In this presentation you'll learn the basics of staying safe online and protecting your privacy. Topics covered include privacy tools, passwords, internet browser settings, and VPN.
2. Understanding Your Privacy Needs
Privacy Tools
Free & Open Source Software
Passwords
Internet Browsing & Privacy
Firefox Browser and Extensions
Cookies
Terms of Service Agreements
Encryption
Local PC Maintenance
Mobile Privacy
CLASS OVERVIEW
4. Assets
Any piece of data or a devices that needs to be protected.
Adversaries
The person/org. attempting to undermine your security goals.
Capabilities
What the attacker is able to do in order to achieve their aims.
Consequences
THREAT MODELING: WHAT TO THINK
ABOUT
https://ssd.eff.org
A good resource to start
learning about online privacy
6. SO IS IT REALLY FREE?
Open Source Software: Software that can be freely
used, changed, and shared by anyone; it’s source code
is made available to all and can reviewed.
Free & Open Source Proprietary Software
• Firefox (internet browser)
• GIMP 2.0 (image editor)
• Thunderbird (email)
• Opera (internet browser)
• Blender (3D animation)
• Audacity (audio editing)
• Safari (internet browser)
• Photoshop (image editor)
• Outlook (email)
• Maya (3D animation)
• Garage Band (audio editing)
Today’s class will emphasis software that is free
and open source.
8. WHAT MAKES A GOOD PASSWORD?
Answer: It depends. Computer and people
crack passwords differently.
BAD: Family names, pet names, addresses, phone
numbers, place of birth
Too Common: “password”, “123456”, “qwerty”,
“abc123”, “Name1”, “welcome”
The more important the information on a site, the
stronger you want your password to be.
1. When possible include a combination of numbers,
letters, and special characters (#@#$%^&*)
2. Aim for longer passwords 6 or more characters
9. DIFFICULT FOR HUMANS TO CRACK
Base 8 characters
Sundays at the beach to rejuvenate my soul
= S@tB2RmS
Over 8 characters
In 2013 Sundays at the beach
to rejuvenate my soul = !2013S@tB2RmS
Passwords for Different Sties
Decide where you will place the digits
identifying the site.
Facebook: fS@tB2RmSb
Google mail: gS@tB2RmSm
10.
11. BEATING COMPUTERS: SUPER
PASSWORDS ARE FULL OF ENTROPY
* Time to crack based on one trillion guesses a second; based
on what national budgets can attain with current technology.
Passphrase 2 Words 5 Words 7 Words
Combinations 77762 77767 77767
Combinations 30 million 14 quintillion 2 octillion
Time to crack* hours 6 months 27 million years
Diceware Passphrases
Diceware is a method for picking passphrases
that uses dice to select words at random from a
special list called the Diceware Word List.
Your passphrase should be at least 17
characters long – if your dice results in
shorter words, you’ll have to re-roll.
12. PASSWORD MANAGERS / DATABASES
Password managers let
you create one “Master
Password” to access
other passwords you’ve
saved to the account.
13. A WORD ABOUT MOBILE LOCKS
Passwords > Pattern Lock > PIN
15. PRIVACY & INTERNET BROWSERS
Microsoft Edge Google Chrome Apple Safari
Think about the interests of these major tech
companies. What are their priorities?
While their internet browsers might be popular, the
general public does not have a easy way of knowing
what is being coded into them – what is happening
behind the scenes.
16. FIREFOX
As an open source software program, Firefox’s code is reviewed by
individuals from around the world. Security flaws and exploits can be
discovered and fixed by anyone!
22. WHAT ARE COOKIES?
Internet cookies are small pieces of
information in text format that are
downloaded to your computer when
you visit many Web sites.
The cookie may come from the Web
site itself or from the providers of
the advertising banners or other
graphics that make up a Web page.
25. You can use the sliders to
decide how the identified
trackers can be blocked.
26. DISCONNECT.ME
The browser extension helps users monitor and block more than
2,000 websites from collecting their data online. Includes Facebook
and other popular sites.
29. WHAT IS ENCRYPTION?
Encryption is the most effective
way to achieve data security.
To read an encrypted file, you must have access to a
secret key or password that enables you to decrypt it.
Unencrypted data is called plain text ;
encrypted data is referred to as cipher text.
The weakness to
encryption is in the
private keys kept and
created by individuals.
30. HTTP VS. HTTPS
HTTPS is the secure, encrypted counterpart to HTTP — it
literally stands for “HTTP Secure,” which is “Hypertext
Transfer Protocol Secure.”
Look for the [Lock]
symbol and an URL that
begins with HTTPS
48. IF VPN IS TOO MUCH…
This will automatically turn off File Sharing,
Network Discovery, and Public Folder Sharing
If you are connecting in
Windows 7 or earlier,
choose the public network
option. Windows 8 and 10
will choose public by
default.
50. Presentation based on “Online Privacy
Without Tears” by Alison Macrina.
For more information, visit
www.libraryfreedomproject.org
QUESTIONS?
Attribution – ShareAlike
4.0 International
Rino A. Landa
Librarian
51. FAIR USE NOTICE: This presentation contains copyrighted material the use of which
has not always been specifically authorized by the copyright owner, including but not
limited to logos and product images. Such material is made available in an effort to
educate the public through illustrative examples and to properly identify content.
The use of this presentation for educational purposes is held to constitute a 'fair use'
of any such copyrighted material as provided for in section 107 of the US Copyright
Law. In accordance with Title 17 U.S.C. Section 107, the material on this presentation
is distributed without profit to those who have expressed a prior interest in receiving
the included information for research and educational purposes.
If you wish to use copyrighted material from this presentation for purposes of your
own that go beyond 'fair use', you must obtain permission from the copyright owner.
CC BY-NC-SA 4.0 Licensed under a
Creative Commons Attribution-NonCommercial-
ShareAlike 4.0 International License
Originally created by Rino A. Landa, 10/24/15
A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it.