Embed Size (px)
Citation preview
How to protect yourself
Hacked Construction Sign: MIT, April 2007 at intersection of Vassar & Main Streets
Information Security:
• What is Information Security? • Why is InfoSec Important?• Threats• Are you protected?• Can You Crack My Password?• Creating a Strong Password | How Many Possibilities?• Program Your Own Brute Force Password Example: TI-83
Coming Up…
Information Security Is…
protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction.
Source: http://en.wikipedia.org/wiki/Information_security
What information do you have?
Information Security is not just for companies
Information Security Protects You
Why is InfoSec Important?
• Protect yourself– Your good name (Identity)– Financial Credit– Safety
• Protect your family & friends• Privacy• Stalking• Bullying Harrassment
Threats
“Facebook Posting Leads to Student’s Arrest” – Shelby Coates 41NBC.com (WMGT) 11/2/09
“Friday the student was arrested for a post he made on his Facebook page. School officials found out about the posting and called Macon Police.”
The posting was most likely a joke.
http://www.wmgt.com/index.php?option=com_content&task=view&id=3046&Itemid=2
Threats
“Cyber criminals lurk on social networking sites” – Larry Magid, Mercury News (San Jose) 11/23/09
“Threats on those sites include applications and quizzes, as well as malware, worms and viruses. …information you post yourself that can jeopardize your privacy and your security.
"we have a tendency on social networks to share more information that we need to. While you may need to reveal which schools you went to and where you worked to connect with old school mates or colleagues, "you don't need to share your date of birth, phone number and address.”
Quiz results texted to your cell: What information could be compromised?http://www.mercurynews.com/larry-magid/ci_13825412?nclick_check=1
Threats
“Oklahoma Gangs Turn to Social Media to Boost Recruiting” – Michael McNutt, NewsOK.com (Oklahoma) 11/29/09
“Gang members in Oklahoma have begun using cell phones and text messaging to conduct criminal activities, and Internet social media such as Facebook and YouTube to recruit members as young as second-graders, according to a survey of gang activity in the state.”
http://newsok.com/gangs-in-state-turn-to-social-media-to-boost-recruiting/article/3421190
Threats
“Social network Facebook plagued with new worm threat” – Jonathan Ong, International Business Times 11/28/09
“Security researchers have identified a new worm affecting popular social networking site Facebook. The worm is said to be responsible for luring people out to adult web sites and automatically replicating itself across profile pages.”
http://ibtimes.com.au/articles/20091128/social-network-facebook-plagued-with-worm-threat.htm
Threats
Embarrassment: Information can last a long time
• Future Employer• Scholarship Recipient• Future In Laws?
MESD 2009
MESD 2001
MESD 2004
Would you hire me?
Are You Protected?
What strategies do you use to protect your information?
Strategies to Protect Your ID Online
1. Clam Up – for Registration only provide necessary information
2. Lie -- Don’t provide real information unless necessary
3. Look for the Lock – https encrypts your information
4. Sniff out Phish -- beware of scams
5. Search Safely -- Use safe search settings
6. Use Strong Passwords
7. Trust, but Verify
Sources: http://www.foxnews.com/story/0,2933,275583,00.htmlhttp://www.onguardonline.gov/default.aspx
Resources
http://www.foxnews.com/story/0,2933,275583,00.html
http://www.onguardonline.gov/default.aspx
http://www.microsoft.com/protect/parents/social/communities.aspx
Can You Crack My Password?
You find the following information about me online:
• Live in Edgewood• Work at UNM• Dog named after my favorite ghost town, Bodie• Fan of old Mercedes-Benz
What’s my password?
Creating a Strong Password
• Each additional character increases password strength (how much?)
• Complexity (how much?)
• Easy to Remember, Hard to Guess
Real world Math: Factorials! & Percentages%
http://www.microsoft.com/protect/fraud/passwords/create.aspx
Create a Strong Password
Task #1 Create a strong password
Guidelines:
• Between 4-8 characters
• Letters & numbers only
Task #2 What is the probability of cracking your password?
TI-83 Password Attack
• Brute Force Attacks – What are they?
• TI-83 simple example:
Program your TI-83
1. PRGM
2. Arrow Right to NEW
3. ENTER
4. Name = PASSWORD
5. ENTER
6. PRGM
7. #4
Program your TI-83
8. ALPHA “P,1, 100)
PROGRAM:PASSWORD
:For(P,1,100)
9. ENTER
10.PRGM
Program your TI-83
11.Arrow right to I/O
12. Select #3
13. ALPHA “P”
14.ENTER
15.PRGM
16. Select #7
17.2nd Quit
Run Your Program!
18.PRGM
19.ENTER
20.ENTER
What was the result?
How does this simulate a
brute force attack?
Thank you!
