3 aspects where the 'virtual world' interacts now and in the future with us in a very real way.
. Thought Works Introduction to Blockchain
. Cyber Security
. Cloud Accounting
3 aspects where the 'virtual world' interacts now and in the future with us in a very real way.
. Thought Works Introduction to Blockchain
. Cyber Security
. Cloud Accounting
Attacker uses human interaction to obtain or compromise information.Attacker my appear unassuming or respectable
Pretend to be a new employee, repair man,
May even offer credentials.
By:Maulik Kotak
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
An overview of the legal, privacy, and security issues surrounding modern cloud services and cryptography
Created as an alumnus talk for the Computer & Network Support Technology Fairfield Career Center senior class of 2016.
Attacker uses human interaction to obtain or compromise information.Attacker my appear unassuming or respectable
Pretend to be a new employee, repair man,
May even offer credentials.
By:Maulik Kotak
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
An overview of the legal, privacy, and security issues surrounding modern cloud services and cryptography
Created as an alumnus talk for the Computer & Network Support Technology Fairfield Career Center senior class of 2016.
This presentation tells about digital marketing meaning and crimes related to it.Any illegal behavior directed by means of electronic operations. that targets the security of computer systems and the data. processed by them is termed cyber crime.
The invention of computer and Information technology related software and equipment has revolutionized the way we do things in many fields.Especially in the science, education, business and commerce it has made far reaching changes.Without using a single sheet of paper, a lot of communications and transactions are done.Automation of businesses, financial institutions and the government records have become widespread.
Many transactions such as sale of goods, transfer of information, transfer of funds and even buying air tickets could be done through the use of computers. The existing laws that governs transactions and information did not address such issues as they were made before the IT era.
Computer forensics once specialized is now mainstream due to our total dependence on data. Experts deal not only with computer related crime such as hacking, software piracy, and viruses but also with conventional crimes including fraud, embezzlement, organized crime and child pornography.
An Introduction To IT Security And Privacy for Librarians and LibrariesBlake Carver
An hour long presentation I gave for LYRASIS. It introduces many topics in security and privacy on the internet and computers and any other type of device with an ip address. IOT Internet of things, browsers, portable devices and more.
Isao MATSUNAMI - Digital security in japanese journalismREVULN
Massive leaks such as Wikileaks, Panama Papers and Snowden have made journalists realize that good old "just-meet-people-shoot-photo" days are gone.
Getting leak documents over the internet, grappling with data format, processing text with machine learning and protecting sources from surveillance are all getting new-norm for journalism.
However reporters, generally and historically, would be the last species to understand digital technology and data-oriented thinking.
I would like to share my experiences of teaching digital security to journalists and discuss difficulties of journalism in this post-truth world.
On Oct. 22, the University of Texas at Austin's Center for Identity presented “The Internet of Things,” a webcast focused on providing actionable tips for navigating an increasingly connected world. John Danaher, President of TransUnion Interactive, discussed the latest advances in connected technology, the challenges they pose to our personally identifiable information (PII), and ways we can safeguard our PII while remaining connected.
What is algorithmic bias, and what does it mean for an algorithm to be fair or unfair? This talk explores fair decision making in the context of criminal justice, lending, hiring, and so on, providing both intuitions and their connection to legal and mathematical principles. It describes the basic frameworks of "allocative fairness," that is, fairness when giving out a benefit or a punishment.
Talk video and more at http://jonathanstray.com/introduction-to-algorithmic-bias
A talk at Code for America HQ in San Francisco.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
2. This class
• Digital Security Basics
• Mass Surveillance and Privacy
• Legal Landscape
• Threat Modeling
• Secure Reporting Recipes
• Case Study: Leaked Cables
4. What everyone in the organization
needs to do
• Passwords and 2-step login
• Don’t fall for phishing
• Encrypt your devices
• Check your social media and cloud storage permissions
8. Good Password Practice
• Use two-factor authentication
• Don't use a common password. Avoid words in the dictionary.
• If you use the same password for multiple sites, your password is only as
strong as the security on the weakest site.
• Consider passphrases, and password management tools like OnePass
9. Phishing
By far the most common attack. Send a message to user tricking them into
entering their password.
Typically directs users to a fake login page.
Protection: beware links that take you to a login page! Always read the
URL after clicking a link from a message.
14. Syrian Facebook
phishing
Arabic text reads: "Urgent and
critical.. video leaked by security
forces and thugs.. the revenge of
Assad's thugs against the free men
and women of Baba Amr in captivity
and taking turns raping one of the
women in captivity by Assad's dogs..
please spread this."
15. Chinese email spear-phishing
From FireEye blog post:
“In August 2015, the threat actors sent spear
phishing emails to a number of Hong Kong-
based media organizations, including
newspapers, radio, and television. The first
email references the creation of a Christian civil
society organization to coincide with the
anniversary of the 2014 protests in Hong Kong
known as the Umbrella Movement. The second
email references a Hong Kong University
alumni organization that fears votes in a
referendum to appoint a Vice-Chancellor will be
co-opted by pro-Beijing interests”
17. Defending Against Phishing
•Be suspicious of generic messages
•Read the URL before you click
•Always read the URL before typing in a password
•Report suspicious links to security
21. Background yourself on social media!
Use someone else’s computer (or an Incognito window) and research
yourself. See if you can find your home address, date of birth, or child’s
school.
30. SSL
Aka, HTTPS.
Depends on a system of root certificate authorities (CAs) that generate
certificates (cryptographically sign keys) for sites that use HTTPS.
Browsers have CA keys built in, so they can verify that a site has a valid
signed key.
Works great, except that certificate authorities can be hacked, and we
must expect that most states can easily sign a certificate through a proxy.
33. Legal Security
In the U.S., the Privacy Protection Act prevents police from seizing
journalists’ data without a warrant... if you're the one storing it.
Third party doctrine: if it’s in the cloud, no protection!
35. Surveillance Law: the U.S. situation
Do you need a warrant to see who I called?
Nope. Supreme court, Smith vs. Maryland, 1979 controls "metadata."
Do you need a warrant to read my email (or IM, etc.)?
Electronic Communications Privacy Act (1986): Not if it's older than 180 days
U.S. v. Warshak, sixth circuit (2010): yes
Proposed Email Privacy Act (passed House April 2016): yes
Do you need a warrant to track someone through their phone?
2013: ACLU FOIA of 200 police departments: some say yes, some say no
2018: Carpenter v. United States, Supreme court says yes for 7 days or more
Do you need a warrant to look at the data on my phone after an arrest?
Yes. Supreme court said so in 2014, Riley vs. California.
36. "In the first public accounting of its kind,
cellphone carriers reported that they
responded to a startling 1.3 million
demands for subscriber information last
year from law enforcement agencies
seeking text messages, caller locations
and other information in the course of
investigations."
- Wireless Firms Are Flooded by
Requests to Aid Surveillance, New York Times,
July 8 2012
38. Facebook,
Skype, WhatsApp,
etc. can be
monitored by
parent company.
And requested by
law enforcement.
Pictured: Facebook
requests, Q1-Q2 2015
Facebook Transparency Report
40. How to plan for a sensitive story
What do I want to keep private?
(Messages, locations, identities, networks...)
Who wants to know?
(story subject, governments, law enforcement, corporations...)
What can they do?
(eavesdrop, subpoena... or exploit security lapses and accidents!)
What happens if they succeed?
(story's blown, legal problems for a source, someone gets killed...)
41. What Must Be Private?
• Which data?
o Emails and other communications
o Photos, footage, notes
o Your address book, travel itineraries, etc.
• Privacy vs. anonymity
o Encryption protects content of an email or IM
o Not the identity of sender and recipient
42. Who Wants to Know?
Most of the time, the NSA is not the problem
Your adversary could be the subject of a story, a government, another
news organization, etc.
43. What Can the Adversary Do?
• Technical
o Hacking, intercepting communications, code-breaking
• Legal
o Lawsuits, subpoenas, detention
• Social
o Phishing, “social engineering,” exploiting trust
• Operational
o The one time you didn’t use a secure channel
o Person you shouldn’t have told
• Physical
o Theft, installation of malware, network taps, violence
45. Threat Modeling Scenario #1
You are a photojournalist in Syria with digital images you want to get
out of the country. Limited Internet access is available at a café.
Some of the images may identify people working with the rebels
who could be targeted by the government if their identity is
revealed.
46. Threat Modeling Scenario #2
You are reporting on insider trading at a large bank and talking
secretly to two whistleblowers who may give you documents.
If these sources are identified before the story comes out, at the
very least you will lose your sources.
47. Threat Modeling Scenario #3
You are reporting a story about local police misconduct. You have
talked to sources including police officers and victims.
You would prefer that the police commissioner not know of your
story before it is published.
48. Threat Modeling Scenario #4
You are reporting on drug cartels in Central America. Previous
sources and journalists have been murdered.
51. Text messages
Standard text messages are incredibly insecure.
Facebook, WhatsApp, WeChat, etc. are logged by the parent company
– and can be subpoenaed by law enforcement.
Use iMessage or Signal.
52. SMS is not encrypted! The phone
company logs them, and devices exist to
read all SMS text messages sent by
nearby phones.
53. iMessage is very secure,
but you must turn off “Send
as SMS”
Correctly sent messages
are blue.
54. WhatsApp recently implemented Signal
protocol on all platforms. But metadata
probably still available to Facebook, and
subpoenable.
55. Signal is the free, secure
messaging app.
Axlotl Ratchet protocol
provides forward
secrecy.
Android, iPhone,
Desktop.
57. Email
Email is difficult to secure. Avoid it if you can.
Limited security if both ends of the conversation always use Gmail,
Hushmail, or ProtonMail. Still subject to subpeona.
I do not recommend PGP/GPG. Hard to get right, does not hide
metadata, no forward secrecy (old messages revealed if someone gets
your private key.)
58.
59.
60. Phone calls
Standard phone calls leave “metadata” at phone company. Who you
called, when, how long you talked, where you were.
Who can access this?
Definitely law enforcement.
62. How many copies?
The original file might be on your phone, camera SD card, etc.
What about backups and cloud syncing? Email attachments?
Use secure erase products – but there may still be traces (temporary
files, filenames in “recently used” lists, etc.)
63. Physical data security
Who could steal your laptop?
Keep drives, papers, etc. locked up.
If someone else can access your
computer, they can install spyware.
65. Anonymous sources
Anonymity is not the same as privacy
It is much harder.
There are many ways to accidentally reveal someone’s identity.
The key concept is “linkability” between different accounts and
identifiers.
66. Private but not anonymous
Encrypted message is like a sealed envelope.
Anyone can still read the address (metadata)
67. Communicating with sources
“So I meet employee X, and we have a cup of coffee even, and we want to
exchange contacts. And if I pull him aside and say, all right, from now on
you’ll call me “Popeye”, and here’s where you download TAILS and we’ll
set up secret, spooky accounts and encryption, it’s as if I was saying, here
let me have your phone number, and by the way can you show me any
recent STD tests, and which brand of condom do you like? It’s sort of who
are you, what are you talking about, I didn’t agree to anything like this.”
- Barton Gelman of the Washington Post, at the HOPE X conference
68. The only practical answer
Don’t give the source any way to communicate with you that is not
secure.
If they have a gmail address, and you have a gmail address, and
Google is unlikely to cooperate with your adversary, use gmail.
Otherwise: iMessage, WhatsApp, or Signal. But usually you add a
contact by entering a phone number, so how to prevent source from
just calling you?
75. Receiving Leaks
Prevent the adversary from knowing who leaked – keep the source
anonymous.
Corporate networks are monitored. Personal devices are associated
with identifying information. Most secure method for transferring
sensitive files is still a face to face meeting.
Publishing is a problem too! File metadata has blown more than one
source.
81. Crossing borders
Prepare to be searched. Encrypt your devices. But realize that you may
have to give up your password.
Prepare to have equipment seized. Have backups.
Best plan may be to send data home over the network.
82.
83. US Border crossing guide
EFF’s “Digital Privacy at the US Border: Protecting Data on Your
Devices and in the Cloud”
https://www.eff.org/wp/digital-privacy-us-border-2017
85. How the leak was leaked
Julian Assange gave a password and a temporary URL to
Guardian reporter David Leigh.
Leigh downloaded the file in encrypted form from the temporary
URL.
Leigh decrypted the file and reported on the contents.
...but later, all the cables were available publicly, which is not what
either Assange or Leigh intended.
90. Digital security for journalists in one slide
Use real passwords + 2 step login. Recognize phishing. Encrypt your devices. Know
what social media reveals.
Use threat modeling to make a plan for your story. Know what you are protecting from
whom. Integrate digital with physical, legal, operational security.
Avoid email. Use iMessage, WhatsApp, or Signal. Give sources a secure channel
from the start.
Source anonymity requires extensive planning, both online and offline.
Know exactly what data is sensitive, how many copies there are, and where.
91. Some resources
Committee to Protect Journalists information security guide
http://www.cpj.org/reports/2012/04/information-security.php
Threat modeling in detail
https://source.opennews.org/en-US/learning/security-journalists-part-two-threat-modeling/
Digital Security and Source Protection for Journalists
http://susanemcgregor.com/digital-security/