Upload
fred-danowski
View
189
Download
0
Tags:
Embed Size (px)
Citation preview
The Current Environment Information is power! Tech is very good today… even for hackers
John the Ripper & GPUs Hacking effected 48% of Americans in 2014 &
cost businesses nearly $500mil in losses 3.1 million Americans had their phones stolen in
2013 (1.4 million lost their phones) Not all hackers are evil (black hat)
White hats find and help fix problems Nations are also in the game
Stuxnet worm PRISM program
Bugs (Heartbleed)
Types of Threats
Brute force hacking John the Ripper
Social engineering Con men
Packet sniffing WireShark
Robbery 3.1 million
Viruses/worms Bugs
Cryptographic Standards
PGP AES RSA
PBKDF2: Password-Based Key Derivation Function 2
WPA 2 (WiFi Protected Access) WiFi encryption
TLS (https) Internet communication encryption
Biometric Authentication
Print scan (Touch ID / hand) Mostly safe from everyone but the police
Eye scan (retina / iris) Odor sensor (breath) Voice recognition Face recognition
Good Passwords (aren’t passwords)
The best password is a semisensical passphrase th3Qu!ckBr0wnf0XjumP3d.
Minimum 9 characters including both upper & lowercase letters, numbers, and specials Here’s a strong/unique passcode: !sWt^
%vTR]/9 Two-factor authentication (2FA) can also be
used for additional security Sadly, some sites restrict passcodes to 15
characters and/or do not allow specials
2-Factor Authentication (2FA) Something you know & something you
have Apple Google Microsoft Facebook Yahoo Evernote Cloud storage (Tresorit) E*Trade, Vanguard, PayPal, etc… Many more!
Password Managers (Vaults) 80% of top security experts use one!
1Password LastPass KeePass Dashlane OneSafe
iOS Keychain Apple devices only
Browsers Computer / Device specific
Routers
Change the router name ASAP Change the admin password ASAP Change the gateway’s IP address Use WPA2 with AES encryption!
The Future
Quantum computing Massively parallel Current passwords snap like a twig
Quantum encryption Unbreakable The act of intercepting it breaks it
Virtual Private Networks (VPNs)
VPNs Route users through multiple IPs
masking their identity and location TOR
Browser based Uses proxies
Closing Thoughts…
Always use HTTPS for commerce & utilize the EFF’s HTTPS Everywhere extension
Use 2FA on password recovery email accounts Do not underestimate the physical security of
your computers & mobile devices (use a PIN) Social engineering is a powerful tool▪ As is dumpster diving
Encrypt your PC’s hard drive (VeraCrypt) Use PayPal – Keep payment info. in one place If you’re not using a password manager, write
your passcodes down and keep them in a safe place. That said, use a password manager!