As more and more parts of our lives are stored and managed through online accounts, it is critical to understand how to keep those accounts secure. Ian R Buck sits down with Elena Machkasova, computer science professor, to talk about what attackers are after, how they try to gain access, and what we can do to protect ourselves.
Episode Summary
00:00:00 | Intro
00:02:32 | Things Attackers Might Be After
- Credit card numbers
- Bank accounts
- Ransom
- Data about you (or entire accounts) they can sell
- Accounts with OG usernames
#130 The Snapchat Thief by Reply All from Gimlet Media
- Accounts that own valuable stuff
- Impersonating you to other people who trust you
- Adding your devices to a botnet
- Intimidation
- Doxxing
- Swatting
- Eavesdropping, blackmail
Apple says its T2 chip can prevent hackers from eavesdropping through your MacBook mic – The Verge
00:12:02 | Methods of Attack
- The Extra Dimension #9: Encryption › The Nexus
- Hackers & Cyber Attacks: Crash Course Computer Science #32 – YouTube
- Social engineering
- Phishing
- Pretexting – call someone at a company and pretend to be from the IT department
- Protocol attacks
- Brute force
- Certificate signing
- Man-in-the-middle attacks
- Data leaks
- Taking advantage of unpatched exploits
00:32:26 | Tools to Protect Yourself
00:32:35 | Create Strong, Unique Passwords
00:38:00 | Use a Password Manager
- No boundaries for user identities: Web trackers exploit browser login managers
- Second Opinion #54: Password Managers Roundup
00:43:20 | Two-Factor Authentication
- Password breach teaches Reddit that, yes, phone-based 2FA is that bad | Ars Technica
00:44:38 | Use Services That Do Security Right
- Google’s ‘Advanced Protection’ Locks Down Accounts Like Never Before | WIRED
00:48:42 | Use Devices That Do Security Right
- Security Economics of the Internet of Things – Schneier on Security
00:49:54 | Consumer Reports Privacy Guide
- 66 Ways to Protect Your Privacy Right Now – Consumer Reports
00:50:10 | Have I Been Pwned
00:50:29 | Non-Public Recovery Email
00:51:03 | 10 Minute Mail
- 10 Minute Mail – Temporary E-Mail
00:51:24 | Encrypt Your Storage and Connections
- The Extra Dimension #9: Encryption › The Nexus
00:52:23 | Shred Sensitive Paper Documents
00:52:51 | Judicious Use of Browser Extensions
- “Stylish” extension with 2M downloads banned for tracking every site visit | Ars Technica
00:54:08 | Judicious Use of App Permissions
00:54:38 | Judicious Use of Third-Party Integrations
00:55:12 | Virus Protection
00:56:10 | Recognize Warnings
00:56:46 | Don’t Dox Yourself
00:57:08 | Ad Blocking
- The Extra Dimension #11: The Complex World of Ad Blocking › The Nexus
00:57:40 | Beware Open Wifi
00:58:19 | Use a VPN
00:59:07 | Put On Political Pressure Regarding Security
- The need for a Digital Geneva Convention – Microsoft on the Issues
- Five-Eyes Intelligence Services Choose Surveillance Over Security – Schneier on Security
01:01:01 | Outro
Connect With The Nexus
- Discuss this episode on our Subreddit
- Support us on Patreon
Attributions
- Kevin MacLeod [Official] – Inspired – incompetech.com – YouTube
Copyright
The Extra Dimension is released under a Creative Commons — Attribution 4.0 International license. Feel free to use any or all of it as long as you link back to https://thenexus.tv/ted38/.
This episode of The Extra Dimension has a Fringe episode. You should really listen to The Fringe #505: TED #38 — Thanksgiving Shenanigans!
Listen to more at The Nexus and follow us on Twitter and Google+ for our latest episodes and news.