Staying Safe Online

Tools of the Trade

Ad / Script Blocker

Ad / Script Blocker - Why Use One

Ad / Script Blocker - Why Use One

Ad / Script Blocker - Why Use One

Faster page loads

Ad / Script Blocker - Why Use One

Avoid "Malvertising" campaigns

  • news.yahoo.com
  • huffingtonpost.com
  • aol.com
  • weather.com
  • sports.yahoo.com
  • startribune.com
  • centurylink.net
  • entertainment.verizon.com

2015 Victims

Ad / Script Blocker - Options

Adblock Plus

Ads

Scripts

Ghostery

Ads + Scripts

Privacy Badger (EFF)

uBlock Origin

Ad / Script Blocker - Downsides

Site Blocking

Can break some sites

Password Manager

Password Manager - What Is It

Generates secure passwords

Stores them all securely

Auto-fills usernames/passwords on websites

Password Manager - 1Password Demo

Password Manager - Why Use One

Good passwords should be hard to remember

For reals example: CP3QsgEA40Tx

My LastPass Vault: 358 accounts

Password Manager - Options

Online

LastPass

Dashlane

Offline

KeePassX

Free, Premium - $12/yr

Free, Premium - $40/yr

Free, open-source

Password Manager - Downsides

Phone needed for unfamiliar computers

Need to have super-strong master password / 2FA device

2 Factor Authentication

(2FA)

2 Factor Authentication - What Is It

Popular implementation of Multi-factor authentication

  • Something you know
    • Password
  • Something you have
    • USB Tokens
    • Cards
  • Something you are
    • Fingerprint
    • Retina

2 Factor Authentication - Why Use It

Hackers need more than just your password

Password essentially useless without 2FA code

2 Factor Authentication - Google services instructions

2 Factor Authentication - Options

Google Authenticator App

SMS

Hardware Token - Yubikey

2 Factor Authentication - Downsides

Need code when signing into account from untrusted computer

Takes ~30 seconds longer to login to untrusted computer

Can pre-generate codes from app

2 Factor Authentication - Who Offers It

twofactorauth.org

All the "big sites"

  • Google's services
  • Amazon
  • eBay
  • Microsoft's services
  • Apple's services
  • https://blog.malwarebytes.org/threat-analysis/2015/01/major-malvertising-campaign-hits-sites-with-combined-total-monthly-traffic-of-1-5bn-visitors/
  • https://en.wikipedia.org/wiki/Multi-factor_authentication
  • https://blog.malwarebytes.org/threat-analysis/2015/01/major-malvertising-campaign-hits-sites-with-combined-total-monthly-traffic-of-1-5bn-visitors/

Articles

Pics

  • https://bd23.https.cdn.softlayer.net/80BD23/142.4.51.106/blog/wp-content/uploads/2015/08/cnn_ad_blocking_results_firefox.png
  • http://www.mozilla.cz/wp-content/uploads/2015/07/Adblock-Plus-logo.png
    http://www.n-droid.de/wp-content/uploads/2014/12/Ghostery-Browser-Logo.png
    https://www.eff.org/sites/all/themes/badger/badger-stroke.png
    https://raw.githubusercontent.com/gorhill/uBlock/master/doc/img/icon38@2x.png
    https://inbound.org/discuss/is-it-time-that-google-removed-forbes-from-search
    http://geneabloggers.com/wp-content/uploads/2013/09/Lastpass.jpg
    http://screenshots.en.sftcdn.net/en/scrn/3338000/3338284/dashlane-12-535x535.png
    https://www.keepassx.org/images/kpx_logo_main.png
  • https://www.yubico.com/wp-content/uploads/2014/09/YubiKey-NEO.png
  • https://lh5.ggpht.com/c6cKdTJeblAdoXGVnrG3FjJLv5fdv6UvN4sdRsLH4NNNmQc0OmZOxp-LxdEx8Coq5S8=h900
  • https://support.1password.com/articles/browser-extension/keyboard-shortcut.gif
  • https://thenextweb.com/wp-content/blogs.dir/1/files/2015/02/google-2fa.png