PII tracking
Personally Identifiable Information (PII): Info specific to an individual. This includes:
- Social Security Number
- Age
- Phone number
- Date of birth
- Bio Metric data like fingerprints
PII can be used by others to steal people’s identity.
- Get into people’s bank funds
- Gain access to an organization
Be careful with where you share your PII!
- Search engines maintain a history of everything you search
- Lets them suggest other websites or to target certain people with marketing
- Many networks, devices, and websites can even collect your location
- This data is stored permanently!
What you can do to help protect your PII:
- Adjust your privacy settings to opt out of data collection if possible
- Make sure your websites have HTTPS so the connections are secure
- Avoid sharing sensitive information through emails
- Use strong passwords
- Use VPNs
Good things about PII:
- PII can enhance your online experience (shopping on Amazon - when you buy things it remembers your address so you don’t need to retype it everytime)
Let’s see how your easily your PII spreads and how easily it’s utilized by others without you even knowing:
- You’re planning a secret trip to Fiji so you buy tickets online
- Google knows you’re going on a trip to Fiji and knows you through your email address and also knows your IP Address
- The travel site knows you want to go to Fiji, when you’re going, and who’s going with you
- Advertising firms also track you through cookies when you go onto the travel site and follow your movements across the web
- If you start searching for good places to snorkel in Fiji, you will start getting hit with snorkeling ads
- Federal Government knows if you’re traveling to ensure you’re not on a terror watch list
- Google Maps tracks you so Google knows where you are
- When you enter a shopping mall they track your wifi to see which shopping stores you enter
- Stores with cameras also will get pictures of you and store your face and can even track how long you spend in each aisle
Popcorn Hack #1
What measures can individuals take to better protect their PII in an increasingly interconnected digital world?
You can use a VPN, have a stronger password…
How to Protect Systems and Keep Data Safe
Authorization
- Protects devices and information.
Passwords
- First barrier to entry.
- What is a secure password?
- 10+ characters.
- Include symbols and numbers.
- Use a mix of lowercase and uppercase.
- Avoid generic words, numbers, birthdays, and personal information.
- Enhances security and mitigates the effects of data breaches.
Multi-Factor Authentication (MFA)
- Secondary barrier.
- Methods include:
- Biometrics (eye scan, palm print, thumbprint).
- Key cards, etc.
- Security questions (personal information).
- Codes (sent via emails or apps).
- User -> Password -> MFA -> Access.
- Multiple layers provide additional security.
Viruses and Malware
- Malware’s goal is to take control of the computer it is infecting and steal data/information
- Malware modifies the OS to accept any user without authentication.
- Viruses are malware that can copy and spread themselves, gaining access to different devices/systems.
How to Protect from Viruses
- Antivirus programs.
- Virus scans and scanning downloads.
Encryption and Decryption
- Another layer of data protection.
Encryption
- Encoding data to prevent unauthorized access.
Decryption
- Decoding encrypted data.
- Similar to a translator but more advanced and secure.
Types of Encryption
- Symmetric
- 1 key for both sender and receiver (e.g., Caesar cipher).
- Asymmetric
- Public key encryption, private key decryption
- Enhances security by using separate keys for encryption and decryption.
For example: I have a public key and a private key. I send my public key to David, and he sends his to me. He uses my public key to encrypt a message, then sends it back to me. I then can use my private key to decrypt this message.
Then, I can uses his public key to encrypt a message to send to him, and he can use his private key to decrypt it.
This way, no matter what, our private keys are not accessible anywhere, and people can only encrypt messages if our public keys are leaked, and not decrypt them.
Popcorn Hack #2
- Let’s say we have an encrypted message “mjqqt”. If the Caesar cipher shifted the letters by 5, what is the original message?
The original message is “hello.”
Risks to personal safety
Phising Schemes
An attempt to trick a user ihnto providing personal information,like your usernames and passwords, account numbers, or social numbers.
Phishing emails often look like they’re from a company you know and trust:
- Your bank
- Your credit card company
- Social networking site
- Video streaming service
- Online store
They trick you in clicking a link or opening an attachment
Clicking a link or opening an attachment in a phising email will cause unexpected harm leading to:
- Viruses installed on your computer
- Spoofed banking website
- Keylogger installed
Keylogger: Records every keystroke made by a user in order to gain fraudulent access to passwords or other confidential information
Rouge access point: A wirelesss network that can give unauthorized access to secure networks.
Popcorn Hack #3
How can people access your information?
Coffee shops are a common way that people become digitally vulnerable. Airports are similar. These places have public WiFi that people join and give away their information through. Data isn’t encrypted: this is not secure at all!
- Routers
- Advertisments
- Attachements
- Pop ups
To Summarize
The internet is a very powerful tool that assists millions in their day to day lives. However, the Internet also houses a lot of dangers. It is important to acknowledge and understand these dangers. Once you are on the internet, so is your private information. It is key that you keep yourself protected and knowledgeable of all potential risks. It is essential for everyone to be educated and aware of the ways poeple gather your data. The internet is a very powerful tool that assists millions in their day to day lives.
Homework!
Fill out this google form: https://forms.gle/jxVPgKMxEiDhUyMf8