Presentation from NetSquared Vancouver's #Tech4Good Trends event for nonprofits in 2018. https://www.meetup.com/net2van/events/245927359/

1. Privacy & Security Strategies for Non-Profits
Impacts of Meltdown & Spectre
By Kris Constable
@cqwww

2. Meltdown & Spectre
Speculative execution (what's going to happen
next) & side channel attacks (physical, electrical
and/or mechanical characteristics – hardware)
relating to CPUs (Intel, AMD & ARM)
Meltdown: Kernel vs Userland
Spectre: Segmentation between applications
...
A helpful reminder you need a privacy & security
strategy

3. What can you do?
Have an organizational strategy and ensure
compliance by measuring compliance

4. Patch all the things

5. Masscan & metasploit

6. Let's go through the layers of the OSI model.
CERT suggests upgrading your CPU

7. Patch your operating systems
(server, laptop, phone)

8. Download the latest version of your browser.
I recommend something based off Google
Chromium or Mozilla Firefox.
I use Iridium and Firefox Focus.
For chrome, type this in your URL:
chrome://flags/#enable-site-per-process
and click “enable” on “Strict site isolation.”

9. Block JavaScript and Flash by default
NoScripts
Ablock Plus or Ublock Origin
Privacy Badger

10. Make sure you're using antivirus, including
mac/osx users, and are using it properly

11. Restore from your backups

12. https://privasectech.com/the-blog/
Or PrivaSecTech on Facebook

13. Questions?
kris@privasectech.com
@cqwww