Fight Spam and Hackers!
Upcoming SlideShare
Loading in...5
×
 

Fight Spam and Hackers!

on

  • 1,906 views

 

Statistics

Views

Total Views
1,906
Views on SlideShare
1,686
Embed Views
220

Actions

Likes
0
Downloads
6
Comments
1

5 Embeds 220

http://www.blogher.com 205
http://blogherista.blogspot.com 7
http://m.blogher.com 6
http://www.blogherista.blogspot.com 1
https://www.blogher.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • i like it ..funny
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Fight Spam and Hackers! Fight Spam and Hackers! Presentation Transcript

  • Fight Spam and Hackers! BlogHer ’10 Geek Lab Liz Henry lizhenry@gmail.com http://liz-henry.blogspot.com Monday, August 9, 2010
  • Look at me ✤ Now look at your blog. ✤ Now back to me. ✤ Now type your password. ✤ Your password is awful! ✤ Best defense against being hacked is thinking like a hacker. ✤ Your blog can think like me! Monday, August 9, 2010
  • Surveys of the room What blog platform: Blogger? (About a third) Blog Hacked? Typepad? (A few) Big spam problem? WordPress? (Most) Credit card stolen? Others? (scattered few) Complicated Identity Theft? Social media sites: Facebook Myspace Twitter (All but 3) Tumblr Posterous Others? Monday, August 9, 2010
  • Monday, August 9, 2010
  • Freedom!! ✤ I believe strongly that as women we need free access to unfiltered information ✤ We must defend our right to speak in public, unfiltered ✤ Just like we can go outside into the world in public. A political right. ✤ Be cautious of being “protected”. What if your words or image are what others “need” to be protected from? Monday, August 9, 2010
  • OMG Hackers ✤ No one really knows what they’re doing ✤ Pretty much anything can be hacked ✤ Because no one really knows what they’re doing, including security experts who revel in discovering each other’s silly mistakes. So don’t worry. ✤ You are more “at risk” from a piece of Security advice carbon paper from using your credit card in a store, or dumpster divers, constantly changes! than from being hacked. Monday, August 9, 2010
  • Where is the risk? ✤ On your computer. Keyloggers. ✤ Network traffic. Wireless. ✤ Web passwords to services. ✤ Widgets, pdfs, images, other people’s code on your blog. ✤ SQL injection. ✤ Your web host getting owned. Monday, August 9, 2010
  • Shoulder surfing ✤ It’s pretty easy to watch someone type their password. ✤ Teach your kids password manners. Monday, August 9, 2010
  • What do you risk? ✤ Bank accounts, credit card numbers. Other personal data. ✤ Losing your data - blog entries vandalized or deleted. ✤ Embarrassing vandalism - someone posting as you. ✤ Triggering security alerts on other people’s computers, getting blocked from search engines. ✤ Denial of Service attacks for malicious or political reasons. Monday, August 9, 2010
  • Bad Passwords ✤ Your $%&#@! kitten’s name ✤ Your child’s name plus their birth year. Oh, please! ✤ Your favorite animal, sports team, pop star, or deity +123. ✤ Google for your password. Do you find it? ✤ Did you find it on a list of The 500,000 Most Popular Passwords? Monday, August 9, 2010
  • Crackers! ✤ Educate yourself about how to crack a password! ✤ Google “how to crack passwords”. ✤ Google “choosing secure passwords”. ✤ Now you know how to make a much better password. Monday, August 9, 2010
  • Password managers? ✤ 1password, keepass, other programs to track your passwords and keep them secure. Anyone use them? Kind of a pain. ✤ High security PWs: Don’t use them multiple places. Change more often. Longer. email. banks. money. ✤ Low security pw: have a few and use them for web apps, social media. ✤ Think about how to generate good passwords over your lifetime. You need a system - not one password. Monday, August 9, 2010
  • Good password! ✤ Now your password is made of diamonds! ✤ Have a different password for email than for everything else. Email pw can compromise all your others. ✤ Wallet, file cabinet. All your other secure info is there anyway. Monday, August 9, 2010
  • Make backups! ✤ Back up your blog entries and comments! ✤ If you get hacked, or DoSed, you have a backup. ✤ Your web host may have backups for you too. Monday, August 9, 2010
  • Malware ✤ Antivirus software for your computer, especially for Windows ✤ Get to know the security settings on your browser ✤ Keep your OS, browser, other software up to date Monday, August 9, 2010
  • Check your site ✤ Google Webmaster Tools ✤ Set up alert on site:http://yoursite.com casino + viagra + (whatever other common spam terms show up) ✤ http://www.unmaskparasites.com/ is currently kind of nice ✤ More good advice: www.stopbadware.org Monday, August 9, 2010
  • Encryption ✤ https is awesome ✤ ssl (secure socket layer) encryption ✤ https://www.eff.org/https- everywhere is nice for Firefox Monday, August 9, 2010
  • WordPress security tips ✤ Keep it updated!! ✤ Keep it backed up ✤ Keep the plugins updated ✤ Install some security scan plugins from wordpress.org ✤ Exploit Scanner, WP Security Scan Monday, August 9, 2010
  • Harden WordPress ✤ http://codex.wordpress.org/ Hardening_WordPress ✤ This is the best advice! ✤ HighTechDadBlog has decent advice too Monday, August 9, 2010
  • Hack party ✤ Have a hack date ✤ Try to crack each others’ passwords ✤ I’m totally serious!!!! ✤ No really! Monday, August 9, 2010
  • Guess their passwords “I can’t believe you guessed my password was “MrDarcyishot69”!” Monday, August 9, 2010
  • Be a white hat hacker ✤ Warn your friends if you notice their security vulnerabilities. Monday, August 9, 2010
  • Who has your data? The companies you’re giving your data to may do something with it you don’t like. Read their privacy policy/ToS. http://www.tosback.org/ tracks changes in companies’ terms of service. Monday, August 9, 2010
  • Your Privacy ✤ If you want to browse, IM, and use the net without family members or others on same computer having access to your info, ✤ Put Torbrowser on a USB stick, and use that. Very secure. ✤ https://www.torproject.org/ Medical issues. Visiting your in-laws. torbrowser/ Reading pages your husband might not be comfortable with. IM and email you don’t want your kid reading. End of relationship, or domestic violence situations. Monday, August 9, 2010
  • I’m on a horse Well, not in this photo, but at some point in life I was. Unfortunately in this photo I’m giving a lap dance to a giant fiberglass lumberjack rabbit and his enormous carrot water fountain. Monday, August 9, 2010
  • When you get hacked Get some help and advice Do a little research You are now a computer forensics investigator! Congratulations! Don’t panic Remember, you have backups! Monday, August 9, 2010