Surveillance Defense Small Easy Steps for Security and Privacy Pete - - PowerPoint PPT Presentation

surveillance defense
SMART_READER_LITE
LIVE PREVIEW

Surveillance Defense Small Easy Steps for Security and Privacy Pete - - PowerPoint PPT Presentation

Apr 22, 2023 166 likes •446 views

Surveillance Defense Small Easy Steps for Security and Privacy Pete Snyder psnyde2@uic.edu - peteresnyder.com Surveillance Defense 1. Good Practices 2. System / PC Security 3. Mobile Security 4. Browser Security 5. Secure Networking Tools

slide-1
SLIDE 1

Surveillance Defense

Small Easy Steps for Security and Privacy

Pete Snyder psnyde2@uic.edu - peteresnyder.com

slide-2
SLIDE 2

Surveillance Defense

  • 1. Good Practices
  • 2. System / PC Security
  • 3. Mobile Security
  • 4. Browser Security
  • 5. Secure Networking Tools
slide-3
SLIDE 3
  • 1. Good Practices
slide-4
SLIDE 4

Choose A Good Password…

  • 10+ characters (and pad)
  • Mix of letters, numbers,

characters

  • Vary by site / use
  • LastPass / iCloud Keychain /

etc

slide-5
SLIDE 5

…and Don’t Share It

  • Cloudsweeper
  • Use second channels
  • Key-based auth
slide-6
SLIDE 6

Phishing

slide-7
SLIDE 7

Phishing Defenses

  • Watch your URLs in your browser
  • Don’t click on links in email
  • "If you don't request it, ignore it"
slide-8
SLIDE 8

Air Gapping

  • Sensitive records
  • No network / external

connection

  • Inconvenient / secure
slide-9
SLIDE 9

Crossing Borders

  • Assume loss of control
  • Travel with dumb devices

(Tahoe-LAFS)

  • Encrypt anything sensitive
  • Power devices off
slide-10
SLIDE 10
  • 2. Securing Your System
slide-11
SLIDE 11

Software Updates

  • Automatically check for

updates

  • Apply immediately
  • Unapplied updates are the

worst case scenario

slide-12
SLIDE 12

Firewalls

  • Corse control over incoming

and outgoing network data

  • Built into your OS
  • Don’t be afraid to click “no”
slide-13
SLIDE 13

Virus / Malware Checker

  • Mostly Windows
  • 100s of options…
  • Keep it updated
  • Probably too late
slide-14
SLIDE 14

Full Disk Encryption

  • Transparently encrypts hard

disk

  • Protection when computer


is off

  • Lots of options
  • BitLocker (Windows > 7)
  • FileVault (OSX)
  • TrueCrypt (everywhere)
slide-15
SLIDE 15

Virtual Machines

  • Computer within a computer
  • Perform risky operations in

emulated computer

  • Reset to safe state
  • VirtualBox (free, everywhere)
slide-16
SLIDE 16
  • 3. Mobile Security
slide-17
SLIDE 17

Mobile Security Bad News

  • Easy to steal
  • High value
  • Networked to higher value
  • Assume weak security
slide-18
SLIDE 18

Mobile Security

  • Use a password, not a PIN or swipe
  • Auto-wipe not so useful
  • Full disk encryption
  • Automatic on iOS
  • Opt-In on Android
  • Doesn't protect most things…
slide-19
SLIDE 19
  • 4. Secure Browsing
slide-20
SLIDE 20

Browser Choice

  • Firefox / Chrome
  • Regular updates
  • Cross platform
  • Independent security stacks
  • Security extensions
slide-21
SLIDE 21

Browser Plugins

  • Popular infection vector
  • Disable all unneeded plugins
  • Enable click-to-play for

needed plugins

  • Remove Java!
slide-22
SLIDE 22

Surveillance Browser Extensions

Firefox Chrome Encryption HTTPS Everywhere HTTPS Everywhere Control Javascript NoScript SafeScript Cookie Management Cookie Monster Cookie Manager

slide-23
SLIDE 23
  • 5. Secure Networking Tools
slide-24
SLIDE 24

2 Factor Authentication

  • Authentication beyond

passwords

  • Popular
  • Gmail
  • Dropbox
  • Apple
  • Facebook
  • Microsoft
slide-25
SLIDE 25

Virtual Private Networking

  • Coffee shops, hotels, public

WiFi, insecure networks

  • Browse securely over insecure

networks

  • Support in Android, iOS,

Windows, OSX, Linux

slide-26
SLIDE 26

Other Tools

  • Off-the-Record (OTR) Chat
  • Encrypted, end-to-end chat
  • Repudiation / plausible deniability
  • Cryptocat (cross-platform)
  • File encryption
  • Before storing in cloud
  • TrueCrypt (cross-platform)
  • Tahoe-LAFS
slide-27
SLIDE 27

Thanks!

Pete Snyder psnyde2@uic.edu - peteresnyder.com