The Extra Dimension

As more and more parts of our lives are stored and managed through online accounts, it is critical to understand how to keep those accounts secure. Ian R Buck sits down with Elena Machkasova, computer science professor, to talk about what attackers are after, how they try to gain access, and what we can do to protect ourselves.

Episode Summary 00:00:00 | Intro 00:02:32 | Things Attackers Might Be After

• Credit card numbers
• Bank accounts
• Ransom
• Data about you (or entire accounts) they can sell
• Accounts with OG usernames
  #130 The Snapchat Thief by Reply All from Gimlet Media
• Accounts that own valuable stuff
• Impersonating you to other people who trust you
• Adding your devices to a botnet
• Intimidation
• Doxxing
• Swatting
• Eavesdropping, blackmail
  Apple says its T2 chip can prevent hackers from eavesdropping through your MacBook mic – The Verge

00:12:02 | Methods of Attack

• The Extra Dimension #9: Encryption › The Nexus
• Hackers & Cyber Attacks: Crash Course Computer Science #32 – YouTube
• Social engineering
• Phishing
• Pretexting – call someone at a company and pretend to be from the IT department
• Protocol attacks
• Brute force
• Certificate signing
• Man-in-the-middle attacks
• Data leaks
• Taking advantage of unpatched exploits

00:32:26 | Tools to Protect Yourself

• Security Checklist

00:32:35 | Create Strong, Unique Passwords 00:38:00 | Use a Password Manager

• No boundaries for user identities: Web trackers exploit browser login managers
• Second Opinion #54: Password Managers Roundup

00:43:20 | Two-Factor Authentication

• Password breach teaches Reddit that, yes, phone-based 2FA is that bad | Ars Technica

00:44:38 | Use Services That Do Security Right

• Google’s ‘Advanced Protection’ Locks Down Accounts Like Never Before | WIRED

00:48:42 | Use Devices That Do Security Right

• Security Economics of the Internet of Things – Schneier on Security

00:49:54 | Consumer Reports Privacy Guide

• 66 Ways to Protect Your Privacy Right Now – Consumer Reports

00:50:10 | Have I Been Pwned

• Have I Been Pwned

00:50:29 | Non-Public Recovery Email 00:51:03 | 10 Minute Mail

• 10 Minute Mail – Temporary E-Mail

00:51:24 | Encrypt Your Storage and Connections

• The Extra Dimension #9: Encryption › The Nexus

00:52:23 | Shred Sensitive Paper Documents 00:52:51 | Judicious Use of Browser Extensions

• “Stylish” extension with 2M downloads banned for tracking every site visit | Ars Technica

00:54:08 | Judicious Use of App Permissions 00:54:38 | Judicious Use of Third-Party Integrations 00:55:12 | Virus Protection 00:56:10 | Recognize Warnings 00:56:46 | Don’t Dox Yourself 00:57:08 | Ad Blocking

• The Extra Dimension #11: The Complex World of Ad Blocking › The Nexus

00:57:40 | Beware Open Wifi 00:58:19 | Use a VPN 00:59:07 | Put On Political Pressure Regarding Security

• The need for a Digital Geneva Convention – Microsoft on the Issues
• Five-Eyes Intelligence Services Choose Surveillance Over Security – Schneier on Security

01:01:01 | Outro Connect With The Nexus

• Discuss this episode on our Subreddit
• Support us on Patreon

Attributions

• Kevin MacLeod [Official] – Inspired – incompetech.com – YouTube

Copyright

The Extra Dimension is released under a Creative Commons — Attribution 4.0 International license. Feel free to use any or all of it as long as you link back to https://thenexus.tv/ted38/.

This episode of The Extra Dimension has a Fringe episode. You should really listen to The Fringe #505: TED #38 — Thanksgiving Shenanigans!

Listen to more at The Nexus and follow us on Twitter and Google+ for our latest episodes and news.