Digital SecurityDefending Your Accounts, Devices, & Anonymity

The Current Environment Information is power! Tech is very good today… even for hackers

John the Ripper & GPUs Hacking effected 48% of Americans in 2014 & cost

businesses nearly $500mil in losses 3.1 million Americans had their phones stolen in

2013 (1.4 million lost their phones) Not all hackers are evil (black hat)

White hats find and help fix problems Nations are also in the game

Stuxnet worm PRISM program

Bugs (Heartbleed)

Types of Threats

Brute force hacking John the Ripper

Social engineering Con men

Packet sniffing WireShark

Robbery 3.1 million

Viruses/worms Bugs

Cryptographic Standards

PGP AES RSA

PBKDF2: Password-Based Key Derivation Function 2

WPA 2 (WiFi Protected Access) WiFi encryption

TLS (https) Internet communication encryption

Biometric Authentication

Print scan (Touch ID / hand) Mostly safe from everyone but the police

Eye scan (retina / iris) Odor sensor (breath) Voice recognition Face recognition

Good Passwords (aren’t passwords)

The best password is a semisensical passphrase th3Qu!ckBr0wnf0XjumP3d.

Minimum 9 characters including both upper & lowercase letters, numbers, and specials Here’s a strong/unique passcode: !sWt^%vTR]/9

Two-factor authentication (2FA) can also be used for additional security

Sadly, some sites restrict passcodes to 15 characters and/or do not allow specials

2-Factor Authentication (2FA) Something you know & something you have Apple Google Microsoft Facebook Yahoo Evernote Cloud storage (Tresorit) E*Trade, Vanguard, PayPal, etc… Amazon

Password Managers (Vaults) 80% of top security experts use one!

1Password LastPass Dashlane KeePass Norton Identity Safe

iCloud Keychain Google Synch Browsers

Computer / Device specific

Routers Change the router name ASAP Change the admin password ASAP Change the gateway’s IP address Use WPA2 with AES encryption!

The Future

Quantum computing Massively parallel Current passwords snap like a twig

Quantum encryption Unbreakable The act of intercepting it breaks it

Virtual Private Networks (VPNs) VPNs

Route users through multiple IPs masking their identity and location

TOR * Browser based Uses proxies

Closing Thoughts… Always use HTTPS for commerce & utilize the

EFF’s HTTPS Everywhere extension Use 2FA on password recovery email accounts Do not underestimate the physical security of

your computers & mobile devices (use a PIN) Social engineering is a powerful tool▪ As is dumpster diving

Encrypt your PC’s hard drive (VeraCrypt) Use PayPal – Keep payment info. in one place If you’re not using a password manager, write

your passcodes down and keep them in a safe place. That said, use a password manager!