Safe Computing

Notes

2 min read

Safe Computing

Personal Data

Personal data refers to information related to an individual that can be used to identify them.

PII (Personally Identifiable Information)

Examples include:

  • Age
  • Gender
  • Location

Risks of Collecting Personal Data

  • Unauthorized access
  • Data breaches
  • Misuse of data
  • Loss of privacy
  • Phishing attacks
  • Identity theft

Prevention

  • Encrypt: Secure data by encrypting stored and transmitted information
  • Strong Authentication: Use multi-factor authentication
  • Regularly Update Security: Keep security systems up to date
  • Access Control: Limit access to sensitive data
  • Unique Passwords: Use different passwords for all accounts

Authentication Measures

  • Multi-Factor Authentication: Requires users to verify identity using multiple authentication factors (e.g., enter a password and then get a verification code via text)
  • Strong Passwords: Use at least 8-16 characters, different characters and numbers, and different passwords for all accounts
  • Multi-Factor Authentication and Security Layers: Requires multiple pieces of evidence to verify identity

Encryption

Encodes data to prevent unauthorized access, while decryption restores it to a readable format.

Certificate Authorities

Trusted entities that issue digital certificates to verify the authenticity of websites and enable secure encrypted communications.

Antivirus and Malware Protection

Prevents and removes malicious programs for safe computing systems.

  • Signature-based detection, heuristic analysis, and real-time monitoring to identify threats
  • Blocks suspicious activities and infected files

Privacy and Permissions

You should control permissions that applications have to protect your privacy.

  • Review permission settings for apps
  • Manage cookies

Phishing

A technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and email.

  • Prevention: Don’t click on links from people you don’t know or trust

Keylogging

The use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.

  • Prevention: Don’t install untrusted software or apps

Data Interception

Data sent over public networks can be intercepted, analyzed, and modified. One way this can happen is through a rogue access point.

  • Prevention: Connect to secure networks and verify the address of websites you connect to are legitimate

Rogue Access Point

A wireless access point that gives unauthorized access to secure networks (fake Wi-Fi or fake website).

  • Prevention: Connect to trusted networks and only send information via websites with HTTPS (Hypertext Transfer Protocol Secure) to ensure data is encrypted

Can be disguised on a web page or in an email message.

  • Prevention: Don’t click links that you don’t know

Malicious Emails

Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised.

  • Prevention: Don’t download files or click random links from emails. If you have to, make sure it’s someone you know and can verify if it was actually them

Freeware

Often free downloads from freeware or shareware sites can contain malware.

  • Prevention: Don’t download software for free, especially if there is a popular paid version. If you have to, make sure it’s from a trusted site that you know and can verify has no malware

Link to Popcorn Hacks and Homework