notebook.community

Edit and run

Your Privacy

Why Should I care?

  • In the US, you do not own your own person information.
  • Companies take track you without much consent.
  • Companies can profit by selling your data, or by subjecting you to dynamic pricing.
  • Companies routinely have security breaks and your private information, including name, address, phone numbers, SSN, and browser history, can be leaked.

Dynamic Princing

Airlines increase flight prices hundreds of dollars when you look for flights

What is PII?

Personally Identifiable Information (PII) is defined by NIST as

(1) any information that can be used to distinguish or trace an individual's identity, such as name, social security number, date and place of birth, mother's maiden name, or biometric records

There are many other examples of PII but those are the most commonly stolen.

Breaches

  • On September 7th, Equifax acknowledged that 143 million people may have had their Personally Identifiable Information leaked.
  • Yahoo had two separate hacks, one in 2013, and another in 2014, in which 1 billion and 500 millions users were exposed.
  • Equifax will likely not be fined for obvious security flaws.

Source

Security Systems Fail

  • The number of breaches is steady increasing.
  • Some other big names have been hacked in 2016 as well:
    • U.S. Department of Justice
    • IRS
    • UC Berkeley
    • Premeir Healthcare
    • Version
    • Wendy's
    • LinkedIn
    • Dropbox
    • Cisco
    • Yahoo

The State of Things

  • Good security protocols exist but are not followed, even by large corporation, and the national government.
  • The most common operating system, Windows, is extremely vulnerable as we've seen in the May WannaCry Ransomeware atttack.

Two factor authentication, while not sexy enough to make it into the news, is incredibly powerful.

Hackers need something you know, like a password, and something you have, like your phone.

Put a lock on your phone! Consider disabling TouchID.

Long passphrases are more secure than short ones with mix case and special characters.

Share Safely

  • Never send sensitive information by email.
  • Email is insecure and a copy of your message will remain indefinitely.

Surface Safely

  1. Never transfer sensitive information over http, only https.

  2. Look for the site information in your web browser:

    1. Secure

    2. Info or Not secure

    3. Not secure or Dangerous

Do Not Believe in Incognito Mode

clickclickclick.click

nothingprivate.ml

Who does Google think you are?

What ads have you looked at?

The last two links include ways to opt out of Google ad tracking.

Alternative Search

Use a search engine that does not track your information, such as duckduckgo.com

Lock it Down!

Use a password manager such as LastPass or Dashlane!

there is no excuse

Benefits

  • Each website has a unique password.
  • But you only have to remember one.
  • Easy to rotate passwords.
  • Lastpass integrates well with two-factor authentication.

Send Safely

  • There comes a time in which we have to share sensitive information.
  • It might be sending a copy of your social security card to HR.
  • Or family photos via email.
  • Some zip program, such as 7-zip, allow you to encryption your zip files with AES-256.
  • Just make sure not to send the password via email.

Recap:

  1. Password manager
  2. Two-factor authentication
  3. Think about tracking
  4. Always use https, consider Firefox.
  5. If you must, send PII in an encrypted zip file.

Content source: vguarnaccia/jupyter-notebook-slides

Similar notebooks:

notebook.community | gallery | about