Internet Security - University at Albany

Download Report

Transcript Internet Security - University at Albany 

US Copyright Law &
Protecting Your Privacy On-Line
Marty Manjak
Information Security Officer
US Copyright Law




Signed by Pres. Washington in 1790
Protects authors of “maps, charts, and
books”
Author possesses sole authority to print,
publish, and sell
Violators fined $.50 for each
unauthorized copy
Intellectual Property




Roberto (Law) has an idea
Roberto commits his idea to “tangible
form” (paper, electronic)
Roberto’s idea is now copyrighted
No one else may copy, distribute, or sell
his idea without his permission
Intellectual Property (IP)



Copyright protects IP
Examples: choreography, sculpture,
films, books, screenplays, essays,
scripts, diagrams, paintings, drawings,
research, designs, maps, architectural
drawings, songs, poems, non-fiction…..
All are protected against theft…in any
format
Digital Millennium Copyrigh
Act-1998


DMCA: written to protect IP from digital
copying and distribution.
If university receives a DMCA
complaint:


They must remove the copyrighted
material from their network
Or, be liable for financial penalties
File Sharing and Peer-to-Peer



File sharing software (Limeware and
BitTorrent) can violate copyright law
Sharing protected works without
permission
Worse-They can cost you thousands of
dollars!


Up to $250,000 per item!
Recent awards: $54,000-$67,5000
Be Careful with file sharing!



Don’t embarrass your host school
Don’t embarrass yourself
Don’t become liable for financial
penalties
The Copyright Test

If you don’t have permission, you can’t
share it
On-line Protection



Cyber crime is big business
You will be a target
You need to be pro-active in protecting
your privacy and your computer
The Torpig Botnet






Researchers at UC Santa Barbara
gained control of botnet for 10 days
180,000 machines were infected
70Gbs (7 x 1010) of personal data
collected
8,310 account passwords
410 financial institutions
1,660 credit card numbers
Scareware

Fake antivirus products earn promoters
$100 million (for starters)


http://www.interpol.int/public/Data/Wante
d/Notices/Data/2009/45/2009_13445.asp
http://www.thenewnewinternet.com/2010/
05/28/swede-u-s-citizen-accused-ofrunning-scareware-scam/
How were machines infected?



Drive-by downloads from legitimate web
sites.
Good web sites have been compromised and
seeded with malicious code that attacks your
computer
Malware will attack your browser and other
software (Adobe products [Flash, Reader], iTunes, Quicktime,
Java)
Protection #1

Don’t use the web with administrator
privileges


Use less privileged “User” accounts
This is standard with Vista and Windows 7
machines
Protection #2

Keep EVERYTHING patched



secunia.com/vulnerability_scanning/online/
Secunia will check for missing patches and
vulnerable software
Install the Personal version:
http://secunia.com/vulnerability_scanning/
personal/
Protection #3

Use anti-malware products


Anti-virus
Anti-spyware




Spyware Blaster
Spybot Search and Destroy
Windows Defender
Keep them up-to-date!
Protection #4

Use long passphrases (> 14 characters), even
on Facebook!



J’aimedespommesfr!t3S = 8621
Use different passphrases for different
services
Use KeePass2 to remember your passphrases
http://keepass.info/download.html
Protection #2

Keep EVERYTHING patched



secunia.com/vulnerability_scanning/online/
Secunia will check for missing patches and
vulnerable software
Install the Personal version:
http://secunia.com/vulnerability_scanning/
personal/
Protection #5

Use a firewall


Most operating systems (Windows, Mac OS
X) come with built in firewalls
Don’t turn them off!
Protection #6

Beware of social engineering

Most malware is installed by the victim






Fake video codecs
Poison links in email messages
Phishing: “Send us your password now!”
Fraudulent messages from “friends”
Fake anti-virus warnings
Criminals will pose as friends, victims, and
authorities
Protection: Bonus Points

Use the Firefox browser with No Script




Forces you to decide what content you will
allow
Will break a lot of web pages 
But will also stop 99% of web attacks 
https://addons.mozilla.org/enUS/firefox/addon/722/
More Firefox Bonus Points

Browser Plug-in: AdBlock Plus


https://addons.mozilla.org/enUS/firefox/addon/1865/
Browser Plug-in: Better Privacy


Deletes persistent cookies
https://addons.mozilla.org/enUS/firefox/addon/6623/
Review






1.
2.
3.
4.
5.
6.
Don’t run as admin
Keep EVERYTHING patched
Use Anti-virus software
Different site; Different passphrase
Firewalls: don’t disable
Be wary of social engineering
Thank you!

And good luck!!