TBLC: Online Safety
105
ONLINE SAFETY PRESENTED TO: TBLC 2-PART SERIES
-
Upload
diana-silveira -
Category
Technology
-
view
328 -
download
1
Transcript of TBLC: Online Safety
ONLINE SAFETYPRESENTED TO: TBLC
2-PART SERIES
AGENDA• Overall privacy issues and some solutions
• Threats to online security
• How to best prepare our users to stay safe in the digital age
OVERALL PRIVACY ISSUES & SOME SOLUTIONS
THREATS TO ONLINE SECURITY
BASICS OF SECURING ACCOUNTS
PASSWORDS AND SECRET QUESTIONS
Image: http://tinyurl.com/zxoofk8Generator: http://passwordsgenerator.net/
PASSWORD MANAGERS
• Lastpass
• Dashlane
• Firefox
• KeePassX (works on Linux & Mac)
Chart Source: http://goo.gl/uBwhw
TWO-STEP AUTHENTICATION
AMAZON
Your Account > Change Account Settings > Advanced Security Settings
OTHER SITES WITH 2-STEP AUTHENTICATION
Apple
Microsoft
FINGERPRINT AUTHENTICATION
PATTERN RECOGNITION
WHAT’S NEXT?
More biometrics – iris scans
NFC
MALWARE AND HACKERS
CLICK BAIT
PHISHERS
Image: http://goo.gl/Tr3uUm
PROTECTION FROM: ANTI-MALWARE & OTHER THREATS
Clamav
Malwarebytes
Mobile Protection from: Anti-Malware & Other Threats
Norton Security
Lookout Security
MINIMIZING OUR FOOTPRINTS
CHOOSING A BROWSER
Chrome
Firefox
Edge
Tor
Internet Explorer
WHAT BROWSER DO YOU USE? YOUR PUBLIC PCS?
PRIVACY EXTENSIONS FOR CHROME & FIREFOX
WOT
LIGHTBEAM* FIREFOX ONLY
AD BLOCK PLUS
BEWARE THOUGH OF
PHONYPRIVACY APPS
PRIVACY BADGER
NO SCRIPT*FIREFOX
NO SCRIPT LITE*CHROME
Firefox Only
BE AWARE….MANY EXTENSIONS EXTEND YOUR DIGITAL FOOTPRINTS
SETTINGS TO CONSIDER
CHROME
FIREFOX
CHANGING YOUR SEARCH ENGINE
DUCK DUCK GO
DISCONNECTME
ALTERNATIVE BROWSER:TOR
Creating a more secure Tor:https://www.torproject.org/docs/bridges
• Disables: Flash, RealPlayer,
Quicktime, and others
• Keeps websites from tracking
• Useful to keep internet activities
away from advertisers, ISPs, and
web sites.
• Great for browsing on public
networks
• Will not stop the NSA
More @http://goo.gl/etffO5
Internet Explorer & the new Edge
http://tinyurl.com/oc9pv2q
Wi-Fi SenseCortana and more
BROWSING TIPS
HTTP V. HTTPS: WHAT DOES IT MEAN?
HTTPS server are encrypted by a secure certificate known as an SSL. The encryption prevents third-parties from eavesdropping on communications to and from the server.
Great Articles to Learn More: https://www.eff.org/https-everywhereWhat Every Librarian Needs to Know…
HTTPShttps://letsencrypt.org/
Demand vendors
MAKE SURE IF BOTH HTTP AND HTTPS
OPTIONS ARE AVAILABLE YOU USE HTTPS FOR
OUTGOING LINKS
PRIVATE TABS
EVALUATE YOUR OPERATING SYSTEM
BENEFITS TO LINUX
- Open Source
- Host your own cloud space, RSS Reader and/or Website
- Revive an old PC
- Less prone to malware/viruses than Windows/Apple
- Its Free
LEAVING MICROSOFT & APPLE BEHIND
ALTERNATIVE EMAIL SERVICES
• Set up your own
• hushmail
• zoho
• riseup
Key is to separate your search & your
identity as much as possible
ENCYPTING OUR COMMUNICATION
More Top Privacy Apps:http://thehackernews.com/2015/04/android-privacy-security-apps.html
ADDITIONAL PRIVACY APPS
• Open Whispers (Calling & Messaging)
• Crypt4All Lite (AES) (android only) (apple apps)
• Orbot (Tor for Android)
• AppLock
ONLINE SAFETYPART 2
REVIEW & QUESTIONS
USING ENCRYPTED SERVICES
• To be effective both parties must be
using the same service
MOBILE PHONES
OPEN HOTSPOTS
• Using OrFox or Orbot
Browsers for encrypted
browsing
SECURITY
• Passwords!
• Pins!
• Patterns!
• SOMETHING
MALWARE & VIRUS SCANS
Apple:KasperskyLookoutNorton
APP PRIVACY
• Android: AppLock
• Windows: Guest User
• Apple: Social Lock
• More at: https://guardianproject.info/
SOCIAL MEDIA
Don’t forget to set up 2-
step authentication
in Login Approvals
WHO CAN SEE YOUR FRIENDS?
CUSTOM PRIVACY ON A POST OR PICTURE
WHAT ARE YOU SHARING?
• Name, profile picture, age, sex, birthday, and other public info
• Entire friend list
• Everything you’ve ever posted on your timeline
• All of your photos and photos you’re tagged in
• Education history
• Location
• Hometown and current city
• Everything you’ve ever liked
• IP address
• Info about the device you’re using including browser and language
PRIVACY CHECK UP IS THE BEST REMEDY
RULES OF THUMB FOR LIBRARIES
• Post Pictures
• Allow tagging/but don’t tag
• Allow people to tag you
• Set up Filters in settings
• Have a general SM Policy
• Social Media is an engagement
tool & a conversation
WHAT TIPS DO YOU PROVIDE USERS WITH FOR SOCIAL MEDIA ACCOUNTS?
HOW TO BEST PREPARE OUR USERS TO STAY SAFE IN THE DIGITAL AGE
Full List: https://www.eff.org/who-has-your-back-government-data-requests-2015
Follow Canary Watch (https://canarywatch.org/)
“Warrant canary" is a colloquial term for a regularly published statement that a service
provider has not received legal process that it would be prohibited from saying it had
received, such as a national security letter. Canarywatch tracks and documents these
statements.”
https://twitter.com/warrantcanary
ORGANIZE A CRYPTO PARTY
FURTHER DISCUSSION
WHAT IS GOOGLE COLLECTING?
Is Google trustworthy?
IS APPLE TRUSTWORTHY?
With everything about Apple in the news lately – do you trust them more with your
data?
http://tinyurl.com/olkylechttp://tinyurl.com/h2v8zej
WHAT CAN WE DO AS LIBRARIANS?
“ONE OF THE KEY QUESTIONS FOR THE COMING YEARS IS:
HOW CAN WE ENSURE THAT DIGITISATION BENEFITS AS MANY PEOPLE AS POSSIBLE?
HOW CAN WE ENSURE THAT DIGITISATION TRIGGERS A CREATIVE EXPLOSION WHICH LEADS TO MORE FREEDOM, MORE PARTICIPATION, MORE SECURITY,
MORE PROSPERITY AND MORE JUSTICE?
WE NEED TO TALK ABOUT THIS, BUT ABOVE ALL WE NEED TO ACT, BECAUSE THE FIGHT FOR A FAIR AND JUST SOCIETY FOR THE FUTURE STARTS NOW.”
- Martin Schulz, Keynote speech at #CPDP2016 on Technological, Totalitarianism, Politics and Democracy http://tinyurl.com/z62b6p9
FCC PROPOSES NEW PRIVACY REGULATIONS FOR ISPS
• http://transition.fcc.gov/Daily_Releases
/Daily_Business/2016/db0310/DOC-
338159A1.pdf
• http://www.wired.com/2016/03/fcc-
preparing-strongest-privacy-rules-
ever/
• http://n.pr/1MmL3Ov
WHAT OTHER THREATS DO YOU SEE TO ONLINE SAFETY?
QUESTIONS
STAYED INVOLVED & INFORMED
• Library Freedom Project
• https://www.eff.org/
• http://www.wired.com/category/security/
• https://nsa.gov1.info/data/ (Parody Site)
