Keeping Bad Guys Out of Your Digital Life
Marc Goodman
Lesson Info
6. Keeping Bad Guys Out of Your Digital Life
Lessons
Class Introduction
12:04 2Stalkers, Bullies & Hackers
04:44 3The Biggest Lie About Cybersecurity & The Power of Self-Defense
07:10 4The #1 Online Security Habit That Changes Everything
17:12 5Passwords & Locking Down Your Accounts
25:09 6Keeping Bad Guys Out of Your Digital Life
12:25 7Protecting the Super Computer in Your Pocket
14:03 8Avoiding Download Disasters
06:45Why Administrator Accounts Are a Terrible Idea
07:59 10Why Less Is More: Tune In and Turn Off
06:36 11The Magical Power of Encryption
12:38 12Traveling Safely With Your Tech
10:10 13Defense Against the Rising Ransomware Threat
08:50 14You Need A Back-Up Plan: STAT
06:00 15The Art of Digital Self Defense
18:57 16Home Hacked Home
11:29 17Your Purpose Focused Digital Protection Plan
08:19 18Other Tools and Tricks of the Trade
22:35Lesson Info
Keeping Bad Guys Out of Your Digital Life
Access denied. How do you go about keeping bad guys out of your digital life? Again, let's think about how we do this in the real world. When you go ahead and have a big house, you lock all of the doors when you go to work in the morning. But if you lock all of the doors and leave the window open, guess where the burglars are gonna come in? They're gonna take the easiest route to break into your lives, so you need to lock access down. You need to deny access to people who wanna get into your digital life that don't belong there. And you can do this for multiple different devices. So let's start talking about computers and laptops. You definitely should be setting an access password for your computer, which means when you boot it up, you have to turn on a password. On the Mac computers, you do this in the firmware and there are instructions online and in some of our resources that will walk you through this. And for each one of your accounts, you can have a password. So you should defin...
itely go ahead and require a password. Right, and disable automatic login. If you've got automatic login and no password on your home computer, your kids, you know, their friends, after school, the burglar, anybody can get into all of your accounts and see all of your information. So definitely set an account password for your digital accounts. You can certainly do the same things in Windows. Go to Start, Settings, Accounts, and Sign-in Options. And there, you can set the password. And this is, again, all explained in the literature that we'll be sharing with you. Mobile phones. Guess what, these need passwords too. You definitely want to set a passcode. Why do you want to set a passcode on your phone? Because it's got a ton of your data too. And here's a startling statistic from Consumer Reports. Five million people. I'm sorry. Before we get into that one, let's talk about this. 64% of people don't set a password on their phones. How many of you don't have a password on your phone? You're not gonna admit it. If you don't have a password on your phone, get out. Right, get out of the class right now. We'll talk more about smartphone security in the upcoming lesson. But more than half the people don't even have access to their cellphone locked down with a password. Don't be one of those people. On the iPhone, nowadays, go into Settings, Touch ID and Password, set the Passcode Options. It used to be the standard was four digits-long. Apple has recognized that risk and has now raised it to six digits-long. The choice that I like better is the custom alphanumeric code, where you can put in 20 digits or something much longer, which will protect you better. There's also a very cool trick that you can try called biometrics, right. Nowadays, more and more phones can be unlocked with not something you know, like a password, but something you are, like facial recognition or a fingerprint or iris scan. That's a biometric. And Apple has implemented Touch ID. Some of you might be, who's freaked out about, like, putting their fingerprint on their phone, right? That's a little scary. But I've studied what they're doing and how they've implemented it and I'm liking what I see. That password, meaning your fingerprint, your biometric fingerprint, is not stored in software. It is only stored in a special encrypted, isolated chip on the phone and it never leaves your phone. Okay, so I think they've done a good job implementing it there. On Androids, the implementations vary widely. They're many examples out there of Android biometrics that have been subverted by going ahead and taking a piece of cellophane tape. So if you leave your fingerprint on the window to your car, I can walk up with a piece of cellophane tape, put it on your phone, and it will unlock. So study your Android biometrics very carefully. The new form of biometrics that we're starting to see, I think, Samsung has this and the iPhone 10 has this, is facial recognition. In my personal view, this is less mature. I like it less, there's some advertising concerns that I definitely have about this. So it's a work in progress. I personally don't use facial recognition on my phones. I'm more comfortable with fingerprints, due to the technology behind it. Again, if you're in Android and you wanna turn on fingerprint, go to Settings, Tap Passcode, and make sure that you turn on the passcode, and that's where you can see the Fingerprint Unlock there. Another thing that you should do. So we've talked about, you know, boot passwords for your computer. We've talked about account passwords for your computer. We've talked about passwords for your mobile phones. You should also turn on a firewall to block access to your computer. Firewall is an excellent to control access to your entire digital life. And if you have any firewalls available, turn them on. Most computers have some type of firewall system. What is a firewall? Where does the term come from? Well, back in the day, when there were actual, real fires, a firewall was a larger, thicker, specially enforced wall, whose job it was to keep out the fire and prevent things from burning down. So it's a highly reinforced fire-proof way of preventing fires from spreading. And that's the concept behind the modern computer firewall. Think of it as a castle in a moat. It's building all of these protections around you and your digital life. Or another actually pretty accurate way of thinking about what a firewall does is, it's kinda like Wonder Woman. You know, like, when the bad guys shoot at her all the time and she lifts up her magical bracelets and go, ping, ping, ping, and all the bullets fly away? That's what a firewall does. Everyday, every second, if your computer is online, it is being pinged, meaning attacked or checked by other computers all over the world. What a firewall does is, it blocks your computer and your data with those magical bracelets. So turn it on. Macs have it built in right under Security and Privacy. Just go to Firewall and click Turn On and that's all you need to do. There's an additional feature, where you can also block incoming connections. Unless you're running a network or something funky, you should not need extra connections, so turn this off. If some device that you have in your home stops working, then you may need to turn this back on. But I strongly recommend not having it on. In Windows, go under Control Panel system settings and you'll see Windows Firewall. Now, those two firewalls that we just discussed are what are called software firewalls. Software, because they're already built into the software operating system of your Windows or Mac machine. But it turns out that there's a second type of firewall, which is also highly, highly effective and I recommend both. And that's a hardware firewall. And as I mentioned, what they do is protect your computer. This is the firewall, that's the big, mean Internet world. They block all of the incoming requests for your data. If you have a home wifi router, there's a decent chance that it will have a built-in firewall that you can just turn on. Now, I'm not gonna lie to you. Dealing with your cable company's router is a pain in the butt. It's entirely non-intuitive and it's usually not updated and it's really old technology. So turn it on if you can, make sure it's up-to-date. But there's actually a much better solution, one that I really, really like and it's hell of a lot easier. And that is this thing called Cujo AI. It's a next-generation smart firewall and I'm gonna talk a lot more about this in the Protect Your Home section of the class. But for right now, just know that the coolest feature of Cujo is, you can go ahead and control it with an app on your phone. It's easier to understand than the standard firewalls and you can do a lot with it. It'll block you against cyber-attacks, DDoS attacks, and malware. And it's wicked cute. So we'll talk about Cujo later. Another thing to keep in mind from an access perspective, something that you want to deny people to, is access to your USB port, right. USBs can be really, really dangerous. And a high, high percentage of them carry malware, right. And they can do amazing things. It's not just that sharing thumb drives can give your computer a virus. But now, the attacks are becoming more harmful and pernicious. And just by plugging in a stranger's hard drive, you can actually, sorry, thumb drive, you can actually fry the motherboard of your computer, like an egg. So if you want to avoid that, don't put a stranger's thumb drive in your computer. And to help you understand, like, the risk here, it was over a decade ago that the U.S. military banned thumb drives. You can no longer use thumb drives on any DOD computer. They've actually taken away the thumb drive port, the USB port, so that's for protection. Now, how many of you have seen things like this in airports? Right, it's like, oh my god, I've got 4% left on my phone and I need to charge it, so I can download, you know, the latest version of Harry Potter or Stranger Things or whatever it is out there you wanna watch. They look so nice. But look at the construction of this device. What is going behind, what's going on behind this cardboard? What's going on behind this metal? What are the wires doing? What do they connect to? What do they connect to here? What's inside that box? You don't know. And now, knowing that you can go ahead and plug in your USB device for charging and it will fry your computer or fry your phone, you should view all of these with suspicion. And it turns out that criminals, being inventive as they are, have broken into these devices in high traffic areas around the world. So they open up the thing that looks like the big charging station and they've put their own malware on the computer. And the minute that you plug in your phone, right, because remember, you've got a data cable that syncs and doesn't just charge your phone, it syncs the data. That is now gonna put malware on your phone or on your computer, so beware of that. And it's not just on iPhones, it's also happened with Androids, where you can go ahead and get infected just by plugging into a strange USB port. I want to take a moment to give you a lesson from the world of public health, right. Because I think we can take a public health lesson and perspective when think about the threats from our USB devices. When we talk about cyber-threats, you know, cyber-security experts tend to always talk about computer infections and computer viruses. And what you can hear in that is that we use the language of medicine to describe the problem, but we don't use the tools of medicine to fix the problem. Right, what public health tools can be bring to bear on particular cyber-security threats? And as I was thinking long and hard, this is one that I came up with. I know it looks a little weird, but there is an analogy that you can use with regards to your USB devices, right. When it comes to your own personal body, you do not stick your parts in lots of different places without bad results. And you don't let other people stick their parts in you without really, really bad results. You take common precautions. You take a public health approach to your own physical life and you need to do the same thing with your digital life. And it turns out, there's kind of a USB condom out there that I am going to recommend to you. And this is what it looks like. It's made by a company called PortaPow. You'll notice that I use this on all of my devices. So what this does is, it blocks any data from transferring between my device on the other end of it and this USB blocker. It allows power to come through, but it blocks data. And you will wanna use these as much as you can. They're only a couple of bucks. What is it, eight bucks. And I think you get two of them, right. So go ahead and get these. You can find them on Amazon and elsewhere. You can feel secure about plugging in your devices. And some places that you might not think to use this, you really should. For example, airplanes. There's malware on airplanes. Don't just plug in your phone to the airplane charger. And particularly, rental cars. You don't know how many times I've gone to Rent-a-Car and I see six other people's phone books and addresses and all that stuff that they've left on the car system, that's still on the Ford system or the Honda system or whatever. Using something like this will allow you to benefit from the charger, but will go ahead and block any of those threats. So highly recommended and it complete eliminates a vector of infection for you.
Class Materials
Ratings and Reviews
Joyce Haven
Marc's class provides an excellent road map for making your online life safer. He provides clear examples and great resources that makes it easy to implement better personal security against identity theft and all manner of online scams. He's funny and engaging, and extremely encouraging. It was easy to go home and implement his plan. It also gave me the tools I needed to help my elderly mother safeguard her online presence as well. Great class, I highly recommend it.
Kyle
Marc not only is a true and leading expert in cyber security, he also has a great way of teaching through a mix of compelling story telling and concrete "to-do's". The class is both compelling and extremely useful. I cant believe that this is not a required course at every high school and university. These are the real life skills we all need and Marc makes the complicated accessible. Great teacher, great class! I highly recommend it!
a Creativelive Student
Great course! This has given me so many tools to be able to better secure my digital life. I am eager to start implementing this info. Marc went over a serious amount of material in a one day class. It would be great if he does more classes at creative live. Thank you so much. I just turned on auto updates for my laptop operating system software!