SlideShare une entreprise Scribd logo

中国的互联网

Liu Xing
Liu Xing
1  sur  64
Télécharger pour lire hors ligne
Surfing the Internet Safely (for Journalists) Foreign Correspondents Club of China June 19, 2008 Andrew Lih http://www.andrewlih.com/ Copyright 2009 Andrew Lih
Mom’s advice: “Don’t take candy from strangers”
Net-connected computer continually doing this
What are the threats?
Sought/unsought threats • External intrusion/attacks • Viruses - malicious invasion • Spyware - software leeches • Web-based scripting • Sensitive data transmitted over Internet
Technology
Definitions • URL: Uniform Resource Location http://www.foo.com/news.html • DNS: Domain name system Convert www.foo.com to numerical address • Internet protocol (IP) address: Unique ID of computer on Internet (like 128.51.56.122) Used to route packets across the Internet
Typical Scenario • Computer connects to Internet DSL, Starbucks, corporate, et al. • Gets a DHCP welcome package IP address and DNS server • Access web page URL http://www.foo.com/news.html
Sequence • Happens quickly (hopefully) • Multiple “GET”s for images, ads, video, scripts, documents, audio, et al.
Incoming: Packets Connections Services Email
Incoming: Packets Connections Services Email Execute?
Unsolicited data? Incoming: Packets Connections Services Email Execute?
Where? Unsolicited data? Incoming: Packets Connections Services Email Execute?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? Verification What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Verification What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Verification What? Distinguish/ Filter Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Verification What? Distinguish/ Filter Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Verification What? Distinguish/ Filter Store Manage cookie?
Motivation • Annoyance • Productivity • Corporate safety and privacy • Time
1. Hardware router • Prevents outside traffic to naked computer • Share single connection, Wi-Fi • Use NAT “shield” • Use WPA or WPA-2 encryption (not WEP) • Manufacturers: Linksys, Netgear, D-Link, TP- LINK, Apple, Travel: Apple Airport
2. Firewall software • Turn on Windows Firewall • Only allow known connections in/out • May need some customization • Apple: Security preferences
3. Hosts file • Blacklist of known bad sites (built into Windows/Mac) • HostMan (Windows) manages hosts file • http://www.abelhadigital.com (Wordpress)
4. Browser execution • Web 2.0: no longer just a read-only page • Javascript (AJAX, Google Docs, et al.) • Flash (YouTube) • Java • ActiveX (Microsoft)
Symptoms • Slowdown with apps/advertising • Running dangerous processes • Accessing resources (auto-play audio/video)
Use Firefox • Open source browser, secure, fast • Tabbed browsing • Plugins to enhance safety • NoScript • Ad Block Plus • Flashblock
Flashblock (no Flash unless enabled)
NoScript (blocks Javascript)
McAfee Siteadvisor • Firefox plugin, warns of bad sites • McAfee trusted name in security • Integrates with Google searches
5. Viruses/Spyware • Infect computer through email, web surfing, or just sitting on the Internet • Virus: destroy data, nuisance • Spyware: sucks processor time, steals private data, becomes part of botnet
5. Viruses/Spyware • Get good software • BitDefender or Kaspersky ($) • Avira AntiVir (free) • Ad-aware (free) • Spybot Search and Destroy (free) • Webroot Spysweeper
6. Secure connections • Virtual Private Network (VPN) • Your news operation/company may already give you this capability • Surf any site, no Great Firewall blocks • Public options: HotspotVPN ($8.88/mo) PublicVPN ($59.95/yr) Witopia personalVPN ($39.99/yr)
7. Practices • Password discipline • Email account discipline
Passwords • Have three types on hand • Trivial (“buddha”) • Nontrivial (“h@ppybuddh@”) • Banking strength ("6eijin9spring!1978", like Beijing Spring)
Accounts • Throwaway - Free services (spam collects, registrations, bogus name) try BugMeNot junkbox168@yahoo.com • General (Email, work, personal) fred.wong@gmail.com fred.wong@scmp.com • Secure (Confidential sources, HushMail) fred.wong@hush.com
Internet access • Home, cafes, wireless, hotels on the road • Consider extremely insecure • Who can contact your computer? • Who can read what you’re doing? • Passwords in the clear?
Steps • Google mail - https://mail.google.com/mail • Note the “S” and must be that address! • Entire session is encrypted • Yahoo/Hotmail - encrypted login, not session!
Steps • Firefox browser - clear private data • Try “Flock” as 2nd “clean” browser • Skype - http://www.skype.com • Secure instant messaging, voice
VPN • VPNs good for general use • Protect against snoopers in Starbucks and on hotel broadband
Prescriptions • Have some type of VPN accessible • Use Secure Google Mail (https:// mail.google.com/) • Use Skype for secure chat • Use a broadband router at home (Linksys WRT-54G or Apple Airport) • Use Apple Macintosh (w/Windows)
Review • If you remember nothing else today... • Hardware firewall • Firefox and plugins • Antivirus/Antispyware software • Avoid Yahoo/Hotmail • www.andrewlih.com/securitytips
Retooled Old New Internet Explorer Mozilla Firefox Yahoo/Hotmail Google mail (https) Weak password Strong passwords Cleartext transmissions VPN or secure email Naked computer Router/firewall No security software Antivirus/Antispyware Instant messaging Skype Naked email HushMail
Andrew Lih www.andrewlih.com Wikipedia book January 2009

Recommandé

Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012itandlaw
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityVic Winkler
 
Ivas Fondo Uag
Ivas Fondo UagIvas Fondo Uag
Ivas Fondo Uagpediatria
 
Cois taller 3 glosario (1)
Cois taller 3 glosario (1)Cois taller 3 glosario (1)
Cois taller 3 glosario (1)beny6747
 
SCSU Ebsco Database App
SCSU Ebsco Database AppSCSU Ebsco Database App
SCSU Ebsco Database Applibrfun
 
Test De Memorie
Test De MemorieTest De Memorie
Test De MemorieAlexandru S
 
5 Things Flashmeet Version
5 Things Flashmeet Version5 Things Flashmeet Version
5 Things Flashmeet VersionCon Morris
 
Segmentation = Happiness: SEMPDX Presentation
Segmentation = Happiness: SEMPDX PresentationSegmentation = Happiness: SEMPDX Presentation
Segmentation = Happiness: SEMPDX PresentationIan Lurie
 

Recommandé

Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012itandlaw
 
Winkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityWinkler Cloud, ORCON, and Mobility
Winkler Cloud, ORCON, and MobilityVic Winkler
 
Ivas Fondo Uag
Ivas Fondo UagIvas Fondo Uag
Ivas Fondo Uagpediatria
 
Cois taller 3 glosario (1)
Cois taller 3 glosario (1)Cois taller 3 glosario (1)
Cois taller 3 glosario (1)beny6747
 
SCSU Ebsco Database App
SCSU Ebsco Database AppSCSU Ebsco Database App
SCSU Ebsco Database Applibrfun
 
Test De Memorie
Test De MemorieTest De Memorie
Test De MemorieAlexandru S
 
5 Things Flashmeet Version
5 Things Flashmeet Version5 Things Flashmeet Version
5 Things Flashmeet VersionCon Morris
 
Segmentation = Happiness: SEMPDX Presentation
Segmentation = Happiness: SEMPDX PresentationSegmentation = Happiness: SEMPDX Presentation
Segmentation = Happiness: SEMPDX PresentationIan Lurie
 
Search and Social Media
Search and Social MediaSearch and Social Media
Search and Social MediaIan Lurie
 
Advanced Link Tactics and Offsite SEO
Advanced Link Tactics and Offsite SEOAdvanced Link Tactics and Offsite SEO
Advanced Link Tactics and Offsite SEOIan Lurie
 
Thinking Social Strategically
Thinking Social StrategicallyThinking Social Strategically
Thinking Social StrategicallyJason Falls
 
Explain twitter to employees
Explain twitter to employeesExplain twitter to employees
Explain twitter to employeesShashi Bellamkonda
 
What Successful Nonprofits Get Right about Marketing and Fundraising
What Successful Nonprofits Get Right about Marketing and FundraisingWhat Successful Nonprofits Get Right about Marketing and Fundraising
What Successful Nonprofits Get Right about Marketing and FundraisingKivi Leroux Miller
 
Sesion 3
Sesion 3Sesion 3
Sesion 3Luis Molina
 
Mark Little Fence Sitting Soa Geek
Mark Little Fence Sitting Soa GeekMark Little Fence Sitting Soa Geek
Mark Little Fence Sitting Soa Geekdeimos
 
Gestión de configuración con mercurial y etckeeper
Gestión de configuración con mercurial y etckeeperGestión de configuración con mercurial y etckeeper
Gestión de configuración con mercurial y etckeeperErnesto Crespo
 
Concediu
ConcediuConcediu
ConcediuAlexandru S
 
Newcomers Breakfast
Newcomers BreakfastNewcomers Breakfast
Newcomers BreakfastTerri Bays
 
Studywiz new staff introduction - aug 2011
Studywiz new staff introduction - aug 2011Studywiz new staff introduction - aug 2011
Studywiz new staff introduction - aug 2011Andrew McCarthy
 
Using Oral Recordings for Reflection in English (with video)
Using Oral Recordings for Reflection in English (with video)Using Oral Recordings for Reflection in English (with video)
Using Oral Recordings for Reflection in English (with video)Andrew McCarthy
 
Italia
ItaliaItalia
Italiaamfelisa
 
電腦作業2
電腦作業2電腦作業2
電腦作業2junia
 
Seminariotecnologia2010
Seminariotecnologia2010Seminariotecnologia2010
Seminariotecnologia2010Governo de Rondônia
 
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
No Bragging and Nothing Boring: 9 Effective Ways to Share ImpactNo Bragging and Nothing Boring: 9 Effective Ways to Share Impact
No Bragging and Nothing Boring: 9 Effective Ways to Share ImpactKivi Leroux Miller
 
database diklat
database diklatdatabase diklat
database diklatSurana Ir, MSc, PU-SDA
 
Testing smells
Testing smellsTesting smells
Testing smellsSidu Ponnappa
 
Cablevision/Madison Square Garden vs NHL
Cablevision/Madison Square Garden vs NHLCablevision/Madison Square Garden vs NHL
Cablevision/Madison Square Garden vs NHLalirafat
 
energy resources
energy resourcesenergy resources
energy resourcesbbrendaa
 
Opera mini use_and_user_behavior_white_paper
Opera mini use_and_user_behavior_white_paperOpera mini use_and_user_behavior_white_paper
Opera mini use_and_user_behavior_white_paperLiu Xing
 
Ubuntu
UbuntuUbuntu
UbuntuLiu Xing
 

Contenu connexe

En vedette

Search and Social Media
Search and Social MediaSearch and Social Media
Search and Social MediaIan Lurie
 
Advanced Link Tactics and Offsite SEO
Advanced Link Tactics and Offsite SEOAdvanced Link Tactics and Offsite SEO
Advanced Link Tactics and Offsite SEOIan Lurie
 
Thinking Social Strategically
Thinking Social StrategicallyThinking Social Strategically
Thinking Social StrategicallyJason Falls
 
What Successful Nonprofits Get Right about Marketing and Fundraising
What Successful Nonprofits Get Right about Marketing and FundraisingWhat Successful Nonprofits Get Right about Marketing and Fundraising
What Successful Nonprofits Get Right about Marketing and FundraisingKivi Leroux Miller
 
Mark Little Fence Sitting Soa Geek
Mark Little Fence Sitting Soa GeekMark Little Fence Sitting Soa Geek
Mark Little Fence Sitting Soa Geekdeimos
 
Gestión de configuración con mercurial y etckeeper
Gestión de configuración con mercurial y etckeeperGestión de configuración con mercurial y etckeeper
Gestión de configuración con mercurial y etckeeperErnesto Crespo
 
Newcomers Breakfast
Newcomers BreakfastNewcomers Breakfast
Newcomers BreakfastTerri Bays
 
Studywiz new staff introduction - aug 2011
Studywiz new staff introduction - aug 2011Studywiz new staff introduction - aug 2011
Studywiz new staff introduction - aug 2011Andrew McCarthy
 
Using Oral Recordings for Reflection in English (with video)
Using Oral Recordings for Reflection in English (with video)Using Oral Recordings for Reflection in English (with video)
Using Oral Recordings for Reflection in English (with video)Andrew McCarthy
 
電腦作業2
電腦作業2電腦作業2
電腦作業2junia
 
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
No Bragging and Nothing Boring: 9 Effective Ways to Share ImpactNo Bragging and Nothing Boring: 9 Effective Ways to Share Impact
No Bragging and Nothing Boring: 9 Effective Ways to Share ImpactKivi Leroux Miller
 
Cablevision/Madison Square Garden vs NHL
Cablevision/Madison Square Garden vs NHLCablevision/Madison Square Garden vs NHL
Cablevision/Madison Square Garden vs NHLalirafat
 
energy resources
energy resourcesenergy resources
energy resourcesbbrendaa
 

En vedette (20)

Search and Social Media
Search and Social MediaSearch and Social Media
Search and Social Media
 
Advanced Link Tactics and Offsite SEO
Advanced Link Tactics and Offsite SEOAdvanced Link Tactics and Offsite SEO
Advanced Link Tactics and Offsite SEO
 
Thinking Social Strategically
Thinking Social StrategicallyThinking Social Strategically
Thinking Social Strategically
 
Explain twitter to employees
Explain twitter to employeesExplain twitter to employees
Explain twitter to employees
 
What Successful Nonprofits Get Right about Marketing and Fundraising
What Successful Nonprofits Get Right about Marketing and FundraisingWhat Successful Nonprofits Get Right about Marketing and Fundraising
What Successful Nonprofits Get Right about Marketing and Fundraising
 
Sesion 3
Sesion 3Sesion 3
Sesion 3
 
Mark Little Fence Sitting Soa Geek
Mark Little Fence Sitting Soa GeekMark Little Fence Sitting Soa Geek
Mark Little Fence Sitting Soa Geek
 
Gestión de configuración con mercurial y etckeeper
Gestión de configuración con mercurial y etckeeperGestión de configuración con mercurial y etckeeper
Gestión de configuración con mercurial y etckeeper
 
Concediu
ConcediuConcediu
Concediu
 
Newcomers Breakfast
Newcomers BreakfastNewcomers Breakfast
Newcomers Breakfast
 
Studywiz new staff introduction - aug 2011
Studywiz new staff introduction - aug 2011Studywiz new staff introduction - aug 2011
Studywiz new staff introduction - aug 2011
 
Using Oral Recordings for Reflection in English (with video)
Using Oral Recordings for Reflection in English (with video)Using Oral Recordings for Reflection in English (with video)
Using Oral Recordings for Reflection in English (with video)
 
Italia
ItaliaItalia
Italia
 
電腦作業2
電腦作業2電腦作業2
電腦作業2
 
Seminariotecnologia2010
Seminariotecnologia2010Seminariotecnologia2010
Seminariotecnologia2010
 
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
No Bragging and Nothing Boring: 9 Effective Ways to Share ImpactNo Bragging and Nothing Boring: 9 Effective Ways to Share Impact
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
 
database diklat
database diklatdatabase diklat
database diklat
 
Testing smells
Testing smellsTesting smells
Testing smells
 
Cablevision/Madison Square Garden vs NHL
Cablevision/Madison Square Garden vs NHLCablevision/Madison Square Garden vs NHL
Cablevision/Madison Square Garden vs NHL
 
energy resources
energy resourcesenergy resources
energy resources
 

Plus de Liu Xing

Opera mini use_and_user_behavior_white_paper
Opera mini use_and_user_behavior_white_paperOpera mini use_and_user_behavior_white_paper
Opera mini use_and_user_behavior_white_paperLiu Xing
 
Firefox的安全性
Firefox的安全性Firefox的安全性
Firefox的安全性Liu Xing
 
Satio手机
Satio手机Satio手机
Satio手机Liu Xing
 
Java Script
Java ScriptJava Script
Java ScriptLiu Xing
 

Plus de Liu Xing (7)

Opera mini use_and_user_behavior_white_paper
Opera mini use_and_user_behavior_white_paperOpera mini use_and_user_behavior_white_paper
Opera mini use_and_user_behavior_white_paper
 
Ubuntu
UbuntuUbuntu
Ubuntu
 
Adobe
AdobeAdobe
Adobe
 
Firefox的安全性
Firefox的安全性Firefox的安全性
Firefox的安全性
 
I D A
I D AI D A
I D A
 
Satio手机
Satio手机Satio手机
Satio手机
 
Java Script
Java ScriptJava Script
Java Script
 

中国的互联网

  • 1. Surfing the Internet Safely (for Journalists) Foreign Correspondents Club of China June 19, 2008 Andrew Lih http://www.andrewlih.com/ Copyright 2009 Andrew Lih
  • 2. Mom’s advice: “Don’t take candy from strangers”
  • 4.
  • 5. What are the threats?
  • 6. Sought/unsought threats • External intrusion/attacks • Viruses - malicious invasion • Spyware - software leeches • Web-based scripting • Sensitive data transmitted over Internet
  • 8. Definitions • URL: Uniform Resource Location http://www.foo.com/news.html • DNS: Domain name system Convert www.foo.com to numerical address • Internet protocol (IP) address: Unique ID of computer on Internet (like 128.51.56.122) Used to route packets across the Internet
  • 9. Typical Scenario • Computer connects to Internet DSL, Starbucks, corporate, et al. • Gets a DHCP welcome package IP address and DNS server • Access web page URL http://www.foo.com/news.html
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17. Sequence • Happens quickly (hopefully) • Multiple “GET”s for images, ads, video, scripts, documents, audio, et al.
  • 18.
  • 21. Unsolicited data? Incoming: Packets Connections Services Email Execute?
  • 22. Where? Unsolicited data? Incoming: Packets Connections Services Email Execute?
  • 23. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute?
  • 24. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who?
  • 25. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What?
  • 26. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 27. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 28. Where? Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 29. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 30. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? Verification What? Store cookie?
  • 31. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Verification What? Store cookie?
  • 32. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Verification What? Distinguish/ Filter Store cookie?
  • 33. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Verification What? Distinguish/ Filter Store cookie?
  • 34. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Verification What? Distinguish/ Filter Store Manage cookie?
  • 35. Motivation • Annoyance • Productivity • Corporate safety and privacy • Time
  • 36. 1. Hardware router • Prevents outside traffic to naked computer • Share single connection, Wi-Fi • Use NAT “shield” • Use WPA or WPA-2 encryption (not WEP) • Manufacturers: Linksys, Netgear, D-Link, TP- LINK, Apple, Travel: Apple Airport
  • 37. 2. Firewall software • Turn on Windows Firewall • Only allow known connections in/out • May need some customization • Apple: Security preferences
  • 38.
  • 39. 3. Hosts file • Blacklist of known bad sites (built into Windows/Mac) • HostMan (Windows) manages hosts file • http://www.abelhadigital.com (Wordpress)
  • 40.
  • 41. 4. Browser execution • Web 2.0: no longer just a read-only page • Javascript (AJAX, Google Docs, et al.) • Flash (YouTube) • Java • ActiveX (Microsoft)
  • 42. Symptoms • Slowdown with apps/advertising • Running dangerous processes • Accessing resources (auto-play audio/video)
  • 43. Use Firefox • Open source browser, secure, fast • Tabbed browsing • Plugins to enhance safety • NoScript • Ad Block Plus • Flashblock
  • 44.
  • 45. Flashblock (no Flash unless enabled)
  • 47. McAfee Siteadvisor • Firefox plugin, warns of bad sites • McAfee trusted name in security • Integrates with Google searches
  • 48.
  • 49.
  • 50. 5. Viruses/Spyware • Infect computer through email, web surfing, or just sitting on the Internet • Virus: destroy data, nuisance • Spyware: sucks processor time, steals private data, becomes part of botnet
  • 51. 5. Viruses/Spyware • Get good software • BitDefender or Kaspersky ($) • Avira AntiVir (free) • Ad-aware (free) • Spybot Search and Destroy (free) • Webroot Spysweeper
  • 52. 6. Secure connections • Virtual Private Network (VPN) • Your news operation/company may already give you this capability • Surf any site, no Great Firewall blocks • Public options: HotspotVPN ($8.88/mo) PublicVPN ($59.95/yr) Witopia personalVPN ($39.99/yr)
  • 53.
  • 54. 7. Practices • Password discipline • Email account discipline
  • 55. Passwords • Have three types on hand • Trivial (“buddha”) • Nontrivial (“h@ppybuddh@”) • Banking strength ("6eijin9spring!1978", like Beijing Spring)
  • 56. Accounts • Throwaway - Free services (spam collects, registrations, bogus name) try BugMeNot junkbox168@yahoo.com • General (Email, work, personal) fred.wong@gmail.com fred.wong@scmp.com • Secure (Confidential sources, HushMail) fred.wong@hush.com
  • 57. Internet access • Home, cafes, wireless, hotels on the road • Consider extremely insecure • Who can contact your computer? • Who can read what you’re doing? • Passwords in the clear?
  • 58. Steps • Google mail - https://mail.google.com/mail • Note the “S” and must be that address! • Entire session is encrypted • Yahoo/Hotmail - encrypted login, not session!
  • 59. Steps • Firefox browser - clear private data • Try “Flock” as 2nd “clean” browser • Skype - http://www.skype.com • Secure instant messaging, voice
  • 60. VPN • VPNs good for general use • Protect against snoopers in Starbucks and on hotel broadband
  • 61. Prescriptions • Have some type of VPN accessible • Use Secure Google Mail (https:// mail.google.com/) • Use Skype for secure chat • Use a broadband router at home (Linksys WRT-54G or Apple Airport) • Use Apple Macintosh (w/Windows)
  • 62. Review • If you remember nothing else today... • Hardware firewall • Firefox and plugins • Antivirus/Antispyware software • Avoid Yahoo/Hotmail • www.andrewlih.com/securitytips
  • 63. Retooled Old New Internet Explorer Mozilla Firefox Yahoo/Hotmail Google mail (https) Weak password Strong passwords Cleartext transmissions VPN or secure email Naked computer Router/firewall No security software Antivirus/Antispyware Instant messaging Skype Naked email HushMail