Digitalks #15
Digitalks #15
Sicherheit im Netz
Martin Leyrer
Themenbersicht
Pestizide
Brandmauern
Service
Wer lauscht mit
Krmelmonster
Passwrter
Vertrauen
Temporre E-Mails
Anonym Online
Buchtips
http://www.flickr.com/photos/57402879@N00/362127198/
Pestizide (Virenschutz)
Schutz vor Viren, Wrmern, ...
Pflicht fr alle E-Mail Lucky Lukes
Anbieter mischen
Unter Windows eigentlich ein must have
http://www.flickr.com/photos/moritzbernoully/3411252063/
Brandmauern (Firewalls)
Schtzt vor Angriffen von auen
ev. auch von innen
Intrusion Detection & Prevention (IDS, IPS) ?
Werden sehr schnell sehr komplex
Pflicht unter Windows
http://www.flickr.com/photos/disaster_area/3640293101/
Service (Aktualisierungen)
Pflicht (egal welches Betriebssystem)
Anwendungen nicht vergessen (PDF, Flash, Java, Office, )
Am besten automatisieren
Tipp fr Windows: Secunia Personal Software Inspector
http://www.flickr.com/photos/smoovey/3297533849/
Wer lauscht mit (Verschlsselung)
Im Browser (SSL/TLS)
E-Mail bertragung (SSL/TLS)
E-Mail Inhalte (S/MIME oder GNUPG)
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1
Last year, my novel Makers was published and syndicated free as
a seriesof 81 blog-posts on Tor.com. Tor had the insanely creative
people atIdiots' Books produce 81 interlocking, tesselating
illustrations, onefor each installment, and made a sweet little
Flash toy that let youplay with making your own meta-illo by moving
the tiles around.
...
READ CAREFULLY. By reading this email, you agree, on behalf of
youremployer, to release me from all obligations and waivers
arising fromany and all NON-NEGOTIATED agreements, licenses,
terms-of-service,shrinkwrap, clickwrap, browsewrap,
confidentiality, non-disclosure,non-compete and acceptable use
policies ("BOGUS AGREEMENTS") that I haveentered into with your
employer, its partners, licensors, agents andassigns, in
perpetuity, without prejudice to my ongoing rights andprivileges.
You further represent that you have the authority to releaseme from
any BOGUS AGREEMENTS on behalf of your employer.
-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.9
(GNU/Linux)Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iEYEARECAAYFAkwMgeAACgkQkCbbvh/CN6+LDQCgg9F8dQ8AzuqU/fiPo7LNYF4K+C8AniOh2ec0Z/S26UYgmbYvK3J57b+X=fFi4-----END
PGP SIGNATURE-----
http://www.flickr.com/photos/newbirth/4484884179/
Krmelmonster
Normale Cookies
Flash-cookies (Local Shared Objects, LSO)
Ghostery
CookieSafe
View Cookies
BetterPrivacy
Adblock Plus
Some flash LSO-cookie properties in short...- they are never
expiring - staying on your computer for an unlimited time.- by
default they offer a storage of 100 KB (compare: Usual cookies 4
KB).- browsers are not aware of those cookies, LSO's usually cannot
be removed by browsers.- via Flash they can access and store highly
specific personal and technical information (system, user name,
files,...).- ability to send the stored information to the
appropriate server, without user's permission.- flash applications
do not need to be visible- there is no easy way to tell which
flash-cookie sites are tracking you.- shared folders allow
cross-browser tracking, LSO's work in every flash-enabled
application- the company doesn't provide a user-friendly way to
manage LSO's, in fact it's incredible cumbersome.- many domains and
tracking companies make extensive use of flash-cookies.
http://www.flickr.com/photos/parmiter/2505803867/
Passwrter
... people can no longer remember passwords good enough to
reliably defend against dictionary attacks, and are much more
secure if they choose a password too complicated to remember and
then write it down. - B. Schneier
KeePass Password Safe
Vertrauen Sie mir,
ich wei was ich tue!
Vertrauen
Delivered-To: [email protected]: by 10.204.10.132 with
SMTP id p4cs3051bkp; Mon, 7 Jun 2010 22:52:17 -0700 (PDT)Received:
by 10.231.196.220 with SMTP id eh28mr818375ibb.198.1275976335525;
Mon, 07 Jun 2010 22:52:15 -0700 (PDT)Return-Path: Received: from
weblinux04.bighost.com.br (weblinux04.bighost.com.br
[200.219.245.41]) by mx.google.com with SMTP id
f19si7825272ibj.96.2010.06.07.22.52.14; Mon, 07 Jun 2010 22:52:15
-0700 (PDT)Received-SPF: neutral (google.com: 200.219.245.41 is
neither permitted nor denied by domain of [email protected])
client-ip=200.219.245.41;Authentication-Results: mx.google.com;
spf=neutral (google.com: 200.219.245.41 is neither permitted nor
denied by domain of [email protected])
[email protected]: Tue, 8 Jun 2010 02:44:09 +0300To:
From: Facebook Subject: You have deactivated your Facebook account
(56289)Message-ID: X-Priority: 3MIME-Version: 1.0Content-Type:
text/html; charset="UTF-8"Content-Transfer-Encoding: 7bit
Temporre E-Mail
Mailinator
http://mailinator.com/
Gmail +
[email protected]
http://www.flickr.com/photos/cobalt/247564799/
Anonym Online
The Onion Routing
www.torproject.org/
FoeBuD PrivacyDongle
Ubit Wien PrivaSEC forte
http://www.flickr.com/photos/98469445@N00/327471676/
Die Kunst der Tuschung
Kevin D. Mitnick
ISBN: 3826615697
In Die Kunst der Tuschung dreht sich alles um die Mglichkeit,
jemandes Vertrauen mit Lgen zu erschleichen, um dieses Vertrauen
dann zum eigenen Spa und Vorteil zu missbrauchen.
Practical Cryptography
Niels Ferguson and Bruce Schneier
ISBN: 0471223573
This book is about how to apply the cryptographic functions in a
real-world setting in such a way that you actually get a secure
system.
Little Brother
Cory Doctorow
ISBN: 0765319853
Download for Free
This book is action-packed with tales of courage, technology,
and demonstrations of digital disobedience as the technophiles
civil protest.
Danke fr die Aufmerksamkeit!
Links: http://delicious.com/MartinLeyrer/Digitalks15
Kontakt:
E-Mail: [email protected]
Twitter/Identi.ca: leyrer
Blog: http://martin.leyrer.priv.at
Jabber/GTalk: [email protected]
