXVW6Aae7XvW1h0gjmThTp36LHQdMd0LwCIeAboDUkruxN58LPnK8839PqycwVVA2LKiS/N+PzJoNn0pkwykvhLw6DPmbkyIiHHt+y3qNRklJ+99p5a+INsZ/OkVr/5iNlxm0QofA66AMADdJGAfKj5ki8L/4bpZfXIUb6OqVB0iPUEmbowS9McaqD1ED7+p9tvouBmUgv5NCoGwUY1XnY/LOo5+kjQs8SvY9Zax8YMtExow===KIk8
SIGNED W/ PRIVATE KEYiQEcBAEBCAAGBQJYlux1AAoJEEkyli9xA+LrEhQH/2QMdKU8C4pxXfzgwZLMmSYiA2MQLR1dbXN7VfsUsr47HHda+KK0mnwb8rJHn6A9UPsrFIRAxwf5u83Ixatf63A/YW0SEOYs79uRnS3jzc4VNFLN/kv/NbYuXE6qCk4HCbSlzWr4mIp5CJigIhpVbqTtlX1Ag0X0Dz8e7QLrndzbZsQ8ZA4OOIiQ9wmM1F88bWbPOG5BLeZrUaIgFezrxNHs/2TkC8HLE/UtLfN3ahlUwL0xfa+OvLUJEodKzP6afmsZXV1zNAdZS09i8YqAgKaLWqgOO69XIMW4rxcuZtblkJro8Op8k6ZGE5wfsaTAsNlQW68GaAFrjui58Fn0Y6Y==YeDb
FINGERPRINT
7A5B 1EF4 4599 0D5C C2BF 49E3 4932 962F 7103 E2EB
PUBLIC KEY EXAMPLEmQENBFiFfY8BCACsavJ7w7Xc2OUS3PE2ZPMBP6q/6WydGgNhrayxcrGYqo8JY2U5v3ethZ8150RbM+oF50YKozQvXkid13TlIq2K8ESYzUibzLvALWxaTZ6RLFicDYsxYCM1VvIliG0eJyonpuTtol2id5iQ3kaJbTjYl2py4PC5vKzsjoS8WdFpkpfYVk4B8BhIOXuIXpGAwbgR8qmBPlhGLIGjsLnIGgHFtGSaS5du96hBnUGWz0jau/DrAtuPHkkasAYAAwMrQahtTykh5EryCHkS08fCBvnfdPsGAldoXO04Ua7iABKrIISR2bou6CH7g8XyumTMvSP5k/ru+7thfQh3+SNSVeUtABEBAAG0LUFsZXggSHllciAtIFdpbmRvd3MgMTAgPHRoZW9uZWh5ZXJAZ21haWwuY29tPokBOQQTAQgAIwUCWIV9jwIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEEkyli9xA+LrUIYH/1knD6OhDXZwmQRLY/TIKSrXWRv7QUBqYMDcxPkKIesAL6uUCfQ6GzYoGdp06ngw46L54shgDK2n2yKHy5ew2g/2P/3FusbwKIxoltvNem5EvWvudZkbYy6Rs1zjduOAz/1xagGZEuQ4K4UTSKJChc9G+i2F5/g6LkZR4tUWFyAboC4f9gsPr8YKapOxnMmBxYpWCgwtKQHz1fgc8n0g5yLudFWn3ugh3yJhYRuGgu4kXIy1bsduP39JTUFpTCIWIaAXoZ2FbWkje8AurLIwB+Ul994X1a7xwnYdkt5MCvAHoKARPsDWHCjY5Ht8kvUUH6nxEqk3YyT8VDSfsZXH5pG5AQ0EWIV9jwEIAKr6qQ/37ElYT/OQHqlJ9Jd+mjjIaNmcTCInlIK8//3qSwB5Pg7srdaKG59uHPbhDlYR+nl3aCOycibAvG/+z28uCH9InW2uZiW/ejd+p+xzo4s85yJi4iifsZ8dPnVz/LT4/msRQCLSen0rmXidoNCggRPcUKj7qayii3739qGM0Il3Vptomiy5OzV9VOnYsMacnT93NsJZ8GKRgzYZRthci9xU6vgQL3MZge9WtupkLkLJ4bq6l+1qbSr7sp3LRVv9VziguVpom7uwki9Z6RiNTs1uuUyadAFvokgxtxihihW6+/gkP0hAE4ASS3ND2I4DMQX+2snABPcxtbzQeJkAEQEAAYkBHwQYAQgACQUCWIV9jwIbDAAKCRBJMpYvcQPi6yVvB/wMtYG7wvRPBj20OoIk+2LhEd6FFbZOE9fPRuqSJnUid2cnUTvfyyRDwvAd16l3EBzq4+k9FL7/93qmDpYjy2iHRnydeDU9INKF0OQQZJVBjN7CehX1jhB+OkKwoft8cR8HN/ZAMZE7vBEWSyyNUFftvXVlFQwx6bf2udkXnpgyDc1H9vtDnUx7DtWomTPLZw39WKdgHOSM0SaRaGCz5Gn1HPJzGGKjz6UMUCuMOqK2IuZLic6IUOmGrc1pUxydhfmVpMZF9yZyvL0/bi6TFVNg2FkMcV7lcOcezqscdqZGOIF05qEmox9NMV8h8liGp7rYd2JjFqlHz2dfhCbJmeeG
EASY PRIVACYPRIVACY FOR EVERYONE
ENCRYPT YOUR PHONE• Often defaults• Mitigates theft• Phones often vulnerable
once accessed
LOOKOUT
• Phone antivirus• Phone wipe and reset• GPS tracking and photos
SIGNAL PRIVATE MESSENGER• Fully featured texting app• End-to-end encryption• Only to Signal users
• Android, iOS• Optional password• Identity verification
FIREFOX
• Web Browser• Stops font fingerprinting• Innumerous plugins (uBlock Origin)• Transparency• Privacy Plugins
• HTTPS Everywhere• Better Privacy• Google Redirects Fixer
UBLOCK ORIGIN
• Best advertisement blocker• Stops “fingerprinting”
• Better quality-of-life• Prevents intrusive sites
ESET NOD32 ANTIVIRUS• Powerful antivirus• Consistent track record• 99.5% block rate• No false positives• Low-profile• F-Secure also a good option• Norton and McAfee are crap
MALWARE BYTES
• Useful anti-malware• Free for scans, costs for real
time• Broad range of software• Extremely fast• Compliments more specific
security software
PRIVACY FOR A LITTLE CHANGEPRIVACY TECHNIQUES WORTH THEIR TWO CENTS
PROTONMAIL
• Email service in Switzerland• End-to-end encryption• Like Signal, only encrypted
w/ ProtonMail users
WI-FI PRIVACY POLICE• Wi-Fi Control for Android• Stops location broadcasts• Prevent Man-In-The-Middle
attacks (MITM)
NETGUARD
• “No Root” Android Firewall• Control app internet traffic• Block IP addresses• Built-in ad servers if installed
via GitHub
TOR BROWSER
• Web Browser• Encrypts connections• Obscures identity• Bypasses firewalls
ORBOT AND ORFOX• Web Browser and Proxy for
Android• TOR Browser for Android• Force all internet traffic
through TOR
LINUX/GNU
• Privacy-Minded OS• Extremely secure• Many built-in privacy tools• Easy distributions• Mint• Ubuntu
WORTHWHILE PRIVACYCHANGING HABITS
KEEPASS 2
• Password manager and generator• Highly encrypted• *nix, Windows, macOS, Android,
iOS• Prevents password reuse• LastPass also good but less
control and not as tried and true
2FA
• Two-Factor Authentication• Prevents hacking less
robbery• Use everywhere available• Duo Mobile, Google
Authenticator
NOSCRIPT
• JavaScript, XSS, and Frame Controller• Biggest security culprits• Breaks most websites on
first visit, must whitelist
APPLOCK
• Android App Locker• Lock apps of interest• Prevent installing and
uninstalling app• Hides self from attackers
OPENVPN
• Open-Source VPN• Get a VPN in general• TOR
• Encrypts connection in vulnerable networks• DO NOT USE MOST PAID
SERVICES
SPREADING YOUR WINGSPRIVACY W/O APPS
GNUPG
• Key creator and manager• GNU Privacy Guard• All platforms• Create keypairs, give out public key as
needed• Encrypts keys• Encrypt and sign raw text
ENIGMAIL
• Email plugin for GnuPG• Need local email client• Requires setup• Complex w/ GMail
• Need initial setup• Password needed every time
you want to send encrypted email
OPENKEYCHAIN
• GnuPG for Android and iOS• Encrypt text and email
(when using K-9 Mail (Android only))• Intuitive management• Easy key sharing
technologies
BUNKERING DOWNEVADING THE NSA
TAILS
• Live USB OS• All internet traffic through TOR• Minimal functionality• Encrypted drive• Forgets everything when
turned off• MAC Spoofing
BITCOIN
• Cryptographic currency• Launder through Bitcoin
Tumblers• Anonymous• Difficult to track
DARK MAIL
• Email services via TOR• Some servers move
between countries• Identity just a random
string
MOBILITY
• Stay on the move• Use burner wireless routers• Use public Wi-Fi in new
locations w/ VPNs
CONSTANT EFFORT
• Always learning• Honing skills• Never messing up• Watching your back
PRIVACY IS IN YOUR HANDSTHE EFFORT IS WORTH THE REWARD
CONCLUSIONS
• More effort = better privacy and security• Effort input depends on your values/circumstance• Numerous apps available• Power is in your hands
