Welcome to Shaun Luttin's public notebook. It contains rough, practical notes. The guiding idea is that, despite what marketing tells us, there are no experts at anything. Sharing our half-baked ideas helps everyone. We're all just muddling thru. Find out more about our work at bigfont.ca.

Internet Security Presentation Notes

Tags: security, internet

Wednesday, May 21, 2014 2:35:18 PM

Brainstorming

Terms & Concepts

Captcha
Two Factor Authentication
Problem > Solution
Public vs Private Networks
Tracking
Malware
Spoofing
eCommerce
Heart Bleed
SSL
This Certificate has Expired
Browsers (Firefox, Internet Explorer, Chrome, Safari, Opera)
Email Images
Virus
Worm
Trojan
Spyware
Adware
Spam
Phishing
Pharming
Keyloggers
Rogue Security Software
Identity Theft
 

Experiences

Figure out what this mess of words says.
Please give us your phone number.
Please type in the code that we emailed you.
Please click on the link that we emailed you.
Please confirm your email address.
 

Concerns

Is my personal information safe in the cloud?
Is my credit card information safe?
Should I open that email?
Should I download that email attachment?
Is my password secure enough?
How do I keep track of my passwords?
Is my anti-virus good enough?
 

Techniques

Use a password manager.
Use rules to create passwords.
 

Threat –> Mitigation –> Demo

Rough Guide

The following is taken directly from https://www.getsafeonline.org/themes/sitethemes/getsafeonline/pdf/GetSafeOnlineRoughGuide.pdf

Securing Your Computer

What do hackers want?

The Problems

Spyware

Malware

The Solutions

Security Software

  • Firewall
  • Antivirus
  • Email Security

Updating

Password Protection

  • Keeping Secrets
  • What Makes a Good Password?
  • Password Changes
  • Multiple Passwords

Wireless Security and Encryption

Digital Security at Home

Social Networking

Privacy violations

Identity theft

Best Safety Practices at Home

This is a checklist of things to do.

Surfing Kids

Education

Monitoring

Protection

Shopping Online

  • Is the Website reputable?
  • When making payments, does a secure symbol (usually a padlock) appear in the bottom right of the screen?
  • Is a deal to good to be true?
  • Who are you doing business with?

Banking Best Practice

What to look out for?

Scans and Schemes

eBay and auction sites

Advertising

Get-rich-quick schemes and scams

Pyramid schemes

Ticketing websites to watch out for

Travel Websites

Phishing

419

Keeping the office secure

Employee and office best practice

Spam

Encryption

Compliance

Customer data protection

A Rough Guide to physical security for computers

Data loss

USBs

Portable Hard Drives

Back-ups and fireproofing, paper and reports

Storage

Mobiles and other devices

Safety essentials

  • Keep it hidden
  • Security tagging
  • Use in-built security
  • Register your device
  • Insure
  • Restrict alternative network usage
  • Block premium calls and texts
  • Handle with care
  • Synchronizing your mobile
  • Stay aware of new dangers

Where next for hackers? The future of security threats

Your new favorite devices

Viruses

Social networking

For when security fails

What are you going to do?

Physical loss or damage

Network or computer compromise

Infection

Who are you going to call?

What if someone else loses your data?

What to expect from police, banks, IT suppliers and providers

 

Resources

  • https://www.getsafeonline.org Backed by the UK government and private sector partners, this is probably the most reliable and comprehensive resource on using the Internet safely.
  • https://www.owasp.org A not-for-profit that neither endorses nor recommends commercial products/services, this is probably the most reliable and comprehensive resource on building secure software.