survey results: why this stuff matters case study: mat honan hacking case social networking safety...
TRANSCRIPT
- Slide 1
- Slide 2
- Survey results: why this stuff matters Case study: Mat Honan hacking case Social Networking safety Examples Tech demo
- Slide 3
- Social Media Form of communication in which users create online communities to share info, ideas, personal messages, etc.
- Slide 4
- Slide 5
- Slide 6
- Slide 7
- Your lives are only going to get more complicated. Now is the time to build good habits and learn to be safe and secure.
- Slide 8
- Mat Honan hack Customer service transcript Prevention
- Slide 9
- Mat Honan Wired.com
- Slide 10
- Add a fake credit card number to account Call back, tell them youre locked out of account Use that fake CC number to verify your identity Lets you see last 4 digits of all credit cards on account Which is all you need to reset your account with
- Slide 11
- Gained access to Apple account Remote device wipes Use @me.com email to reset passwords. Like
- Slide 12
- Another password reset Entire account deleted What was their final goal?
- Slide 13
- Twitter account: @mat Load up wall with racist, homophobic tweets Deleted Gmail and wiped devices to keep Mat from regaining access to Twitter
- Slide 14
- One weak link can let someone into your entire digital life. And often that weak link is convenience.
- Slide 15
- People really do this.
- Slide 16
- DONT
- Slide 17
- SecurityConvenience and are not friends.
- Slide 18
- Convenience will always betray security.
- Slide 19
- Apple: Can you answer a question from the account? Name of your best friend? Hacker: I think that is Kevin or Austin or Max. Apple: None of those answers are correct. Do you think you may have entered last names with the answer? Taken from a January 2012 live chat between Apple online support and a hacker posing as a real Apple customer Source: http://www.wired.com/gadgetlab/2012/11/ff-mat-honan-password-hacker/2/
- Slide 20
- Apple: The last four of the card are incorrect. Do you have another card? Hacker: Can you check again? Im looking at my Visa here, the last 4 is 5555. Apple: Yes, I have checked again. 5555 is not what is on the account. Did you try to reset online and choose email authentication?
- Slide 21
- Apple: You want to try the first and last name for the best friend question? Hacker: Here, Im back. I think the answer might be Chris? Hes a good friend. Apple: I am sorry, Brian, but that answer is incorrect. Hacker: Christopher A********h is the full name. Another possibility is Raymond M*******r. Apple: Both of those are incorrect as well.
- Slide 22
- Slide 23
- Hacker: Im just gonna list off some friends that might be haha. Brian C**a. Bryan Y***t. Steven M***y. Apple: How about this. Give me the name of one of your custom mail folders. Hacker: Google Gmail Apple I think. Im a programmer at Google. Apple: OK, Apple is correct. Can I have an alternate email address for you?
- Slide 24
- Hacker: The alternate email I used when I made the account? Apple: I will need an email address to send you the password reset. Hacker: Can you send it to [email protected]? Apple: The email has been sent. Hacker: Thanks!
- Slide 25
- What can prevent this sort of hack? Two-factor authentication (as of March 22, 2013)
- Slide 26
- Password Managers LastPass1PasswordRoboForm
- Slide 27
- Lock down your cell phone! Passcode lock Use remote tracking/wiping
- Slide 28
- Find my iPhone (or iPador MacBook)
- Slide 29
- Cerberus SeekDroid
- Slide 30
- Slide 31
- Dont overshare Remember your audience Crime + Facebook = BAD
- Slide 32
- Sharing Too Much Personal Information Address, Phone Number, Password Social Plans Negative Attitude Complaints, Criticism, Threats
- Slide 33
- Fired because of Facebook Woman blasts her boss with Facebook post Turns out her boss was a Facebook friend She was immediately fired
- Slide 34
- Fired because of Facebook Waitress fired for complaining about customers Ashley Johnson, a former waitress at Brixx, a pizza restaurant, claims she was fired from her job for complaining about customers on her Facebook account.
- Slide 35
- Self-Incrimination
- Slide 36
- Choose your friends wisely Never be online friends with someone you dont know in real life Online predators Cyber-stalking Cat-fishing
- Slide 37
- COMMON SENSE
- Slide 38
- Phishing Malicious advertising Scareware
- Slide 39
- Phishing Email pretending to be from legitimate companies to trick you into revealing personal information
- Slide 40
- Slide 41
- Slide 42
- Bad grammar
- Slide 43
- False sense of urgency
- Slide 44
- http://www.daycomsolutions.com
- Slide 45
- Slide 46
- Slide 47
- Fake Ads Common on piracy/warez/porn sites Try to mine your personal information or install malware
- Slide 48
- Slide 49
- Suspicious Websites Offer free downloads Many Annoying Ads and Pop-ups Tacky Appearance Asks you to download plug-ins
- Slide 50
- Live TV Cafe
- Slide 51
- 4Shared
- Slide 52
- Softonic
- Slide 53
- Slide 54
- Use Sites Like These:
- Slide 55
- Hulu
- Slide 56
- Scareware Pretends to be system messages or antivirus programs. Takes advantage of less savvy users.
- Slide 57
- Slide 58
- Slide 59
- Slide 60
- Slide 61
- DEMO Sub7 remote administration tool Worst-case malware