Online Privacy Threats to You and Your Family (NoCo IT Pros, April 2015)
-
Upload
icequick -
Category
Technology
-
view
17 -
download
0
Transcript of Online Privacy Threats to You and Your Family (NoCo IT Pros, April 2015)
WHO IS DC970 DEF CON is one of the world’s largest hacker
conferences Occurs every year in Las Vegas Over 16,000 attended in 2014
DC970 is a local meet up with similar interest Meets the 3rd Thursday of the month at Wild Boar Café
One of a handful of groups around Northern Colorado E.g. NoCo2600.org meets the 1st Friday of the month at Centerra Starbucks
WIRELESS – CURRENT STATE WPA2 released in 2004 WPA released in 2003 WEP released in 1999
162.5M+ data points on
https://wigle.net/
WHAT’S GOING ON? Search for ‘best Bluetooth headset’ Visit an online store, buy nothing Later, browse to a news site See ads for Bluetooth headsets
On nearly every site (85%+) something is logging you Combined (Big Data?), this data can put together a full
picture of you
WHY SHOULD YOU CARE? It’s your personal data! I trust the people holding my personal information… If I’m not doing anything illegal… I don’t post extreme political or religious stuff on
Facebook…
YOUR DATA Renting a sexy video Discussing business with a
partner Emailing an off-color joke Text messages to your lover Seeking help for depression Writing about your past
history of alcoholism Your online search and
browsing history (yes, all of it)
YOUR DATA IN THEIR HANDS Renting a sexy video Discussing business with a
partner Emailing an off-color joke Text messages to your lover Seeking help for depression Writing about your past history
of alcoholism Your online search and
browsing history (yes, all of it)
A boss who wants to lower your wages
A political opponent A business competitor A disgruntled neighbor A criminal The town gossip An important business
clientSource:https://www.reddit.com/r/privacy/wiki/index
WHAT CAN YOU DO ABOUT IT?
Threat Matrix Countermeasures
Change your habits Browser Device Network Advanced
THREAT MATRIX
Who you are fighting against will determine your tactics
Some (or all) of: Lone wolf hackers Underground criminal enterprises Private corporations Telecom Providers Governments
HABITS Change Search Engine
Startpage.com DuckDuckGo.com
Reduce quantity/quality of personal data you post
Configure social sites for privacy ‘AVG PrivacyFix’ can help
Segregate online identities Chrome for sites you log in to Firefox for generic
reading/searching
BROWSER Lock down configurations Plug-ins (basic)
HTTPS Everywhere Ghostery Disconnect AVG PrivacyFix
Fewer options on mobile
Plug-ins (advanced Certificate Patrol Request Policy NoScript
NETWORK PROS Route everything through VPN Comcast can’t see what sites / files you’re downloading The bad guys (ad sites, Facebook) won’t know your home
IP CONS Increases latency (gaming, VOIP) Some sites block common VPN exits (Craigslist,
Nordstrom)
ADVANCED Separate computers for separate online identities Separate home networks for separate functions Use of Tor and I2P Browser Fingerprinting https://panopticlick.eff.org/
REFERENCES https://www.reddit.com/r/privacy https://prism-break.org/ https://www.privacytools.io/ http://grugq.tumblr.com/