Where do we start?
Normally, when we talk about security, we have to start with a discussion of a ‘threat model’
A threat model helps us decide which security measures to use, taking into account:
- likelihood of attack
- cost of a successful attack
- reduction of likelihood given a countermeasure
- cost of a countermeasure
We won’t be doing that in 10 minutes!
That’s okay, because the countermeasures here are all cheap!
- Fast setup
- no $$$ cost
- no added hassle to doing ‘stuff’ online
Top 5 things to do
- Secure your email
- Effective Ad-Blocking
- (Windows) Automatic updates!
- Signal for secure conversations
- Secure your other services
1. Use ‘2-factor Authentication’ for email
Why: if someone accesses your email, they can probably get access to everything else
How: for Gmail, you’ll enable 2-factor Authentication, and install the ‘authenticator’ app on your phone.
2. Effective Ad-Blocking
Why: Beyond sites becoming readable, ads are the primary vector for privacy and security problems
How: Switch to Chrome or Firefox and install uBlock Origin
3. (Windows) Update and use Microsoft Antivirus
Why: Most attacks on computer secure target Windows PC’s that are not fully up-to-date
How: A great guide is at decentsecurity.com, but in general:
* upgrade to windows 7 or higher
* use included “Windows Defender”
* enable automatic updates
4. Signal for secure conversations
Why: In a conversation via email or social media, all your security is worthless if the other person has been hacked
How: Search your app store for Signal and use it when you want your conversation to be private
5. 2-factor authorization for other services
Why: Once your email is secure, time to make sure no one can access your Facebook, Twitter, LinkedIn, etc without your permission!
How: A few services only have 2-factor login, including Snapchat and Squarecash, for others Google ‘enable 2 factor authentication on [social network]’