Digital Self Defense


Uploaded by ritetcvideos on 20.09.2012

Transcript:
>> CHRIS TARANTINO: I AM A LITTLE INTIMIDATED ABOUT THIS
SIDE OF THE AUDITORIUM.
GOOD EVENING GUYS, HOW ARE YOU DOING TODAY?
WHOA, WHOA, NO, NO, NO, I JUST HEARD A REALLY LOUD SCREAM FROM
THIS SIDE OF THE CROWD.
HOW ARE YOU ALL DOING TODAY (SCREAMS).
YOU HAD ME NERVOUS, ALL RIGHT.
MY NAME IS CHRIS TARANTINO, I'M A FOURTH YEAR MARKETING MAJOR
CURRENTLY WORKING FOR THE INFORMATION SECURITY OFFICE HERE
AT RIT.
AND AT THE RISK OF BEING CRUCIFIED BY MY BOSS WHO'S
SITTING RIGHT OVER THERE, I'M TAKING A PICTURE OF YOU ALL.
CAN I GET THE HOUSE LIGHTS UP?
IS THAT THE BEST POSE YOU GUYS GOT?
COME ON, GIVE ME A POSE.
THERE WE GO.
PERFECT.
[LAUGHTER] I CAN SEE THEM GRIMACING OVER THERE.
SO THIS IS THE DIGITAL SELF-DEFENSE WORKSHOP.
WE'RE GOING TO KEEP IT NICE AND RELAXED.
WELL, I'M GOING TO BE RELAXED.
THESE GUYS WILL BE SUBJECTED TO THE WORSE KIND OF TORTURE KNOWN
TO MAN CALLED A LIGHTENING TALK.
IN THE NEXT SIX MINUTES OF THEIR 2 PRESENTATIONS WILL CHANGE YOUR
LIFE.
TO MY LEFT I HAVE A PANEL OF EXPERTS.
MY BOSS, BEN WOELK.
HE'S A POLICY AND AWARENESS ANALYSIST IN THE RIT SECURITY
OFFICE.
HIS BOSS JON MAUER, THE INFORMATION SECURITY OFFICER.
AND HANNAH MORGAN, JOB SEARCH, CAREER AND SOCIAL MEDIA
STRATEGIST FOR CAREERSHERPA.COM.
ALSO WE HAVE DAWN, SOUFLERIS THE ASSISTANT VP-- OUR HEAD T
STUDENT AFFAIRS.
AND NICK FRANCESCO MANAGER OF TECHNICAL SERVICES AT THE
COLLEGE OF BUSINESS, THE BEST COLLEGE.
I'M NOT BIASED AT ALL.
SO TODAY WE'RE GOING TO HAVE A NICE RELAXED FORMAT CALLED
LIGHTENING TALK.
THE TALKS ARE SHORT PRESENTATIONS LASTING SIX
MINUTES LONG BECAUSE WE KNOW THAT YOU HAVE DINNER AFTER THIS.
LET'S BE REAL.
AND YOU WANT TO GET OUT OF HERE.
SO WE'RE GOING TO BE RIGHT AND TO THE POINT.
AND THE TALKS WILL PROGRESS EVERY 18 SECONDS.
THIS IS WHAT 18 SECONDS LOOKS LIKE.
IT'S VERY FAST.
AND EVEN THOUGH RIGHT NOW IT DOESN'T SEEM LIKE IT, WHEN
YOU'RE TRYING TO CATCH UP FROM THE SLIDE BEFORE AND GET READY
TO PRESENT THE SLIDE AFTER, IT REALLY DOES HAVE A LITTLE BIT OF
A STRESS FACTOR TO IT THAT THESE GUYS ARE GOING TO BE SWEATING
EVEN MORE THAN THE HOUSE LIGHTS ARE MAKING THEM.
ARE YOU GUYS READY?
ARE YOU READY?
(CHEERING).
>> OUR FIRST EXPERT IS GOING TO BE GIVING THE FIRST SIX-MINUTE
LIGHTENING TALK ON ROLLER COASTER RIDE OF HER LIFE.
OH AND BY THE WAY I FORGOT THE MENTION, THEY DON'T EVEN KNOW
THE ORDER THAT THEY'RE GOING IN.
SO THEY'RE SITTING UP HERE SHAKING.
[LAUGHTER] NO? NOT SHAKING?
OUR FIRST EXPERT IS HANNA MORGAN.
GIVE HER A ROUND OF APPLAUSE.
HANNAH.
[APPLAUSE.] ARE YOU READY?
I'M GOING TO HIT THE BUTTON AND IT'S GOING TO GO.
>> HANNAH MORGAN: ALL RIGHT, I'M READY.
WHO'S READY OUT THERE? ARE YOU GUYS READY?
ALL RIGHT, I'M READY, I'M READY.
I'M READY.
>> SO MY NAME IS HANNAH MORGAN AND I AM CAREER SHEPA.
WHAT I DO IS HELP PEOPLE FIND WORK BETTER.
I KNOW THAT SEEMS A LONG TIME AWAY BUT IT WILL BE HERE BEFORE
YOU KNOW IT.
WHAT I WANT TO TALK TO YOU ABOUT IS BUILD AGRICULTURE ONLINE
PRESENCE.
DO YOU KNOW WHAT THAT IS?
THAT'S MANAGING WHAT YOU'RE PUTTING OUT THERE ONLINE.
SO, WHEN WE GET STARTED AND WE THINK ABOUT THIS, THERE IS A
STORY ABOUT A BOY BY THE NAME OF PETE KISTLER.
HE FOUND THAT HE SHARED THE NAME WITH ANOTHER PETE KISTLER.
THIS OTHER HAPPENED TO BE A DRUG DEALER.
SO WHEN EMPLOYERS WERE GOOGLING PETE AFTER HE GRADUATED FROM
COLLEGE, WHAT THEY WERE FINDING WAS THE WRONG PETE KISTLER.
BUT THAT'S NOT THE ONLY DUMB MISTAKE PEOPLE HAVE MADE.
CISCO FATTY PUT OUT IN A VERY PUBLIC FORUM VIA TWITTER THAT
SHE HAD TO MAKE A CHOICE BETWEEN A BIG FAT PAYCHECK AND GOING TO
A JOB SHE HATED.
CISCO RESCINDED THE OFFER.
SO WE HAVE TO REALIZE THAT WHAT WE'RE PUTTING OUT THERE IN A
PUBLIC FORUM IS VERY PUBLIC.
PHOTOS ARE ALSO VERY PUBLIC.
AND SO WHEN WE THINK ABOUT THINGS THAT WE'RE TAGGED IN ON
FACEBOOK OR PHOTOS WE PUT OUT THERE, EVERY SINGLE ONE OF THOSE
PHOTOS CREATES AN IMAGE OF WHAT YOU ARE AND WHO YOU ARE.
SO WE WANT TO BE SORT OF MINDFUL OF THAT.
HERE'S A LITTLE QUIZ FOR YOU GETTING INTO THE SPIRIT OF
SCHOOL.
86 PERCENT.
IS THAT A GOOD GRADE?
STUDENTS WHO CHANGE MAJORS, EMPLOYERS SEARCHING FOR
CANDIDATES ONLINE OR ALL OF THE ABOVE?
THE ANSWER IS C.
86 PERCENT OF EMPLOYERS ARE SEARCHING CANDIDATES ONLINE TO
SEE WHAT THEY CAN FIND.
SO MY GOAL TODAY IS TO HELP YOU UNDERSTAND THAT YOU ARE IN
CONTROL OF WHAT YOUR DIGITAL FOOTPRINT LOOKS LIKE.
YOU HAVE A GREAT OPPORTUNITY TO MAKE THAT FOOTPRINT COME ACROSS
THE WAY YOU WANT TO BE PERCEIVED.
SO YOUR HOMEWORK TONIGHT.
OH, YOU DIDN'T KNOW YOU HAD HOMEWORK?
YOUR HOMEWORK TONIGHT IS TO GO HOME AND GOOGLE YOURSELF AND
FIND OUT WHAT COMES UP ON PAGE 1.
BECAUSE TODAY IT BECOMES VERY IMPORTANT TO CONTROL WHAT'S
BEING PUT OUT THERE ABOUT YOU.
AND YOUR GOAL IS TO GET THAT RANKING ON PAGE 1 FOR THE RIGHT
INFORMATION THE GOOD INFORMATION 5 ABOUT EACH AND EVERY ONE OF
YOU ,AND YOU MAY THINK THERE'S NOT A LOT OUT THERE, BUT THERE
ALREADY IS INFORMATION OUT THERE.
WWW.YOURNAME.COM.
HOW MANY OF YOU OWN IT?
GREAT INVESTMENT.
YOU WILL ALWAYS OWN YOUR DIGITAL TERRAIN.
IT'S YOURS.
NOBODY CAN TAKE THAT AWAY FROM YOU.
AND SO WHEN YOU THINK ABOUT THE GREATEST SECURITY FOR YOUR
ONLINE IDENTITY, HAVING THAT WWW IS A GREAT WAY.
HAVING SOCIAL PROFILES AND SPECIFICALLY A GOOGLE PROFILE IS
ANOTHER GREAT WAY FOR YOU TO HAVE THE RIGHT DIGITAL DIRT.
YOU CONTROL THAT.
YOU OWN THAT.
AND SO THINK ABOUT THE POTENTIAL FOR OTHER SOCIAL MEDIA PLATFORMS
YOU MAY NOT BE USING YET BUT MAY WANT TO USE.
START CLAIMING THEM TODAY.
THE OTHER THING THAT I WANT YOU ALL TO THINK SERIOUSLY ABOUT AND
START CONSIDERING TODAY IS BUILDING A PRESENCE ON LINKEDIN,
THE PROFESSIONAL NETWORKING SITE.
MORE AND MORE EMPLOYERS ARE GOING THERE TO FIND THEIR NEXT
HIRE, AND IT'S A GREAT OPPORTUNITY FOR YOU TO BUILD A
PORTFOLIO AND HAVE DISCUSSIONS WITH PEOPLE WHO ARE IN YOUR
PROFESSION AS YOU MOVE FORWARD DURING YOUR CAREER.
THE MESSAGING THAT YOU'RE PUTTING OUT THERE COULD EITHER
BE VANILLA OR IT COULD BE A BANANA SPLIT WITH WHIP CREAM AND
A CHERRY ON TOP.
I THINK YOU WANT TO BE KNOWN AS DISTINCTLY AND UNIQUELY YOU.
SO START THINKING ABOUT WHAT THAT MESSAGE WILL BE AND HOW YOU
WANT TO BE PERCEIVED.
THE GREAT OPPORTUNITIES TODAY TO CREATE INFO GRAPHICS THAT NOT
ONLY SHOW AND TELL WHAT YOU'RE GOOD AT DOING.
SO THINK ABOUT SOME OF THE TOOLS THAT ARE OUT THERE THAT CAN SHOW
YOUR EXPERIENCE AND YOUR BACKGROUND AND YOUR EDUCATION
AND THE PROJECTS THAT YOU'VE BEEN WORKING ON.
THEY'RE ALSO WHAT WE CALL SPLASH PAGES THAT ALLOWED YOU, AT A
GLANCE, GLIMPSE, SHOW WHERE YOU ARE ONLINE.
THE DIFFERENT PRESENCES, THE DIFFERENT TOOLS THAT YOU'RE
USING.
IT'S, AGAIN, ANOTHER WAY FOR YOU TO BUILD THAT DIGITAL DIRT, THE
RIGHT DIGITAL DIRT, TO HELP YOU IN THE LONG RUN.
NOW THERE'S ALSO THE OPPORTUNITY TO SHARE AND CURATE INFORMATION
THAT YOU'RE COLLECTING.
YOU'RE GOING TO BE SPECIALIZING IN DIFFERENT THINGS.
AND YOU'RE GOING TO COME ACROSS INTERESTING ARTICLES ACROSS THE
INTERNET.
AND YOU WANT TO BE KNOWN AS SOMEBODY WHO CAN AND DOES SPEAK
INTELLIGENTLY ON THESE TOPICS.
CONSIDER CREATING YOUR OWN VIRTUAL NEWSPAPER AND SPREADING
THE WORD ABOUT WHAT YOU KNOW.
GET PEOPLE TO FOLLOW YOU.
YOUR GOAL ULTIMATELY, THE SILVER BULLET AND THE BLUE RIBBON, IS
TO GET FIRST PAGE RANKINGS.
YOU WANT YOUR CONTENT AND THE RIGHT CONTENT ABOUT YOU TO BE ON
PAGE 1 OF GOOGLE SEARCH.
SO THAT'S YOUR CHALLENGE.
BUT I GET TO PASS ALONG SOME OTHER ADVICE TO YOU AND IT HAS
TO DO WITH FIXING WHAT MIGHT BE BROKEN.
THERE ARE TWO TOOLS AVAILABLE RIGHT NOW, AND I'M SURE NOW WILL
BE INVENTED AS WE MOVE FORWARD.
VISIBILITY IS ONE OF THEM BUT BRAND YOURSELF AS THE OTHER.
REMEMBER PETE KISLER?
HE FOUNDED BRAND YOURSELF AS A TOOL TO HELP PEOPLE MONITOR AND
CONTROL THEIR ONLINE PRESENCE.
BECAUSE HE REALIZED, FIRSTHAND, WHAT A TERRIBLE THING THAT WAS
TO HAVE TO MANAGE.
YOUR PARENTS DIDN'T GIVE YOU THIS ADVICE, BUT I'M GOING TO
GIVE YOU THIS ADVICE: GO GET WORK EXPERIENCE TODAY.
DON'T WAIT UNTIL YOUR JUNIOR OR SENIOR YEAR.
GET IT NOW.
I DON'T CARE IF IT'S A CO-OP, INTERNSHIP, OFF CAMPUS
EXPERIENCE.
EMPLOYERS WANT STUDENTS WITH WORK EXPERIENCE.
THE SECOND THING YOUR PARENTS DIDN'T TELL YOU OR MAY NOT HAVE
TOLD YOU IS TO GET INVOLVED IN CAMPUS BECAUSE IT GIVES YOU AN
OPPORTUNITY TO DEVELOP COMMUNICATION SKILLS, LEADERSHIP
SKILLS AND DEVELOP A WORK ETHIC ALL OF ITSELF.
SO PLEASE GET YOURSELVES INVOLVED IN CAMPUS ACTIVITIES.
THE OTHER THING THAT YOU CAN DO IS TO START CONNECTING WITH
THOSE PEOPLE THAT YOU MEET VIA LINKED IN NOW.
DON'T AGAIN NOW UNTIL YOUR SENIOR YEAR, JUNIOR YEAR TO
START BUILDING THESE RELATIONSHIPS AND CONNECTING
WITH THEM ON LINKEDIN.
SO YOU HAVE THE OPPORTUNITY TO CONTINUE TO WORK WITH THEM EVEN
AFTER YOU'RE DONE WITH SCHOOL.
YOU'LL NEED THOSE RELATIONSHIPS.
RIGHT NOW, ONLY 86 PERCENT OF EMPLOYERS ARE LOOKING FOR YOU
ONLINE.
I CAN PRETTY MUCH GUARANTEE YOU THIS: FOUR YEARS, THE WORLD
WILL BE VERY DIFFERENT.
WHEN YOU GRADUATE, AND I'M PRETTY SURE THAT ALMOST 100
PERCENT OF EMPLOYERS WILL BE LOOKING TO SEE WHAT THEY CAN
FIND OUT ABOUT YOU ONLINE.
YOU HAVE THE OPPORTUNITY NOW BECAUSE YOU'VE BEEN FOREWARNED
TO MAKE THOSE CHANGES AND TO START BUILDING THE RIGHT CONTENT
ONLINE.
SO I WANT TO WISH YOU WELL IN THE NEXT FOUR YEARS.
THIS IS A GREAT OPPORTUNITY.
RIT'S A GREAT SCHOOL.
AND YOU'LL HAVE THE OPPORTUNITY TO BUILD THIS REPUTATION ONLINE
THAT WILL CARRY FORWARD FOR YOU AND HELP YOU SECURE YOUR NEXT
GREAT JOB AFTER SCHOOL.
THANK YOU SO MUCH.
[APPLAUSE.]
>> CHRIS TARANTINO: WOW, NOT BAD FOR SIX MINUTES, RIGHT?
VERY COOL AND COLLECTED.
I THINK THAT WAS PRETTY GOOD.
WHAT DO YOU GUYS THINK?
(CHEERS). YEAH.
IT'S LIKE DRINKING IF A FIRE HOSE, ISN'T IT?
THERE'S JUST A TON OF INFORMATION BUT WE DIDN'T WANT
TO WASTE YOUR TIME AND I WILL NOT WASTE YOURS ANY FURTHER.
SO OUR NECKS EXPERT -- NEXT EXPERT, ARE YOU GUYS READY?
[LAUGHTER] EVERYONE IS LIKE NO.
ARE YOU GUYS READY?
(CHEERS).
GOOD.
OUR NEXT EXPERT IS DAWN.
[APPLAUSE.]
>> DAWN: THIS LIKE A GAME SHOW.
I'M READY.
>> ALL RIGHT.
JUST VERY QUICKLY.
HOW MANY PEOPLE HAVE DOWNLOADED MUSIC, MOVIES OR ANYTHING SINCE
YOU'VE BEEN HERE AT RIT?
I SEE YOU'RE NOT ALL TELLING THE TRUTH.
I SEE SOME HANDS.
WELL I WILL TALK TO YOU ABOUT COPYRIGHT AND FILE SHARING.
IT'S VERY IMPORTANT YOU KNOW SOME THINGS WHILE YOU'RE AT RIT
BECAUSE RIT IS A HOT BED FOR THE RECORDING INDUSTRY AND OTHER
FOLKS FOR LOOKING FOR ILLEGAL COPYRIGHT.
FILE SHARING IS A TYPE OF VIOLATION ABOUT TEXT, PHOTO,
GRAPHICS, YOU NAME IT, IF IT'S COPYRIGHTED, YOU NEED TO MAKE
SURE THAT YOU HAVE RIGHTS TO THAT COPYRIGHT.
IF YOU ARE INTERESTED, THERE IS A STUDENT GUIDE OVER IN THE
LIBRARY THAT YOU CAN GET OUT TO READ AND LOOK AT.
THE RECORDING INDUSTRY OF AMERICA HAS REALLY TARGETED
COLLEGES ACROSS THE COUNTRY INCLUDING RIT.
WE ARE IN A TOP TEN GROUP, SOME FOR ACADEMICS, BUT THIS TOP TEN
SAYS WE HAVE SOME OF THE WORSE ILLEGAL FILE SHARING THAT GOES
ON ON A CAMPUS.
I KNOW.
[APPLAUSE.]
>> HERE'S THE TOUGH PART, THOUGH.
MANY STUDENTS HERE HAVE HAD TO GO HOME BECAUSE THEY CANNOT
AFFORD TO PAY THE RECORDING INDUSTRY WHAT THEY'RE SUED FOR.
SOME OF OUR STUDENTS GET EARLY SETTLE MANY LETTERS SAYING THEY
CAN SETTLE OUT OF COURT WITH THE RECORDING INDUSTRY.
IT'S ABOUT $3,000.
WHEN THEY'LL SAY DO THAT BECAUSE 10 THE COTS OF HIRING AN
ATTORNEY TO HELP YOU WITH THIS COSTS MORE THAN THE SETTLEMENT
AMOUNT.
THEY ARE LOOKING AT YOU.
THEY ARE LOOKING AT WHAT YOU DO AS A STUDENT AT RIT BECAUSE WE
ARE A HOT BED.
IT'S NO JOKE.
ONE OF THE THINGS THAT WE HAVE SEEN IS THAT WE'VE HAD IN THE
LAST YEAR 1150 NOTICES SAYING THAT OUR STUDENTS HAVE BEEN
COPYRIGHT -- HAVE COPYRIGHT INFRINGEMENT.
34 OF THOSE STUDENTS GOT THAT SETTLEMENT LETTERS AND HAD TO
PAY $3,000.
15 SUBPOENAS WHERE WE HAD TO GIVE INFORMATION OVER.
WE WON'T GIVE A NAME UNLESS WE'RE SUBPOENAED.
WE GET 50 TO 75 NOTICES A WEEK.
THAT'S ABOUT 500 PERCENT UP FROM A FEW YEARS AGO.
THAT'S HUGE.
WE DON'T GIVE YOUR INFORMATION TO THEM UNLESS THEY SUBPOENA US.
AND IF THEY DO, WE BUY LAW HAVE TO TURN OVER YOUR NAME AND
ADDRESS.
THE FIRST TIME WE GET A NOTICE ABOUT YOU, WE'LL GET YOUR IP
ADDRESS.
WE'RE GOING TO CONTACT YOU.
WE'RE GOING TO HOLD YOUR ABILITY TO USE THE NETWORK AND WE'RE
GOING TO MAKE YOU LOOK OVER THE POLICY AND SIGN IT.
DO YOU KNOW WHAT?
15 MINUTES, NOT SO BAD.
YOU CAN'T DO WORK DURING THOSE 15 MINUTES.
BUT WHAT HAPPENS IS IF YOU GET A SECOND NOTICE OR A THIRD NOTICE,
IT GETS WORSE.
A SECOND NOTICE, WE'RE GOING TO TURN YOU OFF AND YOU CAN'T USE
ANY OF OUR NETWORK FOR AN HOUR.
YOU'RE GOING TO HAVE TO RE-READ THE POLICY AND COME TO A CLASS
TO LEARN HOW NOT TO DO THIS.
WHAT REALLY GETS SERIOUS YOU GET A THIRD NOTICE.
IF YOU GET A THIRD NOTICE, WHAT HAPPENS IS YOU HAVE TO GO TO
STUDENT CONDUCT.
AND THE FOLKS AT STUDENT CONDUCT ARE GOING TO TELL YOU THAT YOU
MAY NOT BE ABLE TO STAY HERE AS A STUDENT IF YOU KEEP DOING
COPYRIGHT INFRINGEMENT.
WE'RE TALKING THAT GIVES YOU A DISCIPLINARY RECORD AT RIT, AND
THAT'S NOT SOMETHING YOU WANT TO HAVE.
WE WANT TO HELP YOU AVOID GETTING ANY OF THESE NOTICES.
I WANT TO TALK ABOUT THOMAS.
THOMAS WAS ACCUSED OF SHARING 1700 SONGS.
RECORDING INDUSTRY LOOKED TO GET $222,000 FROM HIM, WENT TO
TRIAL.
IT WENT UP TO A MILLION NINE FOR SONGS.
U.S. JUSTICE DEPARTMENT SAID THAT'S NOT EXCESSIVE.
THOMAS, YOU NEED TO PAY IT.
HE APPEALED, IT WENT DOWN TO $54,000.
NOW THE RECORDING INDUSTRY IS APPEALING THAT.
BUT THIS IS A STUDENT WHO NOW HAS TO PAY $54,000 CURRENTLY FOR
ALL THE SONGS THAT HE DOWNLOADED.
I DON'T THINK THAT'S WHAT YOU WANT TO DO.
SO WHAT WE WANT TO MAKE SURE IS IF YOU GET A COPYRIGHT
ENFORCEMENT LETTER, THEY'RE GOING TO ASK YOU TO SETTLE.
OR YOU CAN SEND IT TO AN ATTORNEY AND THAT ATTORNEY IS
GOING TO COST MONEY.
AND IT'S GOING TO TELL YOU VERY CLEARLY: THIS IS WHAT YOU DID.
JUST BY GETTING THAT DOESN'T MEAN YOU CAN GO AND ERASE IT
BECAUSE THEY'VE ALREADY TAKEN A SNAPSHOT.
THEY ALREADY KNOW.
AND YOU HAVE TO THINK WHAT ARE YOU GOING TO DO FIRST?
EXPLAIN TO YOUR FATHER THAT YOU OWE $54,000 OR $3,000 OR
GOING TO HAVE TO TELL YOUR PARENTS
OH IT WAS ALL ABOUT THE PORNOGRAPHY DVD I ILLEGALLY
DOWNLOADED.
THAT WOULD NOT BE A GOOD CONVERSATION WITH YOUR PARENTS.
I KNOW I WOULDN'T BE TOO HAPPY.
SO, YOU CAN'T DISTRIBUTE COPYRIGHT MATERIAL, EITHER.
SO IF YOU GET SONGS OFF OF ITUNES OR SOMETHING ELSE AND
MAKE YOURSELF A DVD, YOU'RE GOOD.
YOU MAKE ONE FOR SOMEBODY ELSE, THAT'S NOT SOMETHING THAT THE
RECORDING INDUSTRY OR THE MOTION PICTURE ASSOCIATION WANTS YOU TO
DO.
OKAY?
NOW, IF YOU HAVE WRITTEN -- WE HAVE SOME MUSICIANS OUT HERE,
PEOPLE WHO PLAY GUITAR, IF YOU WOULD LIKE TO COPYRIGHT YOUR OWN
MUSIC, YOU CAN DO THAT, GIVE YOUR OWN MUSIC AWAY.
BUT IF YOU'RE USING SOMEBODY ELSE'S MUSIC, IT'S FOR YOUR OWN
PERSONAL USE AND YOU CAN'T GIVE IT TO ANYBODY ELSE.
SO WE WANT TO MAKE SURE YOU ARE BEING LEGAL IN WHAT YOU LOOK AT
AND WHAT YOU LISTEN TO, OKAY?
SO WE'RE TELLING YOU RIGHT NOW.
IF YOU'VE COME WITH ILLEGAL MUSIC AND YOU'RE ON OUR RIT
SYSTEM.
YOU COME WITH MOVIES AND YOU'RE ON OUR NETWORK, GET RID OF IT.
WE DON'T WANT TO HEAR BECAUSE WE DON'T WANT YOU TO END UP LIKE
THOMAS BECAUSE THOMAS COULD NO LONGER GO TO SCHOOL BECAUSE OF
ALL THE MONEY THAT HE CURRENTLY OWES TO THE RECORDING INDUSTRY.
AND HERE'S WHAT WE'D LIKE YOU TO DO.
ITUNES, GOOGLE PLAYER, AMAZON, LOTS OF PLACES THAT YOU CAN
DOWNLOAD MUSIC AND MOVIES AND IT'S ALL GOOD.
THERE IS ACADEMIC SOFTWARE THAT YOU CAN EVEN GET TO GET FREE
ACADEMIC SUPPORT TOOLS THAT YOU DON'T HAVE TO PAY FOR.
CHECK WITH THE BOOKSTORE.
CHECK WITH YOUR DEPARTMENTS.
IF YOU GET ONE OF THOSE LETTERS OR CONTACTS FROM US, DON'T
DELETE THE FILE, THEY HAVE TAKEN A PICTURE OF IT.
AND HONESTLY IT'S NOT GOING TO HELP YOU.
THINK ABOUT STUDENT ADVICE.
STUDENT GOVERNMENT HAS A LAWYER YOU CAN GO TALK TO, BUT CRIMINAL
CHARGES MAY HAPPEN.
AND WE HAVE STUDENTS AT OTHER SCHOOLS JUST LIKE THIS POOR SOUL
WHO ENDED UP IN JAIL BECAUSE THEY COULDN'T PAY THE SETTLEMENT
FEES OR THEY COULDN'T PAY THE MONEY THAT THE COURTS TOLD THEM
FOR THE ILL LEGAL FILE SHARING.
DON'T LET THIS BE YOU.
BE SMART.
BUY YOUR MUSIC.
BUY YOUR MOVIES.
KEEP IT TO YOURSELF.
AND STAY ETHICAL.
THANK YOU.
[APPLAUSE.]
>> CHRIS: THANK YOU, DAWN.
VERY INFORMATIVE.
ARE YOU GUYS READY FOR OUR NEXT LIGHTENING TALK?
YEAH.
YOU ONLY GOT THREE MORE TO GO.
THIS ISN'T SO BAD.
I KNOW YOU GUYS HAVE BEEN TALKED TO DEATH ALL WEEK.
SO WE'RE GOING TO GET YOU GUYS TO DINNER RIGHT AFTER NICK
FRANCESCO GOES.
ARE YOU READY, NICK?
>> NICK: I WAS BORN READY.
>> CHRIS: THAT'S PRETTY GOOD.
>> NICK: GIVE THE WORD.
HERE I GO.
ALL RIGHT.
I WANT TO TALK ABOUT AVOIDING IDENTITY THEFT ONLINE.
MY NAME IS NICK FRANCESCO.
AS FAR AS YOU KNOW.
OH, I'VE BEEN ASKED TO TALK ABOUT HOW MY SLIDES ARE
DIFFERENT FROM EVERYBODY ELSE'S SLIDES.
I'M A REBEL.
I ALSO DIDN'T REALLY READ THE REQUIREMENTS, SO I ONLY HAVE
HALF AS MANY SLIDES AS EVERYBODY ELSE.
BUT THEY APPEAR TO BE GOING FAST, ANYWAY.
SO WHY DO YOU CARE?
YOU'RE THE PRIME AUDIENCE FOR IDENTITY THEFT.
YOU HAVE BRAND NEW CREDIT CARDS.
YOU HAVE BRAND NEW CREDIT RATINGS.
AND YOU'RE NOT PAYING ATTENTION.
HOW MANY OF YOU HAVE ACTUALLY LOOKED AT YOUR CREDIT CARD
STATEMENTS?
HALF OF YOU ARE LYING.
BUT YOU'RE THE PEOPLE THAT THEY WANT TO STEAL FROM BECAUSE YOU
DON'T PAY ATTENTION.
AND YOU HAVE MASSIVE AMOUNTS OF CREDIT BECAUSE YOU'RE NEW.
NOBODY'S GOING TO TELL YOU NO.
YOU DON'T HAVE BAD CREDIT.
SO YOU'RE THE PERSON WE REALLY WANT TO STEAL FROM.
SO WHO'S VULNERABLE?
WELL, YOU'RE VULNERABLE.
LOOK, THERE'S A STATISTIC.
ONE OUT OF EVERY THREE PEOPLE AT RIT WILL HAVE THEIR IDENTITIES
STOLEN BEFORE THEY LEAVE THIS PLACE.
SO LOOK TO YOUR LEFT.
LOOK TO YOUR RIGHT.
IF IT ISN'T THEM, IT'S YOU.
YEAH.
THAT'S NOT A JOKE.
HOW DO THEY GET YOUR IDENTITY?
MOSTLY THEY ASK FOR IT.
A LOT OF IT, YOU KNOW, IT'S NOT THEFT ONLINE ANYMORE.
NOW THEY'RE CALLING YOU UP AND ASKING YOU FOR YOUR INFORMATION.
"HI, I'M FROM STUDENT SERVICES AND I NEED YOUR USER NAME AND
PASSWORD" OH, OKAY, HERE IT IS.
BE VERY CAREFUL WHO YOU GIVE YOUR INFORMATION TO.
MOST OF THE TIME THEY ARE NOT LEGITIMATE.
SO PAY ATTENTION TO THE INFORMATION YOU'RE GIVING TO
PEOPLE.
AND, IN FACT, MOSTLY DON'T GIVE IT TO THEM.
THAT'S PRETTY SIMPLE.
IF THEY WANT YOUR INFORMATION, THAT'S IT.
SO HOW DO YOU STOP THEM?
WELL MOSTLY YOU STOP THEM BY NOT BEING DUMB.
EVERYBODY HAS PASSWORD HINTS.
MOST PEOPLE PICK SOMETHING THAT'S IMPORTANT TO THEM AND
THEN THEY TALK ABOUT THAT THING ON FACEBOOK.
SO IF YOU HAVE A QUESTION THAT IS: WHAT'S YOUR FAVORITE MOVIE?
THE ANSWER SHOULD BE: CHEVROLET.
WHAT WAS THE NAME OF MY FIRST DOG?
PURPLE.
DON'T PUT PERSONAL INFORMATION ON THE INTERNET.
PUT SOMETHING THAT'S SIMPLY NOT TRUE OUT THERE FOR THOSE SPECIAL
PASSWORDS.
AND IN TERMS MUCH PASSWORDS, USE DIFFERENT PASSWORDS FOR
DIFFERENT SITES.
OH, I KNOW WHAT YOU'RE ALL GOING TO SAY "BUT I'M TOO STUPID TO
REMEMBER DIFFERENT PASSWORDS.
I HAVE TO USE THE SAME PASSWORD FOR EVERYTHING.
NO, YOU DON'T.
YOU'RE SMART ENOUGH TO GET INTO RIT, YOU'RE SMART ENOUGH TO USE
DIFFERENT PASSWORDS.
USE THEM.
THE MORE DIFFERENT PASSWORDS YOU USE, THE SAFER YOU ARE.
THAT WAY IF THEY CRACK YOUR FACEBOOK PASSWORD, THEY DON'T
GET YOUR GOOGLE PLUS PASSWORD OR YOUR TWITTER PASSWORD OR YOUR
PASSWORD TO THIS NETWORK.
IN ADDITION, LONG PASSWORDS.
LONG PASS WORDS ARE MORE IMPORTANT THAN COMPLEX
PASSWORDS.
SO IF YOUR PASSWORD IS J43 LEFT ELBOW DOT, THAT'S NOT A GOOD
PASSWORD.
THIS IS A REALLY LONG PASSWORD PERIOD IS A GREAT PASSWORD.
"I'M TOO STUPID TO REMEMBER LONG PASSWORDS" NO YOU'RE NOT.
REMEMBER THIS.
IF YOU HAVE A FAVORITE SONG, IF YOU HAVE A FAVORITE MOVIE WITH
QUOTES IN IT, USE THOSE AS YOUR PASSWORD, NOT THE ONE YOU USE ON
YOUR FACEBOOK PAGE, BUT SOMETHING ELSE.
AND THOSE ARE THE LONG PASSWORDS YOU SHOULD USE.
TWO FACT AUTHENTICATION IS BECOMING MUCH MORE POPULAR NOW
DAYS.
GOOGLE DOES THIS A LOT.
SOMETHING YOU KNOW AND SOMETHING YOU HAVE.
SO YOU LOG ON TO GOOGLE AND IT SENDS A CODE TO YOUR PHONE,
WHICH YOU THEN ALSO HAVE TO TYPE IN TO GET IN.
THAT MEANS NOBODY'S GOING TO BE ABLE TO STEAL YOUR PASSWORD
BECAUSE THEY DON'T HAVE BOTH THE PASSWORD YOU TYPE IN AND YOUR
PHONE TO GET THE UNIQUE CODE TO IT.
SO WHENEVER YOU CAN, USE TWO FACTOR AUTHENTICATION AND YOU
WILL BE THAT MUCH SAFER.
PEOPLE WON'T BE ABLE TO STEAL YOUR IDENTITY.
WHICH IS THE POINT HERE.
IS THERE AN EASIER WAY?
NO.
IF THERE WERE, THIS WOULD HAVE BEEN A SIX-SECOND TALK.
THE REALITY IS, YOU HAVE TO BE CAREFUL EVERY TIME.
YOUR IDENTITY IS THE ONLY ONE YOU'RE EVER GOING TO HAVE.
KEEPING IT SAFE IS GOOD FOR YOU.
SO PAY ATTENTION.
YOU'RE ADULTS NOW.
DO THE RIGHT THING.
BE AN ADULT.
THANKS.
[APPLAUSE.]
>> IT'S NERVE-RACKING.
HE SKIPPED ONE SLIDE.
>> IT'S NOT AN IMPORTANT SLIDE.
>> WE'LL GIVE HIM A FREE PASS.
THANK YOU, NICK, I FEEL LIKE I WAS KICKED IN THE FACE.
>> GOOD.
>> I DON'T KNOW HOW GOOD THAT IS.
BUT AT LEAST MY IDENTITY WILL BE SAFER.
DO YOU THINK YOURS WILL BE, AS WELL?
ELECTRIFYING.
ALL RIGHT.
OUR NEXT AND SECOND TO LAST EXPERT IS, WELL THERE'S ONLY TWO
LEFT, SO MY TWO BOSSES.
YOU SEE HOW I DID THAT?
I MADE THEM GO LAST SO THAT WAY THEY'D BE SITTING UP THERE
SHAKING THE WHOLE TIME.
THIS IS PAYBACK FOR A WHOLE SUMMER, GUYS.
TRUE, I DON'T HAVE MY LAST CHECK YET.
I'M A LITTLE WORRIED NOW.
WELL, UP NEXT, OUR EXPERT IS: JON MAUER.
GIVE HIM A ROUND OF APPLAUSE.
>> JON: NOW I'M GOING TO CONVEY TO YOU IN ABOUT SIX MINUTES WHAT
TAKES TYPICALLY AN HOUR TO CONVEY TO FACULTY STAFF.
SO THE QUESTION IS: ARE YOU READY FOR THIS?
ALL RIGHT.
>> I THINK HE'S ASKING IF YOU'RE SMARTER THAN THE FACULTY AND
STAFF.
>> BECAUSE WELL MOVE REALLY FAST.
SO STAY TUNED. FASTEN YOUR SEAT BELTS.
>> ALL RIGHT. THREE, TWO, ONE, GO.
>> SO I'M GOING TO TALK TO YOU ABOUT RISK AND RISK IS DEFINED
AS A CHOSEN ACTION WHICH CAN LEAD TO AN UNDESIRABLE OUTCOME
OR LOSS.
AND THIS IMPLIES THAT THERE IS A CHOICE OR DECISION THAT WILL
INFLUENCE THE OUTCOME.
NOW BY SHOW OF HANDS, HOW MANY OF YOU BELIEVE YOUR INFORMATION
IS AT RISK?
FOR THOSE OF YOU THAT HAVE RAISED YOUR HANDS, I AGREE WITH
YOU.
AND THE DECISIONS AND CHOICES THAT YOU MAKE OVER YOUR TIME
HERE AT RIT WILL INFLUENCE THE OUTCOMES OF WHETHER YOUR
INFORMATION IS STOLEN.
NOW RISK IS BASED ON FOUR FACTORS.
FIRST YOU HAVE TO HAVE AN ASSET OR SOMETHING OF VALUE.
SECOND YOU NEED A VULNERABILITY.
THAT ASSET NEEDS TO HAVE SOMETHING THAT CAN BE EXPLOITED.
THIRD THERE NEEDS TO BE A THREAT OR AN AGENT WHICH WANTS TO
EXPLOIT AND STEAL OR DESTROY THAT ASSET.
AND THE FOURTH IS THAT THERE IS THERE NEEDS TO BE A COUNTER
MEASURE.
SOMETHING OR A DECISION OR CHOICE WHICH YOU MAKE TO TRY TO
REDUCE THE RISK BY EITHER REDUCING THE VULNERABILITY OR
THWARTING THE THREAT.
AND SO NOW WE'RE GOING TO EXPLORE EACH MUCH THESE IN
GREATER DETAIL.
SO LET'S START OUT WITH ASSETS.
WHAT ARE YOUR ASSETS?
WELL FIRST THEY'RE YOUR KEY IDENTIFIERS.
YOUR SOCIAL SECURITY NUMBER.
YOUR DRIVER'S LICENSE NUMBER.
YOUR UNIVERSITY ID.
IT'S YOUR FINANCIAL ACCOUNT INFORMATION LIKE YOUR CREDIT
CARDS, YOUR BANK ACCOUNT NUMBER.
IT'S YOUR WORK, YOUR HOMEWORK, RESEARCH, AND MOST IMPORTANTLY
OF ALL IT MAY BE YOUR REPUTATION.
WHERE ARE THESE ASSETS?
WELL THEY'RE EVERYWHERE YOU PUT THEM OR WHERE THEY'VE BEEN PUT.
PERSONAL DEVICES, PHONES, TABLETS, LAPTOPS.
RIT SYSTEMS.
NETWORKS, SERVERS, APPS AND LABS.
AND POTENTIALLY THIRD FAR AT THIS OUTSIDE, GOOGLE WHICH RIT
LEVERAGES OUT IN THE CLOUD.
ARE YOU VULNERABLE? ABSOULTELY YOU ARE.
BECAUSE ABSOLUTELY INFRASTRUCTURE CAN BE SNIFFED.
LOGICAL COMPUTERS CAN BE HACKED, PHYSICAL ASSETS CAN BE STOLEN
AND IF THEY CAN'T GET AROUND ANY OF THOSE THREE THEY WILL SIMPLY
ASK YOU FOR IT THROUGH SOME SORT OF SOCIAL ENGINEERING AND STEAL
IT FROM YOU.
SO WHAT ARE THESE THREATS?
WELL IT COULD BE ONE OF YOUR CLASSMATES.
IT COULD BE SOME KIDDY HACKER.
IT COULD BE ORGANIZED CRIME TRYING TO STEAL YOUR FINANCIAL
INFORMATION FOR SOME FORM OF FRAUD.
OR IT COULD BE SOME SORT OF STATE-SPONSORED ORGANIZATION
THAT'S TRYING TO STEAL RIT RESEARCH OR INTELLECTUAL
PROPERTY.
ALL OF THESE NEED TO BE TAKEN INTO ACCOUNT.
SO WHAT ARE YOU GOING TO DO?
WHAT ARE YOU GOING TO DO TO MINIMIZE YOUR RISK?
ARE YOU GOING TO TRY TO HIDE RICHIE AND THE HOPES THAT HE'S
GOING TO PROTECT YOU?
NO, YOU HAVE TO MAKE INTELLIGENT CHOICES AND DECISIONS ABOUT HOW
YOU ARE GOING TO PROTECT YOUR INFORMATION.
AND SO WE'RE GOING TO EXPLORE EACH OF THESE IN GREATER DETAIL.
THEY ARE ACTUALLY CAPTURED AND ARTICULATED IN RIT'S POLICIES,
STANDARDS AND RECOMMENDATIONS.
AND SO IF YOU'RE UP LATE ONE NIGHT, GO TO WSECURITY.RIT.EDU
AND YOU CAN RED THROUGH ALL THE POLICIES AND PROCEDURES AND IT
WILL GIVE YOU A GOOD NIGHT SLEEP BUT I'M GOING TO COVER THEM FOR
YOU RIGHT NOW.
TO PROTECT AGAINST SNIFFING, ENCRYPT YOUR COMMUNICATION.
USE RITWPA2.
USE ENCRYPTED EMAIL IM AND SECURE TRANSFER PROTOCOL.
ALL ALWAYS USE SSL OR HTTPS TO PROTECT AGAINST WEBSITES.
TO PROTECT AGAINST HACKING.
USE PASSWORDS INTELLIGENTLY.
IN THIS PICTURE, THERE ARE FOUR THINGS WRONG.
THIS PERSON HAS A VERY SIMPLE PASSWORD.
THEY'VE COMMUNICATED OR SHARED IT WITH SOMEBODY ELSE.
THEY'RE USING IT WITH THEIR OTHER ACCOUNTS AND THEY'VE
WRITTEN IT DOWN.
DON'T DO THESE THINGS, IF YOU DO, YOU'RE GOING GET HACKED.
SOMEONE IS GOING TO STEAL YOUR PASSWORD.
TO PROTECT AGAINST HACKING ON YOUR MOBILE DEVICES, RECOGNIZE
THAT MOBILE DEVICES ARE INTRINSICALLY INSECURE.
KEEP PRIVATE INFORMATION OFF YOUR MOBILE DEVICES.
DOWNLOAD ONLY TRUSTWORTHY AND NECESSARY APPS.
UPDATE YOUR PATCHES ON YOUR MOBILE DEVICES.
AND PASSWORD PROTECT THEM SO THAT IF THEY DO GET STOLEN,
SOMEONE CAN'T BREAK IN.
TO PROTECT AGAINST HACKING ON YOUR DESKTOP AND LAPTOPS, USE
SOME FORM OF ANTIVIRUS.
RIT PROVIDES MACK AN FEE ANTIVIRUS FOR YOU FOR FREE.
MAKE SURE THAT YOUR PATCHES ARE UPDATED.
BECAUSE OFTENTIMES PATCHES ARE REMEDIATING SOME FORM OF
VULNERABILITY.
NOW, DURING YOUR COURSE HERE AT RIT, YOU MAY DEVELOP A WEBSITE
OR HOST A SERVER APPLICATION OR DATABASE.
READ THE WEB STANDARD OR THE SERVER STANDARD.
THERE ARE IMMENSE AMOUNTS OF DETAILS IN THOSE TO PROTECT YOUR
WEBSITES AND SERVERS FROM HACKING.
AND THEN FINALLY, TO PROTECT AGAINST PHYSICAL THEFT, LOCK
YOUR ROOM AND CAR.
DON'T LEAVE DEVICES IN PLAIN SIGHT, NEVER LEAVE UNLOCKED
DEVICES UNATTENDED.
AND ENCRYPT YOUR STORAGE.
THAT WAY IF IT DOES GET STOLEN, AT LEAST THEY CAN'T GET THE
INFORMATION ON THE PARTICULAR DEVICE.
AND THEN KEEP IN MIND THAT WHEN YOU DISPOSE OF SOMETHING,
THAT MAY BE WHEN SOMETHING -- SOMEONE IS TRYING TO STEAL IT
FROM YOU.
SO CRISSCROSS, SHRED YOUR PAPER.
FOR CD'S AND DISKETTES, USE SOME FORM OF A MEDIA SHREDDER AND FOR
TAPES AND HARD DRIVES, DEGAUSS THEM.
WE HAVE MEDIA SHREDDERS AND DEGAUSSERS THAT ARE FREE TO USE.
TO PROTECT AGAINST HUMAN WEAKNESS, NEVER SHARE YOUR
PASSWORD, DON'T PROVIDE INFORMATION TO STRANGERS,
CONFIRM THEIR IDENTITY OR GET A NUMBER FOR THEM ONLINE AFTER THE
FACT.
NOW, FOR ALL OF THESE, THE QUESTION IS: WHO'S PROTECTING
YOUR SECURITY?
AND THE ANSWER IS: IT'S EVERYONE.
IT'S RIT.
IT'S THE FACULTY AND STAFF.
IT'S THE INFORMATION SECURITY OFFICE.
THE IT DEPARTMENTS.
BUT MOST IMPORTANTLY IT'S YOU.
AND THE CHOICES AND DECISIONS THAT YOU MAKE WILL INFLUENCE
WHETHER YOUR INFORMATION IS POTENTIALLY STOLEN AND HELP
REDUCE THE RISK.
SO KEEP IN MIND THAT THESE RISKS ARE CONSTANTLY CHANGING.
AND SO DURING YOUR TIME HERE AT RIT, YOU WILL RECEIVE REGULAR,
AND I MEAN REGULAR, COMMUNICATIONS FROM THE
INFORMATION SECURITY OFFICE.
PLEASE READ THEM.
AND IF YOU EVER HAVE ANY QUESTIONS OR CONCERNS, PLEASE
DON'T HESITATE TO REACH OUT TO US IN THE INFORMATION SECURITY
OFFICE.
THANK YOU VERY MUCH.
[APPLAUSE.]
>> CHRIS: I DON'T KNOW WHO'S NEXT.
ALL RIGHT.
OUR LAST SPEAKER FOR THE EVENING BEFORE WE TAKE QUESTIONS
FROM YOU GUYS, WE HAVE TWO MICS BACK THERE.
WE'LL EXPLAIN THAT IN A SECOND.
OUR LAST SPEAKER IN THE EVENING IS MY IMMEDIATE SUPERVISOR FOR
THIS ENTIRE SUMMER WHILE I WAS ON CO-OP, MR. BEN WOELK.
[APPLAUSE.] I TOOK THE INTERPRETIVE DANCE SLIDE AND PUT
IT IN YOUR PRESENTATION, BY THE WAY.
>> BEN: I HAVE NOTHING TO SAY ABOUT THAT.
WHENEVER YOU ARE READY.
>> GO.
>> BEN: HI, I'M BEN WOELK.
I'M THE POLICY AND AWARENESS ANALYST IN THE RIT INFORMATION
SECURITY OFFICE.
WHICH BASICALLY MEANS I COME UP WITH A LOT OF THINGS YOU ALL
HAVE TO DO.
BUT THIS PRESENTATION IS 10 TIPS TO SHOCK PROOF YOUR USE OF
SOCIAL MEDIA AND IT WILL GO PRETTY QUICKLY.
I'M USING TO DOING 15-SECOND SLIDES AND THE 18 REALLY IS
DRAGGING OUT.
OKAY.
WHAT'S WRONG WITH THIS PICTURE?
PRETTY OBVIOUS.
IF YOU WANT TO FIND OUT WHERE YOUR CREDIT CARD HAS BEEN
STOLEN, YOU DO NOT WANT TO PUT THAT INFORMATION ONLINE.
THE PROBLEM IS WE'RE ALL TARGETED, EVERY ONE OF US.
YOU'RE TARGETED, I'M TARGETED.
AND THE REAL KEY IS THAT AWARENESS IS THE MOST IMPORTANT
THING HERE.
IT'S ALSO WE'RE NOT ATTACKED BY HACKERS IN THEIR BASEMENTS, SOME
OF YOU MAY REMEMBER THAT MOVIE FROM THE DAWN OF TIME CALLED WAR
GAMES WITH THE HACKER IN THE BASEMENT.
BUT THE KEY THING NOW IS THAT ORGANIZED CRIME FUNDS THE
ATTACKS.
IT MAY BE A HACKER IN THE BASEMENT, BUT HE'S GETTING WELL
PAID TO ATTACK YOU.
SO THE FIRST TIP I'VE GOT FOR YOU IS TO USE SOMETHING CALLED A
PASS PHRASE.
DON'T I DON'T A PASSWORD.
USE A PASS PHRASE.
NICK MENTIONED IT.
LENGTH IS MORE IMPORTANT THAN COMPLEXITY.
SO YOU CAN TAKE A PHRASE LIKE IT WAS A DARK AND STORMY NIGHT.
PUT A NUMBER, CRAM IT TOGETHER, AND YOU'VE GOT SOMETHING YOU
CAN'T PRONOUNCE BUT YOU'VE ALSO GOT SOMETHING THAT'S PRETTY MUCH
UNCRACKABLE.
NOW WE ALSO TALKED ABOUT USING MULTIPLE PASSWORDS.
THERE ARE A COUPLE OF TRICKS TO THIS.
YOU WANT TO USE SOMETHING CALLED A PASSWORD SAFE.
PASSWORD GUERRILLA IS ONE.
AND ANOTHER ONE IS LAST PASS, WHICH IS A BROWSER PLUG IN.
IT WILL GENERATE A PASSWORD FOR YOU AND REMEMBER IT FOR YOU WHEN
YOU NEED IT.
SECOND TIP IS TO KEEP UP-TO-DATE.
YOU KNOW YOU NEED TO KEEP YOUR OPERATING SYSTEM UP-TO-DATE.
IT'S REALLY IMPORTANT TO KEEP YOUR APPLICATIONS UP-TO-DATE.
AND, HONESTLY, EVEN YOUR HARDWARE.
SO MAKE SURE THAT YOU'RE KEEPING TO UP DATE WITH PATCHES WHEN
THEY COME OUT.
AND IF POSSIBLE SET IT SO IT'S AN AUTOMATIC UPDATE.
TIP NUMBER 3 IS TO USE PROTECTION.
NOW, THERE IS NO SUCH THING AS AN ICONDOM.
AT LEAST NOT YET.
BUT THE IDEA IS TO USE LAYERS OF SECURITY.
YOU WANT TO MAKE SURE YOU USE AN ANTIVIRUS.
YOU HAVE A FIRE WALL.
YOU USE ANTISPYWARE.
AND THESE MOBILE DEVICES ARE REALLY BIG DEAL BECAUSE THEY ARE
GETTING TARGETED MORE AND MORE.
RESEARCH AND DEVELOPMENT AGAINST THEM.
TIP NUMBER 4, RECOGNIZE PHISHING AND SCAMS.
YOU SAW PHISHY IN THE ROOMS.
LOOKS LIKE PHISHY IS TAKING TIME OFF RIGHT NOW.
DON'T RESPOND TO EMAIL REQUESTS FOR YOUR PASSWORD.
DON'T RESPOND TO PHONE CALLS ASKING FOR YOUR PASSWORD OR
ANYTHING ELSE HAVE PEOPLE DON'T NEED THEM.
KEEP YOUR PRIVATE THINGS PRIVATE.
NOW, THIS POSTER WAS ACTUALLY DEVELOPED BY A STUDENT HERE,
NICE VICTORIA SECRET COLORS.
BUT THE KEY THING HERE TO REMEMBER, YOU WANT SOMETHING
PRIVATE, DON'T PUT IT ONLINE.
YOU PRETTY MUCH WILL ASSURE -- HAVE TO ASSUME THAT IT WILL BE
COMPROMISED AT SOME POINT.
TIP NUMBER 5.
USE YOUR SOCIAL NETWORKS SAFELY.
EXPECT YOU'RE GOING TO USE THEM.
EVERYBODY IS USING THEM NOW.
AND THIS KIND OF THING IS REALLY NOT THE NORM, BUT THINGS ABOUT
DON'T PUT ON YOUR FACEBOOK STATUS "HEY, I'M GOING GO OUT OF
TOWN" ESPECIALLY "MY ROOM'S UNLOCKED" OR SOMETHING LIKE
THAT.
BUT DON'T GIVE UP YOUR WHEREABOUTS.
AND THE KEY THING THAT'S HAPPENING NOW IS WE'RE SEEING A
LOT OF PHISHING ON SOCIAL NETWORKS SITES.
IT'S NOT THE POORLY CRAFTED EMAILS YOU MAY GET.
YOU MAY GET COMMUNICATIONS FROM SOMEBODY THAT LOOKS LIKE
SOMEBODY ON FACEBOOK OR TWITTER OVER THE LAST COUPLE DAYS, AND
WHAT ARE YOU DOG IN THIS VID HERE?
AND AGAIN IT'S A PHISHING ATTEMPT.
YOU'VE GIVEN UP A PASSWORD.
TIP NUMBER 6.
REMEMBER WHO ELSE IS THERE.
NOW HANNAH REFERRED TO THIS.
POTENTIAL EMPLOYERS ARE LOOKING FOR YOU ONLINE ALL OF THE TIME.
YOU HAVE TO WATCH OUT FOR IDENTITY THIEVES.
AND THERE ARE ONLINE PREDATORS.
SO THAT'S REALLY KIND OF OVERPLAYED CONSIDERING HOW MUCH
OF IT IS REALLY GOING ON.
KEY THING IS ALSO: DON'T POST INAPPROPRIATE PHOTOS AND DON'T
LET YOUR FRIENDS POST INAPPROPRIATE PHOTOS.
CHECK IN THE MORNING.
SEE WHAT YOU'VE BEEN TAGGED IN.
MAYBE YOU GUYS WOULD HIRE THIS GUY.
I WOULDN'T HIRE THIS GUY.
WE DID HIRE SOMEBODY LIKE THAT JUST RECENTLY.
BUT PAY ATTENTION TO WHAT YOU POST ONLINE.
SORRY IT WASN'T IN THE SCRIPT.
TIP NUMBER 7, BE WARY OF OTHERS.
IS THIS REALLY YOUR FRIEND WHO IS TALKING TO YOU?
IS IT A 40 SOMETHING OR 60 SOMETHING WHO OUT THERE
MASQUERADING AS AN ATTRACTIVE 20 SOMETHING?
YOU DON'T KNOW WHO THAT REALLY IS BEHIND THAT PROFILE ON
FACEBOOK OR ANY OTHER SOCIAL MEDIA.
SO, TIP NUMBER 8: SEARCH FOR 27 YOUR NAME.
YOU'VE GOT ACCESS TO SOMETHING CALLED GOOGLE DASHBOARD.
NOW, I USE IT TO SEARCH AND SEE HOW MY NAME IS USED ONLINE AND I
ACTUALLY KIND OF STALK TO SEE HOW MY FAMILY'S NAMES ARE USED
ONLINE.
BUT IT'S A GREAT WAY TO MONITOR HOW YOU APPEAR ONLINE AND WHEN
YOU APPEAR.
YOU CAN SET IT TO UP GIVE YOU ALERTS DAILY.
NOW, TIP NUMBER 9, GUARD YOUR PERSONAL INFORMATION.
MAYBE YOU'D LIKE TO HAVE A GUARD DOG LIKE THIS.
MAYBE NOT.
BUT THE KEY THING IS GUARD YOUR PERSONAL INFORMATION.
REALLY WATCH OUT FOR THOSE FACEBOOK APPLICATIONS THAT HAVE
20 OR 30 QUESTIONS ABOUT YOU, THINGS LIKE WHAT'S YOUR MOTHER'S
MAIDEN NAME?
WHERE WERE YOU BORN?
ALL OF THAT KIND OF STUFF.
TIP NUMBER TEN.
NEVER ASSUME PRIVACY.
FACEBOOK TRACKS EVERYTHING YOU DO.
IF YOU PUT IT OUT THERE, IT WILL BE REVEALED AT SOME POINT.
SO MAKE SURE YOU THINK ABOUT WHAT YOU POST.
DON'T ROLL THE DICE WITH ONLINE PRIVACY.
USE THE PRIVACY SETTINGS.
NOW THE PROBLEM WITH PRIVACY SETTINGS, FACEBOOK, EVERY WHERE
ELSE, THEY KEEP CHANGING THEM.
HALF THE TIME WHEN THEY CHANGE THEM, THOSE PRIVACY SETTINGS
BECOME UNSTUCK.
SO EVERYTHING YOU THOUGHT WAS PRIVATE IS ALL OF A SUDDEN
REVEALED.
SO YOU WANT TO PAY ATTENTION TO THAT.
KEY THING IS-- YOU ARE ARE THE FIRST LINE OF DEFENSE.
RIT KIND MUCH PROTECTS YOU BUT WE REALLY WORK HERE AS YOUR
INTERNET SERVICE PROVIDER.
YOU'RE NOT BEHIND A FIRE WALL WHEN YOU'RE ON YOUR COMPUTERS.
SO STAY ALERT.
YOU WILL BE THE FIRST ONE TO NOTICE THAT SOMETHING IS WRONG.
MAYBE YOUR COME PUT CERTAIN RUNNING SLOWLY.
MAYBE YOU'RE GETTING WEIRD COMMUNICATIONS.
AND, FINALLY, YOU'LL HEAR THIS OVER AND OVER HERE: PRACTICE
DIGITAL SELF-DEFENSE.
IT'S UP TO YOU TO PROTECT YOURSELF AND EVERYONE ELSE.
YOU CAN FOLLOW ME.
YOU CAN FOLLOW RIT INFO SEC.
AND, AGAIN, I THANK YOU FOR THIS PRESENTATION TIME.
AND STAY SAFE.
AND WE'RE DONE EXCEPT FOR QUESTIONS.
[APPLAUSE.]
>> CHRIS: NICE.
SO HOW ABOUT ONE MORE ROUND OF APPLAUSE FOR OUR PRESENTERS?
THEY'RE DONE.
YOU GUYS SHOULD GIVE YOURSELVES A ROUND OF APPLAUSE, AS WELL.
YOU SURVIVED.
THAT'S A PRETTY BIG DEAL.
[APPLAUSE.] SO, HOW ARE WE DOING ON TIME?
OH, WE'RE DOING GREAT.
ALL RIGHT.
SO WE HAVE ABOUT 10 MINUTES OR SO FOR QUESTIONS.
THIS IS YOUR CHANCE TO REALLY TAKE THESE GUYS -- PICK THESE
GUYS' BRAINS.
THEY KNOW A LOT ABOUT THE POLICIES AND STANDARDS THAT
WE KNOW THAT YOU ALL WILL READ TONIGHT, RIGHT?
[LAUGHTER]
>> YES!
>> WE GOT ONE ENTHUSIASTIC GUY.
BUT THIS IS YOUR CHANCE TO GO AHEAD AND ASK QUESTIONS.
THERE ARE MICS IN THESE TWO AISLES HERE, SO FEEL FREE TO
COME UP.
THE OA'S WILL DIRECT YOU AND WE'LL TAKE A QUESTION FROM EACH
SIDE.
TO GET US GOING, I HAVE WRITTEN DOWN A COUPLE QUESTIONS.
SO FIRST QUESTION FOR OUR PANEL.
FEEL FREE, TO, GUYS, JUST FIELD ANY QUESTIONS AND BUILD OFF OF
EACH OTHER IF YOU'D LIKE.
WHY WOULD SOMEONE, OH THIS IS MY QUESTION, ACTUALLY, MOSTLY FOR
NICK.
WHY WOULD SOMEONE WANT TO STEAL MY IDENTITY?
I KNOW I HAVE NO MONEY WHATSOEVER TO SPEAK OF.
>> WELL, I KNOW THAT YOU ARE AN INDIVIDUAL AND PRECIOUS SNOW
FLAKE IN YOUR OWN RIGHT.
BUT THE REALITY IS, AS I SAID EARLIER, YOU HAVE NEW CREDIT.
AND YOU'RE AN UNKNOWN IN THE WORLD.
SO IF I CAN STEAL YOUR IDENTITY, I CAN BUILD UP ANYTHING I WANT,
THE CREDIT I WANT, THE PERSONA THAT I WANT.
AND IT DOESN'T MATTER WHO YOU ARE, 'CUZ YOU'RE ESSENTIALLY A
TABULAR RASA, BLANK SLATE ON THE INTERNET.
SO I CAN BE WHOEVER I WANT TO BE WITH YOUR NAME.
>> ALL RIGHT.
ANYBODY ELSE WANT TO ADD SOMETHING?
THAT'S GOOD?
ALL RIGHT.
>> YOU GOT A QUESTION OVER HERE?
GO FOR IT.
>> I DO HAVE A QUESTION.
SO I'VE TAKEN A FEW CLASSES IN MY YEARS AT BEING AT RIT, AND A
FEW OF MY CLASSES, WE'VE HAD TO DO THINGS WHERE OUR NAMES ARE
ATTACHED TO WORK WE'VE DONE.
AND I EVEN HAD A WEB DESIGN CLASS WHERE WE ALL HAD PICTURES
OF OURSELVES FOR OUR WEBSITE AND WE WERE TOLD THAT IT WOULD ONLY
BE VIEWABLE FOR RIT STUDENTS.
NOW, THAT WAS INCORRECT, AS I LATER FOUND OUT, AND NOW IF YOU
GOOGLE ANY OF OUR NAMES, OUR INFORMATION, OUR WORK AND OUR
PICTURES COME UP ON GOOGLE FOR ANYONE TO SEE.
SO, I'VE TRIED CONTACTING THE WEBMASTER FOR THAT SITE AND THAT
EMAIL ADDRESS COMES BACK AS NOT EXISTING.
SO I WAS WONDERING WHY CERTAIN THINGS LIKE THAT ARE ALLOWED
HERE AT RIT?
AND WHAT CAN BE DONE TO CHANGE THOSE THINGS?
[APPLAUSE.]
>> IT'S AN EXCELLENT QUESTION.
SO WELCOME TO RIT, WHERE WE HAVE ONE OF THE LARGEST WEB PRESENCES
OF ANY UNIVERSITY.
THERE ARE OVER 300,000 WEB PAGES ON THE RIT WEBSITE.
AND BECAUSE IT'S HIGHLY DISTRIBUTED, THERE ARE A LOT OF
PEOPLE THAT HAVE ACCESS TO THAT AND THAT ARE INVOLVED IN THE USE
OF THAT.
MY RECOMMENDATION WOULD BE TO CERTAINLY IF SOMEONE HAD MADE A
COMMITMENT LIKE THAT TO YOU, THAT IT WOULD NOT BE SHARED AND
IT IS BEING SHARED, THAT'S PROBLEMATIC.
AND I WOULD GO BACK TO THAT FACULTY MEMBER AND/OR IF YOU'RE
NOT GETTING A RESPONSE FROM THEM, GO BACK TO THE DEAN OF THE
COLLEGE AND SPECIFICALLY ADDRESS THAT WITH THEM BECAUSE THOSE
TYPES OF COMMITMENTS SHOULD BE HONORED.
>> OKAY.
ALSO, WHAT IS THE ITS WEBMASTER EMAIL ADDRESS?
>> WELL, THE ANSWER TO THAT IS -- AS I MENTIONED, THERE ARE
OVER 300,000 WEB PAGES.
AND THERE IS NOT A SINGLE RIT WEBMASTER.
THERE ARE A NUMBER OF DIFFERENT WEBMASTERS DEPENDING ON THE
ACTUAL PORTIONS OF THE WEBSITE THAT ARE BEING ADMINISTERED.
>> WHAT I WOULD DO IS SEND AN EMAIL TO ABUSE @RIT.EDU.
AND THAT WILL ELEVATE IT AUTOMATICALLY INTO THE TRACKING
SYSTEM.
SO I THINK YOU'LL PROBABLY STAND A BETTER CHANCE OF GETTING A
RESPONSE THERE.
>> THANKS.
>> THINGS GET SCREWED UP.
>> THANK YOU.
>> ALL RIGHT.
WE GOT A QUESTION OVER HERE ON THIS SIDE?
>> YES.
EXCUSE ME, I DIDN'T MEAN TO BLAST YOUR EARS OUT.
MY QUESTION IS: WHAT DO WE THINK ABOUT THESE PLUG-INS THAT
ACTUALLY DO THESE RANDOM PASSWORDS AND STUFF?
BECAUSE YOU SAY THAT THE PLUG-IN REMEMBERS THE PASSWORD.
WELL, OKAY, BUT HOW DOES IT REMEMBER IT?
DOES IT REMEMBER IT IN AN ENCRYPTED CACHE OR IN SOME OTHER
CAPACITY?
BECAUSE JUST BECAUSE YOU MAY HAVE A LOT OF RANDOMLY GENERATED
PASSWORDS, THEY ARE STORED, YOU MUST REMEMBER WHAT SITE THEY GO
WITH.
>> IT DEPENDS.
WHICH IS PROBABLY GOING TO BE THE ANSWER TO PRETTY MUCH
EVERYTHING.
PASSWORD GUERRILLA'S A DESKTOP APPLICATION, IT SAVES IT IN AN
ENCRYPTED VAULT ON YOUR DESKTOP.
LAST PASS IS A BROWSER PLUG-IN.
THERE WAS A HACK A COUPLE OF YEARS AGO.
THERE WERE SOME PASSWORDS THAT WERE COMPROMISED.
I THINK EVERYTHING GETS HACKED AT SOME POINT.
WHETHER IT'S A SECURITY APPLICATION OR SOMETHING ELSE.
IT REALLY STORES THOSE THINGS ONLINE.
USE A COMPLEX PASSWORD OR LONG PASSWORD TO LOG IN TO IT TO
ENABLE ITS USE.
BUT CAN THEY GUARANTEE WHETHER IT'S GOING TO BE COMPLETELY
PROTECTED?
NO.
BUT ONE THING, IT'S CERTAINLY GOING TO BE IN THE NEWS IF THEY
ARE HACKED.
AND THE OTHER THING IS YOU'RE STILL BETTER OFF USING A SERVICE
LIKE THAT THAN TRYING TO REUSE THE SAME PASSWORD FOR 15 OR 16
OR 20 DIFFERENT SITES.
AND, NICK, IF YOU CAN ADD ANYTHING TO THAT.
>> WELL I USE ONE CALLED KEY PASS, WHICH WORKS ON LINUX,
WHICH IS THE OPERATING SYSTEM THAT MOSTLY USE WINDOWS, THE
MAC AND ON MY PHONE.
SO THAT I CAN KEEP THE SAME PASSWORD SET EVERYWHERE; IT'S A
2048-BIT ENCRYPTION WHICH YOU'RE NOT GOING TO BREAK TERRIBLY
EASILY.
SO THAT'S HOW I KEEP MINE SAFE.
I USE A VERY LONG PASSWORD.
A TEDIOUSLY LONG PASSWORD WHEN I'M PUTTING INTO IT MY PHONE.
BUT THAT WAY I KNOW THAT IT'S DOUBLY SAFE.
ONE, IT'S A VERY HIGH ENCRYPTION RATE FOR THE FILE.
AND, SECONDLY, IT'S A VERY LONG PASSWORD THAT I DON'T USE
ANYWHERE ELSE.
>> OKAY.
AND WHAT ABOUT LIKE THE PASSWORD MANAGER THAT IS BUILT INTO
MOZILLA FIREFOX?
IF YOU USE THAT WITH A MASTER PASSWORD?
>> I WOULDN'T RECOMMEND THAT AT ALL.
PRETTY MUCH ANYTHING, EVEN IF YOU GO BACK TO THE OLD OFFICE
PRODUCTS WHERE THEY USED TO OFFER TO REMEMBER YOUR PASSWORD
AND PUT IT IN AUTOMATICALLY, I WOULD NOT TRUST THE ENCRYPTION
ON THOSE.
I WOULD GO WITH A THIRD-PARTY PASSWORD SAFE KEY PASS, PASSWORD
GORILLA, LAST PASS, SOMETHING LIKE THAT.
I WOULD NOT TRUST THE REGULAR MOZILLA AT ALL.
I THINK THE INTENT FOR THAT IS CONVENIENCE.
IT'S NOT REALLY SECURITY.
>> YEAH, WHEN YOU'RE TALKING ABOUT SECURITY, EASY SHOULD BE
SUSPECT.
>> OKAY.
>> AWESOME.
THANK YOU.
>> I WILL CONTACT YOU IF I WANT TO HAVE A RECOMMENDATION FOR
THAT.
>> ABSOLUTELY.
>> PERFECT, THANK YOU.
THIS GUY, RED SHIRT.
>> I JUST HAD A QUESTION ON THE ANSWER TO FIRST QUESTION THAT I
BELIEVE NICK ANSWERED.
WHY WOULD AN IDENTITY THIEF GO THROUGH THE TROUBLE OF STEALING
SOMEONE'S IDENTITY WHEN THEY COULD JUST CREATE A WHOLE NEW
IDENTITY?
I MEAN I DON'T KNOW IF THAT'S POSSIBLE.
BUT WOULD THEY BE ABLE TO DO SOMETHING LIKE THAT?
>> SURE, YOU CAN CREATE A NEW IDENTITY.
CREATING A NEW IDENTITY OUTSIDE OF TV SHOWS IS HARD BECAUSE YOU
HAVE AN ENTIRE HISTORY.
IF I STEAL YOUR IDENTITY, I'VE GOT A BIRTH CERTIFICATE, I'VE
GOT A SOCIAL SECURITY NUMBER, I'VE GOT A HIGH SCHOOL
TRANSCRIPT.
AND ALL OF THAT IS REAL.
WHEREAS IF I HAVE TO CREATE AN IDENTITY, I DON'T HAVE ANY OF
THAT STUFF.
SO I'VE GOT TO GO BACK AND CREATE ALL OF THAT.
WELL THAT'S REAL EASY FOR THE CIA OR NCIS OR ONE OF THOSE, BUT
IN THE REAL WORLD, IT'S ACTUALLY HARD.
SO IF I CAN STEAL YOUR IDENTITY, 90 PERCENT OF THE WORK HAS BEEN
DONE FOR ME.
AND IF YOU DON'T PROTECT YOUR IDENTITY, I WIN.
THAT'S THE REASON.
BECAUSE YOU'RE A REAL HUMAN.
AND STEALING THE IDENTITY OF A REAL HUMAN IS BETTER THAN
BUILDING ONE.
>> OKAY.
THANK YOU.
>> THANK YOU.
ALL RIGHT.
OH WE'RE GET SOMETHING PRETTY LONG LINES HERE.
I THINK DEPENDING UPON HOW LONG THE QUESTIONS ARE, WE'LL ONLY BE
ABLE TO TAKE THREE OR FOUR MORE QUESTIONS.
BUT I WILL TAKE YOURS FIRST, SIR.
>> OKAY, ALL RIGHT.
SO THIS ONE IS DIRECTED PRIMARILY TO THE PERSON WHO WAS
TALKING ABOUT THE -- OH, YEAH, CONTROLLING WHAT YOU PUT ONLINE,
THAT LADY.
DO YOU THINK IN TERMS OF ETHICS THERE'S SOME POSSIBILITY THAT
COMPANIES AND EMPLOYERS CONSTANTLY CHECKING, NOT
CONSTANTLY CHECKING, BUT WHAT I MEAN CHECKING WHAT YOU'VE DONE
ONLINE AND POSSIBLY NOT GIVING YOU A JOB OR FIRING YOU OR
SOMETHING ALONG THOSE LINES FOR ONE THING YOU'VE SAID ONLINE?
DO YOU THINK THAT COULD LIKE CREATE AN ENVIRONMENT OF
CENSORSHIP WHERE NOBODY SAYS YOU CAN'T SAY SOMETHING NECESSARILY
BUT YOU END UP BEING STIFLED BECAUSE YOU WANT TO EAT, SLEEP,
PAY RENT, THAT KIND STUFF?
>> THAT'S A REALLY GOOD QUESTION.
AND I DON'T -- I THINK BECAUSE THE USE OF DEVELOPING CONTENT
ONLINE IS SO WHICH HAD SPREAD THAT THE MAJORITY RULES OVER THE
ONE OR TWO PEOPLE WHO MIGHT MISS OUT ON A JOB BECAUSE OF AN
EMPLOYER FINDING SOMETHING.
AND QUITE HONESTLY, MOST EMPLOYERS ARE NOT REQUIRED TO
TELL PEOPLE WHY THEY WERE NOT HIRED.
SO YOU WILL NEVER KNOW THAT IT WAS BECAUSE OF ONE RANDOM TWEET
THAT YOU SENT TWO YEARS GO THAT SHOWS UP ON THE INTERNET.
SO THERE ARE LOTS OF FACTORS TO CONSIDER, BUT I DON'T THINK THAT
WE'LL SEE -- IT DOES RAISE A LOT OF ISSUES ABOUT YOUR PRIVACY
VERSUS WHAT THE EMPLOYER CAN SEE.
BUT RIGHT NOW, WHEN EVERYTHING IS SO PUBLIC, I THINK WE JUST
HAVE THE TO DEFAULT TO WHAT THE DANGERS ARE.
>> LET ME ADD TO THAT REALLY QUICKLY.
THERE WAS A COURT RULING WITHIN THE LAST TWO WEEKS WHERE
FACEBOOK AND OTHER SOCIAL MEDIA POSTINGS ARE NOT PROTECTED
INFORMATION AT ALL.
SO YOU HAVE NO EXPECTATION OF PRIVACY IF ANYTHING YOU POST
INTO SOCIAL MEDIA.
>> ALL RIGHT.
THANK YOU.
>> THANK YOU.
>> HEADLING OVER TO THIS SIDE.
>> I FIGURE THIS ONE IS GOING TO BE PRETTY QUICK.
IN TERMS MUCH PHYSICAL PROTECTION OF YOUR IDENTITY,
LIKE KEEPING A LAPTOP SAFE AND THE PASSWORDS INSIDE THERE, HOW
SECURE WOULD YOU SAY LIKE BIOMETRIC, FINGER SCAN, FACE
RECOGNITION, THOSE SERVICES?
>> I'LL START, YOU CAN PICK UP.
>> YEAH.
>> FACE RECOGNITION, ALL THEY NEED IS A PHOTO OF YOU TO HOLD
UP IN FRONT OF THE COMPUTER.
SO IT'S KIND OF LIMITED IN ITS EFFECTIVENESS.
OBVIOUSLY IT'S NOT THE GLORY THEY HAVE MY FINGER FOR THE
FINGERPRINT.
BUT EVEN SO, THAT'S STILL A HASHED PASSWORD, IN A SENSE.
IT'S JUST A DIFFERENT KIND OF INTERFACE.
THE REAL KEY -- AND ONE OF THE THINGS WE TALK ABOUT IN SECURITY
IS YOU'RE REALLY KIND MUCH TRYING TO BUILD YOUR FENCE A
LITTLE HIGHER THAN YOUR NEIGHBOR'S BECAUSE YOU WANT THEM
TO ROB YOUR NEIGHBOR'S HOUSE, NOT YOUR HOUSE.
SO ANYTHING. NOT REALLY.
[LAUGHTER] BUT ANYTHING THAT YOU CAN DO THAT MAKES YOUR STUFF A
LITTLE BIT HARD HARDER TO OBTAIN, UNLESS YOU'RE
SPECIFICALLY TARGETED, THEY'RE GOING TO MOVE ON TO THE NEXT
VICTIM.
USE ANYTHING.
ANYTHING IS MORE THAN YOUR FRIEND IS PROBABLY USING.
>> ALL RIGHT, THANK YOU.
>> THANK YOU.
ALL RIGHT, WE GOT TIME FOR TWO MORE QUESTIONS.
SO OVER TO THIS SIDE.
>> OKAY.
WHAT IS YOUR OPINION ON CERTAIN ONLINE AND A NONEY MEISSERS,
LIKE TORE OR PEER BLOCK OR SOMETHING LIKE THAT TO LIMIT THE
AMOUNT OF INFORMATION THAT CAN BE INTERCEPTED.
>> IN GENERAL, THEY'RE CRAP.
[LAUGHTER] THE REALITY IS THAT AT SOME POINT FOR YOU TO GET A
PIECE OF INFORMATION FROM ANOTHER SERVER, YOUR ADDRESS
MUST BE AVAILABLE.
AND EVEN IF IT'S PUT INTO TORE OR SOMEWHERE ELSE.
>> WOW.
>> YOU CAN BE TRACED.
THERE'S NO SUCH AS PURE ANONYMITY IN THE INTERNET.
THEY WOULD LOVE TO SELL YOU THAT IDEA, BUT IT SIMPLY DOESN'T
EXIST.
>> OKAY, THANK YOU.
>> THANKS.
AND LAST QUESTION RIGHT OVER HERE.
GENTLEMAN IN BLUE.
>> ALL RIGHT.
I WAS WONDERING, LIKE, IS IT MUCH SAFER TO USE LIKE A
PASSWORD VAULT THAT WILL ALLOW YOU TO COPY AND PASTE YOUR
PASSWORD SO THAT YOU DON'T HAVE TO TYPE?
AND HOW DO WE PROTECT OURSELF AGAINST LIKE SNIFFING OR
KEYBOARD LOGGING?
>> HMM.
THE PASSWORD VAULTS THAT I'M FAMILIAR WITH, YOU'RE NOT
COPYING/PASTING OUT OF THEM.
THOUGH THEY DO GET TRICKIER ON YOUR PHONE BECAUSE THEY DON'T
NECESSARILY WORK THE SAME WAY.
LAST PASS, FOR INSTANCE, YOU CAN SET IT UP SO IT AUTO FILLS.
IT AUTO LOGS IN OR YOU COULD HAVE TO GO INTO THE VAULT AND
HAVE IT PUT THE PASSWORD IN MANUALLY.
SO YOU HAVE DIFFERENT CONFIGURATION OPTIONS.
ONE THING THAT WE RAN INTO A COUPLE MUCH YEARS GO WITH ONE OF
THESE ENCRYPTION PACKAGES OR PASSWORD VAULT THAT WAS
ENCRYPTED, IT HAD BACKUPS.
THE BACKUPS WEREN'T ENCRYPTED AND SOMEBODY HAD ACTUALLY BACKED
IT UP ONTO THEIR DESKTOP AND IT WAS A WIDE OPEN FILE.
SO YOU'VE GOT TO BE VERY CAREFUL IN TERMS OF INVESTIGATING HOW
THESE THINGS WORK.
NICK, I DON'T KNOW IF YOU ADDRESS THE OTHER PART OF THAT?
>> NICK: YEAH, THE OTHER PART OF THAT IS IF YOU COPY SOMETHING
OUT OF YOUR VAULT AND PASTE IT INTO SOMEWHERE ELSE, IT'S STILL
IN THE CLIPBOARD.
SO IF I COME UP TO YOUR MACHINE, YOU WALKED AWAY, I OPEN UP NOTE
PAD, I DO A PASTE, THERE'S YOUR PASSWORD.
SO UNLESS YOU REMEMBER TO THEN COPY SOMETHING ELSE TO WIPE IT
OUT, YOU'RE VERY VULNERABLE.
>> AND WITH REGARD TO KEY STROKE LOGGERS, THAT'S A POTENTIAL
THREAT.
THE VULNERABILITY IS TYPICALLY BECAUSE YOUR SYSTEM IS
PHYSICALLY INSECURE.
SO SOMEONE HAS ACCESS TO IT -- INSECURE.
AND YOU SHOULD ALSO CONSIDER WHETHER YOU WANT TO SEPARATE THE
ADMINISTRATIVE RIGHTS.
SO IF SOMEONE DOES DELIVER YOU MAIL WHERE WITH A KEY STROKE
LOGGER IN IT, THEY CAN'T ACTUALLY INSTALL IT ON YOUR
SYSTEM.
>> THANK YOU.
>> GOOD.
>> FOR THE LESS TECHIE SOULS IN THE CROWD, A LOT OF THIS IS
DEFINITELY OVER MY HEAD, BUT I JUST WANT TO DO ONE QUICK LITTLE
MESSAGE FOR YOU.
WHEN YOU ARE THINKING ABOUT THE RELATIONSHIPS THAT YOU'RE HAVING
ON YOUR FLOORS, WITH YOUR FRIENDS, FRATERNITY, SORORITY,
CLUB, ORGANIZATION, THINK ABOUT WHAT YOU POST ABOUT YOURSELF AND
OTHERS.
THINK ABOUT THE TEXTS YOU SEND TO FELLOW STUDENTS, EVEN
FACULTY/STAFF, THE PICTURES YOU MIGHT TAKE AND SEND VIA TEXT OR
PUT ON TUMBLR OR PUT ON FACEBOOK BECAUSE WE HAVE SO MANY
STUDENTS EVERY YEAR GET THEMSELVES IN A LOT OF TROUBLE
BECAUSE OF WHAT THEY HAVE PUT OUT IN SOCIAL MEDIA.
THOSE KINDS OF THINGS CAN BE MODE MONITORED BY PUBLIC SAFETY
AND OTHER -- AND FACULTY/STAFF.
AND WHEN IT COMES TO US, WE HAVE TO ACT UPON IT.
SO BEFORE YOU TAKE THAT PICTURE OF YOUR FRIEND WHO IS DRUNK OR
HIGH OR YOU'RE ACTING LIKE A FOOL AND YOUR FRIEND ARE GOING
TO PUT PICTURES OF YOU UP ON FACEBOOK, STOP AND PAUSE.
BECAUSE WE HAVE A NUMBER OF STUDENTS THAT LOSE TONS OF
OPPORTUNITIES HERE AND JOBS, AND STUDYBROAD AND RA POSITIONS
AND OA POSITIONS AND YOU NAME IT BECAUSE THEY WEREN'T THINKING
ABOUT HOW IT WAS GOING TO IMPACT THEM SOCIALLY.
SO IF YOU WALK AWAY WITH SOME GREAT TECHNICAL INFORMATION, BUT
BE THOUGHTFUL OF WHAT YOU PUT OUT THERE ABOUT YOU OR YOUR
RELATIONSHIPS TO YOUR FRIENDS BECAUSE IT COULD COME BACK TO
BITE YOU.
>> COULD WE JUST GET ANOTHER ROUND OF APPLAUSE FOR OUR
AWESOME PANELISTS AND SPEAKERS.
[APPLAUSE.]
>> ALL RIGHT.
SO BEFORE I LET YOU GO,IVE TWO PRESENTS FOR YOU, OKAY?
THE FIRST PRESENT IS YOU GET TO GO TO DINNER.
[CHEERS AND APPLAUSE] YEAH, DINNER, THAT'S ALWAYS GOOD.
I REMEMBER MY FRESHMAN YEAR, DINNER WAS THE BEST PART OF THE
DAY, NO OFFENSE, OA'S, I LOVE YOU GUYS.
THE SECOND PRESENT, WHICH WILL BE GIVEN TO YOU ALL AT THE DOOR,
ARE THESE.
DECKS OF CARDS.
THEY WILL HELP YOU NAVIGATE YOUR DIGITAL SELF-DEFENSE THROUGH THE
NEXT YEAR AND THEY HAVE TIPS ON EVERY SINGLE CARD TO KEEP YOU
SAFE.
SO THAT WAY YOU DON'T HAVE TO TAKE NICK HOME WITH YOU.
YOU DON'T HAVE TO STEAL BEN'S IDENTITY.
I MEAN, YOU COULD TAKE NICK HOME WITH YOU IF YOU LIKE, BUT YOU
COULD TAKE THE INFORMATION HOME, ALL RIGHT?
SO, EVERYONE, HAVE A GREAT NIGHT AND THANK YOU VERY MUCH.
OH, AS WELL, KEEP US IN MIND.
SOCIAL MEDIA, FOLLOW US ON TWITTER AND FACEBOOK VERY
CLOSELY.
IF YOU HAVE QUESTIONS, FOR THOSE OF YOU WHO COULDN'T ASK, FEEL
FREE TO REACH OUT TO US THERE.
AND YOU MAY JUST WIN A BARNES & NOBLE GIFT CARD.
THANKS A LOT, GUYS.