Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Ernest Staats
MS Information Assurance, CISSP, CEH, CWNA,
Security+, MCSE, CNA, I-Net+, Network+, Server+, A​+
What does Your Phone Know?
Text messages,even deleted ones
Wordsin yourpersonaldictionary
Facebookcontacts
Tens ofthousand...
Mobile Issues /Demo
Whois calling you
Justgoing toa websiteone cansteal all yourinfo:
Contacts, textmessages,photos,videos...
Before / After Digital Brain is MIA
Mobile / Laptop Security
Strong passcode (No Fingerprint)
Lock on sleep
Encrypt
“Find ...
TURN OFF WiFi/Bluetooth
Indicators of a Hacked Mobile
Battery Life & Temp
Apps behaving strangely
You or your contacts receive strange texts
Your ...
GEO-TAGGING
Adam Savage, of “MythBusters,” took a
photo then posted the photo to his Twitter
account
The tweet revealed:
1...
TURN OFF GPS / Tracking
Before Crossing The Border
• Register with Smart Traveler Enrollment Program https://step.state.gov/step/
• First Backup D...
Public “Free” WiFi – Tips
Use VPN tunnel https://www.privateinternetaccess.com/
Pay attention to certificate warnings
Be p...
APPS - Your Data – Your Privacy
Think twice before installing latest social app
Explore privacy settings within each app
S...
Prevention is Best
Antivirus
Don’t “root” or “jailbreak”
Use trusted app sources
Watch for certificate warnings
Allow “Ver...
Environmental Awareness
Social Media Exposure Demo
Location Aware: Everything has a Location
https://www.sociospyder.com/
http://www.pathar.net/cl...
Cyberstalking SitesPeekYou
Give a lot ofInformationfor free just wait andscroll down
http://www.peekyou.com/
Pipl
Search f...
Security Tips
Don'tsign up using anothersocialnetworking account
Lockdownthosesocialnetwork privacysettings
Thinkbefore yo...
Identity Protection Tips
Personal Information:
Askquestionsbefore you share it
Lockitup
Shredit before you put intrash
Pas...
Recommended APPS
Tor Browsers
Android https://play.google.com/store/apps/details?id=org.torproject.android&hl=en
iOS https...
After Crossing The Border
Backup any photos First
Factory Reset / re-image
– With Laptops Delete Drive or Destroy drive
Tu...
Review
More Resources below
Parent Control software
Filtering software:
On home router Open DNS Family Shield: http://goo.gl/7SFD...
Prochain SlideShare
Chargement dans…5
×

Border crossing mobile social media life-saving security tips

This practical talk focused on steps one can take which could save them or someone else while traveling internationally or even around town. The focus was on the information that is “leaked” by mobile devices and social media, along with some of the most-overlooked steps that could lower risk.

  • Identifiez-vous pour voir les commentaires

Border crossing mobile social media life-saving security tips

  1. 1. Ernest Staats MS Information Assurance, CISSP, CEH, CWNA, Security+, MCSE, CNA, I-Net+, Network+, Server+, A​+
  2. 2. What does Your Phone Know? Text messages,even deleted ones Wordsin yourpersonaldictionary Facebookcontacts Tens ofthousandsoflocation pings Everywebsite visited Whatlocationsyouhavemapped (SwiftKey- Personalization) Emailsgoing backa month YourphotoswithGeolocationdataattached–even if deleted How manytimesyouhavechecked youremail Anyapplicationever installedon yourdevice
  3. 3. Mobile Issues /Demo Whois calling you Justgoing toa websiteone cansteal all yourinfo: Contacts, textmessages,photos,videos, creditcardinformation PIN security–secureor easytodo1 handed Cameraandmiccanbeturnedon withoutpermission
  4. 4. Before / After Digital Brain is MIA Mobile / Laptop Security Strong passcode (No Fingerprint) Lock on sleep Encrypt “Find my phone – Device ” Treat Like Cash Disable Location tracking and history Disable WiFi and Bluetooth Check your email accounts often https://haveibeenpwned.com/
  5. 5. TURN OFF WiFi/Bluetooth
  6. 6. Indicators of a Hacked Mobile Battery Life & Temp Apps behaving strangely You or your contacts receive strange texts Your call or message have some unknown entries Background noise electrical interference when not getting txt/call Excessive data usage Does not include StingRay, Hailstorm / DRT box
  7. 7. GEO-TAGGING Adam Savage, of “MythBusters,” took a photo then posted the photo to his Twitter account The tweet revealed: 1. Exact location of home 2. The vehicle he drives 3. The time he leaves for work Photo Demo: http://regex.info/exif.cgi
  8. 8. TURN OFF GPS / Tracking
  9. 9. Before Crossing The Border • Register with Smart Traveler Enrollment Program https://step.state.gov/step/ • First Backup Device and settings • Establish a VPN account i.e. https://www.privateinternetaccess.com • Make sure it is Encrypted Mobile, Laptop, & USB drive • Factory Reset / reimage – Configure VPN you established before • Encrypt mobile • Strong passcode six digit at least (No Fingerprint) • Use a Secure phone - Silent Circle Phone “Blackphone” https://goo.gl/WnXfOa • Turn Off WiFi and Bluetooth – Forget/ Remove all Wireless and Bluetooth networks (all the time) • Disable Location tracking and history https://maps.google.com/locationhistory/b/0 • Delete all History before stepping off plane • Turn off all location and tracking information • Only user your Charger • Setup a Temp email i.e. PBJapple@gmail.com Forward email if needed
  10. 10. Public “Free” WiFi – Tips Use VPN tunnel https://www.privateinternetaccess.com/ Pay attention to certificate warnings Be protected against dangerous sites Use HTTPS (SSL) links if possible Use multi-factor authentication When in doubt, use data plan (SS7 is an issue) Best Practices / Recommendations
  11. 11. APPS - Your Data – Your Privacy Think twice before installing latest social app Explore privacy settings within each app Specify what permissions each app should have (e.g. address book, location, microphone, etc.) iCloud Backup? Photos? Choose to back up or not to Google (It is searchable) Who’s doing what with my data?
  12. 12. Prevention is Best Antivirus Don’t “root” or “jailbreak” Use trusted app sources Watch for certificate warnings Allow “Verify Apps” Specify app permissions Use Blur https://www.abine.com/index.html Encrypted text messaging Telegram https://telegram.org/ Cover your APPS!
  13. 13. Environmental Awareness
  14. 14. Social Media Exposure Demo Location Aware: Everything has a Location https://www.sociospyder.com/ http://www.pathar.net/clients.html Maltego https://www.paterva.com
  15. 15. Cyberstalking SitesPeekYou Give a lot ofInformationfor free just wait andscroll down http://www.peekyou.com/ Pipl Search fora person using nameandlocationhttps://pipl.com/ Check Mate Search foraperson using nameandlocation https://www.instantcheckmate.com Spokeo Searches lots ofpublic Records to find informationabout someone http://www.spokeo.com US Search Search fora person using emailnameor user name http://www.ussearch.com/
  16. 16. Security Tips Don'tsign up using anothersocialnetworking account Lockdownthosesocialnetwork privacysettings Thinkbefore youpost Lie. About.Everything Never Plug ina USBdeviceto anuntrusted charger Use a passwordmanagerandtwo-factorauthentication Disposableemail DoNotTrackMe, and Yahoodisposable emails Melt Mail Use secure browser suchasFirefox with listed addons Create personal andprofessional personas Delete yourInformationonGoogle Googleads https://www.google.com/settings/u/0/ads/authenticated Privacyhttps://myaccount.google.com/
  17. 17. Identity Protection Tips Personal Information: Askquestionsbefore you share it Lockitup Shredit before you put intrash Passwordprotect it UseAnti-Virus,Anti-Malware,Web-filter Freeze Credit (for all family members) Check all family members digital foot print Doxinghandout Set Google Alerts for family https://www.google.com/alerts#
  18. 18. Recommended APPS Tor Browsers Android https://play.google.com/store/apps/details?id=org.torproject.android&hl=en iOS https://itunes.apple.com/us/app/red-onion-tor-powered-web/id829739720?mt=8 VPN https://www.privateinternetaccess.com/ Use Blur to mask email, Caller ID, and credit cards Andorid AV: Avast Mobile Security iOS AV: Avira Mobile Security for iOS Browser Plugin’s / addons Disconnect See list for Firefox Telegram or BBM (SS7 Issues) Cell Phone Booster Detector Use own keyboard Tails Live CD https://tails.boum.org/ on Encrypted USB http://www.kingston.com/us/usb/encrypted_security/dtvp30
  19. 19. After Crossing The Border Backup any photos First Factory Reset / re-image – With Laptops Delete Drive or Destroy drive Turn Off WiFi and Bluetooth – Forget / Remove all Wireless and Bluetooth networks (all the time) Delete all History before stepping off plane Keep all location and tracking information off Change Passwords for any site or system you used out of the country i.e. email, shopping sites, credit card sites, or banking (I do not recommend banking out of the country if avoidable. ) Check your email https://haveibeenpwned.com/
  20. 20. Review
  21. 21. More Resources below Parent Control software Filtering software: On home router Open DNS Family Shield: http://goo.gl/7SFDXa On Mobile Devices: Mobicip Safe Browser http://www.mobicip.com/pricing On Social Media: Social Shield: http://www.socialshield.com/ Stealth mobile device Tracking / Filtering http://cell-phone-parental-control- software-review.toptenreviews.com/ Put Google Alert on Your Name This is an incredibly easy way to stay on top of what's being said about you online. Go to: http://www.google.com/alerts and enter your name, and variations of your name, with quotation marks around it... https://www.youtube.com/watch?v=eLcTF0YyK5Y

×