How To Protect Your Online Privacy With Threat Modeling
The internet makes it super easy for other people to see stuff you don’t want them to know about. So how can we protect our privacy online? Get paranoid and do some threat modeling!
SUBSCRIBE so you never miss a video!
bit.ly/3tNKzhV
And follow us on Instagram and Twitter!
/ abovethenoisepbs
/ atn_pbs
With recent reports of high-profile data breaches, ransomware attacks, and the prevalence of online trackers-- it’s hard to know how best to protect your privacy online. We met up with the cybersecurity experts at Electronic Frontier Foundation to learn more about who’s snooping on us online and what we can do to protect ourselves. To help you decide how to protect the things you really want to keep private from people you are most concerned about, they recommend something called “Threat Modelling” which consists of 5 questions you should ask yourself:
What do I want to protect?
Who do I want to protect it from?
How likely is it that you will need to protect it?
How bad are the consequences if you fail?
How much trouble are you willing to go through in order to avoid those consequences?
From online data trackers to surveillance at school to open wifi networks, this video dives into some threats you could potentially face online and how you could protect yourself against those threats.
SOURCES:
Why Online Privacy Matters and How to Protect Yours (TED)
ideas.ted.com/why-online-priv...
Surveillance Self Defense (EFF):
ssd.eff.org/en
Blockers for Online Trackers
Privacy Badger (EFF)
www.eff.org/privacybadger
Privacy Tools: How to Block Online Trackers (ProPublica)
www.propublica.org/article/pr...
Data Brokers: A Call for Transparency and Accountability (FTC): www.ftc.gov/system/files/docu...
Spying on Students: School Issued Devices and Student Privacy (EFF)
www.eff.org/files/2017/04/13/...
Essential Student Privacy and Safety Questions (Common Sense Media):
www.commonsensemedia.org/blog...
Best VPN Service of 2017 (PC Mag)
www.pcmag.com/article2/0,2817...
Harvard Rescinds Admission of 10 Students over Obscene Facebook Messages (NPR)
www.npr.org/sections/ed/2017/...
70% of Employers are Snooping Candidates’ Social Media Profiles (CareerBuilder)
www.careerbuilder.com/advice/...
Amazon is Making it Easier for Companies to Track You (The Atlantic)
www.theatlantic.com/technolog...
You Probably Don’t Know all the Ways Facebook Tracks You (Gizmodo)
fieldguide.gizmodo.com/all-the...
Legal Loopholes Could Allow Wider NSA Surveillance, Researchers Say (CBS News)
www.cbsnews.com/news/legal-lo...
TEACHERS: Get your students in the discussion on KQED Learn, a safe place for middle and high school students to investigate controversial topics and share their voices. learn.kqed.org/discussions/
About KQED
KQED, an NPR and PBS affiliate in San Francisco, CA, serves Northern California and beyond with a public-supported alternative to commercial TV, Radio, and web media. Funding for Above the Noise is provided in part by the Corporation for Public Broadcasting, Silver Giving Foundation, Stuart Foundation, and William and Flora Hewlett Foundation.
#dataprivacy #online privacy
Пікірлер: 59
As a parent I am not opposed to my child's school tracking information on them but I am going to teach her when she is older the importance of privacy and how to protect herself on the internet. I think that it is a safe rule to always assume that someone can see what you are doing on the internet and if you wouldn't want someone to see/know then you probably shouldn't do it. I am not condoning a surveillance state but it is the world we live in today that the government or businesses are always tracking you.
@AboveTheNoise
6 жыл бұрын
Thanks for bringing a parent's perspective into this conversation. We think it's a great learning opportunity for teens to understand how data is tracked and used by various interests, and build their own "threat models" so that can have some control over their own level of risk.
@hijarahpolangi6407
2 жыл бұрын
Shouldn't it be better if a child learn about online privacy at the early stage?
3:13 Now I have to change my password.
@KerryHallPhD
6 жыл бұрын
me too
@car7862
4 жыл бұрын
Shoot.
Do not communicate or share information that you consider sensitive on any electronic format if you can help it. Consider any action you take electronically to be compromised.
How does the US Navy, Air Force track the internet? What information like phone number they have to know to start the trace?
Tor, VPN, custom HOSTS files, no script
@ashknoecklein
6 жыл бұрын
Don't post stuff publicly with your real name either lol
@nibblrrr7124
6 жыл бұрын
Second NoScript, and maybe hosts & Tor. uBlock origin is much less annoying than NoScript and offers some. Privacy Badger & HTTPS everywhere just work, so I always recommend them. uMatrix is neat for obsessive people who know what they're doing. VPNs cost money, help for some threat models but not others, and *an untrustworthy VPN is worse than nothing*. Tor is awesome (more people should start behaving "vaguely suspicious" >:3), but both of these are overkill against many non-state adversaries, like scammers, nosy parents, or abusive partners.
@Ruby_V_
6 жыл бұрын
+nibblrrr noscript isn't just for security... it also drastically cuts down on webpages' memory footprint (which is important for my potentially problematic tab hording). My current strategy is to just switch browser to chromium if I can't be bothered with noscript for a particular task. Thanks for pointing out uMatrix, it looks interesting.
@car7862
4 жыл бұрын
To many big boy words..
@InfectedChris
4 жыл бұрын
@@car7862 90% of computer stuff is reading and learning with 10% doing. A little bit adds up. If you're interested in learning code or anything, a 35 dollar Raspberry pi can go a long way.
The "correct horse battery staple" theory of passwords is misleading, you need *REAL* randomness (generate/pick words with dice or a cryptographically secure random number generator) and far more entropy per password than 4 simple words offer (even if they are long in the number of characters, the number of choices or "surprisingness" is what matters, to an attacker using a limited dictionary, 4 words is definitely a lot less to try than the space of possible passwords with a similar length but where the variation is in the individual characters).
To be honest, I have said my passwords to my significant other (well he's my brother, not a partner. Not gay.) and he has forgotten it. It's 20+ characters long. I use passwords 20+ characters long if possible and 16 characters if not possible.
Regarding passwords: please don't reuse them across sites. Often sites, plaforms gets hacked, sometimes the email+password can be extracted and criminals will try it on other sites. Check and subscribe for haveibeenpwned.com too... just in case
@AboveTheNoise
6 жыл бұрын
Good point, yeah you shouldn't use the same password for everything. Thanks for bringing that up.
@foobargorch
6 жыл бұрын
Password Hasher Plus or Twik are deterministic password managers, that generate a unique, random password for a given website based on a master password, so that you don't need to back up the database of all generated passwords every time you sign up for a new password but still derives a unique password for each website.
Very good video
good video
can you please make a video about the venus project and their proposal of a resource based economy? it proposes a new socioeconomic system based on science, it is really faceting in my opinion :)
@AboveTheNoise
6 жыл бұрын
We will look into it! Thanks for the suggestion.
@za012345678998765432
6 жыл бұрын
Above The Noise you can also learn more about this direction and do some of your research over at tromsite.com Thank you for looking into it and for the great videos! :)
Personally, I don’t care what Google sees. The weirdest, most embarrassing stuff I do? If there’s a picture of it then Google has access to it and I really don’t care. The only thing I’m concerned about is hackers/scammers. But that’s easily solved by just being careful of what you enter in what sites Also, as for passwords? I’ve been hacked before so now I just use 2-factor for Google, which is my all-purpose main account for everything.
@foobargorch
6 жыл бұрын
check out the recent PNAS paper "psychological targeting as an effective approach to digital mass persuasion" and chomsky's concept, "manufacturing consent"... the combination of the two is pretty terrifying and precisely what google is positioning itself to do with your data and what it sees of it.
@ericvilas
6 жыл бұрын
I haven't read it but from what I imagine, it's a paper on just how scarily effective "targetting what you see to make you believe and do certain things" is, right? Yeah, makes sense. I've noticed just how targetted the ads I see are, for instance. And yeah, that's just the tip of the iceberg, I imagine. I do know I myself am pretty damn susceptible to a well-made psychologically persuasive thing like an ad. It's a thing that I know is happening, but I doubt Google would use it for eeeeevilll nefarious purposes, just. Maybe get me to do stuff that makes them get more money, like spend more time watching ads for them or buying stuff from people who have partnerships with them, or use their services instead of someone else's. _shrug_ I think it's a worthwhile price for convenience, tbh.
@AboveTheNoise
6 жыл бұрын
Whoa, fascinating paper! Thanks so much for sharing. For those that want a link to it, it can be found here: www.pnas.org/content/early/2017/11/07/1710966114.full
Only the Utopia ecosystem can help me to be anonymous. No options!
Apple is a US-Company. I never would recommend a US-Company when it comes to data security. However. Generation Facebook sacrificed our privacy. Iam online since the millenium. our Generation is influenced by 1980's hacker movies. which stand for anonymity at any cost, the condition of being anonymous..
@nibblrrr7124
6 жыл бұрын
Well, one hacker credo is "don't trust anyone if you don't have to" - E2E-encryption is a huge win against mass surveiillance, and with Apple not knowing the content of your messages, the US gov seizing their servers is not as much of a problem (metadata is a somewhat different story). Besides, where do you run? Germany has comparatively privacy-friendly laws, and I heartily recommend e.g. Posteo e-mail. But the BND & Telekom have cooperated with the Five Eyes (US, UK & co), and our own government is trying to expand their reach and can hit you closer to home. Russia/China/... have their paws who knows where. Defending against targeted surveillance by a nation state actor is much harder than against mass surveillance. Threat modeling ftw.
@nachrichtentweet3842
6 жыл бұрын
read about blackberry and hushmail. what I tried to say was: the mass traded privacy for publicity at any cost. today people create facebook pages for (their) newborns. while their pets create GPS-based motion profiles of their owners.
@nibblrrr7124
6 жыл бұрын
Yeah, you can't protect data people are just giving out like candy, without understanding or concern for the consequences. I agree that social media worsened the bad culture around privacy, also about what people share about others. Hushmail is based in Canada (Five Eyes), offers no E2E encryption (they know your keys), and has cooperated with government requests in the past. I'd recommend *Posteo* or *Protonmail* over it, but Hushmail is still better than Google/Yahoo/... I like Blackberry, but they don't really have a better track record than Apple? Not trying to shill for Apple, but there are good reasons their devices have a good rep among infosec activists, despite being proprietary. I'm just confused why you are singling out US corps.
Snoop Dogg ?
Yoooooo
Not really worried about people hacking me, feel free to hack into my computer and watch all my minecraft lets plays
Incognito, VPN
what
Don't be paranoid use the utopia ecosystem. Enjoy your time on the Internet.
chicken nugget!!!!!!!
@katherinecheng3544
3 жыл бұрын
yummy yummy
mi pan shu shu shu shu shu shu mi pan asa custechs nom nom nom mi paaaaaaaaaaaan shu shu shu shu shu shu lev a like if u no that song
The eff link is malware...
=D
@oyuk4618
5 жыл бұрын
8==D
frist
@MusiCaninesTheMusicalDogs
6 жыл бұрын
Rhys Uwanogho Crongatulations!
@wuketuke6601
6 жыл бұрын
somebody give that man a cookie