Every day, you hear about security flaws, viruses, and evil hacker gangs that could leave you destitute — or, worse, bring your country to its knees. But what’s the truth about these digital dangers? We asked computer security experts to separate the myths from the facts. Here’s what they said.
The Cybersecurity Lab is a game designed to teach people how to keep their digital lives safe, spot cyber scams, learn the basics of coding, and defend against cyber attacks. Players assume the role of the chief technology officer of a start-up social network company that is the target of increasingly sophisticated cyber attacks. In the game, players must complete challenges to strengthen their cyber defenses and thwart their attackers. The Lab also features stories of real-world cyber attacks, a glossary of cyber terms, and short animated videos that explain the need for cybersecurity, privacy versus security, cryptography (cyber codes), and what exactly hackers are. MORE: Cybersecurity | NOVA Labs | PBS.
The U.S. Navy General Library Program NGLP last month announced the release of its new Navy e-Reader Device NeRD, which comes preloaded with 300 titles including popular fiction, recent bestsellers, and content from the Chief of Naval Operations Professional Reading Program. The new e-ink readers were designed by preloaded digital content provider Findaway World perhaps best known in the library world for its Playaway and are the first devices to feature Findaway’s new “Lock” ereader security solution.
These preloaded devices do not have wifi connectivity or accessible data inputs or outputs, and are designed to be manipulation free. This design adheres to the Navy’s security protocols, which include restrictions on many types of personal electronic devices with rewritable media or recording capabilities on board ships. In an earlier interview during the request for information stage of the project in 2012, Nilya Carrato, program assistant for the NGLP told LJ that preloaded, manipulation-free devices would also help ensure that titles are not accidently deleted during long deployments, and that sailors would not use their personal credit cards to add content to the devices.
Those who worry that Gmail or the National Security Agency may be rifling through their emails now have a new alternative: ProtonMail, a super-secure email service created by students from Harvard and the Massachusetts Institute of Technology.
“It was the Snowden leaks that got us started,” ProtonMail founder and front-end developer Jason Stockman told The Huffington Post. “A lot of us at the time were working at CERN, the nuclear research facility in Switzerland, and we started hearing about all this and we really freaked out. We ended up posting on Facebook about privacy issues, and it just grew from there.”
ProtonMail’s open beta launched [Saturday May 17th], and its security measures are intense: end-to-end encryption and user authentication protocols so rigorous even the creators can’t read user emails.
When General Stanley McChrystal started fighting al Qaeda in 2003, information and secrets were the lifeblood of his operations. But as the unconventional battle waged on, he began to think that the culture of keeping important information classified was misguided and actually counterproductive. In a short but powerful talk McChrystal makes the case for actively sharing knowledge.
We’ve asked the companies in our Who Has Your Back Program what they are doing to bolster encryption in light of the NSA’s unlawful surveillance of your communications. We’re pleased to see that four companies—Dropbox, Google, SpiderOak and Sonic.net—are implementing five out of five of our best practices for encryption. In addition, we appreciate that Yahoo! just announced several measures it plans to take to increase encryption, including the very critical encryption of data center links, and that Twitter has confirmed that it has encryption of data center links in progress.
The internet backbone — the infrastructure of networks upon which internet traffic travels — went from being a passive infrastructure for communication to an active weapon for attacks.
According to revelations about the QUANTUM program, the NSA can “shoot” (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, “It wasn’t us. And even if it was, you started it.”
If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgacom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own.
Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector.
Here’s how it works.
Researchers from all over the world can use DETER, a practice Internet, to discover the best ways to combat hackers and prevent a “Cyber Pearl Harbor.” Host David Pogue met with cyber security experts at DETER, who taught him about a common attack called the Distributed Denial of Service, or DDoS, attack.
The anonymity software has sparked controversy but who built it, what is it used for, what browser does it use – and why is the NSA so worried by it?
If your growing weariness of being constantly tethered to the Internet has become overwhelming, it might be time to scrub yourself from the social media sphere altogether. Here’s how you can become a ghost on the Internet, by tracking down and eliminating your digital past.
Provides instructions for how to remove/deactivate accounts for Facebook, Twitter, LinkedIn, and Google+. Recommends other tools including Account Killer, Just Delete Me and Knowem.