Personal Security Online:Protecting Yourself

Ladue Chapel Presbyterian Church

R. Scott Granneman

© 2006-2010 R. Scott GrannemanLast updated 20101114

You are free to use this work, with certain restrictions.For full licensing information, please see the last slide/page.

1

Once a technologymakes something possible,

it gets applied,whether for good or bad.

Donald A. Norman

2

What toBelieve?

3

4

5

6

7

“Bert Is Evil”Webmaster

Yesterday a lot of youalerted me to a picture

of a Taliban propaganda posterwith Bert!

Reality is imitating the Web!I am honestly freaked out!

8

9

10

TMI

11

12

13

500,000,000+ active users(200,000,000 access via mobiles)

50% log in every day700,000,000,000 minutes/month

http://www.facebook.com/press/info.php?statistics

14

900,000,000 objects to interact with(pages, groups, events)Average user creates

90 pieces of content per month30,000,000,000 pieces of content

shared every month

http://www.facebook.com/press/info.php?statistics

15

#1photo sharing

16

Status updatesMessaging

Video sharingNews sharing

Location sharing

Advertising

17

18

The Story of Zack

19

20

21

21

21

Malware

22

VirusWorm

Trojan HorseSpyware

23

VirusSelf-replicating

Infects another program& uses that to spread

Alters the way a computer operates

24

WormSelf-replicatingUses a network

to send copies of itselfto other computers

Spreads without human intervention

25

Trojan HorseMalicious program

that disguises itself aslegitimate software

Looks harmless or useful,but hides something harmful

26

SpywareGathers information

about you & your computer useTransmits informationto an external entity

without your knowledgeor informed consent

27

Wireless

28

29

What’s a packet sni!er?A program and/or devicethat monitors the data

passing through a networkIt can tell the user

where data is coming from,where data is going,and what the data is

30

www.wireshark.org

31

32

33

34

34

34

35

35

35

35

36

36

36

FiresheepAppeared October 27, 2010

Firefox extensionMakes cookie sidejacking easy

37

38

39

39

39

39

39

39

The solution: encryption

40

Service providers(Facebook, Yahoo Mail, Twitter)need to use HTTPS everywhere

41

Send email using encryptionRead email using encryption

IM using encryptionConduct e-commerce

using HTTPS

42

VPN(Virtual Private Network)

encrypts all Internet tra!cStrongVPN

www.strongvpn.com$7/month

43

Email! Gmail

! Hotmail

44

IM! Skype

! Google Chat

45

Firefox extensions! HTTPS Everywhere

! Force-TLS

46

Google Chrome extensions! Secure Login Helper! KB SSL Enforcer

47

For more info, see my“Co"ee shop WiFi for dummies”

www.securityfocus.com/columnists/385

48

Backup

49

Why?

50

51

Source: Sylvain Pedneault; edited by jjron; http://commons.wikimedia.org/w/index.php?title=File:FirePhotography_edit1.jpg&oldid=26671960

52

Source: Sylvain Pedneault; edited by jjron; http://commons.wikimedia.org/w/index.php?title=File:FirePhotography_edit1.jpg&oldid=26671960

52

Source: Sylvain Pedneault; edited by jjron; http://commons.wikimedia.org/w/index.php?title=File:FirePhotography_edit1.jpg&oldid=26671960

52

Source: Sylvain Pedneault; edited by jjron; http://commons.wikimedia.org/w/index.php?title=File:FirePhotography_edit1.jpg&oldid=26671960

52

Source: Sylvain Pedneault; edited by jjron; http://commons.wikimedia.org/w/index.php?title=File:FirePhotography_edit1.jpg&oldid=26671960

52

Backing UpOnline

53

Dropboxwww.dropbox.com

Mozywww.mozy.com

Backblazewww.backblaze.com

54

CrashPlanwww.crashplan.com

55

56

57

Data encryptedduring transport

& in storage

58

59

1 PC/$54/yearAll PCs/$100/year

Unlimited data

60

Backing UpLocally

61

Time Machine

62

Backup and Restore Center

Vista only63

64

Backup Personal

Files

Backup System Files

Complete PC

BackupAutomated

Backup

Home Basic

Home Premium

Business

Enterprise

Ultimate

!

! !

! ! ! !

! ! ! !

! ! ! !

65

CrashPlan

66

67

Cloning

68

Carbon Copy ClonerFree

www.bombich.com

69

Acronis True Image$50 for Home

www.acronis.com

70

ClonezillaFree

clonezilla.org

71

72

Thank you!

Email: scott@granneman.comWeb: www.granneman.com

Publications: www.granneman.com/pubsBlog: blog.granneman.comTwitter: scottgranneman

73

Personal Security Online:Protecting Yourself

Ladue Chapel Presbyterian Church

R. Scott Granneman

© 2006-2010 R. Scott GrannemanLast updated 20101114

You are free to use this work, with certain restrictions.For full licensing information, please see the last slide/page.

74

Licensing of this workThis work is licensed under the Creative Commons Attribution-ShareAlike License.

To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/1.0or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.

In addition to the rights and restrictions common to all Creative Commons licenses, the Attribution-ShareAlike License features the following key conditions:

Attribution. The licensor permits others to copy, distribute, display, and perform the work. In return, licensees must give the original author credit.

Share Alike. The licensor permits others to distribute derivative works under a license identical to the one that governs the licensor’s work.

Questions? Email scott@granneman.com

75