SOCIAL NETWORKING

SECURITY AND PRIVACY

Find Me Online

• ikawnoclast.com
• facebook.com/ikawnoclast
• twitter.com/ikawnoclast
• linkedin.com/in/keithwatson

• Please tweet as we go with #puaware

Overview

• Own Your Space

• Definitions and Terms
• Questions
• Passwords, Systems, Networks
• Things to Keep in Mind
• Service Specific Configuration Options
Own Your Space
A Guide to Facebook Security

• A guide to risks and security features of

Facebook
• Available in English since August 2011
• Translated into seven languages
• Arabic version available in mid February 2012
• http://ow.ly/8EYsb (guide)
• http://ownyourspace.net/
Terms

CC-licensed photos by Dr Noah Lott, bnanative on flickr

Types of Services

• Networking
– Facebook, Google+, Linkedin, Twitter
• Content Sharing
– Pinterest, Facebook, Dropbox, Google Drive
• Location-based Services
– foursquare, Google Latitude, Facebook, Gowalla
Types of Protection

• Security
– Prevention of malicious action to systems, info
• Safety
– Prevention from physical or mental harm
• Privacy
– Prevention of exposing sensitive or private info
Default Privacy Modes

• “Mostly open”
– The default sharing mode is public
– You must choose to keep content private
• “Mostly closed”
– The default sharing mode is private
– You must choose to share content
Questions

CC-licensed photos by Colin_K, Mario Belluci, Horia Varian on flickr

Why is it free?

• If a service does not charge you money,

then you are paying in other ways
– Marketing and Advertising
– Privacy
• Facebook has 1 Billion monthly active users
– Revenues for Q2’12: $1.18 Billion, 84% from ads
• Linkedin Marketing Solutions: $63.1 Million
• Twitter uses Promoted Tweets based on you
What are the risks?

• Privacy
• Reputation
• Data
• Access
• Control
• Employment
• Legal Proceedings
What should I do?

• Realize that social networking is not free

• Review the security/privacy settings of sites
you use periodically
• Stop using it!?
• Deactivate or delete your accounts!?
• Extract your data
• Assume the worst case scenario is possible
– Prepare for it
Your Memory and System Have Issues

CC-licensed photos by ecastro, allaboutgeorge, TounuTouji on flickr

Passwords and Password Tools

• Weak/short passwords can be discovered

– Brute password breaking is cheaper today
• Strong passwords are needed, everywhere
• You have too many passwords to remember!
• Use a password tool to manage passwords
– 1Password, LastPass, PasswordSafe, RoboForm
– Browser integration, mobile platforms
• Use one-time password systems
System Security

• Stay up to date with software

– Especially Flash Player, Java, web browsers
• Upgrade your OS!
– XP is now 11 years old; support ended in 2009
• Remove internet software you do not use
• Install anti-malware software
– If it’s a Purdue system, this is software is free!
– Make sure it’s updating
• Your regular account should not be an admin
Network Security

• Avoid using open WiFi connections

– A WPA2 connection with public password is safer
• Use a virtual private network (VPN)
– Purdue’s VPN available to Career Account users
• Enable your OS or anti-malware firewall
• Enable your home router’s firewall for devices
• Disconnect your system from the network
when not needed
Things to Keep in Mind

CC-licensed photo by joguldi on flickr

Content Sharing Privacy

• Before you post, ask the following:

– Will this post/picture cause a problem for me?
– Can I say this in front of my mother?
• Divide your Friends into groups, lists, or circles
• Limit the number of people that see it
• Share public information with the public
• Share inner thoughts and personal feelings
with close friends
Networking Privacy

• Do not Friend or Connect with people that you

have not met in person or know well
• Reject Friend requests and Connections
• Having a lot of Friends works can against you
– Facebook may ask you to identify your Friends
• Limit your visibility on services
Location Privacy and Safety

• Limit your check-in information to friends only

• Never check in at your home, school, work
• A mayorship is a public “office”
• Avoid public lists for a location
• Do not let friends check you in
• Review posts you are tagged in
Service Specific Configuration Options
Google Security and Privacy

• Enable 2-step verification

– Use Google Authenticator or text-based codes
– Applies to (almost) all Google services
• Create Google+ circles based on sharing needs
• Turn off geo location data in photos
• Turn off “find my face” in photos and videos
• Manage your Dashboard data
Facebook Security Tools

• Enable
– Secure Browsing
– Login Notifications (text and email)
– Login Approvals (text and mobile Code Generator)
• Select your Trusted Friends
• Review and Monitor
– Recognized Devices
– Active Sessions
• Delete old and unused Apps
Facebook Privacy Tools

• Limit App access to your data

• Set your default audience to Friends
• Customize your timeline content settings
– Who can post, tag you, tag reviews
– Disable tag suggestions for photos uploaded
• Limit search engine inclusion
• Limit third-party and social ads
• Limit info that can be included by others in apps
Dropbox Security and Privacy

• Enable two-step verification

• Disable LAN sync on laptops
• Do not put sensitive data into Dropbox
• Encrypt files if needed
• Unlink old devices
• Review Apps linked to your account
• Turn on email for new devices and apps added
• Review your shared folders periodically
Twitter Security and Privacy

• Enable Protect My Tweets

• Enable HTTPS
• Require personal information for password
reset
• Disable location data for tweets
– Delete old location data too
Linkedin Privacy

• Turn off data sharing with third-party

apps and sites
• Consider changing your photo visibility,
activity broadcasts
• Remove Twitter access
• Disable ads from third-party sites
• Enable full-time SSL connections
Foursquare Privacy

• Do not include yourself in lists of people

checked into a location
• Do not earn mayorships
• Do not let friends check you into places
• Do not let venue managers see you
Stay Safe

• Stay up to date on software and settings

• Be selective when choosing friends
• Using your thinkin’ before you’re tweetin’!
• Be mysterious