Security Foundations4:29 with Greg Stromire
In this video, we’ll introduce some core concepts related to personal data online. We’ll also touch on why privacy matters. You will even find out for yourself if your accounts have been involved in a major security breach.
- Breach / Leak -- A forced or unintentional release of private data from an online service.
- Anonymity -- The ability to exist, and especially communicate, in a manner that does not reveal any personally identifiable information about the source.
- Privacy -- Unhindered agency to express oneself selectively, with direct control over one’s own information and explicit boundaries.
- Authenticity -- Provide, with a high level of confidence, an assurance of the identity of an individual or message through reliable and verifiable means.
[MUSIC] 0:00 Welcome to the Security Literacy course. 0:04 Thanks so much for joining us. 0:06 The Internet is an incredible resource for knowledge and communication. 0:08 Many of us use it multiple times a day, whether it's for work, or 0:12 school, or interacting with family and friends. 0:16 We often use it without a second thought about how our messages are actually sent 0:19 and received. 0:22 The reality is that the technologies we use are complex, and 0:24 involve many more people and devices than just you and 0:27 the person you're emailing, or the website you're visiting. 0:30 And with this additional complexity, 0:33 comes additional risk, often to your privacy and security. 0:35 This course will equip you with the tools and 0:39 knowledge necessary to keep yourself secure online. 0:42 You'll get a crash course in some of the most common ways that your privacy and 0:44 security can be threatened. 0:48 You'll develop a personalized framework for 0:49 thinking about your online activity through the lens of security. 0:51 And you'll establish some best practice behaviors, so that your personal data and 0:55 privacy remain intact. 0:58 One of the most common threats to a person's Internet security 1:01 is when an online service has a breach or a leak of their data. 1:04 This is where the private information that they hold 1:08 has been made public without authorization. 1:11 Chances are, you have already received a notification from a popular service 1:13 informing you that they had a breach and instructing you to change your password. 1:17 A great website for such breaches is haveibeenpwned.com. 1:21 It will search any email address against known service breaches. 1:24 Let me enter my own email as a demo. 1:29 And it looks like my address was part of a breach. 1:36 As it says below, last.fm, a popular music streaming service, was hacked, and 1:39 millions of user accounts were exposed. 1:43 I would immediately change my last.fm password if I hadn't already done so. 1:45 I encourage you to go to this site, right now, and enter your email, too. 1:50 I'll wait. 1:53 If the site reports that you have an account with a breached service, 1:55 and you haven't yet changed your password, do it now. 1:58 It's very important. 2:02 Also change the password for any sites that use the same password you use for 2:03 the breached site, and 2:06 don't be discouraged if you had an account show up as pwned. 2:08 It happens to the best of us, often through no fault of our own. 2:11 This is really one of the main risks about breaches. 2:15 For example, an attacker may take the passwords from a seemingly harmless music 2:17 streaming service and try to log into banks, or to forge other identities. 2:21 This is also why sites often encourage use of strong, unique passwords. 2:26 Good passwords are one of the easiest and 2:30 most effective ways to defend against this kind of attack, and 2:32 a great way to take your first step toward a more secure online presence. 2:35 As we explore online security, 2:40 it's helpful to keep a few important concepts in mind. 2:42 Anonymity, privacy, and authenticity. 2:45 You may already be familiar with these terms, but 2:47 it's worth revisiting in the context of online activity. 2:50 Anonymity, [SOUND] the ability to exist and, especially, communicate in a manner 2:54 that does not reveal any personally identifiable information about the source. 2:59 We often think about being anonymous as a form of privacy. 3:03 While there are similarities, you can often have one without the other. 3:07 And, in reality, achieving true anonymity online is quite a difficult task, 3:10 and well outside the scope of this course. 3:15 Privacy, [SOUND] unhindered agency to express oneself selectively, 3:17 with direct control over one's own information and explicit boundaries. 3:21 This is one of the most desired properties of our online activity, and 3:26 certainly one of the most threatened. 3:29 Authenticity, [SOUND] provide, with a high level of confidence, an assurance of 3:32 the identity of an individual or message through reliable and verifiable means. 3:36 The significance of this concept may not seem as obvious as the others when 3:40 relating to online security, but it is vital. 3:44 When considering privacy online, there's often a myth 3:47 that you don't have anything to worry about if you have nothing to hide. 3:49 Edward Snowden, a well-known figure in privacy and security, 3:54 has this to say in response. 3:57 Arguing that [SOUND] you don't care about the right to privacy because you have 3:59 nothing to hide is no different than saying you don't care about free speech 4:03 because you have nothing to say. 4:06 Now that you've been introduced to some core concepts relating to online security, 4:08 and even had a taste of how it could affect you directly by checking your email 4:12 against known breaches, I hope that you have an increased interest in security. 4:16 In the next video, we'll build on this foundation by diving a bit deeper 4:21 into the parts of Internet traffic exposed during common online activities. 4:25
You need to sign up for Treehouse in order to download course files.Sign up