Protect your Privacy
24
PROTECT YOUR PRIVACY: SAFETY & SECURITY IN AN ONLINE WORLD Marcos Lopez-Carlson [email protected] @marcoscopic
-
Upload
marcos-lopez-carlson -
Category
Internet
-
view
18 -
download
2
Transcript of Protect your Privacy
PROTECT YOUR PRIVACY:SAFETY & SECURITY IN AN ONLINE WORLDMarcos Lopez-Carlson
@marcoscopic
TWIN CITIES MEDIA ALLIANCE
The Twin Cities Media Alliance began in the winter of 2005 with the mission of bringing together media professionals and engaged citizens to improve the quality, accountability and diversity of the local media, and giving the public the tools they need to become more active participants in the emerging media environment.
WHAT WE WILL COVER
What is privacy & security? What are the risks? Encryption; data security Password Management; access
security Browser Controls; surfing security Multifactors & Wifi protection; mobile
security
WHAT IS PRIVACY & SECURITY
Privacy is a changing idea and a reflection of the times
What was once considered public is now private, and vice versa
What do you think of when I mention privacy?
WHAT ARE THE RISKS?
Man in the middle attack: a third-party gets between two online sites, and impersonates both parties
Password theft: stealing passwords with a dictionary attack, wifi sniffing or recycled passwords from a compromised site
WiFi Sniffers: intercepts information packets between your computer and the network
Ransomware: malware which locks down your computer or files, demands a ransom in order to release the files
Malicious apps: malware which disguises itself as a legitimate app, often as a free version
WHAT IS ENCRYPTION?
Encryption is the process of encoding information so that only authorized parties can read it.
Unencrypted data is called plain text Encrypted data is called cipher text
Encryption is not new. It has been around as long as humans have been communicating privately…
HOW DOES ENCRYPTION WORK?
Information is encrypted using a key That key turns the plain text into cyphertext The encrypted message is transported The message is decrypted at the destination
128 bit encryption has 2128 possibilities or 1 in…
WHAT IS ENCRYPTION?
3,402,823,669,209,384,
634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000
HOW IS ENCRYPTION USED?
For safe browsing Preventing man-in-the-middle attacks
Online purchasing SSL keeps credit card information safe
Bank access SSL keeps bank account information secure
Data storage Use to keep offline, online and cloud files from
being legible
PASSWORD MANAGEMENT
Understanding weak vs strong passwords Weak passwords are simple and unimportant,
use them for websites which DO NOT have access to important information
Strong passwords are complex, use them for websites which have access to money and personal information (this includes Facebook!)
PASSWORD MANAGEMENT
What makes a good password?Avoid simple substitutions and words hint: p@ssw0rd is a terrible passwordDo not use common words and phrases
PASSWORD MANAGEMENT
One idea: Use a Password recipe-A simple recipe to turn URLs into passwordsEx. google.com1. Number of letters in the URL 92. Multiply by 2 183. Add the vowels ooeo4. Capitalize the first letter G5. Add symbol !
6. Google.com = 918ooeG!
PASSWORD MANAGEMENT
One thing to remember, length is the most important attribute!
https://blog.kaspersky.com/password-check/
PASSWORD MANAGEMENT
Password managers create and store your passwords. They also sync across devices.
Cloud based LastPass Dashlane
Locally available (with a USB) KeePass 1Password Password Safe
PASSWORD MANAGEMENT
Do NOT store your passwords in your browser. They are not encrypted, they are plain text
To store your passwords locally, use an encrypted file
BROWSING SAFELY
Using encryption when browsing
BROWSING SAFELY
Best browsers for security
#1 Firefox#2 Chrome#3 Opera#4 Safari#5 Internet Explorer
If possible, try to stick with one of the first three.
BROWSING SAFELY
Extensions, add-ons & tools:
Privacy Badger: blocks banner ads, pop-up ads, rollover ads, and more. It stops you from visiting known malware-hosting domains, and also disables third-party tracking cookies and scripts.
HTTPS Everywhere: automatically shunts your connection to a SSL when possible.
BROWSING SAFELY
What about private mode (or incognito mode)?
Prevents your browser from remembering what you have done…
Hence the name porn mode
Does NOT keep your ISP (internet service provider) from knowing your traffic, nor does it protect you from “man in the middle” attacks
MULTIFACTOR & WIFI SAFETY
Multifactor authentication requires MULTIPLE FORMS of identification
PIN numbers Memorized, like an ATM, or sent via text
messaging per login Biometrics
Fingerprint scanner, facial recognition, voice scanners
Security keys (Yubikey, et al) An encrypted USB key which confirms identity
Google Authenticator Secure key generated on your mobile device
PUBLIC SAFETY
When using public WiFi, protect yourself from WiFi sniffers, man-in-the-middle attacks and malicious snooping
Verify the name of the network you are using Turn off file sharing Use https Turn off WiFi if you are not using it Keep the private stuff (like banking) for home
MOBILE SECURITY
Use a PIN or other multifactor authenticator Use a device locator
iPhone, Find My Phone Android, Device Manager
Back up your phone data Consider encrypting your phone
Using a PIN or screen pattern decrypts phone iPhone screenlock automatically encrypts the
phone Turn it on in Android Settings
BEST PRACTICES
Be Password Smart Think twice before entering your password Don’t recycle passwords Consider a password manager & multifactor
authentication Browse like a Pro
Use https by default Turn off browser password & form autofilling
Be Safe in Public Use encryption Turn off file sharing
QUESTIONS?
PROTECT YOUR PRIVACY:SAFETY & SECURITY IN AN ONLINE WORLD
Marcos Lopez-Carlson
@marcoscopic
