Your SlideShare is downloading. ×
0
Fight Spam and
    Hackers!


                    BlogHer ’10
                     Geek Lab
                     Liz Henry...
Look at me

    ✤    Now look at your blog.

    ✤    Now back to me.

    ✤    Now type your password.

    ✤    Your pas...
Surveys of the room
         What blog platform:
       Blogger? (About a third)           Blog Hacked?
          Typepad?...
Monday, August 9, 2010
Freedom!!

    ✤    I believe strongly that as women we
         need free access to unfiltered
         information

    ✤...
OMG Hackers

    ✤    No one really knows what they’re
         doing

    ✤    Pretty much anything can be hacked

    ✤ ...
Where is the
    risk?
    ✤    On your computer. Keyloggers.

    ✤    Network traffic. Wireless.

    ✤    Web passwords ...
Shoulder
    surfing



    ✤    It’s pretty easy to watch
         someone type their password.

    ✤    Teach your kids...
What do you
    risk?
    ✤    Bank accounts, credit card numbers.
         Other personal data.

    ✤    Losing your dat...
Bad Passwords

    ✤    Your $%&#@! kitten’s name

    ✤    Your child’s name plus their
         birth year. Oh, please!
...
Crackers!

    ✤    Educate yourself about how to
         crack a password!

    ✤    Google “how to crack
         passw...
Password
    managers?
    ✤    1password, keepass, other programs to
         track your passwords and keep them
        ...
Good
    password!

    ✤    Now your password is made of
         diamonds!

    ✤    Have a different password for
     ...
Make backups!


    ✤    Back up your blog entries and
         comments!

    ✤    If you get hacked, or DoSed,
         ...
Malware


    ✤    Antivirus software for your
         computer, especially for
         Windows

    ✤    Get to know th...
Check your site


    ✤    Google Webmaster Tools

    ✤    Set up alert on site:http://yoursite.com
         casino + via...
Encryption


    ✤    https is awesome

    ✤    ssl (secure socket layer)
         encryption

    ✤    https://www.eff.o...
WordPress
    security tips

    ✤    Keep it updated!!

    ✤    Keep it backed up

    ✤    Keep the plugins updated

  ...
Harden
    WordPress


    ✤    http://codex.wordpress.org/
         Hardening_WordPress

    ✤    This is the best advice...
Hack party


    ✤    Have a hack date

    ✤    Try to crack each others’
         passwords

    ✤    I’m totally seriou...
Guess their passwords




                          “I can’t believe you guessed my
                         password was ...
Be a white hat
 hacker


   ✤    Warn your
        friends if you
        notice their
        security
        vulnerabil...
Who has
    your
    data?



   The companies you’re giving your data to may do something with it you don’t like.
   Read...
Your Privacy

    ✤    If you want to browse, IM, and
         use the net without family
         members or others on sa...
I’m on a horse
             Well, not in this
            photo, but at some
            point in life I was.
            ...
When you get
    hacked
    Get some help and advice
    Do a little research
    You are now a computer forensics
    inv...
Upcoming SlideShare
Loading in...5
×

Fight Spam and Hackers!

1,686

Published on

1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total Views
1,686
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
7
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Fight Spam and Hackers!"

  1. 1. Fight Spam and Hackers! BlogHer ’10 Geek Lab Liz Henry lizhenry@gmail.com http://liz-henry.blogspot.com Monday, August 9, 2010
  2. 2. Look at me ✤ Now look at your blog. ✤ Now back to me. ✤ Now type your password. ✤ Your password is awful! ✤ Best defense against being hacked is thinking like a hacker. ✤ Your blog can think like me! Monday, August 9, 2010
  3. 3. Surveys of the room What blog platform: Blogger? (About a third) Blog Hacked? Typepad? (A few) Big spam problem? WordPress? (Most) Credit card stolen? Others? (scattered few) Complicated Identity Theft? Social media sites: Facebook Myspace Twitter (All but 3) Tumblr Posterous Others? Monday, August 9, 2010
  4. 4. Monday, August 9, 2010
  5. 5. Freedom!! ✤ I believe strongly that as women we need free access to unfiltered information ✤ We must defend our right to speak in public, unfiltered ✤ Just like we can go outside into the world in public. A political right. ✤ Be cautious of being “protected”. What if your words or image are what others “need” to be protected from? Monday, August 9, 2010
  6. 6. OMG Hackers ✤ No one really knows what they’re doing ✤ Pretty much anything can be hacked ✤ Because no one really knows what they’re doing, including security experts who revel in discovering each other’s silly mistakes. So don’t worry. ✤ You are more “at risk” from a piece of Security advice carbon paper from using your credit card in a store, or dumpster divers, constantly changes! than from being hacked. Monday, August 9, 2010
  7. 7. Where is the risk? ✤ On your computer. Keyloggers. ✤ Network traffic. Wireless. ✤ Web passwords to services. ✤ Widgets, pdfs, images, other people’s code on your blog. ✤ SQL injection. ✤ Your web host getting owned. Monday, August 9, 2010
  8. 8. Shoulder surfing ✤ It’s pretty easy to watch someone type their password. ✤ Teach your kids password manners. Monday, August 9, 2010
  9. 9. What do you risk? ✤ Bank accounts, credit card numbers. Other personal data. ✤ Losing your data - blog entries vandalized or deleted. ✤ Embarrassing vandalism - someone posting as you. ✤ Triggering security alerts on other people’s computers, getting blocked from search engines. ✤ Denial of Service attacks for malicious or political reasons. Monday, August 9, 2010
  10. 10. Bad Passwords ✤ Your $%&#@! kitten’s name ✤ Your child’s name plus their birth year. Oh, please! ✤ Your favorite animal, sports team, pop star, or deity +123. ✤ Google for your password. Do you find it? ✤ Did you find it on a list of The 500,000 Most Popular Passwords? Monday, August 9, 2010
  11. 11. Crackers! ✤ Educate yourself about how to crack a password! ✤ Google “how to crack passwords”. ✤ Google “choosing secure passwords”. ✤ Now you know how to make a much better password. Monday, August 9, 2010
  12. 12. Password managers? ✤ 1password, keepass, other programs to track your passwords and keep them secure. Anyone use them? Kind of a pain. ✤ High security PWs: Don’t use them multiple places. Change more often. Longer. email. banks. money. ✤ Low security pw: have a few and use them for web apps, social media. ✤ Think about how to generate good passwords over your lifetime. You need a system - not one password. Monday, August 9, 2010
  13. 13. Good password! ✤ Now your password is made of diamonds! ✤ Have a different password for email than for everything else. Email pw can compromise all your others. ✤ Wallet, file cabinet. All your other secure info is there anyway. Monday, August 9, 2010
  14. 14. Make backups! ✤ Back up your blog entries and comments! ✤ If you get hacked, or DoSed, you have a backup. ✤ Your web host may have backups for you too. Monday, August 9, 2010
  15. 15. Malware ✤ Antivirus software for your computer, especially for Windows ✤ Get to know the security settings on your browser ✤ Keep your OS, browser, other software up to date Monday, August 9, 2010
  16. 16. Check your site ✤ Google Webmaster Tools ✤ Set up alert on site:http://yoursite.com casino + viagra + (whatever other common spam terms show up) ✤ http://www.unmaskparasites.com/ is currently kind of nice ✤ More good advice: www.stopbadware.org Monday, August 9, 2010
  17. 17. Encryption ✤ https is awesome ✤ ssl (secure socket layer) encryption ✤ https://www.eff.org/https- everywhere is nice for Firefox Monday, August 9, 2010
  18. 18. WordPress security tips ✤ Keep it updated!! ✤ Keep it backed up ✤ Keep the plugins updated ✤ Install some security scan plugins from wordpress.org ✤ Exploit Scanner, WP Security Scan Monday, August 9, 2010
  19. 19. Harden WordPress ✤ http://codex.wordpress.org/ Hardening_WordPress ✤ This is the best advice! ✤ HighTechDadBlog has decent advice too Monday, August 9, 2010
  20. 20. Hack party ✤ Have a hack date ✤ Try to crack each others’ passwords ✤ I’m totally serious!!!! ✤ No really! Monday, August 9, 2010
  21. 21. Guess their passwords “I can’t believe you guessed my password was “MrDarcyishot69”!” Monday, August 9, 2010
  22. 22. Be a white hat hacker ✤ Warn your friends if you notice their security vulnerabilities. Monday, August 9, 2010
  23. 23. Who has your data? The companies you’re giving your data to may do something with it you don’t like. Read their privacy policy/ToS. http://www.tosback.org/ tracks changes in companies’ terms of service. Monday, August 9, 2010
  24. 24. Your Privacy ✤ If you want to browse, IM, and use the net without family members or others on same computer having access to your info, ✤ Put Torbrowser on a USB stick, and use that. Very secure. ✤ https://www.torproject.org/ Medical issues. Visiting your in-laws. torbrowser/ Reading pages your husband might not be comfortable with. IM and email you don’t want your kid reading. End of relationship, or domestic violence situations. Monday, August 9, 2010
  25. 25. I’m on a horse Well, not in this photo, but at some point in life I was. Unfortunately in this photo I’m giving a lap dance to a giant fiberglass lumberjack rabbit and his enormous carrot water fountain. Monday, August 9, 2010
  26. 26. When you get hacked Get some help and advice Do a little research You are now a computer forensics investigator! Congratulations! Don’t panic Remember, you have backups! Monday, August 9, 2010
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×