1 / 27

Computer and Information Security

Computer and Information Security. Protecting yourself and your clients in the wild and wooly online world. To protect your computer and information assets…. …buy a Mac!. The End. Mac Hacked Via Safari Browser in Pwn-2-Own Contest.

sera
Download Presentation

Computer and Information Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Computer and Information Security Protecting yourself and your clients in the wild and wooly online world

  2. To protect your computer and information assets…

  3. …buy a Mac!

  4. The End

  5. Mac Hacked Via Safari Browser in Pwn-2-Own Contest • A zero-day vulnerability … Macaulay pwned the Mac by sending it an e-mail that directed a user to a malicious site. Upon visiting the site, the user … was infected with malware, without clicking on anything within the site. -- eWeek Security Watch

  6. Vectors for getting “pwned” • Physical access • Theft • Seizure • Attack of opportunity • Network access • Browsing the Web • Using email • Using a wireless connection • …

  7. Physical protection • Leave sensitive information at home • Separate data from hardware • Use encryption • Use strong passwords • Eliminate sensitive information • Log out when not using

  8. Cracking passwords • Single word found in dictionary: ~ 1 s • Example: “translator” • 7 random lowercase letters: ~ 45 m • Example: “uklahva” • 10 random characters: ~ 632,860 years! • Example: “4pRte!ai@3” • (With Moore’s Law: 30 years) Source: Wikipedia (Password strength)

  9. Network vulnerabilities

  10. Internet & email • Cross-site scripting (XSS) • Phishing (social engineering) • Viruses • …

  11. On a network: batten the hatches • Filter • Block • Ignore

  12. Internet

  13. Firefox • Safer • Cross-platform • Free/Libre • Add-ins • All the cool kids are using it!

  14. Vital Firefox Add-ins • Web of Trust • NoScript

  15. Web of Trust • Warns users about risky websites that try to scam visitors, deliver malware, or send spam.

  16. ginstrom…

  17. warez…

  18. NoScript • Allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice.

  19. Scripts from 15 sites!

  20. Safer Email • View email as plain text • Beware of phishing • Spam filtering

  21. Example: MS Outlook

  22. SpamBayes • http://spamassassin.apache.org/ • http://spambayes.sourceforge.net/ SpamAssassin

  23. Stay Safe! • http://ginstrom.com/ijet-19/

More Related