Upload
darren-thomas
View
60
Download
1
Embed Size (px)
Citation preview
Social Media Users Guide
I know not with what weapons World War III will be fought, but World War IV will be fought with
sticks and stones.Albert Einstein
By Darren Thomas and Aaron Vail
Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security
Did you know...excerpts from an aricle written by Nicole Perlroth of the New York Times and Jeff Larson of ProPublica Sept 5, 2013
“Newly revealed documents show that the NSA has circumvented or cracked much of the encryption that automatically secures the emails, Web searches, Internet chats...”
“The project, referred to internally by the codename Bullrun, also includes efforts to weaken the encryption standards adopted by software developers...”
“NSA lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth.”
“The NSA began collaborating with technology companies in the United States and abroad to build entry points into their products.”
“to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world”
http://www.propublica.org/series/surveillance
Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security
Continued...excerpts from an aricle written by Nicole Perlroth of the New York Times and Jeff Larson of ProPublica Sept 5, 2013
“N.S.A., has been looking for ways into protected traffic of the most popular Internet companies: Google, Yahoo, Facebook and Microsoft’s Hotmail. By 2012, GCHQ had developed “new access opportunities” into Google’s systems, according to the document.”
“Some of the agency’s most intensive efforts have focused on the encryption in universal use in the United States, including , or SSL, , or VPNs, and the protection used on fourth generation, or 4G, smartphones”
“N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive Google, Yahoo and Facebook have pressed for permission to reveal more about the government’s secret requests for cooperation. ”
What to be aware of...
Technology and privacy are the two most important areas which will help foster a better “cybersecurity aware” society.
The more we understand the technology we use, and the way that technology can be attacked, the better we can mitigate the possibility of attack. Understanding how things work, will make us more aware.
Almost all digital devices store and use our personal information to provide authentication to email, bank, stock, insurance and credit cards. Unless secured these devices are easily exploited (compromised)
Our privacy is valuable. Be mentally present when providing sensitive information. Be suspicious of applications and communications requesting personal information, and information that provides authentication
cash to computer transactions has made our everyday activities easier and speedier, reliance on the internet has opened the doors to fraud and cyber attacks.
What to be aware of...
The following charts were borrowed from Hackmageddon.com and very up to date at the time this presentation was being put together. They relay some information regarding the nature of cyber attacks. The following are aggregate statistics for May 2014.
What to be aware of...
The following charts were borrowed from Hackmageddon.com and very up to date at the time this presentation was being put together. They relay some information regarding the nature of cyber attacks. The following are aggregate statistics for May 2014.
What to be aware of...
The following charts were borrowed from Hackmageddon.com and very up to date at the time this presentation was being put together. They relay some information regarding the nature of cyber attacks. The following are aggregate statistics for May 2014.
What to be aware of...
The following charts were borrowed from Hackmageddon.com and very up to date at the time this presentation was being put together. They relay some information regarding the nature of cyber attacks. The following are aggregate statistics for May 2014.
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Registering an account:
a strong password different from the passwords you use to access other sites.
If you are asked to provide security questions, use information that others would not know about you.
Never provide a work-associated email to a social network, especially when signing up
Consider creating a new email address strictly to connect with your social networking profile
Consider not using your real name, especially your last name. Be aware that this may violate the terms of service of some social networks. Continued...
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Registering an account: continued...
Review the privacy policy and terms of service before signing up for an account.—it may provide information regarding the use of your private information and who it may be shared with.
keep strong anti virus and spy-ware protection on your computer.
Provide only information that is necessary or that you feel comfortable providing. When in doubt, err on the side of providing less information.
During the registration process, social networks often solicit a new user to provide an email account password so the social network can access the user’s email address book.--To be safe, don’t provide this information
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
Familiarize yourself with the privacy settings available on any social network you use. On Facebook, make sure that your default privacy setting is " Friends Only". Alternatively, use the "Custom" setting and set to maximum privacy.
Don’t share your birthday, age, or place of birth. This information could be useful to identity thieves and to data mining companies
I.Study done by the Carnegie Mellon found that Social Security numbers can be predicted based on publicly-available information, including your birthday, age and place of birth. The Social Security Administration began randomized numbers on June 25, 2011. continued...
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
Stay aware of changes to a social network’s terms of service and privacy policy. Changes may affect the visibility of your profile information
Be careful when you click on shortened links. Consider using a URL expanderExamples of URL expander: LongURL, Clybs URL Expander and Long URL
Be very cautious of pop-up windows, especially any that state your security software is out of date or that security threats and/or viruses have been detected on your computer.
Delete cookies, including flash cookies, every time you leave a social networking site. Continued...
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
Be mindful and in the present-whatever goes on a network might eventually be seen by people not in the intended audience
Don’t publicize vacation plans, especially the dates you’ll be traveling
be careful when posting any sort of location or using geotagging features because criminals may use it to secretly track your location.--keep your routines secret as well
Don’t post your address, phone number or email address on a social network. Remember scam artists as well as marketing companies may be looking for this kind of information. If you do choose to post any portion of this, use privacy settings to restrict it to approved contacts. Continued...
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
Use caution when using third-party applications. Applications offered by Face-book for instance. For the highest level of safety and privacy, avoid them completely.
Whatapp?: rates applications, browsers, platforms and social networks on privacy, security and openness.
If you receive a request to connect with someone and recognize the name, verify the account holder’s identity before accepting the request. (phone call, email confirmation...etc.)
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
If you receive a connection request from a stranger, the safest thing to do is to reject the request.
Adopt a zero tolerance for requests for money, even if they are from contacts you know and trust. If a contact’s account is compromised, a scam artist may use his or her name and account to attempt to defraud others
report it to the site immediately and alert your contacts if you feel your profile information has been compromised
You will need to change passwords, but proceed with caution because your computer security may have been compromised as well. Don't use that same machine. It may be infected with a virus, trojan or worm. Continued...
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
Malware, including key-logging software, may have been installed on your computer. If you use online banking, do not log on from the computer that may have been compromised
If you are using a social networking site that offers video chatting, pay attention to the light on your computer that indicates whether or not your web-cam is in use.
Be sure to log off from social networking sites when you no longer need to be connected. This may reduce the amount of tracking of your web surfing
As a general rule, before posting something on a social networking profile, imagine it displayed on a billboard on the side of a highway.
Good Social Networking Habits!
Common sense, caution and skepticism are some of the strongest tools you have to protect yourself...
Tips of using Social Networks...
Social networks themselves do not necessarily guarantee the security of the information that has been uploaded to a profile, even when those posts are set to be private.
It can work both ways…
anonymity is a useful tool for anyone who prefers to keep a strict separation between an online persona and an off-line identity. It can also be used by individuals trying to shield their identities while engaging in illegal activities
If you are considering a pseudonymous (using a false name) profile, refer to the terms of service for the social networking site. Providing false or incomplete information violates the terms of service of some social networking sites
What can You do?
Here are a few things that you can do to help protect yourself:
• Be knowledgeable
• Know what information you are giving and who can see it
• Be proactive
• Choose security and privacy settings that are secure
• Be vigilant
• Keep an eye on changes
• Facebook is the largest social media web site
• It has over 1,310,000,000 active users!
• If it was a country, it would be the second largest
• And as such, we are going to pick on it
Facebook Settings YOU should be aware ofThis was a brand new account. All settings are their defaults.
Link if video does not work https://www.youtube.com/watch?v=xlGCPagdgYE
Is your data ever gone?
When you delete something from your computer, a flag is simply switched from “Do not overwrite” to “Can be overwritten.”
The file still exists on your hard drive
Software available for free called Recuva can bring it back
What about on the internet?
Internet Data
You are NOT in control of data on the internet
Your data lives on servers, which are basically very powerful computers.
If you request your data deleted, it is up to the company in charge of your data to erase/delete it.
But is it truly gone if the company does erase it?
Internet Wayback Machinehttp://archive.org/web/
The Internet Archive Wayback Machine saves copies of web pages in case they get changed or deleted.
Try it out for yourself.
https://web.archive.org/web/20130403110212/http://aaroncvail.com
Aaroncvail.com was a website I had for quite awhile but couldn’t justify the cost to keep it around. While the images are gone, the text remains.
Overview
• Never assume what you send is truly private
• Be smart about what services you use
• Be vigilant to changes in policy
• Know what you are doing and why
• Scrutinize your habits to determine if they are unsafe
Bibliography
• www.dotrights.org/social-networking• www.eff.org/wp/effs-top-12-ways-protect-your-online-privacy• http://epic.org/privacy/socialnet/• http://getnetwise.org/• www.tosback.org/timeline.php • http://www.consumerreports.org/cro/magazine/2012/06/facebook-your-privacy/index.htm• Privacy & Safety on Facebook-A Guide for Survivors of Abuse• http://www.slipstick.com/outlook/safe-reading-pane/• http://www.bullguard.com/bullguard-security-center/internet-security/social-media-dangers/social-media-se
curity-abc.aspx• http://www.staysafeonline.org/stay-safe-online/protect-your-personal-information/id-theft-and-fraud#sthash
.j8O9bYyu.dpuf• http://www.propublica.org/article/privacy-tools-encrypt-what-you-can• http://hackmageddon.com/2014/06/11/may-2014-cyber-attack-statistics/• http://www.networkworld.com/article/2363212/security-leadership/security-training-is-lacking-here-are-tips-
on-how-to-do-it-better.html • http://www.thenational.ae/thenationalconversation/editorial/your-cyber-security-requires-
awareness#ixzz34oXsGDsB • http://www.propublica.org/series/surveillance• http://journalistsresource.org/skills/research/chat-peter-singer-brookings-cybersecurity-media?
utm_source=JR-email&utm_medium=email&utm_campaign=JR-email#sthash.Kq8hUXG8.dpuf• http://www.statisticbrain.com/facebook-statistics/• http://en.wikipedia.org/wiki/Country_populations