Your SlideShare is downloading. ×
0
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

中国的互联网

633

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
633
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Surfing the Internet Safely (for Journalists) Foreign Correspondents Club of China June 19, 2008 Andrew Lih http://www.andrewlih.com/ Copyright 2009 Andrew Lih
  • 2. Mom’s advice: “Don’t take candy from strangers”
  • 3. Net-connected computer continually doing this
  • 4. What are the threats?
  • 5. Sought/unsought threats • External intrusion/attacks • Viruses - malicious invasion • Spyware - software leeches • Web-based scripting • Sensitive data transmitted over Internet
  • 6. Technology
  • 7. Definitions • URL: Uniform Resource Location http://www.foo.com/news.html • DNS: Domain name system Convert www.foo.com to numerical address • Internet protocol (IP) address: Unique ID of computer on Internet (like 128.51.56.122) Used to route packets across the Internet
  • 8. Typical Scenario • Computer connects to Internet DSL, Starbucks, corporate, et al. • Gets a DHCP welcome package IP address and DNS server • Access web page URL http://www.foo.com/news.html
  • 9. Sequence • Happens quickly (hopefully) • Multiple “GET”s for images, ads, video, scripts, documents, audio, et al.
  • 10. Incoming: Packets Connections Services Email
  • 11. Incoming: Packets Connections Services Email Execute?
  • 12. Unsolicited data? Incoming: Packets Connections Services Email Execute?
  • 13. Where? Unsolicited data? Incoming: Packets Connections Services Email Execute?
  • 14. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute?
  • 15. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who?
  • 16. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What?
  • 17. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 18. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 19. Where? Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 20. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 21. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? Verification What? Store cookie?
  • 22. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Verification What? Store cookie?
  • 23. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Verification What? Distinguish/ Filter Store cookie?
  • 24. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Verification What? Distinguish/ Filter Store cookie?
  • 25. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Verification What? Distinguish/ Filter Store Manage cookie?
  • 26. Motivation • Annoyance • Productivity • Corporate safety and privacy • Time
  • 27. 1. Hardware router • Prevents outside traffic to naked computer • Share single connection, Wi-Fi • Use NAT “shield” • Use WPA or WPA-2 encryption (not WEP) • Manufacturers: Linksys, Netgear, D-Link, TP- LINK, Apple, Travel: Apple Airport
  • 28. 2. Firewall software • Turn on Windows Firewall • Only allow known connections in/out • May need some customization • Apple: Security preferences
  • 29. 3. Hosts file • Blacklist of known bad sites (built into Windows/Mac) • HostMan (Windows) manages hosts file • http://www.abelhadigital.com (Wordpress)
  • 30. 4. Browser execution • Web 2.0: no longer just a read-only page • Javascript (AJAX, Google Docs, et al.) • Flash (YouTube) • Java • ActiveX (Microsoft)
  • 31. Symptoms • Slowdown with apps/advertising • Running dangerous processes • Accessing resources (auto-play audio/video)
  • 32. Use Firefox • Open source browser, secure, fast • Tabbed browsing • Plugins to enhance safety • NoScript • Ad Block Plus • Flashblock
  • 33. Flashblock (no Flash unless enabled)
  • 34. NoScript (blocks Javascript)
  • 35. McAfee Siteadvisor • Firefox plugin, warns of bad sites • McAfee trusted name in security • Integrates with Google searches
  • 36. 5. Viruses/Spyware • Infect computer through email, web surfing, or just sitting on the Internet • Virus: destroy data, nuisance • Spyware: sucks processor time, steals private data, becomes part of botnet
  • 37. 5. Viruses/Spyware • Get good software • BitDefender or Kaspersky ($) • Avira AntiVir (free) • Ad-aware (free) • Spybot Search and Destroy (free) • Webroot Spysweeper
  • 38. 6. Secure connections • Virtual Private Network (VPN) • Your news operation/company may already give you this capability • Surf any site, no Great Firewall blocks • Public options: HotspotVPN ($8.88/mo) PublicVPN ($59.95/yr) Witopia personalVPN ($39.99/yr)
  • 39. 7. Practices • Password discipline • Email account discipline
  • 40. Passwords • Have three types on hand • Trivial (“buddha”) • Nontrivial (“h@ppybuddh@”) • Banking strength ("6eijin9spring!1978", like Beijing Spring)
  • 41. Accounts • Throwaway - Free services (spam collects, registrations, bogus name) try BugMeNot junkbox168@yahoo.com • General (Email, work, personal) fred.wong@gmail.com fred.wong@scmp.com • Secure (Confidential sources, HushMail) fred.wong@hush.com
  • 42. Internet access • Home, cafes, wireless, hotels on the road • Consider extremely insecure • Who can contact your computer? • Who can read what you’re doing? • Passwords in the clear?
  • 43. Steps • Google mail - https://mail.google.com/mail • Note the “S” and must be that address! • Entire session is encrypted • Yahoo/Hotmail - encrypted login, not session!
  • 44. Steps • Firefox browser - clear private data • Try “Flock” as 2nd “clean” browser • Skype - http://www.skype.com • Secure instant messaging, voice
  • 45. VPN • VPNs good for general use • Protect against snoopers in Starbucks and on hotel broadband
  • 46. Prescriptions • Have some type of VPN accessible • Use Secure Google Mail (https:// mail.google.com/) • Use Skype for secure chat • Use a broadband router at home (Linksys WRT-54G or Apple Airport) • Use Apple Macintosh (w/Windows)
  • 47. Review • If you remember nothing else today... • Hardware firewall • Firefox and plugins • Antivirus/Antispyware software • Avoid Yahoo/Hotmail • www.andrewlih.com/securitytips
  • 48. Retooled Old New Internet Explorer Mozilla Firefox Yahoo/Hotmail Google mail (https) Weak password Strong passwords Cleartext transmissions VPN or secure email Naked computer Router/firewall No security software Antivirus/Antispyware Instant messaging Skype Naked email HushMail
  • 49. Andrew Lih www.andrewlih.com Wikipedia book January 2009

×