SlideShare a Scribd company logo
Manageyourprivacy
Andsecurityonline
Manage your privacy and security online
Metadata
Matters
For users and devs
Manage your privacy and security online
Manage your privacy and security online
Manage your privacy and security online
« If you think technology can solve your security
problems, then you don’t understand the problems
and you don’t understand the technology »
(Bruce Schneier)
Whattoprotect?
●
What is your problem/threat ?
●
What do you want to protect ?
●
How can the opponent/threat reach you ?
●
What happens if you fail to protect ?
●
Rationalise risks
Humansecurity101
Humansecurity101
●
Use a password manager (KeepassX or LastPass)
Manage your privacy and security online
Humansecurity101
●
Use a password manager (KeepassX or LastPass)
●
Think how and what you publish online
●
Deactivate geolocalisation & activate full-disk
encryption (just a button to toggle)
●
Use HTTPS everywhere (it’s also a plugin for your
browser)
●
Block ads and cookies ( Block Origin + Self-Destrucµ
cookies)
Manage your privacy and security online
Humansecurity101
●
Use a password manager (KeepassX or LastPass)
●
Think how and what you publish online
●
Deactivate geolocalisation
●
Use HTTPS everywhere (it’s also a plugin for your
browser)
●
Block ads and cookies ( Block Origin + Self-Destrucµ
cookies)
●
Use open-source software (Firefox, VLC...)
security101(fordevs)
●
Encrypt everywhere, every time, the data you store and
handle (use Let’s encrypt to have HTTPS on your
website)
●
Minimize the data (a simple notepad app doesn’t need
my contacts permission)
●
Privacy by design: Data is not a resource, data is people.
You are responsible for your users’ privacy (careful with
CDN, 3rd-party dependencies, centralised platforms,
social trackers)
Manage your privacy and security online
Manage your privacy and security online
Manage your privacy and security online
security101(fordevs)
●
Encrypt everywhere, every time, the data you store and
handle (use Let’s encrypt to have HTTPS on your
website for free) –> Privacy + GDPR
●
Minimize the data (a simple notepad app doesn’t need
contacts permission) –> Data Surface
●
Privacy by design: Data is not a resource, data is people.
You are responsible for your users’ privacy (careful with
CDN, 3rd-party dependencies, centralised platforms,
social trackers)
Encryptionmatters
●
For users :
– Secure chat : Signal
– Secure web browsing : Tor
●
For devs :
– Use tested and open protocols : Signal, GPG, OMEMO...
– Provide and use open-source and decentralised services
(aka don’t trust Google)
31/10/2017
Use
decentralised,
encryptedand
open-source
software.
Discussion&Sources
●
How your innocent smartphone passes on almost your entire life to the secret
service :
https://www.bof.nl/2014/07/30/how-your-innocent-smartphone-passes-on-almost-your-
entire-life-to-the-secret-service/
●
Everything is Broken – Quinn Norton :
https://medium.com/message/everything-is-broken-81e5f33a24e1
●
Me and my shadow : http://myshadow.org
●
Our dataselves : https://ourdataourselves.tacticaltech.org/
●
Databreaches Dataviz :
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches
-hacks/
●
We’re building a dystopia to make people click on ads – Zeynep Tufekci (TedGlobal)
●
Movies : Citizen Four, Nothing to Hide
Tutos101
●
Security Self Defense guide : https://ssd.eff.org
●
Password Managers for Beginners :
https://medium.com/@mshelton/password-managers-
for-beginners-d1f49866f80f
●
How to Lose Friends and Anger Journalists with
PGP :
https://medium.com/@mshelton/how-to-lose-friends
-and-anger-journalists-with-pgp-b5b6d078a315
●
Looking away from Google? https://framasoft.org/
Discussion&sources(advanced)
●
Bruce Schneier’s blog: https://www.schneier.com/
●
The Tor project: http://torproject.org/
●
The Anonymous Incognito Live System (tails):
https://tails.boum.org/
●
A DIY Guide to Feminist Cybersecurity:
https://hackblossom.org/cybersecurity/
●
Follow conferences : DEFCON, CCC, BlackHat, Fosdem...
Finally
●
Mass surveillance as a service & attention as a
product
●
What is the price to pay for security? What is the
price to pay for people to click on ads?
●
Alternatives exist
●
Nothing to hide?
Thanks <3
(don’t be too paranoïd, a little is
enough)

More Related Content

Similar to Manage your privacy and security online

Computer Security For Activists & Everyone (Oct 2018)
Computer Security For Activists & Everyone (Oct 2018)Computer Security For Activists & Everyone (Oct 2018)
Computer Security For Activists & Everyone (Oct 2018)
Kit O'Connell
 
Blockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseBlockade.io : One Click Browser Defense
Blockade.io : One Click Browser Defense
RiskIQ, Inc.
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
DallasHaselhorst
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0
DallasHaselhorst
 
Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,
Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,
Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,
Sigma Software
 
Understanding and implementing website security
Understanding and implementing website securityUnderstanding and implementing website security
Understanding and implementing website security
Drew Gorton
 
Privacy preserving machine learning
Privacy preserving machine learningPrivacy preserving machine learning
Privacy preserving machine learning
Michał Kuźba
 
Cyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionCyber Security & User's Privacy Invasion
Cyber Security & User's Privacy Invasion
Isaiah Edem
 
International Cooperative: APT Hunting
International Cooperative: APT HuntingInternational Cooperative: APT Hunting
International Cooperative: APT Hunting
Joshua Lawton, MBA
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyers
darrentthurston
 
CodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsCodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallows
Ron Munitz
 
Impacts of ICT on social effects
Impacts of ICT on social effectsImpacts of ICT on social effects
Impacts of ICT on social effects
Nandhini Sathiyanarayanan
 
Cryptoparty v1
Cryptoparty v1Cryptoparty v1
Cryptoparty v1
Surendran Balachandran
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security Introduction
GLC Networks
 
Appsec usa roberthansen
Appsec usa roberthansenAppsec usa roberthansen
Appsec usa roberthansen
drewz lin
 
Assessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber securityAssessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber security
Aladdin Dandis
 
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
ThreatReel Podcast
 
Cassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache CassandraCassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache Cassandra
Anant Corporation
 
Break Up the Monolith- Testing Microservices by Marcus Merrell
Break Up the Monolith- Testing Microservices by Marcus MerrellBreak Up the Monolith- Testing Microservices by Marcus Merrell
Break Up the Monolith- Testing Microservices by Marcus Merrell
Sauce Labs
 
Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08
DallasHaselhorst
 

Similar to Manage your privacy and security online (20)

Computer Security For Activists & Everyone (Oct 2018)
Computer Security For Activists & Everyone (Oct 2018)Computer Security For Activists & Everyone (Oct 2018)
Computer Security For Activists & Everyone (Oct 2018)
 
Blockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseBlockade.io : One Click Browser Defense
Blockade.io : One Click Browser Defense
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0
 
Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,
Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,
Байки із пожежного депо або як працює Big Data в Sigma Software, Денис Пишьєв,
 
Understanding and implementing website security
Understanding and implementing website securityUnderstanding and implementing website security
Understanding and implementing website security
 
Privacy preserving machine learning
Privacy preserving machine learningPrivacy preserving machine learning
Privacy preserving machine learning
 
Cyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionCyber Security & User's Privacy Invasion
Cyber Security & User's Privacy Invasion
 
International Cooperative: APT Hunting
International Cooperative: APT HuntingInternational Cooperative: APT Hunting
International Cooperative: APT Hunting
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyers
 
CodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsCodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallows
 
Impacts of ICT on social effects
Impacts of ICT on social effectsImpacts of ICT on social effects
Impacts of ICT on social effects
 
Cryptoparty v1
Cryptoparty v1Cryptoparty v1
Cryptoparty v1
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security Introduction
 
Appsec usa roberthansen
Appsec usa roberthansenAppsec usa roberthansen
Appsec usa roberthansen
 
Assessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber securityAssessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber security
 
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
(ISC)2 Cincinnati Tri-State Chapter: Phishing Forensics - Is it just suspicio...
 
Cassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache CassandraCassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache Cassandra
 
Break Up the Monolith- Testing Microservices by Marcus Merrell
Break Up the Monolith- Testing Microservices by Marcus MerrellBreak Up the Monolith- Testing Microservices by Marcus Merrell
Break Up the Monolith- Testing Microservices by Marcus Merrell
 
Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08Cybersecurity Awareness Training Presentation v2021.08
Cybersecurity Awareness Training Presentation v2021.08
 

Recently uploaded

Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docxBitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
SFC Today
 
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
shamrisumri
 
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECTUse of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
Edward Blurock
 
Week 1 - Pendidikan Pancasila - Gr 1.docx
Week 1 - Pendidikan Pancasila - Gr 1.docxWeek 1 - Pendidikan Pancasila - Gr 1.docx
Week 1 - Pendidikan Pancasila - Gr 1.docx
JunaManroe1
 
DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33
APNIC
 
optimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluationoptimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluation
ManojKumarr75
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
ashishkumarrana9
 
Enhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfedEnhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfed
Bangladesh Network Operators Group
 
Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18
Bangladesh Network Operators Group
 
Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...
Edward Blurock
 
How-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdf
How-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdfHow-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdf
How-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdf
Dolphin Data Lab
 
Top 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docxTop 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docx
analyticsinsightmaga
 
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdfTop 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
Krishna L
 
IPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security ConsiderationsIPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security Considerations
Bangladesh Network Operators Group
 
Network Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptxNetwork Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptx
Infotainmentforall
 
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
samyanvichadda
 
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
shamrisumri
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
mahigarg2024#G05
 
Understanding Threat Intelligence | What is Threat Intelligence
Understanding Threat Intelligence | What is Threat IntelligenceUnderstanding Threat Intelligence | What is Threat Intelligence
Understanding Threat Intelligence | What is Threat Intelligence
Lumiverse Solutions Pvt Ltd
 
Open Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using GraylogOpen Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using Graylog
Bangladesh Network Operators Group
 

Recently uploaded (20)

Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docxBitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
 
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
 
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECTUse of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
 
Week 1 - Pendidikan Pancasila - Gr 1.docx
Week 1 - Pendidikan Pancasila - Gr 1.docxWeek 1 - Pendidikan Pancasila - Gr 1.docx
Week 1 - Pendidikan Pancasila - Gr 1.docx
 
DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33
 
optimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluationoptimized green synthesis characterization and evaluation
optimized green synthesis characterization and evaluation
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
 
Enhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfedEnhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfed
 
Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18
 
Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...
 
How-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdf
How-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdfHow-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdf
How-to-Diagnose-Hard-Drives-by-DFL-DDP-2024.pdf
 
Top 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docxTop 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docx
 
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdfTop 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
 
IPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security ConsiderationsIPv6 Deployment Planning and Security Considerations
IPv6 Deployment Planning and Security Considerations
 
Network Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptxNetwork Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptx
 
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
Vip Girls Call ServiCe Chennai X00XXX00XX Tanisha Best High Class Chennai Ava...
 
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
 
Understanding Threat Intelligence | What is Threat Intelligence
Understanding Threat Intelligence | What is Threat IntelligenceUnderstanding Threat Intelligence | What is Threat Intelligence
Understanding Threat Intelligence | What is Threat Intelligence
 
Open Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using GraylogOpen Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using Graylog
 

Manage your privacy and security online

  • 7. « If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology » (Bruce Schneier)
  • 8. Whattoprotect? ● What is your problem/threat ? ● What do you want to protect ? ● How can the opponent/threat reach you ? ● What happens if you fail to protect ? ● Rationalise risks
  • 10. Humansecurity101 ● Use a password manager (KeepassX or LastPass)
  • 12. Humansecurity101 ● Use a password manager (KeepassX or LastPass) ● Think how and what you publish online ● Deactivate geolocalisation & activate full-disk encryption (just a button to toggle) ● Use HTTPS everywhere (it’s also a plugin for your browser) ● Block ads and cookies ( Block Origin + Self-Destrucµ cookies)
  • 14. Humansecurity101 ● Use a password manager (KeepassX or LastPass) ● Think how and what you publish online ● Deactivate geolocalisation ● Use HTTPS everywhere (it’s also a plugin for your browser) ● Block ads and cookies ( Block Origin + Self-Destrucµ cookies) ● Use open-source software (Firefox, VLC...)
  • 15. security101(fordevs) ● Encrypt everywhere, every time, the data you store and handle (use Let’s encrypt to have HTTPS on your website) ● Minimize the data (a simple notepad app doesn’t need my contacts permission) ● Privacy by design: Data is not a resource, data is people. You are responsible for your users’ privacy (careful with CDN, 3rd-party dependencies, centralised platforms, social trackers)
  • 19. security101(fordevs) ● Encrypt everywhere, every time, the data you store and handle (use Let’s encrypt to have HTTPS on your website for free) –> Privacy + GDPR ● Minimize the data (a simple notepad app doesn’t need contacts permission) –> Data Surface ● Privacy by design: Data is not a resource, data is people. You are responsible for your users’ privacy (careful with CDN, 3rd-party dependencies, centralised platforms, social trackers)
  • 20. Encryptionmatters ● For users : – Secure chat : Signal – Secure web browsing : Tor ● For devs : – Use tested and open protocols : Signal, GPG, OMEMO... – Provide and use open-source and decentralised services (aka don’t trust Google)
  • 23. Discussion&Sources ● How your innocent smartphone passes on almost your entire life to the secret service : https://www.bof.nl/2014/07/30/how-your-innocent-smartphone-passes-on-almost-your- entire-life-to-the-secret-service/ ● Everything is Broken – Quinn Norton : https://medium.com/message/everything-is-broken-81e5f33a24e1 ● Me and my shadow : http://myshadow.org ● Our dataselves : https://ourdataourselves.tacticaltech.org/ ● Databreaches Dataviz : http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches -hacks/ ● We’re building a dystopia to make people click on ads – Zeynep Tufekci (TedGlobal) ● Movies : Citizen Four, Nothing to Hide
  • 24. Tutos101 ● Security Self Defense guide : https://ssd.eff.org ● Password Managers for Beginners : https://medium.com/@mshelton/password-managers- for-beginners-d1f49866f80f ● How to Lose Friends and Anger Journalists with PGP : https://medium.com/@mshelton/how-to-lose-friends -and-anger-journalists-with-pgp-b5b6d078a315 ● Looking away from Google? https://framasoft.org/
  • 25. Discussion&sources(advanced) ● Bruce Schneier’s blog: https://www.schneier.com/ ● The Tor project: http://torproject.org/ ● The Anonymous Incognito Live System (tails): https://tails.boum.org/ ● A DIY Guide to Feminist Cybersecurity: https://hackblossom.org/cybersecurity/ ● Follow conferences : DEFCON, CCC, BlackHat, Fosdem...
  • 26. Finally ● Mass surveillance as a service & attention as a product ● What is the price to pay for security? What is the price to pay for people to click on ads? ● Alternatives exist ● Nothing to hide?
  • 27. Thanks <3 (don’t be too paranoïd, a little is enough)