1 00:00:00,000 --> 00:00:04,687 [SOUND] We've developed a basic visual model for 2 00:00:04,687 --> 00:00:10,090 Internet traffic to help us make informed decisions. 3 00:00:10,090 --> 00:00:14,480 We've also toured some of the more common threats and effective defenses. 4 00:00:14,480 --> 00:00:18,520 Now it's time to level up our own online behaviors to stay safe and secure. 5 00:00:19,960 --> 00:00:23,810 One of the more important tools that we have available to us cryptography. 6 00:00:23,810 --> 00:00:26,520 The movies can make it seem like cryptography is only used for 7 00:00:26,520 --> 00:00:28,570 international espionage. 8 00:00:28,570 --> 00:00:32,100 But the reality is that most of us use it nearly every day. 9 00:00:32,100 --> 00:00:35,420 Without going into the details, this video will introduce encryption and 10 00:00:35,420 --> 00:00:39,440 related tools that help make using it as easy as sending a text or an email. 11 00:00:41,020 --> 00:00:44,240 Cryptography is a great tool because it offers a form of defense for 12 00:00:44,240 --> 00:00:47,650 many of the attacks or threats we've already discussed. 13 00:00:47,650 --> 00:00:50,640 And best of all, you're likely already using it. 14 00:00:50,640 --> 00:00:52,910 In our last video, we talked about HTTPS. 15 00:00:53,970 --> 00:00:58,620 This secure version of HTTP, the main communication of the Internet, 16 00:00:58,620 --> 00:01:02,660 offers protections from eavesdropping and from man-in-the-middle attacks. 17 00:01:02,660 --> 00:01:03,900 Cryptography, at least for 18 00:01:03,900 --> 00:01:09,260 our purposes, is the use of advanced mathematics to serve this double purpose. 19 00:01:09,260 --> 00:01:12,180 First, it provides guarantees of authenticity by 20 00:01:12,180 --> 00:01:15,060 ensuring the participating parties are who they say they are. 21 00:01:16,300 --> 00:01:20,080 This could be you and another person, or your computer and 22 00:01:20,080 --> 00:01:22,940 a website hosted in another part of the world. 23 00:01:22,940 --> 00:01:27,110 And second, it protects privacy by encrypting the contents of a message 24 00:01:27,110 --> 00:01:31,075 in such a way that only the proven participants can decrypt and read it. 25 00:01:32,455 --> 00:01:37,595 Often, this happens seamlessly, such as in the browser for HTTPS traffic. 26 00:01:37,595 --> 00:01:40,345 Another seamless integration is Apple's iMessage, 27 00:01:40,345 --> 00:01:42,835 the built-in text messaging between iOS devices. 28 00:01:43,970 --> 00:01:47,200 These messages are also protected with strong cryptography without 29 00:01:47,200 --> 00:01:50,270 complicated setup required from users. 30 00:01:50,270 --> 00:01:53,820 Let's explore other ways to use cryptography to get these benefits for 31 00:01:53,820 --> 00:01:56,280 the rest of our digital information. 32 00:01:56,280 --> 00:02:00,890 We can categorize the digital information in our lives into data in transit and 33 00:02:00,890 --> 00:02:02,170 data at rest. 34 00:02:02,170 --> 00:02:04,260 This can help us tools the right tools for the job. 35 00:02:05,380 --> 00:02:08,940 Data in transit relates to the active, communicating messages. 36 00:02:08,940 --> 00:02:11,660 This could be sending an email or a text message, but 37 00:02:11,660 --> 00:02:13,540 this could also include browsing a webpage. 38 00:02:13,540 --> 00:02:17,850 The implied risk here is that the active transmission in vulnerable. 39 00:02:18,880 --> 00:02:20,410 So what are our options? 40 00:02:20,410 --> 00:02:21,640 Fortunately, quite a few. 41 00:02:22,900 --> 00:02:24,550 Data in transit. 42 00:02:24,550 --> 00:02:26,980 Web Traffic- https. 43 00:02:26,980 --> 00:02:31,060 Look for it in the address bar, and that it shows the right domain. 44 00:02:31,060 --> 00:02:34,070 Additional tools like HTTPS Everywhere 45 00:02:34,070 --> 00:02:37,600 can help use only secure sites wherever possible. 46 00:02:37,600 --> 00:02:41,550 Email, several options exist and more are in development. 47 00:02:41,550 --> 00:02:46,560 Third party services provide encrypted emails such as ProtonMail or RiseUp. 48 00:02:46,560 --> 00:02:51,000 Other solutions like Enigmal allow you to keep your existing e-mail address, and 49 00:02:51,000 --> 00:02:53,580 can encrypt the content of your messages. 50 00:02:53,580 --> 00:02:54,960 Text messages. 51 00:02:54,960 --> 00:02:58,490 Two big players in the field at the moment, Signal and WhatsApp. 52 00:02:58,490 --> 00:03:00,340 They're based on similar technologies so 53 00:03:00,340 --> 00:03:04,160 their discerning features are more about design choices and supporting companies. 54 00:03:05,640 --> 00:03:06,380 VPNs. 55 00:03:06,380 --> 00:03:09,210 We spoke briefly about virtual private networks already 56 00:03:09,210 --> 00:03:11,660 as a way to protect your internet traffic. 57 00:03:11,660 --> 00:03:13,550 But it's worth repeating here. 58 00:03:13,550 --> 00:03:15,950 Countless VPN services are available, so 59 00:03:15,950 --> 00:03:18,600 it will take some research to find the best fit for you. 60 00:03:19,670 --> 00:03:23,020 Data at rest relates to the act of storing information. 61 00:03:23,020 --> 00:03:26,820 This could be everything on your hard drive, or an external drive, or 62 00:03:26,820 --> 00:03:30,080 even how your email and text messages get saved on devices. 63 00:03:30,080 --> 00:03:33,080 The risk here is a bit more obvious. 64 00:03:33,080 --> 00:03:37,520 If someone gained access to these devices, what information could they capture? 65 00:03:37,520 --> 00:03:41,550 There is no shortage of solutions for this category either, so let's jump right in. 66 00:03:42,670 --> 00:03:45,550 Data at rest, system encryption. 67 00:03:45,550 --> 00:03:48,850 Often, there's a simple setting to be switched on for a given device or 68 00:03:48,850 --> 00:03:50,105 operating system, and 69 00:03:50,105 --> 00:03:53,560 it's usually accompanied by providing a strong passphrase. 70 00:03:53,560 --> 00:03:56,440 For example, on Window's machines it's called BitLocker. 71 00:03:56,440 --> 00:03:58,920 And on Mac OS, it's FileVault. 72 00:03:58,920 --> 00:04:03,460 It is highly recommended to enable this when possible on all your devices, 73 00:04:03,460 --> 00:04:07,220 whether a desktop, laptop, cellphone or tablet. 74 00:04:07,220 --> 00:04:10,840 Drive encryption, some built-in tools allow individual files and 75 00:04:10,840 --> 00:04:13,440 folders to be protected with basic encryption. 76 00:04:13,440 --> 00:04:16,490 Other third party tools have seen greater adoption. 77 00:04:16,490 --> 00:04:18,588 Windows, Encrypted File Service. 78 00:04:18,588 --> 00:04:21,530 macOS, Disk Utility. 79 00:04:21,530 --> 00:04:26,649 VeraCrypt is a free, open source utility that improves upon another well-known, 80 00:04:26,649 --> 00:04:29,120 but now abandoned, tool, TrueCrypt. 81 00:04:29,120 --> 00:04:30,404 Third party tools. 82 00:04:30,404 --> 00:04:34,604 Other tools offer different levels of protection with varying degrees of 83 00:04:34,604 --> 00:04:35,828 usability and cost. 84 00:04:35,828 --> 00:04:40,382 GPG is a tried-and-true command-line multi-tool that can cover just about any 85 00:04:40,382 --> 00:04:44,230 need, if you can figure out how do you construct the correct command. 86 00:04:45,230 --> 00:04:48,620 Keybase is an interesting service that offers various cryptographic 87 00:04:48,620 --> 00:04:52,970 functionality, including encrypted chat and shared file-system. 88 00:04:52,970 --> 00:04:56,140 Now we've seen how beneficial cryptography can be. 89 00:04:56,140 --> 00:04:59,890 We've also explored ways that it has already improved our lives. 90 00:04:59,890 --> 00:05:03,020 And, finally, we've learned about some additional tools to protect our data, 91 00:05:03,020 --> 00:05:04,840 both in transit and at rest. 92 00:05:05,940 --> 00:05:09,060 All this without needing to dig into the messy details of the mathematics