Internet Security - University at Albany
Download
Report
Transcript Internet Security - University at Albany
US Copyright Law &
Protecting Your Privacy On-Line
Marty Manjak
Information Security Officer
US Copyright Law
Signed by Pres. Washington in 1790
Protects authors of “maps, charts, and
books”
Author possesses sole authority to print,
publish, and sell
Violators fined $.50 for each
unauthorized copy
Intellectual Property
Roberto (Law) has an idea
Roberto commits his idea to “tangible
form” (paper, electronic)
Roberto’s idea is now copyrighted
No one else may copy, distribute, or sell
his idea without his permission
Intellectual Property (IP)
Copyright protects IP
Examples: choreography, sculpture,
films, books, screenplays, essays,
scripts, diagrams, paintings, drawings,
research, designs, maps, architectural
drawings, songs, poems, non-fiction…..
All are protected against theft…in any
format
Digital Millennium Copyrigh
Act-1998
DMCA: written to protect IP from digital
copying and distribution.
If university receives a DMCA
complaint:
They must remove the copyrighted
material from their network
Or, be liable for financial penalties
File Sharing and Peer-to-Peer
File sharing software (Limeware and
BitTorrent) can violate copyright law
Sharing protected works without
permission
Worse-They can cost you thousands of
dollars!
Up to $250,000 per item!
Recent awards: $54,000-$67,5000
Be Careful with file sharing!
Don’t embarrass your host school
Don’t embarrass yourself
Don’t become liable for financial
penalties
The Copyright Test
If you don’t have permission, you can’t
share it
On-line Protection
Cyber crime is big business
You will be a target
You need to be pro-active in protecting
your privacy and your computer
The Torpig Botnet
Researchers at UC Santa Barbara
gained control of botnet for 10 days
180,000 machines were infected
70Gbs (7 x 1010) of personal data
collected
8,310 account passwords
410 financial institutions
1,660 credit card numbers
Scareware
Fake antivirus products earn promoters
$100 million (for starters)
http://www.interpol.int/public/Data/Wante
d/Notices/Data/2009/45/2009_13445.asp
http://www.thenewnewinternet.com/2010/
05/28/swede-u-s-citizen-accused-ofrunning-scareware-scam/
How were machines infected?
Drive-by downloads from legitimate web
sites.
Good web sites have been compromised and
seeded with malicious code that attacks your
computer
Malware will attack your browser and other
software (Adobe products [Flash, Reader], iTunes, Quicktime,
Java)
Protection #1
Don’t use the web with administrator
privileges
Use less privileged “User” accounts
This is standard with Vista and Windows 7
machines
Protection #2
Keep EVERYTHING patched
secunia.com/vulnerability_scanning/online/
Secunia will check for missing patches and
vulnerable software
Install the Personal version:
http://secunia.com/vulnerability_scanning/
personal/
Protection #3
Use anti-malware products
Anti-virus
Anti-spyware
Spyware Blaster
Spybot Search and Destroy
Windows Defender
Keep them up-to-date!
Protection #4
Use long passphrases (> 14 characters), even
on Facebook!
J’aimedespommesfr!t3S = 8621
Use different passphrases for different
services
Use KeePass2 to remember your passphrases
http://keepass.info/download.html
Protection #2
Keep EVERYTHING patched
secunia.com/vulnerability_scanning/online/
Secunia will check for missing patches and
vulnerable software
Install the Personal version:
http://secunia.com/vulnerability_scanning/
personal/
Protection #5
Use a firewall
Most operating systems (Windows, Mac OS
X) come with built in firewalls
Don’t turn them off!
Protection #6
Beware of social engineering
Most malware is installed by the victim
Fake video codecs
Poison links in email messages
Phishing: “Send us your password now!”
Fraudulent messages from “friends”
Fake anti-virus warnings
Criminals will pose as friends, victims, and
authorities
Protection: Bonus Points
Use the Firefox browser with No Script
Forces you to decide what content you will
allow
Will break a lot of web pages
But will also stop 99% of web attacks
https://addons.mozilla.org/enUS/firefox/addon/722/
More Firefox Bonus Points
Browser Plug-in: AdBlock Plus
https://addons.mozilla.org/enUS/firefox/addon/1865/
Browser Plug-in: Better Privacy
Deletes persistent cookies
https://addons.mozilla.org/enUS/firefox/addon/6623/
Review
1.
2.
3.
4.
5.
6.
Don’t run as admin
Keep EVERYTHING patched
Use Anti-virus software
Different site; Different passphrase
Firewalls: don’t disable
Be wary of social engineering
Thank you!
And good luck!!