WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 00:00:00.000 --> 00:00:48.804 [MUSIC PLAYING] 00:00:48.804 --> 00:00:51.460 DAVID J. MALAN: All right, this is CS50. 00:00:51.460 --> 00:00:53.620 And this is not a typical week of CS50. 00:00:53.620 --> 00:00:57.400 Indeed, we're midweek here in the fall of 2020 00:00:57.400 --> 00:01:00.340 here on campus, which would normally be first year family 00:01:00.340 --> 00:01:02.942 weekend, an opportunity for the parents and family members 00:01:02.942 --> 00:01:05.650 of the undergraduates here at Harvard to actually come to campus, 00:01:05.650 --> 00:01:10.300 sit in on classes, attend talks, and get to know their students in situ 00:01:10.300 --> 00:01:11.500 here right on campus. 00:01:11.500 --> 00:01:14.170 Of course, this particular year, all of us 00:01:14.170 --> 00:01:16.960 are staying afar, digitally, except those of us 00:01:16.960 --> 00:01:20.560 who are actually here living in Cambridge itself already. 00:01:20.560 --> 00:01:23.800 And so what we thought we would do this year is hold a virtual talk of sorts, 00:01:23.800 --> 00:01:27.100 a virtual discussion focused on one topic that doesn't require 00:01:27.100 --> 00:01:29.470 any prior familiarity with computer science, 00:01:29.470 --> 00:01:32.020 does not require that you be in or have taken 00:01:32.020 --> 00:01:35.350 CS50 itself because it's about a topic that's at least in part 00:01:35.350 --> 00:01:36.970 familiar to all of us. 00:01:36.970 --> 00:01:40.270 Even if it's a little bit less familiar technically, 00:01:40.270 --> 00:01:43.180 it's certainly familiar to all of us as users of technology. 00:01:43.180 --> 00:01:45.702 And that topic is security or cybersecurity. 00:01:45.702 --> 00:01:47.410 And what we propose today is that we have 00:01:47.410 --> 00:01:51.070 a discussion about how you might go about keeping your own computer-- be 00:01:51.070 --> 00:01:53.680 it a laptop or desktop or your own phone, which 00:01:53.680 --> 00:01:56.530 is also a form of computer-- secure. 00:01:56.530 --> 00:01:59.140 And I daresay that this topic, even though we'll 00:01:59.140 --> 00:02:02.080 get into some of the technicalities of what it means to be secure, 00:02:02.080 --> 00:02:06.520 is familiar in the sense that all of us think about or encounter good security 00:02:06.520 --> 00:02:08.770 and bad security in the real world every day. 00:02:08.770 --> 00:02:11.860 Think about the home that you live in, be it a house or an apartment 00:02:11.860 --> 00:02:13.750 or a dormitory or somewhere else. 00:02:13.750 --> 00:02:16.190 Typically, you'll have things, like, locks on the doors. 00:02:16.190 --> 00:02:18.190 And you might even, depending on where you live, 00:02:18.190 --> 00:02:20.660 have bars on the windows and the like. 00:02:20.660 --> 00:02:24.997 But typically, there are manifestations of security at different levels. 00:02:24.997 --> 00:02:26.080 And I mean that literally. 00:02:26.080 --> 00:02:28.450 For instance, in a typical city, there might be bars 00:02:28.450 --> 00:02:32.740 on the first floor windows, but not on the second floor or the third floor. 00:02:32.740 --> 00:02:35.410 And that is to say that someone could technically 00:02:35.410 --> 00:02:38.735 make their way into your home by way of the second floor or the third floor, 00:02:38.735 --> 00:02:41.860 but it's going to be more difficult, of course, because they need a ladder. 00:02:41.860 --> 00:02:43.600 They need some other form of physical access 00:02:43.600 --> 00:02:45.280 to a height like that, at which point, they're probably 00:02:45.280 --> 00:02:46.660 going to attract more attention. 00:02:46.660 --> 00:02:50.260 And so the probability that an adversary is 00:02:50.260 --> 00:02:53.020 going to break into your home given that they 00:02:53.020 --> 00:02:56.410 have to actually rise to that level and get above the first floor 00:02:56.410 --> 00:02:58.150 is probably relatively low. 00:02:58.150 --> 00:02:59.025 It's not zero. 00:02:59.025 --> 00:03:01.900 There's nothing stopping someone technically from pulling up a ladder 00:03:01.900 --> 00:03:05.290 and going into that open window or the light that has no bars. 00:03:05.290 --> 00:03:06.490 But it's less likely. 00:03:06.490 --> 00:03:10.060 And that's actually a good way to think about security in the digital world 00:03:10.060 --> 00:03:13.660 as well, that there's really no such thing as secure. 00:03:13.660 --> 00:03:16.300 Like, your phone is not secure fundamentally. 00:03:16.300 --> 00:03:20.380 Your laptop, your desktop is not secure fundamentally. 00:03:20.380 --> 00:03:22.090 It's secure to some extent. 00:03:22.090 --> 00:03:26.530 It might be secure against certain attacks or certain types of adversaries 00:03:26.530 --> 00:03:29.360 or adversaries with certain amounts of resources. 00:03:29.360 --> 00:03:33.490 And those resources might be time, might be money, might be technical savvy. 00:03:33.490 --> 00:03:35.440 But it really is going to be a trade-off. 00:03:35.440 --> 00:03:39.520 And so while a bit unfortunate, one way of thinking about security 00:03:39.520 --> 00:03:42.760 is that you don't want to be a secure in an absolute sense. 00:03:42.760 --> 00:03:46.750 In the real world, you want to be more secure than your neighbor's house, 00:03:46.750 --> 00:03:47.690 for instance. 00:03:47.690 --> 00:03:52.030 You want to somehow raise the bar, either physically or metaphorically, 00:03:52.030 --> 00:03:55.150 to the adversary so that it's going to take that adversary just too 00:03:55.150 --> 00:03:59.230 much time, too much money too much effort to break into your home 00:03:59.230 --> 00:04:01.810 that they might as well just go next door instead. 00:04:01.810 --> 00:04:04.720 And the same is going to be true in the world of computers. 00:04:04.720 --> 00:04:08.080 But we're going to measure the security of systems 00:04:08.080 --> 00:04:10.870 more computationally, not so much physically. 00:04:10.870 --> 00:04:15.560 So with that said, let me invite you to open up this URL here on your screen. 00:04:15.560 --> 00:04:18.579 If you're using a laptop or desktop, go ahead and just open it up 00:04:18.579 --> 00:04:20.560 in a separate tab in another browser. 00:04:20.560 --> 00:04:22.900 If you're on your phone, you can go back and forth 00:04:22.900 --> 00:04:25.960 between two windows most likely, depending on your operating system. 00:04:25.960 --> 00:04:28.418 But go ahead, when you have a moment, and open up this URL. 00:04:28.418 --> 00:04:31.390 And we'll use this URL to ask a few interactive questions 00:04:31.390 --> 00:04:33.580 that you can respond to digitally. 00:04:33.580 --> 00:04:37.850 And we'll also take questions and comments throughout today as well. 00:04:37.850 --> 00:04:41.110 So with that said, what does it mean to be secure, then? 00:04:41.110 --> 00:04:43.090 Let's take a couple of thoughts on this. 00:04:43.090 --> 00:04:46.690 What do you think of the word "secure" as meaning 00:04:46.690 --> 00:04:50.950 in the context of your phone, of your computer, of your home? 00:04:50.950 --> 00:04:52.390 Interpret as you will. 00:04:52.390 --> 00:04:57.250 What does it mean to be secure, would you say? 00:04:57.250 --> 00:05:01.600 Any digital hands in Zoom? 00:05:01.600 --> 00:05:03.340 If you're feeling shy, feel free to chime 00:05:03.340 --> 00:05:05.890 in via the chat and Brian can proxy. 00:05:05.890 --> 00:05:09.220 But otherwise, do feel free to raise your hand virtually 00:05:09.220 --> 00:05:12.550 if you would like to offer your definition. 00:05:12.550 --> 00:05:16.210 Yeah, how about over to Pranav, if I'm pronouncing it right? 00:05:16.210 --> 00:05:17.940 What does it mean to be secure? 00:05:17.940 --> 00:05:21.790 PRANAV: Yeah, I think it means, by security, 00:05:21.790 --> 00:05:28.945 you mean to protect all the data that's stored on a particular system 00:05:28.945 --> 00:05:31.090 if we're talking about technology. 00:05:31.090 --> 00:05:37.360 And at least make it hard and buy yourself enough time 00:05:37.360 --> 00:05:44.000 that a certain person may not hack into your system at the current moment 00:05:44.000 --> 00:05:44.500 because-- 00:05:44.500 --> 00:05:45.185 DAVID J. MALAN: Good. 00:05:45.185 --> 00:05:46.240 PRANAV: --let's face it. 00:05:46.240 --> 00:05:51.340 You may not be able to protect your system for your entire lifetime. 00:05:51.340 --> 00:05:57.747 But I would say, at least buy yourself, continuously buy yourself time. 00:05:57.747 --> 00:05:59.080 DAVID J. MALAN: OK, I like that. 00:05:59.080 --> 00:06:03.590 So security is all about keeping someone out of your resources. 00:06:03.590 --> 00:06:07.930 But as I myself have claimed thus far, that's hard to argue in the absolute. 00:06:07.930 --> 00:06:13.960 Really you want your system to just take too much time to compromise, your phone 00:06:13.960 --> 00:06:16.840 or your laptop to take too much time to compromise, at which point 00:06:16.840 --> 00:06:21.400 you're sort of probabilistically, statistically safe against adversaries. 00:06:21.400 --> 00:06:24.490 Because again, they're not going to want to waste that much time or effort 00:06:24.490 --> 00:06:27.790 or money hacking into your particular system versus someone else. 00:06:27.790 --> 00:06:30.940 Now, there are different ways that you and I in the real world 00:06:30.940 --> 00:06:34.180 try to keep our laptops and our phones secure. 00:06:34.180 --> 00:06:37.240 And one of those most popular mechanisms is, of course, passwords. 00:06:37.240 --> 00:06:41.320 Passwords, being some kind of phrase, some kind of number that you actually 00:06:41.320 --> 00:06:45.850 configure your device with so that ideally, only you know that password. 00:06:45.850 --> 00:06:49.570 And only you, therefore, can get into the device by using that password. 00:06:49.570 --> 00:06:51.940 And so by a show of physical hands, how many of you 00:06:51.940 --> 00:06:55.090 have passwords on your laptops or desktops 00:06:55.090 --> 00:06:56.890 if you use one of those devices? 00:06:56.890 --> 00:06:59.260 So almost all of the hands are going up. 00:06:59.260 --> 00:07:02.320 Those of you who don't have your hand going up, you've probably made, 00:07:02.320 --> 00:07:04.870 I presume, a conscious choice to not use a password. 00:07:04.870 --> 00:07:06.342 Maybe it's annoying to type in. 00:07:06.342 --> 00:07:08.050 Maybe you don't really worry about anyone 00:07:08.050 --> 00:07:09.508 around you getting into the device. 00:07:09.508 --> 00:07:13.120 But you should concede or recognize that there is therefore a threat. 00:07:13.120 --> 00:07:16.690 It's much easier for someone to get into your laptop or desktop 00:07:16.690 --> 00:07:20.630 then into that of anyone else who raised their hand just a moment ago. 00:07:20.630 --> 00:07:25.150 Now, those of you who have a phone, a mobile device, those 00:07:25.150 --> 00:07:27.100 of you with that device, how many of you have 00:07:27.100 --> 00:07:31.300 a password or a passcode on that device, on your phone? 00:07:31.300 --> 00:07:32.785 So somewhat fewer hands I'm seeing. 00:07:32.785 --> 00:07:34.660 So it's good that so many hands are going up. 00:07:34.660 --> 00:07:36.850 But there, too, it seems that some of you don't have. 00:07:36.850 --> 00:07:39.017 And hopefully, you've thought about the implications 00:07:39.017 --> 00:07:43.210 of that, which means that your parents, your siblings, a stranger, if they just 00:07:43.210 --> 00:07:45.760 physically pick up your phone, whether it's in your home 00:07:45.760 --> 00:07:49.620 or in a cafe or an airport, has immediate access to all of your data. 00:07:49.620 --> 00:07:51.340 So arguably, much less secure, certainly, 00:07:51.340 --> 00:07:53.660 than someone that requires a password. 00:07:53.660 --> 00:07:58.180 But let's consider how we can measure the security of your phone, 00:07:58.180 --> 00:08:00.130 measure the security of your computer, just 00:08:00.130 --> 00:08:03.700 by using this simple familiar mechanism, like, a password. 00:08:03.700 --> 00:08:06.625 So it turns out that you and I, frankly, as humans, 00:08:06.625 --> 00:08:09.250 aren't very good at picking these passwords in the first place. 00:08:09.250 --> 00:08:12.820 As of 2019, just some months ago at year's end, 00:08:12.820 --> 00:08:16.510 this was determined by security researchers to be sadly, 00:08:16.510 --> 00:08:21.580 the most common password in the world, literally, 123456. 00:08:21.580 --> 00:08:23.680 That was the most common password according 00:08:23.680 --> 00:08:28.360 to many measures this past year among those passwords that were known. 00:08:28.360 --> 00:08:32.440 Number two on the list was slightly better, 123456789. 00:08:32.440 --> 00:08:34.206 After that was qwerty. 00:08:34.206 --> 00:08:37.539 If that one looks a little weird, if you have a US English keyboard and you look 00:08:37.539 --> 00:08:42.580 at the top left row of your keys, Q-W-E-R-T-Y is what they would spell 00:08:42.580 --> 00:08:43.659 on a US keyboard. 00:08:43.659 --> 00:08:46.760 People are really not trying very hard to come up with their password, 00:08:46.760 --> 00:08:49.420 even though it's not technically an English word, per se. 00:08:49.420 --> 00:08:54.160 Password was the number four most popular password, P-A-S-S-W-O-R-D, 00:08:54.160 --> 00:08:57.370 which is a little too tongue in cheek to be at all secure. 00:08:57.370 --> 00:09:03.520 After that was slightly worse, 1234567; after that, 12345678; after that, 00:09:03.520 --> 00:09:04.690 12345. 00:09:04.690 --> 00:09:06.400 You can perhaps see the pattern here. 00:09:06.400 --> 00:09:08.920 After that was, adorably, iloveyou. 00:09:08.920 --> 00:09:12.910 But if you think you're being clever by having iloveyou as your password, 00:09:12.910 --> 00:09:15.190 well, there's a lot of other humans in the world that 00:09:15.190 --> 00:09:16.930 think they're being cute, too. 00:09:16.930 --> 00:09:19.990 111111 was also popular. 00:09:19.990 --> 00:09:23.020 And then lastly, 123123. 00:09:23.020 --> 00:09:24.460 So now why these passwords? 00:09:24.460 --> 00:09:27.880 You can perhaps infer from this list why some of these passwords 00:09:27.880 --> 00:09:29.170 are the way that they are. 00:09:29.170 --> 00:09:34.510 Odds are these people were using these passwords on phones or on websites 00:09:34.510 --> 00:09:38.500 or in other systems that probably had, like, a minimum password length. 00:09:38.500 --> 00:09:42.670 These people probably needed a password that was six characters long. 00:09:42.670 --> 00:09:47.030 These people probably needed one that was nine characters long, and so forth. 00:09:47.030 --> 00:09:49.360 So you can perhaps see some manifestations of policies 00:09:49.360 --> 00:09:53.200 that companies and universities and software manufacturers 00:09:53.200 --> 00:09:54.520 might have in place. 00:09:54.520 --> 00:09:57.310 But suffice it to say, if your password is on this list, 00:09:57.310 --> 00:10:00.100 your first takeaway from today's discussion 00:10:00.100 --> 00:10:02.440 should be change that password-- 00:10:02.440 --> 00:10:04.713 at least if you care about the account. 00:10:04.713 --> 00:10:06.880 And I would argue, too, and we'll come back to this, 00:10:06.880 --> 00:10:09.520 it really probably should figure into your decision making 00:10:09.520 --> 00:10:10.810 what type of account it is. 00:10:10.810 --> 00:10:14.020 If it's for some silly website or game that you're never going to use again, 00:10:14.020 --> 00:10:15.250 maybe it's not a big deal. 00:10:15.250 --> 00:10:19.000 If it's your bank account, your student record, something medical related, 00:10:19.000 --> 00:10:22.040 probably you really don't want your password on this list. 00:10:22.040 --> 00:10:26.980 So there, too, consider the context in which we make all of today's decisions. 00:10:26.980 --> 00:10:28.900 Now, why are these passwords bad? 00:10:28.900 --> 00:10:32.120 And why are passwords themselves potentially at risk? 00:10:32.120 --> 00:10:36.130 So a term of art in computer science is that of brute force attacks. 00:10:36.130 --> 00:10:38.590 And this kind of is what it says. 00:10:38.590 --> 00:10:42.990 This refers to an adversary-- someone who's out to get you or get someone-- 00:10:42.990 --> 00:10:50.290 has a device or writes software that tries to just guess your password. 00:10:50.290 --> 00:10:53.590 Brute force attack means that if they don't know your password, 00:10:53.590 --> 00:10:55.990 they're not just going to try random numbers necessarily. 00:10:55.990 --> 00:10:58.570 They're going to try 111111. 00:10:58.570 --> 00:11:01.420 And then they're going to try 111112. 00:11:01.420 --> 00:11:06.580 Then they're going to try 111113, either manually, by typing it into the phone 00:11:06.580 --> 00:11:09.970 that they might have stolen off of you, or maybe by writing software, 00:11:09.970 --> 00:11:12.760 and then connecting that software via a laptop 00:11:12.760 --> 00:11:17.320 or desktop to your phone via USB cable or lightning connector or the like. 00:11:17.320 --> 00:11:19.390 A brute force attack pretty much just means 00:11:19.390 --> 00:11:23.320 that the adversary doesn't necessarily know anything about you-- your name, 00:11:23.320 --> 00:11:26.450 your birthday, your children's names, nothing like that. 00:11:26.450 --> 00:11:29.450 But they do have a lot of time or a lot of skill. 00:11:29.450 --> 00:11:32.140 And so they're just going to try all possible passwords. 00:11:32.140 --> 00:11:35.620 And what's eye opening, I think, about this type of attack 00:11:35.620 --> 00:11:37.420 is that it already gives us an opportunity 00:11:37.420 --> 00:11:41.200 to start thinking about how can we protect ourselves against an attack? 00:11:41.200 --> 00:11:45.700 And just right now, how secure are your accounts on your phones and computers 00:11:45.700 --> 00:11:47.590 against brute force attacks? 00:11:47.590 --> 00:11:49.990 Well, let's consider how an adversary might do this. 00:11:49.990 --> 00:11:52.120 This is kind of a silly YouTube video here. 00:11:52.120 --> 00:11:55.420 But let me go ahead and play this animation, really, 00:11:55.420 --> 00:12:01.630 which shows a small robot of sorts that is typing using this little robotic arm 00:12:01.630 --> 00:12:03.490 onto an Android phone down there. 00:12:03.490 --> 00:12:04.987 There's a zoomed in version of it. 00:12:04.987 --> 00:12:06.820 And pretty much this is a brute force attack 00:12:06.820 --> 00:12:10.330 by a robot, a physical device that an adversary has designed 00:12:10.330 --> 00:12:12.390 to just type in all possible passcodes. 00:12:12.390 --> 00:12:14.140 And even though the video itself is short, 00:12:14.140 --> 00:12:17.530 you can imagine the adversary going about their day, going to sleep. 00:12:17.530 --> 00:12:20.980 And this thing just keeps brute forcing its way through your password. 00:12:20.980 --> 00:12:25.060 So eventually, it might get lucky and stumble upon whatever code you 00:12:25.060 --> 00:12:26.770 were indeed using. 00:12:26.770 --> 00:12:30.803 But of course, there's probably other threats, too. 00:12:30.803 --> 00:12:31.720 There's other threats. 00:12:31.720 --> 00:12:34.900 In fact, anyone who's taken CS50 or CS50x or even 00:12:34.900 --> 00:12:38.920 just the first few weeks of it, learning a little bit of C or Python, 00:12:38.920 --> 00:12:41.770 both of which are common programming languages, anyone 00:12:41.770 --> 00:12:44.020 who knows a little bit about programming can certainly 00:12:44.020 --> 00:12:48.160 write software that simulates what that robot was physically doing. 00:12:48.160 --> 00:12:51.790 And the thing about software is as soon as you don't have any moving parts, 00:12:51.790 --> 00:12:54.940 you can do things much, much faster because it's all electronic. 00:12:54.940 --> 00:12:56.630 It's not at all mechanical. 00:12:56.630 --> 00:13:00.520 And so in this case, what if I were to steal your phone off 00:13:00.520 --> 00:13:04.060 of you, for instance, write some software on my Mac or PC, 00:13:04.060 --> 00:13:06.730 and then plug my Mac or PC into your phone 00:13:06.730 --> 00:13:09.580 with, again, a USB cable or a lightning connector, 00:13:09.580 --> 00:13:14.050 such that I could write code that tries all possible passcodes again and again? 00:13:14.050 --> 00:13:16.810 For instance, suppose that your phone is using-- 00:13:16.810 --> 00:13:21.790 and this is not an uncommon default on iPhones or on Android phones, 00:13:21.790 --> 00:13:23.020 at least in the past-- 00:13:23.020 --> 00:13:24.070 four digits. 00:13:24.070 --> 00:13:26.170 Suppose that you're required to choose minimally 00:13:26.170 --> 00:13:30.520 a passcode or password, synonymous here, that are four digits long. 00:13:30.520 --> 00:13:33.010 And we're talking decimal digits, so 0 through 9. 00:13:33.010 --> 00:13:35.350 So 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, you need 00:13:35.350 --> 00:13:38.170 to choose four of those digits in some pattern. 00:13:38.170 --> 00:13:44.230 Well, how many possible passcodes are there that are four digits long? 00:13:44.230 --> 00:13:48.700 If your passcode is 4 digits long, you can begin to think about the security 00:13:48.700 --> 00:13:52.900 of your passcode in terms of, well, how long would it take an adversary 00:13:52.900 --> 00:13:58.210 to brute force their way to my actual password starting at 0000, 00:13:58.210 --> 00:14:01.135 going all the way up to, for instance, 9999. 00:14:01.135 --> 00:14:03.010 Well, let me go ahead and open up the screen. 00:14:03.010 --> 00:14:07.330 If you pull up that same URL from before, you'll see in just a moment 00:14:07.330 --> 00:14:12.070 a poll that'll ask you this very same question, that being, 00:14:12.070 --> 00:14:15.338 how many 4-digit passcodes are possible? 00:14:15.338 --> 00:14:17.380 In just a moment, you'll see this on your screen. 00:14:17.380 --> 00:14:19.750 Let me go ahead and full screen it on my end as well. 00:14:19.750 --> 00:14:22.600 Go again to the URL that's atop my screen here, 00:14:22.600 --> 00:14:26.770 if you missed the URL earlier or happened to close the tab. 00:14:26.770 --> 00:14:31.180 How many 4-digit passcodes are possible? 00:14:31.180 --> 00:14:33.910 How many 4-digit passcodes are possible? 00:14:33.910 --> 00:14:40.180 Among the answers here are 4 or 40 or 9,999 or maybe 10,000-- 00:14:40.180 --> 00:14:42.940 or quite fine, too, you're unsure. 00:14:42.940 --> 00:14:50.170 Go ahead and buzz in with one of those responses, if you could. 00:14:50.170 --> 00:14:53.140 All right, looks like we have got a few hundred responses thus far. 00:14:53.140 --> 00:14:56.520 We'll give you a few more seconds to buzz in. 00:14:56.520 --> 00:14:59.160 And let me go ahead and begin to reveal the results here. 00:14:59.160 --> 00:15:03.645 So it looks like quite a few of you, 60-plus% 00:15:03.645 --> 00:15:05.520 think it's 10,000 possibilities. 00:15:05.520 --> 00:15:08.730 27% of you think it's 9,999 possibilities. 00:15:08.730 --> 00:15:10.590 And then a few others think it's 40 or four. 00:15:10.590 --> 00:15:12.210 And a bunch of you are unsure. 00:15:12.210 --> 00:15:14.130 So let's consider, then, how we would answer 00:15:14.130 --> 00:15:17.670 this question so that we have a mental model for answering this on our own. 00:15:17.670 --> 00:15:20.950 Let me go ahead and propose that to answer this question, 00:15:20.950 --> 00:15:22.770 we just do some very simple arithmetic. 00:15:22.770 --> 00:15:24.600 It doesn't need to get very complicated. 00:15:24.600 --> 00:15:28.090 But the math could be thought of in the following way. 00:15:28.090 --> 00:15:31.980 If we've got a 4-digit passcode, that's four digits, each of which 00:15:31.980 --> 00:15:33.420 can be zero through nine. 00:15:33.420 --> 00:15:34.770 And there's 10 total digits. 00:15:34.770 --> 00:15:37.680 Therefore zero through 9. 00:15:37.680 --> 00:15:42.490 Eight nine so 10 possible values for each of those four digits. 00:15:42.490 --> 00:15:44.790 So if that's the case, I think it's fair to say 00:15:44.790 --> 00:15:48.480 that there's 10 possibilities for the first digit times 10 possibilities 00:15:48.480 --> 00:15:51.507 for the second times 10 times 10. 00:15:51.507 --> 00:15:53.340 And of course, if you multiply this all out, 00:15:53.340 --> 00:15:56.680 the answer was indeed 10,000 possibilities. 00:15:56.680 --> 00:15:59.370 So if you have an iPhone or an Android phone right now 00:15:59.370 --> 00:16:03.060 and you've got a 4-digit passcode that you think no one knows, 00:16:03.060 --> 00:16:04.800 that may very well be the case. 00:16:04.800 --> 00:16:07.200 But you should worry about or consider, well, 00:16:07.200 --> 00:16:10.740 what happens if a friend with a fancy robot connects your phone to that 00:16:10.740 --> 00:16:18.180 and just tries all possible values from 0000 to 9999, or smarter still, 00:16:18.180 --> 00:16:21.120 connects your phone via cable to their laptop, 00:16:21.120 --> 00:16:24.690 writes software to generate all of those possibilities? 00:16:24.690 --> 00:16:28.740 Well, a little worrisomely, it's not all that hard to do the latter 00:16:28.740 --> 00:16:30.210 and to actually write code. 00:16:30.210 --> 00:16:33.450 So in fact, let me go ahead here and on my own Mac, let me go ahead 00:16:33.450 --> 00:16:36.540 and open up a program that's going to let me write 00:16:36.540 --> 00:16:39.150 some code in a file called crack.py. 00:16:39.150 --> 00:16:41.230 So "crack" is a term of art in programming, 00:16:41.230 --> 00:16:44.790 which means to brute force your way into a password somehow, 00:16:44.790 --> 00:16:47.507 so to figure out what it is algorithmically. 00:16:47.507 --> 00:16:50.340 Those of you, particularly parents and family members who have never 00:16:50.340 --> 00:16:52.170 seen any of this before, totally fine. 00:16:52.170 --> 00:16:53.580 That's new to you. 00:16:53.580 --> 00:16:56.760 Your sons and daughters and others here in the room 00:16:56.760 --> 00:16:58.440 have seen little bit of this code. 00:16:58.440 --> 00:17:01.080 But we'll keep it short, which is to say that it actually 00:17:01.080 --> 00:17:04.680 doesn't take all that much effort to write code that brute 00:17:04.680 --> 00:17:06.496 forces an attack on your own phone. 00:17:06.496 --> 00:17:09.329 And the code I'm going to write here is in a language called Python, 00:17:09.329 --> 00:17:11.079 which is quite popular these days. 00:17:11.079 --> 00:17:15.450 And I'm going to say a command like this, from string import digits, which 00:17:15.450 --> 00:17:18.520 is just a clever way in Python, this programming language, 00:17:18.520 --> 00:17:22.290 just give me access to all the possible digits in decimal, 0 through 9. 00:17:22.290 --> 00:17:26.430 And then I'm going to import, so to speak, from a library, some software 00:17:26.430 --> 00:17:29.940 that some other smart people wrote, something called product. 00:17:29.940 --> 00:17:32.010 So it turns out, in a programming language, 00:17:32.010 --> 00:17:34.650 you have lots of functions or functionality. 00:17:34.650 --> 00:17:38.110 Much like in the world of math, you have functions, like, addition, subtraction, 00:17:38.110 --> 00:17:39.330 multiplication, and division. 00:17:39.330 --> 00:17:42.510 In the world of programming, you have all of those capabilities, 00:17:42.510 --> 00:17:43.500 but many more. 00:17:43.500 --> 00:17:45.900 And so one of the functions I'm importing here 00:17:45.900 --> 00:17:48.090 is this notion of a product, which really just means 00:17:48.090 --> 00:17:52.178 a permutation of all possible digits. 00:17:52.178 --> 00:17:54.720 And now I'm going to use what's called a loop in programming. 00:17:54.720 --> 00:17:57.803 A loop in a program is just something that does something again and again. 00:17:57.803 --> 00:18:00.270 And I'm going to go ahead and say this, for passcode 00:18:00.270 --> 00:18:06.660 in, the product of all of those digits, and repeat the digits four times total, 00:18:06.660 --> 00:18:09.810 go ahead and print out each passcode. 00:18:09.810 --> 00:18:13.440 Let me go ahead and print it out using somewhat cryptic syntax. 00:18:13.440 --> 00:18:17.310 But that's only because I'm going to print out a list as an actual string. 00:18:17.310 --> 00:18:20.140 Parents and family members, don't worry for now what that means. 00:18:20.140 --> 00:18:23.370 CS50 and CS50x students, this is just a clever way 00:18:23.370 --> 00:18:26.010 with a couple of lines of code to iterate over 00:18:26.010 --> 00:18:30.390 all of the digits 0 through 9, combine them four at a time, 00:18:30.390 --> 00:18:35.200 and print out all possible permutations of those four digits. 00:18:35.200 --> 00:18:38.430 So if I didn't screw up here, I'm going to go ahead and save my file and run 00:18:38.430 --> 00:18:42.780 a command called python on crack.py and hit Enter-- 00:18:42.780 --> 00:18:43.785 boom. 00:18:43.785 --> 00:18:45.090 That was so fast. 00:18:45.090 --> 00:18:46.410 In fact, let me do it again. 00:18:46.410 --> 00:18:49.590 Let me clear my screen and rerun this crack.py program-- 00:18:49.590 --> 00:18:50.610 boom. 00:18:50.610 --> 00:18:53.790 That's how fast a computer, my little Mac here, 00:18:53.790 --> 00:18:59.040 can try all possible codes between 0000 and 9999. 00:18:59.040 --> 00:19:01.920 And it's so fast because it did them all in the blink of an eye. 00:19:01.920 --> 00:19:04.920 So if you're thinking that your 4-digit passcode is keeping you somewhat 00:19:04.920 --> 00:19:09.630 secure, it probably really isn't because it wouldn't take that much effort 00:19:09.630 --> 00:19:12.360 for maybe someone in your household to write code like this, 00:19:12.360 --> 00:19:15.402 connect to your phone secretly at night when you're not paying attention, 00:19:15.402 --> 00:19:18.490 and figure out, potentially, what your code actually is. 00:19:18.490 --> 00:19:21.535 So what would be better than using just digits? 00:19:21.535 --> 00:19:22.410 What would be better? 00:19:22.410 --> 00:19:25.118 Well, why don't we use letters of the alphabet, English alphabet, 00:19:25.118 --> 00:19:26.310 for today's purposes? 00:19:26.310 --> 00:19:31.110 And in the English alphabet, we have more letters than we have numbers. 00:19:31.110 --> 00:19:32.875 So how might we think about this? 00:19:32.875 --> 00:19:34.500 Let's go ahead and ask a question here. 00:19:34.500 --> 00:19:36.960 If you change your phone after today to use 00:19:36.960 --> 00:19:43.810 four letters of the English alphabet instead of using numbers alone, 00:19:43.810 --> 00:19:45.940 how many possibilities are there then? 00:19:45.940 --> 00:19:48.910 Well, let me go ahead and open up a different poll question here, 00:19:48.910 --> 00:19:54.420 which asks this time, how many 4-letter passcodes are possible? 00:19:54.420 --> 00:19:56.710 And we'll see what folks think and answer to this, 00:19:56.710 --> 00:19:58.300 as the answers begin to come in. 00:20:00.880 --> 00:20:02.805 To be fair, I have not qualified one thing. 00:20:02.805 --> 00:20:04.930 So you might have to be making certain assumptions. 00:20:04.930 --> 00:20:07.930 There are indeed 26 letters of the English alphabet. 00:20:07.930 --> 00:20:10.720 However, there's uppercase and lowercase. 00:20:10.720 --> 00:20:13.300 So if you allow the user to type in something case 00:20:13.300 --> 00:20:16.010 sensitively, so to speak, where case matters, 00:20:16.010 --> 00:20:19.660 it's not 26 possibilities for each of those four characters. 00:20:19.660 --> 00:20:22.130 It's instead 52 possibilities. 00:20:22.130 --> 00:20:24.940 So it looks like an overwhelming number of you, 78% 00:20:24.940 --> 00:20:27.790 think there's some seven million possibilities when 00:20:27.790 --> 00:20:29.590 using 4-letter passcodes. 00:20:29.590 --> 00:20:33.890 About 11% of you think that 52,000 are all of the passcodes. 00:20:33.890 --> 00:20:35.570 So let's go ahead and do the quick math. 00:20:35.570 --> 00:20:38.320 Again, it doesn't need to be particularly sophisticated, the math. 00:20:38.320 --> 00:20:41.860 Let me go ahead and open up this time, similar approach 00:20:41.860 --> 00:20:45.082 to this problem, whereby if we have four letters of the alphabet, 00:20:45.082 --> 00:20:47.290 and let's assume case sensitivity, which, to be fair, 00:20:47.290 --> 00:20:49.390 you might not have assumed, well, then I think 00:20:49.390 --> 00:20:53.140 we have 52 possibilities times 52 times 52 times 00:20:53.140 --> 00:20:57.970 52 for each of the four letters in your passcode. 00:20:57.970 --> 00:20:59.860 And if you multiply that out-- boom-- 00:20:59.860 --> 00:21:03.740 you indeed get seven million plus possibilities. 00:21:03.740 --> 00:21:05.830 So consider the takeaway here. 00:21:05.830 --> 00:21:10.720 If you are currently using a passcode that's four digits, purely numeric, 00:21:10.720 --> 00:21:14.980 you have only 10,000 digits between you and some adversary hacking 00:21:14.980 --> 00:21:16.510 into your phone potentially. 00:21:16.510 --> 00:21:20.530 If you change your 4-digit passcode to be a 4-letter passcode, 00:21:20.530 --> 00:21:23.980 then you've got seven million possible passcodes 00:21:23.980 --> 00:21:25.420 between you and the adversary. 00:21:25.420 --> 00:21:26.660 Now, why is this better? 00:21:26.660 --> 00:21:29.710 Well, again, whether they're using a robot or using code, 00:21:29.710 --> 00:21:32.912 it's just going to take them more time to hack into your device. 00:21:32.912 --> 00:21:34.870 And again, at that point, if it's going to take 00:21:34.870 --> 00:21:36.703 them that much time, that much effort, maybe 00:21:36.703 --> 00:21:41.080 even that much money to hack into your phone, you, relative to other people 00:21:41.080 --> 00:21:43.720 might indeed be more secure because it's probably 00:21:43.720 --> 00:21:46.990 going to be easier for that adversary to go steal someone else's phone 00:21:46.990 --> 00:21:49.000 and try to get into that one instead. 00:21:49.000 --> 00:21:51.820 Well, let's consider what this does in actual code. 00:21:51.820 --> 00:21:54.970 Let me go back to my Mac here. 00:21:54.970 --> 00:21:58.000 And let me go ahead and open up that same file as before. 00:21:58.000 --> 00:22:00.500 And let me go ahead and change something as follows. 00:22:00.500 --> 00:22:04.630 Instead of using just digits, let me use what I'm going to call ASCII letters. 00:22:04.630 --> 00:22:07.480 Families who are not familiar with CS, ASCII 00:22:07.480 --> 00:22:11.080 just refers to essentially all of the printable letters of the alphabet 00:22:11.080 --> 00:22:15.430 that you would typically see in English, so A through Z, capital and lowercase 00:22:15.430 --> 00:22:15.970 here. 00:22:15.970 --> 00:22:18.345 And I'm going to go ahead and change my mention of digits 00:22:18.345 --> 00:22:20.300 here to be ASCII letters as well. 00:22:20.300 --> 00:22:22.390 So again, the program is almost identical. 00:22:22.390 --> 00:22:27.010 But it's going to use all 52 uppercase and lowercase English letters instead 00:22:27.010 --> 00:22:28.930 of all 10 digits. 00:22:28.930 --> 00:22:30.350 Let me save this file. 00:22:30.350 --> 00:22:33.130 Let me rerun python of crack.py. 00:22:33.130 --> 00:22:36.910 And this time I actually have a moment to walk over to the screen 00:22:36.910 --> 00:22:40.810 and point out now that we're just now through the lower case zs. 00:22:40.810 --> 00:22:43.000 Now we're going through all the possible passcodes 00:22:43.000 --> 00:22:44.530 that start with capital letters. 00:22:44.530 --> 00:22:46.000 It's still pretty fast. 00:22:46.000 --> 00:22:48.940 This is maybe, what, 10 seconds later done? 00:22:48.940 --> 00:22:52.690 We went from AAAA to ZZZZ. 00:22:52.690 --> 00:22:54.040 So we've raised the bar. 00:22:54.040 --> 00:22:58.330 And again, the security of our phone in this case is arguably more. 00:22:58.330 --> 00:23:00.190 It's higher because now it's going to take 00:23:00.190 --> 00:23:04.870 the adversary more time or more effort to actually hack into our device. 00:23:04.870 --> 00:23:07.120 Well, let's consider, perhaps, another question, then. 00:23:07.120 --> 00:23:11.410 What if we generalize it further to be characters? 00:23:11.410 --> 00:23:13.277 And those of you among families, perhaps, 00:23:13.277 --> 00:23:15.860 might not know the distinction between characters and letters. 00:23:15.860 --> 00:23:17.830 So let me open this up to the floor here. 00:23:17.830 --> 00:23:20.140 When you register for a website these days, 00:23:20.140 --> 00:23:22.750 it's somewhat annoying because those websites typically 00:23:22.750 --> 00:23:25.840 force you to choose a good password. 00:23:25.840 --> 00:23:28.990 And what do they typically mean by good password? 00:23:28.990 --> 00:23:33.130 What does your password these days often have to contain before the website even 00:23:33.130 --> 00:23:35.060 lets you proceed? 00:23:35.060 --> 00:23:36.580 Any thoughts? 00:23:36.580 --> 00:23:37.240 And let's see. 00:23:37.240 --> 00:23:38.240 Brian, who do we have? 00:23:38.240 --> 00:23:39.492 How about Dax? 00:23:39.492 --> 00:23:40.450 What are your thoughts? 00:23:40.450 --> 00:23:44.245 DAX: Eight characters at the very least, number, and a capital. 00:23:44.245 --> 00:23:46.370 DAVID J. MALAN: So at least a number and character. 00:23:46.370 --> 00:23:47.260 So combine the two. 00:23:47.260 --> 00:23:47.990 I like that. 00:23:47.990 --> 00:23:53.290 So instead of 26 or 52 or 10, we instead have, maybe, 62 00:23:53.290 --> 00:23:54.940 if we combine letters and numbers. 00:23:54.940 --> 00:23:56.910 Other thoughts on what websites typically-- 00:23:56.910 --> 00:23:57.910 DAX: Special characters. 00:23:57.910 --> 00:23:59.327 DAVID J. MALAN: --force you to do? 00:23:59.327 --> 00:24:02.280 DAX: Special characters-- asterisk, hashtag, dollar sign. 00:24:02.280 --> 00:24:05.413 DAVID J. MALAN: OK, so special characters or punctuation characters. 00:24:05.413 --> 00:24:06.580 So maybe it's a hash symbol. 00:24:06.580 --> 00:24:09.698 Maybe it's an exclamation point, a parenthesis, a comma, a period, 00:24:09.698 --> 00:24:11.365 something else-- yeah, so these symbols. 00:24:11.365 --> 00:24:13.870 And frankly, I get as annoyed as you probably 00:24:13.870 --> 00:24:16.755 do when these websites annoy you and say, no, 00:24:16.755 --> 00:24:18.130 that you can't use that password. 00:24:18.130 --> 00:24:19.570 No, you can't use that password. 00:24:19.570 --> 00:24:21.945 You need to choose something that's much harder to guess. 00:24:21.945 --> 00:24:26.240 But indeed, if we add punctuation to the mix, I think we can do even better. 00:24:26.240 --> 00:24:29.922 In fact, a character, therefore, is any type of character. 00:24:29.922 --> 00:24:30.880 Maybe it's punctuation. 00:24:30.880 --> 00:24:31.713 Maybe it's a letter. 00:24:31.713 --> 00:24:33.980 Maybe it's a digit, unlike just letters alone. 00:24:33.980 --> 00:24:36.040 So if we have four characters, it turns out 00:24:36.040 --> 00:24:39.670 that typically, at least in ASCII, the system that CS50 students will know, 00:24:39.670 --> 00:24:44.050 computers typically use, there's 94 possibilities for each symbol 00:24:44.050 --> 00:24:47.590 because you've got 10 digits, zero through nine. 00:24:47.590 --> 00:24:51.340 You've got 26 lowercase letters, 26 uppercase letters-- and then 00:24:51.340 --> 00:24:55.960 if you count them up on an English keyboard, 32 characters more that 00:24:55.960 --> 00:24:58.690 represent punctuation, like, hashes and exclamation 00:24:58.690 --> 00:25:00.010 points and commas and periods. 00:25:00.010 --> 00:25:03.080 So if you have 94 possibilities for each of those symbols, 00:25:03.080 --> 00:25:08.840 it turns out that you then have a total of 78 million possible passcodes. 00:25:08.840 --> 00:25:10.280 And that's pretty good. 00:25:10.280 --> 00:25:12.890 Now we're really raising the bar to the adversary 00:25:12.890 --> 00:25:18.140 because now they have to waste even more time trying to hack into your passcode. 00:25:18.140 --> 00:25:21.170 And in fact, let me go ahead and simulate that with some actual code. 00:25:21.170 --> 00:25:23.990 Let me go ahead and open up my same program as before. 00:25:23.990 --> 00:25:27.290 And this time let me go ahead and import not just ASCII letters, 00:25:27.290 --> 00:25:30.560 but also digits, and also literally, punctuation. 00:25:30.560 --> 00:25:33.200 The code I'm writing in this language called Python literally 00:25:33.200 --> 00:25:35.600 gives me access to all printable punctuation 00:25:35.600 --> 00:25:38.240 by just importing it with this first line of code. 00:25:38.240 --> 00:25:41.390 And I just need to change one line of code down here. 00:25:41.390 --> 00:25:47.930 I need to actually say ASCII letters plus digits plus punctuation. 00:25:47.930 --> 00:25:52.160 So this is Python shorthand notation for joining multiple lists. 00:25:52.160 --> 00:25:55.580 Those CS50 students among you will know that you can join two lists, perhaps, 00:25:55.580 --> 00:25:57.710 in this way, using what looks like concatenation. 00:25:57.710 --> 00:25:59.940 But with lists, it combines them all together. 00:25:59.940 --> 00:26:01.760 But I'm still going to do of length 4 here. 00:26:01.760 --> 00:26:03.620 Now let me go ahead and save this program 00:26:03.620 --> 00:26:05.990 and rerun it as python of crack.py. 00:26:05.990 --> 00:26:10.550 And now I can frankly take my time walking over to the screen 00:26:10.550 --> 00:26:14.630 because now what you're seeing on the screen is four possible symbols. 00:26:14.630 --> 00:26:18.230 But it's including 32 possible punctuation symbols, which 00:26:18.230 --> 00:26:20.630 means this list is much longer, right? 00:26:20.630 --> 00:26:22.700 At this point in the story, we were already 00:26:22.700 --> 00:26:26.280 through all of the lowercase letters up through Z a moment ago. 00:26:26.280 --> 00:26:32.900 Now we're only at the Ms, Ns, Os, Ps, which is to say, 00:26:32.900 --> 00:26:35.480 that if my Mac weren't just printing this on the screen, 00:26:35.480 --> 00:26:38.870 but were instead connected to your phone that I stole and somehow 00:26:38.870 --> 00:26:41.990 sending all of these possible passcodes into your phone, 00:26:41.990 --> 00:26:44.930 it would be taking this much time to actually solve. 00:26:44.930 --> 00:26:47.630 Now, to be fair, we're almost at the lowercase zs. 00:26:47.630 --> 00:26:52.400 So if we stall for a minute or two longer, this program, too, will finish. 00:26:52.400 --> 00:26:57.420 So even 78 million possibilities is not all that impressive. 00:26:57.420 --> 00:27:00.810 And so I daresay that we should do even better than this. 00:27:00.810 --> 00:27:05.420 So what might be better than four characters for a password? 00:27:05.420 --> 00:27:06.980 Any thoughts or volunteers? 00:27:06.980 --> 00:27:10.790 What would be a better password than four characters, where, 00:27:10.790 --> 00:27:16.530 again, each character is a letter, a number, or a punctuation symbol? 00:27:16.530 --> 00:27:17.530 The list is pretty good. 00:27:17.530 --> 00:27:19.238 But I think we can do better because even 00:27:19.238 --> 00:27:22.290 this will be done in under a minute. 00:27:22.290 --> 00:27:23.850 Yeah, thoughts about it, Leo? 00:27:23.850 --> 00:27:25.590 LEO: Right. 00:27:25.590 --> 00:27:28.310 Have a longer password to use, like, at least eight characters. 00:27:28.310 --> 00:27:29.310 DAVID J. MALAN: Perfect. 00:27:29.310 --> 00:27:31.268 So have a longer password using at least eight. 00:27:31.268 --> 00:27:33.777 And notice here, we're even now going through the numbers. 00:27:33.777 --> 00:27:35.860 But we're almost done, it seems, with the numbers. 00:27:35.860 --> 00:27:37.420 But now we're going through punctuation. 00:27:37.420 --> 00:27:39.837 But again, if I give this a little more time-- and I think 00:27:39.837 --> 00:27:41.018 I was a little overzealous. 00:27:41.018 --> 00:27:42.810 Under a minute probably isn't going to fly. 00:27:42.810 --> 00:27:45.570 But certainly, by the end of class, that will have been done. 00:27:45.570 --> 00:27:48.660 But what if we do a little better and use eight characters? 00:27:48.660 --> 00:27:50.970 Well, eight characters is going to take even longer. 00:27:50.970 --> 00:27:54.403 But let's go ahead and ask you all how much longer this might take. 00:27:54.403 --> 00:27:56.820 Let me go ahead and open up a somewhat different question, 00:27:56.820 --> 00:27:58.300 but similar in spirit. 00:27:58.300 --> 00:28:01.300 In just a moment that will appear on your screen. 00:28:01.300 --> 00:28:05.010 And the question here is going to be how many 8-character passcodes are 00:28:05.010 --> 00:28:06.060 possible? 00:28:06.060 --> 00:28:08.280 And this time I'm waving my hand at it. 00:28:08.280 --> 00:28:11.310 I didn't even bother doing the math precisely yet. 00:28:11.310 --> 00:28:13.560 But I'm proposing that it's roughly a million, 00:28:13.560 --> 00:28:18.090 a billion, a trillion, a quadrillion, a quintillion. 00:28:18.090 --> 00:28:20.737 Some of you are perhaps noticing a pattern here. 00:28:20.737 --> 00:28:22.320 And you went straight for quintillion. 00:28:22.320 --> 00:28:24.790 That bar jumped up really fast. 00:28:24.790 --> 00:28:26.160 So maybe you're right. 00:28:26.160 --> 00:28:27.480 Good instincts, perhaps. 00:28:27.480 --> 00:28:29.550 It looks like we're getting equilibrium. 00:28:29.550 --> 00:28:32.190 About 60% of you think it's 1 quintillion. 00:28:32.190 --> 00:28:34.350 25% of you think it's a quadrillion. 00:28:34.350 --> 00:28:36.600 And then fewer and fewer for the others. 00:28:36.600 --> 00:28:39.060 Well, let's take a look at what the actual answer is. 00:28:39.060 --> 00:28:42.640 Give me just a moment to actually do out the math here on my screen. 00:28:42.640 --> 00:28:45.120 And if we do out the math on my screen here, 00:28:45.120 --> 00:28:47.760 we'll see, of course, that we need to do some more math. 00:28:47.760 --> 00:28:52.620 We need to do 94 times itself eight times instead of just four, 00:28:52.620 --> 00:28:55.350 to Leo's suggestion of using eight possible symbols. 00:28:55.350 --> 00:28:58.020 And if you do this out, I had to think about this. 00:28:58.020 --> 00:29:02.880 This in fact is, let's see, we've got millions, billions, trillions, 00:29:02.880 --> 00:29:04.200 quadrillions. 00:29:04.200 --> 00:29:04.860 Gotcha. 00:29:04.860 --> 00:29:07.470 So it wasn't the biggest option on the list. 00:29:07.470 --> 00:29:09.810 The answer is indeed quadrillion. 00:29:09.810 --> 00:29:12.330 So 6 quadrillion, if you will. 00:29:12.330 --> 00:29:15.120 But-- but-- but those of you who are fans 00:29:15.120 --> 00:29:18.765 of having quintillion possibilities, which is pretty, pretty 00:29:18.765 --> 00:29:21.390 secure because it's just going to take the adversary way longer 00:29:21.390 --> 00:29:26.910 to hack into your password, well, all it takes to go from 6 quadrillion 00:29:26.910 --> 00:29:31.210 to some number of quintillion is just two more characters. 00:29:31.210 --> 00:29:35.070 So in fact, if Leo had proposed not an 8-character passcode, 00:29:35.070 --> 00:29:39.300 but a 10-character passcode, we actually would have hit quintillions. 00:29:39.300 --> 00:29:40.890 So life gets interesting. 00:29:40.890 --> 00:29:44.610 Life gets more secure, the longer and longer and more complicated 00:29:44.610 --> 00:29:46.380 these passcodes get. 00:29:46.380 --> 00:29:49.140 All right, so by logic, then, you should all probably 00:29:49.140 --> 00:29:51.210 have passcodes that are not eight, not 10. 00:29:51.210 --> 00:29:53.280 Maybe they're 20 characters long. 00:29:53.280 --> 00:29:55.350 Maybe they're 100 characters long. 00:29:55.350 --> 00:29:58.920 But here we see another theme in security, that of trade-offs. 00:29:58.920 --> 00:30:03.510 Like, the end all is probably not to be as secure as possible, 00:30:03.510 --> 00:30:05.850 but to be as secure as possible conditional 00:30:05.850 --> 00:30:08.020 on some other goals you might have. 00:30:08.020 --> 00:30:10.500 So let me ask this, what's the trade-off here? 00:30:10.500 --> 00:30:15.240 In making your password longer and longer and more and more complicated, 00:30:15.240 --> 00:30:18.270 what price do you pay as the human? 00:30:18.270 --> 00:30:19.530 What's the downside? 00:30:19.530 --> 00:30:22.350 In computer science, as in life, there's always a catch. 00:30:22.350 --> 00:30:24.070 There's always a cost. 00:30:24.070 --> 00:30:27.840 So what's the cost when you make your passcode more and more secure? 00:30:27.840 --> 00:30:28.620 Any thoughts? 00:30:28.620 --> 00:30:29.323 Let see. 00:30:29.323 --> 00:30:30.240 Who do we have, Brian? 00:30:30.240 --> 00:30:32.190 Over to Jenny? 00:30:32.190 --> 00:30:32.940 What do you think? 00:30:32.940 --> 00:30:36.480 JENNY: Yeah, I feel that it is very difficult for a human being 00:30:36.480 --> 00:30:38.100 to remember such a long password. 00:30:38.100 --> 00:30:41.910 And due to that, we even store those long passwords somewhere in the system 00:30:41.910 --> 00:30:45.267 itself so that we can use that whenever we have to log in into the system. 00:30:45.267 --> 00:30:47.100 DAVID J. MALAN: Yeah, there's this trade-off 00:30:47.100 --> 00:30:48.660 of just remembering the darn things. 00:30:48.660 --> 00:30:49.950 And you make a perfect point. 00:30:49.950 --> 00:30:54.527 If I can get on my soapbox again, if you are among those people who have pretty 00:30:54.527 --> 00:30:57.610 good passwords, and by good passwords, I mean, some numbers, some letters, 00:30:57.610 --> 00:31:02.430 some punctuation, but it's written on a Post-It note on your monitor at work, 00:31:02.430 --> 00:31:06.540 or maybe it's slightly more cleverly written in a Microsoft Word file 00:31:06.540 --> 00:31:08.910 in your hard drive, or maybe it's in a Google Doc, 00:31:08.910 --> 00:31:11.610 or maybe it's even on a piece of paper in your drawer-- 00:31:11.610 --> 00:31:14.740 you're just exposing yourself to other threats, of course. 00:31:14.740 --> 00:31:18.123 But here, too, is a sociological consideration or just a policy 00:31:18.123 --> 00:31:20.790 consideration, whether you're running a business or a university 00:31:20.790 --> 00:31:23.370 or just a household with multiple family members. 00:31:23.370 --> 00:31:25.140 What should your own policies be? 00:31:25.140 --> 00:31:28.170 Because arguably it's not Jenny's fault, it's not our fault 00:31:28.170 --> 00:31:31.170 if we are resorting to writing things down on paper 00:31:31.170 --> 00:31:34.380 if our passwords are so darn hard to remember. 00:31:34.380 --> 00:31:36.870 And moreover, I haven't even made the suggestion yet, 00:31:36.870 --> 00:31:39.150 but if you are one of those people in life 00:31:39.150 --> 00:31:42.510 who is using the same password on multiple devices 00:31:42.510 --> 00:31:46.620 or on multiple websites or on multiple apps, you are bad. 00:31:46.620 --> 00:31:48.930 Like, you are also doing something bad. 00:31:48.930 --> 00:31:49.590 Why? 00:31:49.590 --> 00:31:52.770 Because if any one of those apps or websites is compromised 00:31:52.770 --> 00:31:55.080 and your password gets out, whether it's "iloveyou," 00:31:55.080 --> 00:31:57.750 quote unquote, or something much more complicated, 00:31:57.750 --> 00:32:01.680 all an adversary has to do now is try that same password 00:32:01.680 --> 00:32:02.910 on your other accounts. 00:32:02.910 --> 00:32:06.372 And so you're just exposing yourself to more risk by reusing passwords. 00:32:06.372 --> 00:32:08.580 But to Jenny's point here, my God, where does it end? 00:32:08.580 --> 00:32:12.420 Now I need a really long random password on this website, this one, 00:32:12.420 --> 00:32:14.500 and this one, and this app, all over the place. 00:32:14.500 --> 00:32:18.300 I mean, honestly, I as a human certainly can't remember all of those passwords. 00:32:18.300 --> 00:32:21.640 And even if I could, I feel like there's better things in life to be remembering 00:32:21.640 --> 00:32:24.650 than passwords for accounts like this. 00:32:24.650 --> 00:32:26.170 So there's surely a trade-off here. 00:32:26.170 --> 00:32:30.790 But again, the goal is to keep the adversary out with some probability, 00:32:30.790 --> 00:32:33.460 not necessarily out in the absolute. 00:32:33.460 --> 00:32:39.040 So what else can we do to prevent the adversary from hacking into our systems 00:32:39.040 --> 00:32:42.880 so that I can have a somewhat easier, more memorable passcode, 00:32:42.880 --> 00:32:44.110 but at least keep them out? 00:32:44.110 --> 00:32:45.860 Well, here's a screenshot of something you 00:32:45.860 --> 00:32:48.100 might have done by accident, perhaps late 00:32:48.100 --> 00:32:51.010 at night when a little groggy, or a little blurry-eyed, 00:32:51.010 --> 00:32:54.670 trying to type in your password incorrectly too many times. 00:32:54.670 --> 00:32:56.980 In fact, by a show of physical hands, how many people 00:32:56.980 --> 00:33:01.840 have locked yourself out of your phone before by typing in the wrong password 00:33:01.840 --> 00:33:02.740 too many times? 00:33:02.740 --> 00:33:04.870 I did it, like, literally just the other day. 00:33:04.870 --> 00:33:07.910 And so on iPhone, for instance, it looks a little something like this. 00:33:07.910 --> 00:33:11.660 And if we zoom in, notice that it's saying, try again in 1 minute. 00:33:11.660 --> 00:33:14.570 So you don't have to get rid of the phone and start over. 00:33:14.570 --> 00:33:17.050 But the iPhone is telling you to come back in a minute. 00:33:17.050 --> 00:33:19.960 And if we look at, for instance, Android, something similar-- 00:33:19.960 --> 00:33:22.300 your Android wallpaper will differ, certainly. 00:33:22.300 --> 00:33:25.300 But down here, for instance, it says too many attempts. 00:33:25.300 --> 00:33:26.012 Try again later. 00:33:26.012 --> 00:33:28.720 I mean, that's a little infuriating because if I pick up my phone 00:33:28.720 --> 00:33:30.130 now, I want to get in now. 00:33:30.130 --> 00:33:31.660 Well, when the heck is later? 00:33:31.660 --> 00:33:35.600 So putting that aside, what's the takeaway here? 00:33:35.600 --> 00:33:39.005 Why are Apple and why are Google doing this? 00:33:39.005 --> 00:33:42.130 Because I bet all of you, if you've ever locked yourself out of your phone, 00:33:42.130 --> 00:33:45.280 are super annoyed at that moment in time and probably don't 00:33:45.280 --> 00:33:47.280 appreciate Apple or Google. 00:33:47.280 --> 00:33:49.030 But what's the upside of what they've just 00:33:49.030 --> 00:33:53.350 done when they lock you out of your phone for having 00:33:53.350 --> 00:33:56.800 guessed your password incorrectly? 00:33:56.800 --> 00:34:00.460 Why is this arguably a feature and not a bug, a mistake? 00:34:00.460 --> 00:34:01.090 Sam? 00:34:01.090 --> 00:34:04.895 SAM: Yeah, it's used to decrease the chances of a successful brute force 00:34:04.895 --> 00:34:05.395 attack. 00:34:05.395 --> 00:34:08.979 DAVID J. MALAN: And how does it decrease the chance of that, would you say? 00:34:08.979 --> 00:34:15.310 SAM: Because it makes the attacker have to commit more tries before they 00:34:15.310 --> 00:34:17.380 can successfully get into the phone. 00:34:17.380 --> 00:34:18.969 So it decreases the chances. 00:34:18.969 --> 00:34:20.090 DAVID J. MALAN: Exactly. 00:34:20.090 --> 00:34:22.840 So this is a very common principle in security. 00:34:22.840 --> 00:34:26.590 And it was pointed out earlier, too, just slow the adversary down. 00:34:26.590 --> 00:34:28.760 We don't have to rethink the problem of security. 00:34:28.760 --> 00:34:31.060 We don't have to redesign passwords necessarily. 00:34:31.060 --> 00:34:33.219 But we should make it harder for the adversary 00:34:33.219 --> 00:34:36.909 to log in, ideally, without making it harder for you and I to log 00:34:36.909 --> 00:34:37.960 in to our own devices. 00:34:37.960 --> 00:34:41.650 So consider the simplest passcode that had four digits. 00:34:41.650 --> 00:34:45.010 A 4-digit passcode, there were 10,000 possibilities. 00:34:45.010 --> 00:34:47.980 A computer, a robot could guess all of those pretty quickly. 00:34:47.980 --> 00:34:51.639 But what if after typing in the wrong passcode three times 00:34:51.639 --> 00:34:55.780 or maybe ten times, some small number of times, what if the iPhone or Android 00:34:55.780 --> 00:34:59.560 phone locks you out for a minute, just like iPhone did a moment ago? 00:34:59.560 --> 00:35:03.040 Well, that might mean, even though there's only 10,000 possibilities, 00:35:03.040 --> 00:35:06.040 maybe it will take the adversary 10,000 minutes 00:35:06.040 --> 00:35:10.820 to track your password because they keep getting slowed down every time 00:35:10.820 --> 00:35:12.070 they type in an incorrect one. 00:35:12.070 --> 00:35:13.403 And maybe it's not quite 10,000. 00:35:13.403 --> 00:35:15.350 It's some factor of that. 00:35:15.350 --> 00:35:17.020 But you can slow them down in that way. 00:35:17.020 --> 00:35:21.760 Maybe you have a 10-character passcode with 78 quadrillion possibilities. 00:35:21.760 --> 00:35:25.330 And imagine the phone just slows you down 1 second. 00:35:25.330 --> 00:35:28.120 Maybe you can only type in one passcode per second. 00:35:28.120 --> 00:35:29.680 That sounds pretty fast. 00:35:29.680 --> 00:35:33.730 But 78 quadrillion seconds is crazy long. 00:35:33.730 --> 00:35:36.880 And so even that kind of slowdown might very well 00:35:36.880 --> 00:35:39.580 be enough to keep the adversary out. 00:35:39.580 --> 00:35:43.398 And so if you don't have features like this enabled on, really, any device, 00:35:43.398 --> 00:35:44.440 you should look for them. 00:35:44.440 --> 00:35:47.860 Nowadays, thankfully, they tend to come pre-configured for this. 00:35:47.860 --> 00:35:49.810 But there is a downside. 00:35:49.810 --> 00:35:50.997 There is a downside. 00:35:50.997 --> 00:35:53.080 You shouldn't just turn on these kinds of defenses 00:35:53.080 --> 00:35:56.800 blindly because what's the downside of keeping this feature enabled 00:35:56.800 --> 00:35:59.950 or leaving it enabled-- 00:35:59.950 --> 00:36:03.970 those are the same things-- or enabling it, if it's not already enabled? 00:36:03.970 --> 00:36:06.310 What's the downside here, to be clear? 00:36:06.310 --> 00:36:10.750 Because none of our advice today will be 100% a win. 00:36:10.750 --> 00:36:11.500 David? 00:36:11.500 --> 00:36:13.780 DAVID: Well, if you forget your password, 00:36:13.780 --> 00:36:16.780 that means it's going to take longer for you to access your phone again. 00:36:16.780 --> 00:36:20.140 DAVID J. MALAN: Yeah, it's going to take you, the user, the owner of the device, 00:36:20.140 --> 00:36:21.400 even longer to log in. 00:36:21.400 --> 00:36:25.060 And I'll admit, too, I have on multiple occasions not locked myself out once. 00:36:25.060 --> 00:36:25.978 I then got stubborn. 00:36:25.978 --> 00:36:27.520 And I think my anger level just rose. 00:36:27.520 --> 00:36:30.640 So I started typing in more angrily, and therefore making more mistakes. 00:36:30.640 --> 00:36:33.070 And what Apple and Google do is they have 00:36:33.070 --> 00:36:35.380 what you might describe as exponential backoff, which 00:36:35.380 --> 00:36:38.847 is a fancy way of saying, the first time you get penalized one minute. 00:36:38.847 --> 00:36:40.180 Now you have to wait one minute. 00:36:40.180 --> 00:36:43.030 If you screw up again, then you have to wait two minutes. 00:36:43.030 --> 00:36:45.023 If you screw up again, maybe it's five minutes. 00:36:45.023 --> 00:36:45.940 Maybe it's 10 minutes. 00:36:45.940 --> 00:36:46.840 Maybe it's an hour. 00:36:46.840 --> 00:36:49.715 And I swear, at that point I wanted to throw my phone across the room 00:36:49.715 --> 00:36:51.700 because I couldn't get into my own device. 00:36:51.700 --> 00:36:55.840 And there you start to sacrifice, of course, usability, right? 00:36:55.840 --> 00:37:00.190 If my device is so secure that even I can't get into it, 00:37:00.190 --> 00:37:02.080 then is it really worth having at all? 00:37:02.080 --> 00:37:04.780 And so finding that inflection point is part 00:37:04.780 --> 00:37:07.720 of engineering good secure systems because you 00:37:07.720 --> 00:37:10.150 have to find that inflection point so that your users 00:37:10.150 --> 00:37:12.190 are using good passwords and passcodes. 00:37:12.190 --> 00:37:16.300 But they're not just taping them onto the monitor on a Post-It note 00:37:16.300 --> 00:37:19.123 or disabling them all together. 00:37:19.123 --> 00:37:21.040 All right, let me pause here to see, are there 00:37:21.040 --> 00:37:27.310 any questions about passwords, passcodes, brute forcing or these kinds 00:37:27.310 --> 00:37:30.550 of defenses, given that passwords are perhaps 00:37:30.550 --> 00:37:33.520 our most common defense against adversaries 00:37:33.520 --> 00:37:36.880 accessing hardware and software that we don't want them to? 00:37:36.880 --> 00:37:38.485 Yeah, Dax, question? 00:37:38.485 --> 00:37:40.720 DAX: Now so there is a definite number we 00:37:40.720 --> 00:37:43.240 can calculate that for 4-digit numbers this is 00:37:43.240 --> 00:37:46.120 the most possible number of outcomes. 00:37:46.120 --> 00:37:47.918 But what about biometrics? 00:37:47.918 --> 00:37:48.460 Fingerprints? 00:37:48.460 --> 00:37:49.845 Face scanning? 00:37:49.845 --> 00:37:51.710 DAVID J. MALAN: Yeah, really good question. 00:37:51.710 --> 00:37:53.950 So what about biometrics, using face scanning? 00:37:53.950 --> 00:37:58.397 Like, Apple has face ID these days, which also annoys me sometimes 00:37:58.397 --> 00:37:59.980 if it doesn't quite get my face right. 00:37:59.980 --> 00:38:02.230 Or these days if we're wearing masks, it's 00:38:02.230 --> 00:38:03.910 infuriating to use that kind of feature. 00:38:03.910 --> 00:38:07.935 But maybe probabilistically, there are fewer people with exactly 00:38:07.935 --> 00:38:09.560 your facial features than someone else. 00:38:09.560 --> 00:38:12.060 And so that would be more secure than picking some passcode. 00:38:12.060 --> 00:38:14.770 Sometimes you use fingerprints or retinal scans 00:38:14.770 --> 00:38:17.650 or the distance between your fingers, all of these different measures 00:38:17.650 --> 00:38:21.850 that statistically tend to not so much uniquely 00:38:21.850 --> 00:38:25.508 identify us, but uniquely identify us all enough. 00:38:25.508 --> 00:38:26.800 And there's threats there, too. 00:38:26.800 --> 00:38:28.508 A former colleague of ours, for instance, 00:38:28.508 --> 00:38:31.090 had a twin brother who because of Apple's face ID 00:38:31.090 --> 00:38:34.330 was now able to get into his phone by just picking it up off of the table 00:38:34.330 --> 00:38:36.980 because as twins, they both looked all too similar. 00:38:36.980 --> 00:38:39.580 So there's downsides and upsides there, too. 00:38:39.580 --> 00:38:42.070 But biometrics can also help things so that it's 00:38:42.070 --> 00:38:45.130 a factor you have on you always and not something, 00:38:45.130 --> 00:38:48.010 for instance, that you just only have to remember. 00:38:48.010 --> 00:38:51.520 And in fact, that's a perfect segue to what computer scientists 00:38:51.520 --> 00:38:54.217 call two-factor authentication. 00:38:54.217 --> 00:38:56.050 In the security world, security people would 00:38:56.050 --> 00:39:01.070 call the passwords we're using one factor, and something 00:39:01.070 --> 00:39:03.380 like biometrics, a second factor. 00:39:03.380 --> 00:39:06.350 And indeed, two-factor authentication means a defense mechanism 00:39:06.350 --> 00:39:09.050 against the adversaries that doesn't rely just on something 00:39:09.050 --> 00:39:10.970 you know, like, a password. 00:39:10.970 --> 00:39:14.540 It also relies on something typically that you have, like, 00:39:14.540 --> 00:39:18.570 a hand or fingers or eyes or face or the like, 00:39:18.570 --> 00:39:21.980 so that even if someone compromises your password 00:39:21.980 --> 00:39:25.490 and downloads it somewhere from a database where you've used it before, 00:39:25.490 --> 00:39:28.490 they don't necessarily have access to your eyes and your hands 00:39:28.490 --> 00:39:31.500 and your face and the like, unless they have physical access to you. 00:39:31.500 --> 00:39:33.680 So it just narrows the scope of the threats. 00:39:33.680 --> 00:39:35.900 But there's other forms of two-factor authentication. 00:39:35.900 --> 00:39:38.718 For instance, if this sounds familiar now, and maybe 00:39:38.718 --> 00:39:40.760 you don't even call it two-factor authentication. 00:39:40.760 --> 00:39:43.970 It's often called two-step authentication. 00:39:43.970 --> 00:39:47.210 By a show of physical hands, who has one or more accounts that 00:39:47.210 --> 00:39:51.000 uses two factors instead of just one? 00:39:51.000 --> 00:39:54.350 Yeah, so here, too, it's good to see so many hands going up. 00:39:54.350 --> 00:39:58.370 But if you do not use two-factor authentication 00:39:58.370 --> 00:40:03.170 for things like your email account or your bank accounts or your brokerage 00:40:03.170 --> 00:40:06.830 accounts or your health medical accounts, 00:40:06.830 --> 00:40:09.110 you really should start considering doing so. 00:40:09.110 --> 00:40:10.880 And what form does this typically take? 00:40:10.880 --> 00:40:12.963 Well, let me show a screenshot here, for instance. 00:40:12.963 --> 00:40:14.930 Even if you just have a simple Gmail account 00:40:14.930 --> 00:40:17.570 that you use for work or for personal use, 00:40:17.570 --> 00:40:20.480 you can enable what Google calls two-step verification, which 00:40:20.480 --> 00:40:22.360 is two-factor authentication. 00:40:22.360 --> 00:40:24.860 And what you'll be prompted for when logging into your Gmail 00:40:24.860 --> 00:40:29.250 account if you enable this is not only your username and your password, 00:40:29.250 --> 00:40:31.070 but also a 6-digit code. 00:40:31.070 --> 00:40:33.710 And six digits doesn't sound terribly long. 00:40:33.710 --> 00:40:36.620 But in this case, the way these technologies typically work 00:40:36.620 --> 00:40:42.200 is that you are sent that 6-digit code once via email or via text message 00:40:42.200 --> 00:40:46.010 or via special app that you install on your phone or some other device 00:40:46.010 --> 00:40:48.170 so that only you have that code. 00:40:48.170 --> 00:40:50.060 Only you have that device. 00:40:50.060 --> 00:40:51.800 And therefore, only you know that code. 00:40:51.800 --> 00:40:54.380 And better yet, these codes expire. 00:40:54.380 --> 00:40:57.770 So even if some adversary intercepts it or sees you typing it 00:40:57.770 --> 00:41:00.560 in over your shoulder, you can only use these codes once, 00:41:00.560 --> 00:41:02.750 which makes them even better than passwords 00:41:02.750 --> 00:41:06.680 alone because they expire after single time use. 00:41:06.680 --> 00:41:08.450 And so consider now, again-- 00:41:08.450 --> 00:41:10.400 and I can't emphasize this enough-- if you 00:41:10.400 --> 00:41:13.242 are of the age where you have your own bank accounts, again, 00:41:13.242 --> 00:41:15.200 brokerage accounts, anything medically related, 00:41:15.200 --> 00:41:17.600 anything that you find especially important or personal, 00:41:17.600 --> 00:41:21.830 like, your own email or chat accounts, if you're only using a password, 00:41:21.830 --> 00:41:24.920 you now as of today already have the mathematical tools 00:41:24.920 --> 00:41:28.010 and the mental model, I daresay, to figure out just 00:41:28.010 --> 00:41:32.780 how easily someone could compromise your account and get into your information 00:41:32.780 --> 00:41:35.637 and take your money or read your emails or the like. 00:41:35.637 --> 00:41:38.720 So you can improve that situation by just coming up with a better, longer, 00:41:38.720 --> 00:41:42.410 more random password that you remember or memorize in some way, 00:41:42.410 --> 00:41:46.820 or additionally, by enabling the second factor so that you narrow 00:41:46.820 --> 00:41:52.710 the number of threats that are dangerous to you as a result. 00:41:52.710 --> 00:41:55.112 So with that said, too, with two-factor authentication, 00:41:55.112 --> 00:41:57.320 there's another thing you can bring into play when it 00:41:57.320 --> 00:41:59.810 comes to managing all your passwords. 00:41:59.810 --> 00:42:03.230 I alluded to using Microsoft Word before or a Post-It note. 00:42:03.230 --> 00:42:05.970 There are software solutions to this, too. 00:42:05.970 --> 00:42:09.320 So another defense we would like to offer up for your consideration today 00:42:09.320 --> 00:42:11.510 is what's generally called a password manager. 00:42:11.510 --> 00:42:14.645 This is a piece of software, either for free or that you pay for, 00:42:14.645 --> 00:42:17.300 for your phone or your laptop or desktop, that 00:42:17.300 --> 00:42:19.160 literally manages your passwords. 00:42:19.160 --> 00:42:23.750 In its simplest form, think of it like a spreadsheet, but that's "secure," 00:42:23.750 --> 00:42:25.670 quote unquote, on your own computer. 00:42:25.670 --> 00:42:28.970 That is, these password managers-- and here's two popular ones. 00:42:28.970 --> 00:42:33.483 onepassword.com is one popular tool. lastpass.com is another one. 00:42:33.483 --> 00:42:35.150 And there's others if you google around. 00:42:35.150 --> 00:42:37.970 But I would, as always, read up on reviews or get second opinions. 00:42:37.970 --> 00:42:40.160 Don't just take at face value what we propose. 00:42:40.160 --> 00:42:42.620 But these password managers are programs that you 00:42:42.620 --> 00:42:45.920 type your usernames and passwords into. 00:42:45.920 --> 00:42:52.040 And then you save them all behind one master password, one password that's 00:42:52.040 --> 00:42:54.650 really long, hopefully, really random with lots 00:42:54.650 --> 00:42:56.210 of numbers and letters and symbols. 00:42:56.210 --> 00:43:00.710 But all you have to remember is that one main password. 00:43:00.710 --> 00:43:04.040 And by entering that password into your Mac or PC or phone, 00:43:04.040 --> 00:43:06.230 you then unlock all of your other accounts. 00:43:06.230 --> 00:43:09.920 And you can then just copy and paste your actual accounts' usernames 00:43:09.920 --> 00:43:10.725 and passwords. 00:43:10.725 --> 00:43:12.850 Or these programs also give you keyboard shortcuts. 00:43:12.850 --> 00:43:16.430 So you hit a keyboard command, and voila, you're automatically 00:43:16.430 --> 00:43:17.420 logged into websites. 00:43:17.420 --> 00:43:20.000 You don't have to copy/paste or manually transcribe them. 00:43:20.000 --> 00:43:21.860 So to this day, what does this mean? 00:43:21.860 --> 00:43:24.230 For me, I use one of these password managers. 00:43:24.230 --> 00:43:25.980 And most of my colleagues do as well. 00:43:25.980 --> 00:43:29.660 Many of us, most of us, don't even know the passwords 00:43:29.660 --> 00:43:32.960 we use for various websites or apps or the like. 00:43:32.960 --> 00:43:33.590 Why? 00:43:33.590 --> 00:43:35.780 Because we now trust that the password manager 00:43:35.780 --> 00:43:39.710 can, with the click of a button, generate a really long random password 00:43:39.710 --> 00:43:41.870 with lots of numbers, digits, and punctuation. 00:43:41.870 --> 00:43:44.510 And then it will remember it for me. 00:43:44.510 --> 00:43:47.870 And I just have to remember that one main password that's 00:43:47.870 --> 00:43:50.430 protecting all of those others. 00:43:50.430 --> 00:43:54.890 So that's good in that now I can practice what I've been preaching. 00:43:54.890 --> 00:43:58.330 But there is a downside. 00:43:58.330 --> 00:44:01.420 I'm exposing myself to a new risk or vulnerability. 00:44:01.420 --> 00:44:03.760 That is to say, what's the trade-off here? 00:44:03.760 --> 00:44:07.360 Why should you not necessarily just run off after today's class, 00:44:07.360 --> 00:44:11.260 download and install a password manager, and start using it 00:44:11.260 --> 00:44:13.990 without a little bit of thought first. 00:44:13.990 --> 00:44:17.080 What's the downside, perhaps? 00:44:17.080 --> 00:44:23.580 Yeah, over to Lexlene if I'm saying it right? 00:44:23.580 --> 00:44:30.390 LEXLENE: Yeah, if someone cracks your password manager password, 00:44:30.390 --> 00:44:32.840 then they have access to all your passwords. 00:44:32.840 --> 00:44:35.893 DAVID J. MALAN: Yeah, so really depends on what the threat here is, 00:44:35.893 --> 00:44:37.310 or what you're most worried about. 00:44:37.310 --> 00:44:39.350 If someone compromises, guesses, figures out 00:44:39.350 --> 00:44:41.970 your main password that protects all of the others, 00:44:41.970 --> 00:44:44.570 now you've just handed them all of your accounts at once. 00:44:44.570 --> 00:44:46.590 And that's a massive trade-off. 00:44:46.590 --> 00:44:48.980 However, if you again consider the alternative, 00:44:48.980 --> 00:44:53.090 coming up with big random passwords and then memorizing them all, or somewhat 00:44:53.090 --> 00:44:55.010 foolishly, writing them down on a Post-It note 00:44:55.010 --> 00:44:56.843 and putting it on your monitor, the question 00:44:56.843 --> 00:45:02.450 shouldn't be is this the right way to do things, 00:45:02.450 --> 00:45:05.702 but really, relatively speaking, is this a better way to do things? 00:45:05.702 --> 00:45:07.910 So you're always going to be vulnerable to some risk. 00:45:07.910 --> 00:45:09.590 Which of those risks do you worry about? 00:45:09.590 --> 00:45:12.380 And maybe you can mitigate that concern by maybe 00:45:12.380 --> 00:45:15.920 you could write down your main password for your password manager 00:45:15.920 --> 00:45:20.390 and maybe put it in a physical vault or a fire locker or the like 00:45:20.390 --> 00:45:23.260 that with very low probability someone else would get access to, 00:45:23.260 --> 00:45:25.010 unless they physically attack that device, 00:45:25.010 --> 00:45:27.960 or hide it somewhere in a book on your shelf or the like. 00:45:27.960 --> 00:45:29.510 So that yes, it's vulnerable. 00:45:29.510 --> 00:45:33.140 But the odds that someone finds it might just be relatively low. 00:45:33.140 --> 00:45:35.630 But again, this is the theme, figuring out 00:45:35.630 --> 00:45:39.170 what the right balance is for your accounts and the type of security 00:45:39.170 --> 00:45:42.140 that you want to aspire to achieve. 00:45:42.140 --> 00:45:43.890 Well, let's consider a few other defenses. 00:45:43.890 --> 00:45:46.932 And we'll leave time at the very end for questions about particular tools 00:45:46.932 --> 00:45:47.632 and techniques. 00:45:47.632 --> 00:45:49.340 What's another building block that we can 00:45:49.340 --> 00:45:52.310 bring to bear when it comes to protecting ourselves online? 00:45:52.310 --> 00:45:55.850 So encryption-- CS50 students will know that encryption refers, again, 00:45:55.850 --> 00:46:01.010 to the scrambling of information, making data look like it's random data, 00:46:01.010 --> 00:46:05.000 but by encrypting it with what's called the key, typically, a key that only you 00:46:05.000 --> 00:46:06.890 and the recipient somehow know. 00:46:06.890 --> 00:46:10.070 Encryption tends to be the solution to a lot of our problems. 00:46:10.070 --> 00:46:12.650 And indeed, these password managers typically 00:46:12.650 --> 00:46:17.150 additionally encrypt your data so that even someone who steals your Mac and PC 00:46:17.150 --> 00:46:19.370 can't just open up the program and see it. 00:46:19.370 --> 00:46:21.620 All of the data, too, is similarly encrypted. 00:46:21.620 --> 00:46:26.030 Many of you have already been trained or conditioned by society to at least look 00:46:26.030 --> 00:46:30.815 for or hope for or recognize https://. 00:46:30.815 --> 00:46:32.425 The s means secure. 00:46:32.425 --> 00:46:34.550 That just tends to be a good thing because it means 00:46:34.550 --> 00:46:36.290 a website you're visiting is secure. 00:46:36.290 --> 00:46:39.830 It's encrypted, as opposed to just http, which 00:46:39.830 --> 00:46:43.620 was much more common just a few years ago and is completely unencrypted. 00:46:43.620 --> 00:46:48.260 So that is to say if you visit a website that says just http in the URL, anyone 00:46:48.260 --> 00:46:51.960 between you and that website theoretically can be listening in, 00:46:51.960 --> 00:46:55.460 so to speak, on your traffic, the zeros and ones going back and forth. 00:46:55.460 --> 00:46:57.410 Anyone can see what pages you're visiting. 00:46:57.410 --> 00:47:00.260 If you're in some foreign country visiting sensitive materials, 00:47:00.260 --> 00:47:02.840 the government could know what websites you're visiting 00:47:02.840 --> 00:47:05.400 and what content, for instance, you're reading. 00:47:05.400 --> 00:47:07.940 https makes that much harder. 00:47:07.940 --> 00:47:09.080 It's not 100%. 00:47:09.080 --> 00:47:10.940 There are attacks still that are possible. 00:47:10.940 --> 00:47:12.800 But again, it just raises the bar. 00:47:12.800 --> 00:47:15.667 But there's another technique that's increasingly 00:47:15.667 --> 00:47:18.500 being discussed in the media, and with which you should be familiar, 00:47:18.500 --> 00:47:20.690 known as end-to-end encryption. 00:47:20.690 --> 00:47:24.890 End-to-end encryption means that when you're using a third-party service, 00:47:24.890 --> 00:47:27.980 typically, whether it's a chat service, a video conferencing 00:47:27.980 --> 00:47:30.320 service or the like, you're not just encrypting 00:47:30.320 --> 00:47:33.590 your traffic, the zeros and ones, between you 00:47:33.590 --> 00:47:39.020 and Google, you and Microsoft, you and Amazon, or some other third-party. 00:47:39.020 --> 00:47:43.310 You are encrypting your data between you and the person you're talking to. 00:47:43.310 --> 00:47:46.580 So WhatsApp, for instance, the popular messaging tool, 00:47:46.580 --> 00:47:48.140 early on had this feature. 00:47:48.140 --> 00:47:50.670 And many other chat programs nowadays have it as well, 00:47:50.670 --> 00:47:54.805 including iMessage and Signal and Telegram and the like. 00:47:54.805 --> 00:47:56.930 End-to-end encryption means that even though you're 00:47:56.930 --> 00:48:01.520 using a third-party service, a company that you may or may not trust, 00:48:01.520 --> 00:48:06.050 your communications are communicated between you and the person 00:48:06.050 --> 00:48:08.190 with whom you're speaking. 00:48:08.190 --> 00:48:12.260 The company in between, their servers, even though your data is going through 00:48:12.260 --> 00:48:15.530 their servers, cannot decrypt that information. 00:48:15.530 --> 00:48:18.232 They cannot see the information in its raw form. 00:48:18.232 --> 00:48:19.190 So that's a good thing. 00:48:21.760 --> 00:48:23.140 So WhatsApp does this, too. 00:48:23.140 --> 00:48:28.100 Zoom kind of does this, at least, only recently does this. 00:48:28.100 --> 00:48:31.030 So Zoom, for instance, the technology that we are all using right now, 00:48:31.030 --> 00:48:33.580 actually took some flak, rightly so, some months 00:48:33.580 --> 00:48:36.700 back, when in their marketing literature on their website, as I recall, 00:48:36.700 --> 00:48:40.510 advertised Zoom as offering end-to-end encryption, which 00:48:40.510 --> 00:48:43.750 was false because what end-to-end encryption means is, 00:48:43.750 --> 00:48:47.620 as I described it, between you and the person with whom you're communicating. 00:48:47.620 --> 00:48:50.890 But the marketing literature at the time was 00:48:50.890 --> 00:48:53.410 referring to end-to-end encryption between you 00:48:53.410 --> 00:48:57.430 and Zoom, which is not what security researchers or computer scientists 00:48:57.430 --> 00:49:00.970 or technologists in general would define end-to-end encryption as. 00:49:00.970 --> 00:49:03.130 And so they took some flak for that, rightly so. 00:49:03.130 --> 00:49:05.650 They've begun, though, in recent weeks, rolling out 00:49:05.650 --> 00:49:08.140 actual end-to-end encryption. 00:49:08.140 --> 00:49:10.270 We are not using it right now. 00:49:10.270 --> 00:49:12.880 It actually makes certain features harder to use. 00:49:12.880 --> 00:49:14.530 So there, too, there's a trade-off. 00:49:14.530 --> 00:49:17.590 But generally speaking, if you're having the most intimate or private 00:49:17.590 --> 00:49:22.150 or personal or financial or medical of communications with people, 00:49:22.150 --> 00:49:27.010 this is another feature you should start to look for and listen for and expect 00:49:27.010 --> 00:49:28.810 of the tools that you're using. 00:49:28.810 --> 00:49:32.440 And especially when it comes to censorship in various countries 00:49:32.440 --> 00:49:35.290 and communities, this is the kind of software 00:49:35.290 --> 00:49:37.330 that's increasingly under attack by governments 00:49:37.330 --> 00:49:42.730 because they often want backdoor so that the USA's NSA or FBI 00:49:42.730 --> 00:49:45.130 or some other entity can get into these communications. 00:49:45.130 --> 00:49:47.650 That's made much more difficult, in a good way, 00:49:47.650 --> 00:49:53.170 by using end-to-end encryption so that your communications are indeed secure. 00:49:53.170 --> 00:49:56.757 Well, in our final moments together, let's focus ultimately on Zoom, 00:49:56.757 --> 00:49:58.090 the very technology we're using. 00:49:58.090 --> 00:49:59.950 Because they've taken some flak, certainly 00:49:59.950 --> 00:50:02.825 beyond end-to-end encryption, which you might not have even heard of, 00:50:02.825 --> 00:50:04.210 as just being insecure. 00:50:04.210 --> 00:50:06.640 And a lot of school systems, a lot of users 00:50:06.640 --> 00:50:09.680 decided some months ago to stop using Zoom for this reason, 00:50:09.680 --> 00:50:12.040 even though their business is still booming. 00:50:12.040 --> 00:50:13.630 So is Zoom secure? 00:50:13.630 --> 00:50:15.640 Let's ask one final question of the group 00:50:15.640 --> 00:50:19.690 here, keeping in mind that we've now just spent the past hour discussing 00:50:19.690 --> 00:50:21.250 topics of security. 00:50:21.250 --> 00:50:23.990 Let me go ahead and ask this final question here, 00:50:23.990 --> 00:50:26.920 which will appear on your screen in just a moment. 00:50:26.920 --> 00:50:32.450 It is quite simply, is Zoom secure? 00:50:32.450 --> 00:50:34.860 All right, let's see how the responses are coming in. 00:50:34.860 --> 00:50:41.690 I'm seeing 55% no, 16% yes, 28%, unsure. 00:50:41.690 --> 00:50:43.070 So a reasonable spread there. 00:50:43.070 --> 00:50:44.780 Let's take a couple of comments here. 00:50:44.780 --> 00:50:50.120 Among those of you who think Zoom is secure, why do you think it's secure? 00:50:50.120 --> 00:50:54.080 Would anyone be comfortable raising a virtual hand so we can call on you, 00:50:54.080 --> 00:50:58.490 or maybe commenting in the chat as to why you think Zoom is secure? 00:50:58.490 --> 00:51:01.640 Let's see, over to, how about, Sam? 00:51:01.640 --> 00:51:02.390 What do you think? 00:51:02.390 --> 00:51:07.760 SAM: Two days ago, Zoom offered end-to-end encryption to all the users. 00:51:07.760 --> 00:51:10.730 DAVID J. MALAN: Yeah, so it was, in fact, that timely. 00:51:10.730 --> 00:51:12.497 Zoom began rolling out, on a trial basis, 00:51:12.497 --> 00:51:14.580 essentially, end-to-end encryption with all users. 00:51:14.580 --> 00:51:18.290 So if you are using that, and-- and this is key, too-- 00:51:18.290 --> 00:51:22.310 and Zoom has implemented that concept correctly, 00:51:22.310 --> 00:51:24.920 then, yes, maybe Zoom is secure in the sense 00:51:24.920 --> 00:51:27.470 that your video conversation with someone else 00:51:27.470 --> 00:51:29.960 is in fact private between you and them. 00:51:29.960 --> 00:51:34.370 With that said, if you're in a coffee shop or in a library, at least 00:51:34.370 --> 00:51:37.580 in healthier times, and someone's looking over or listening 00:51:37.580 --> 00:51:41.080 in on your conversation, arguably even that technology is not secure. 00:51:41.080 --> 00:51:42.830 You can imagine there being other threats. 00:51:42.830 --> 00:51:47.570 Maybe you have accidentally been vulnerable to a virus, some kind 00:51:47.570 --> 00:51:49.067 of threat on your own computer. 00:51:49.067 --> 00:51:50.900 And even though, yes, your data is encrypted 00:51:50.900 --> 00:51:53.480 between you and that other person, that doesn't 00:51:53.480 --> 00:51:56.420 mean there's not malicious software running on your own personal Mac 00:51:56.420 --> 00:51:59.630 or PC or the other person's, recording everything 00:51:59.630 --> 00:52:02.750 you say and uploading it to some third-party adversary. 00:52:02.750 --> 00:52:06.950 So there, too, whenever you ask or answer questions about security, 00:52:06.950 --> 00:52:09.800 take into account those kinds of qualifications, 00:52:09.800 --> 00:52:14.383 those conditionals, because security should never 00:52:14.383 --> 00:52:15.800 be discussed, really, in a vacuum. 00:52:15.800 --> 00:52:19.550 So those of you who said no, I think we could come up with even more reasons. 00:52:19.550 --> 00:52:23.000 But at least let me dispel just a few because I do think some of the flak 00:52:23.000 --> 00:52:26.300 Zoom took was overstated because those criticizing didn't really 00:52:26.300 --> 00:52:29.860 understand some of the issues that were being touted in the media. 00:52:29.860 --> 00:52:36.050 So for instance, all of you today, to log into this meeting, for instance, 00:52:36.050 --> 00:52:38.810 followed a URL, most likely, that you had been emailed 00:52:38.810 --> 00:52:40.160 or that you saw on your screen. 00:52:40.160 --> 00:52:44.630 And that URL probably looked a little something like this-- https://, 00:52:44.630 --> 00:52:48.620 which is good, zoom.us or something like that, followed by a number, 00:52:48.620 --> 00:52:49.700 the meeting ID-- 00:52:49.700 --> 00:52:52.250 for instance, 5551112222. 00:52:52.250 --> 00:52:55.560 But it was a different number for today's meeting. 00:52:55.560 --> 00:52:58.970 So if you received this URL after registering, is it secure? 00:52:58.970 --> 00:53:02.870 Well, even though all of you here right now have presumably registered, 00:53:02.870 --> 00:53:05.750 technically there was nothing stopping any of you 00:53:05.750 --> 00:53:10.820 from texting or emailing or DMing this same URL 00:53:10.820 --> 00:53:12.290 to anyone else on the internet. 00:53:12.290 --> 00:53:14.790 And they could therefore join, perhaps, without registering. 00:53:14.790 --> 00:53:17.720 So maybe that's a threat, though, Zoom typically sends you 00:53:17.720 --> 00:53:21.770 not a URL that's as simple as this when you register, but a longer one, indeed. 00:53:21.770 --> 00:53:24.020 And there's another detail that some URLs have, 00:53:24.020 --> 00:53:25.880 too, which might look like this-- 00:53:25.880 --> 00:53:29.058 a question mark at the end, and pwd for password, 00:53:29.058 --> 00:53:30.350 and then some kind of password. 00:53:30.350 --> 00:53:33.290 And indeed, the URLs you clicked today looked a little more like that, 00:53:33.290 --> 00:53:37.130 still different because they were special registration URLs. 00:53:37.130 --> 00:53:40.670 But here, if your URL has this password, now you 00:53:40.670 --> 00:53:43.280 need to know both the meeting ID and the password 00:53:43.280 --> 00:53:45.555 in order to join that particular Zoom meeting. 00:53:45.555 --> 00:53:48.680 And if you're not running big classes, like we are today with this meeting, 00:53:48.680 --> 00:53:51.980 but rather you're having one-on-one or smaller scale meetings, 00:53:51.980 --> 00:53:56.480 typically you are receiving or generating a URL that looks like this, 00:53:56.480 --> 00:53:59.570 or better yet, that looks like this, so that it 00:53:59.570 --> 00:54:02.660 doesn't suffice for an adversary to just guess the meeting ID. 00:54:02.660 --> 00:54:04.670 And that's what was happening early on. 00:54:04.670 --> 00:54:07.520 Zoom typically did not require that people 00:54:07.520 --> 00:54:10.820 choose passwords for their meetings, which meant the only thing between you 00:54:10.820 --> 00:54:14.090 and some adversary Zoombombing you, so to speak, hacking 00:54:14.090 --> 00:54:17.130 into your meeting, which they just had to guess the meeting ID. 00:54:17.130 --> 00:54:19.580 And we've seen already it took me, what, like 1 minute, 00:54:19.580 --> 00:54:22.310 30 seconds to write a Python program that 00:54:22.310 --> 00:54:26.780 just generated all possible numbers of length four or eight or whatever. 00:54:26.780 --> 00:54:29.570 So people with too much free time are writing 00:54:29.570 --> 00:54:32.330 code that just tries all possible URLs. 00:54:32.330 --> 00:54:35.240 And so if you've ever been Zoombombed, maybe that's 00:54:35.240 --> 00:54:38.120 because someone shared the URL with someone they shouldn't have. 00:54:38.120 --> 00:54:42.140 Or maybe someone with a bit of programming experience or just luck 00:54:42.140 --> 00:54:43.880 guessed your meeting ID. 00:54:43.880 --> 00:54:47.330 So this was a feature in the sense that, honestly, 00:54:47.330 --> 00:54:50.270 having to type in a meeting ID and a password is just annoying. 00:54:50.270 --> 00:54:52.830 It starts to hurt the usability of the system. 00:54:52.830 --> 00:54:55.070 And a lot of people in the corporate world, 00:54:55.070 --> 00:54:58.130 they're going to choose another product if another product is easier 00:54:58.130 --> 00:54:59.870 to start the video conference with. 00:54:59.870 --> 00:55:02.300 So arguably, it was a conscious decision on Zoom's part. 00:55:02.300 --> 00:55:04.092 Now universities and companies have started 00:55:04.092 --> 00:55:07.175 requiring this or another feature called a waiting room, which some of you 00:55:07.175 --> 00:55:08.510 might have experienced today. 00:55:08.510 --> 00:55:12.680 But that just, again, raises the bar to someone attacking the system. 00:55:12.680 --> 00:55:14.210 So is Zoom secure? 00:55:14.210 --> 00:55:15.440 Yes and no. 00:55:15.440 --> 00:55:17.660 It really should be considered not in a vacuum, 00:55:17.660 --> 00:55:21.110 but in the context of what kinds of threats are you worried about 00:55:21.110 --> 00:55:25.400 and what kinds of defenses are you willing to put up? 00:55:25.400 --> 00:55:31.040 So just like in the real world, you might have your own home or apartment 00:55:31.040 --> 00:55:36.840 or the like, on which you might have locks and bolts and bars on the window. 00:55:36.840 --> 00:55:39.240 At some point, if it takes you five minutes to unlock 00:55:39.240 --> 00:55:41.940 every lock on your door just to get into your home, 00:55:41.940 --> 00:55:44.160 it might be much more secure, but you're probably 00:55:44.160 --> 00:55:47.280 not going to enjoy going home because it takes that long to get in. 00:55:47.280 --> 00:55:50.310 And you might put bars on the window to keep that person physically out, 00:55:50.310 --> 00:55:52.380 but it's not going to look particularly nice. 00:55:52.380 --> 00:55:54.797 And there's nothing stopping them from going one floor up. 00:55:54.797 --> 00:55:56.580 So there, too, there's this trade-off. 00:55:56.580 --> 00:55:59.130 And so among the takeaways, we hope, from today, are 00:55:59.130 --> 00:56:01.260 one, just better thought processes when it 00:56:01.260 --> 00:56:04.530 comes to what does it mean for your phone or your computer 00:56:04.530 --> 00:56:06.573 or your homes for that matter to be secure, 00:56:06.573 --> 00:56:09.240 and to recognize that there's always going to be some trade-off. 00:56:09.240 --> 00:56:12.460 And we would encourage you, ultimately, to ask these kinds of questions. 00:56:12.460 --> 00:56:16.210 If any company, if any app, if any website just says on their website, 00:56:16.210 --> 00:56:18.690 "we are secure," that's nonsense. 00:56:18.690 --> 00:56:22.410 That means nothing in and of itself until you start asking questions, like, 00:56:22.410 --> 00:56:25.890 what are you secure against, and how? 00:56:25.890 --> 00:56:27.760 Well, thank you so much for joining us here. 00:56:27.760 --> 00:56:28.890 Let's officially wrap here. 00:56:28.890 --> 00:56:32.250 But folks are welcome to stick around for some more time 00:56:32.250 --> 00:56:34.720 if you'd like to ask questions in the group. 00:56:34.720 --> 00:56:37.500 But if you have to take off, please feel free to head out. 00:56:37.500 --> 00:56:39.650 [MUSIC PLAYING]