Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

WordPress NYC: Information Security

109 views

Published on

Information security best practices, including:
- software updates
- Experimental Chrome flags
- HTTPS + HSTS
- ad blocking
- password managers and 2FA
- device and disk encryption

xkcd: https://xkcd.com/538/
Password manager roundup: https://www.pcmag.com/article2/0,2817,2407168,00.asp

Published in: Technology
  • Be the first to comment

  • Be the first to like this

WordPress NYC: Information Security

  1. 1. Information security
  2. 2. Paul Schreiberpaulschreiber@gmail.com @paulschreiber
  3. 3. tradeoffs
  4. 4. continuum
  5. 5. average people✔
  6. 6. under government surveillance
  7. 7. under government surveillance whistleblowers
  8. 8. under government surveillance whistleblowers political campaigners
  9. 9. under government surveillance whistleblowers political campaigners activists
  10. 10. under government surveillance whistleblowers political campaigners activists celebrities
  11. 11. under government surveillance whistleblowers political campaigners activists celebrities victims of stalking and violence
  12. 12. password reuse✔
  13. 13. password reuse✔ password guessing✔
  14. 14. password reuse✔ password guessing✔ lost and stolen devices✔
  15. 15. password reuse✔ password guessing✔ lost and stolen devices✔ phishing✔
  16. 16. corporate espionage
  17. 17. corporate espionage criminal gangs
  18. 18. corporate espionage criminal gangs zero-day exploits
  19. 19. corporate espionage criminal gangs zero-day exploits Mossad, CIA, MI6, NSA
  20. 20. memorizing passwords
  21. 21. memorizing passwords
  22. 22. password managers
  23. 23. Create View Edit Delete Web Sync 2FA Mac Windows Linux iOS Android Chrome ✔ ✔ ✘ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ Firefox ✘ ✔ ✔ ✔ ✘ ✔ ✘ ✔ ✔ ✔ ✔ ✔ Safari ✔ ✔ ✔ ✔ ✘ ✔ ✔ ✔ ✘ ✘ ✔ ✘ browser password management
  24. 24. Preferences > Passwords
  25. 25. chrome://flags
  26. 26. chrome://settings/passwords
  27. 27. about:preferences#privacy
  28. 28. security questions
  29. 29. “security” questions
  30. 30. know
  31. 31. are
  32. 32. have
  33. 33. yubico.com/gafw/ 50% off
  34. 34. turnon2fa.com
  35. 35. twofactorauth.org
  36. 36. dongleauth.info
  37. 37. chrome://flags
  38. 38. HTTP1991–2016
  39. 39. HTTP1991–2016
  40. 40. HTTPS
  41. 41. HSTS
  42. 42. hstspreload. appspot.com
  43. 43. wordpress.org/ plugins/ two-factor/
  44. 44. wordpress.org/ plugins/ google-apps-login/
  45. 45. securityheaders.io
  46. 46. report-uri.io
  47. 47. cspisawesome.com
  48. 48. ssllabs.com/ ssltest/
  49. 49. observatory. mozilla.org
  50. 50. Many graphics from The Noun Project Computer by Azis; Credit card Gonzalo Bravo; Email by Bryn Taylor; Fingerprint by Ben Davis; Lock with keyhole by Brennan Novak; Nokia 3310 by Stan Fisher; Notification by vijay sekhar; Server by Yazmin Alanis; Shield by Wayne Thayer; Spy by Alen Krummenacher; Tombstone by Jakob Wells; iPhone by Ross Sokolovski.

×