WEBVTT X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:900000 00:00:00.000 --> 00:01:17.581 [MUSIC PLAYING] 00:01:17.581 --> 00:01:20.791 SPEAKER: All right.This is SC50. 00:01:20.791 --> 00:01:23.351 And this is First Year Family Weekends here at Harvard, 00:01:23.351 --> 00:01:26.651 so welcome to all of the moms and dads, brothers, sisters, cousins, aunts, 00:01:26.651 --> 00:01:28.621 uncles, grandparents, and beyond. 00:01:28.621 --> 00:01:31.441 CS50 here is Harvard University's introduction 00:01:31.441 --> 00:01:33.721 to the intellectual enterprises of computer science 00:01:33.721 --> 00:01:35.191 and the arts of programming. 00:01:35.191 --> 00:01:37.651 And what that means is that what we've been doing in here, 00:01:37.651 --> 00:01:40.921 over the past several weeks, is introducing students 00:01:40.921 --> 00:01:44.943 to computational thinking, the process of cleaning up one's thoughts 00:01:44.943 --> 00:01:47.401 and expressing oneself all the more correctly, all the more 00:01:47.401 --> 00:01:49.381 precisely, and ultimately translating those thoughts, 00:01:49.381 --> 00:01:52.021 of course, to a computer in the form of programming, which 00:01:52.021 --> 00:01:54.361 is where we've spent quite a bit of time-- programming, 00:01:54.361 --> 00:01:56.311 writing code-- over the past several weeks. 00:01:56.311 --> 00:01:59.791 But toward that end, we've also been equipping students 00:01:59.791 --> 00:02:01.621 with some basic building blocks. 00:02:01.621 --> 00:02:05.371 You might already know, if a parent, that computers only somehow speak 00:02:05.371 --> 00:02:08.521 zeros and ones, even if you're not necessarily a computer person yourself 00:02:08.521 --> 00:02:09.691 or know what that means. 00:02:09.691 --> 00:02:13.171 But with those zeros and ones can we represent numbers and letters 00:02:13.171 --> 00:02:15.031 and colors and videos and more. 00:02:15.031 --> 00:02:18.061 And in fact, your child perhaps sitting next to you 00:02:18.061 --> 00:02:20.161 could perhaps tell you what today's message says. 00:02:20.161 --> 00:02:22.261 Here, we have 64 light bulbs on stage. 00:02:22.261 --> 00:02:24.871 And if you look at eight of them at a time, 00:02:24.871 --> 00:02:27.361 there's a pattern of bulbs that are either on or off 00:02:27.361 --> 00:02:31.531 that, if you know the code so to speak, can you actually convert these bits-- 00:02:31.531 --> 00:02:34.111 these zeros and ones in light bulb form-- 00:02:34.111 --> 00:02:36.443 to today's particular message. 00:02:36.443 --> 00:02:38.401 Now, before we begin, we thought we'd make this 00:02:38.401 --> 00:02:41.851 as engaging, as interactive as possible. 00:02:41.851 --> 00:02:45.721 Rather than focus on any assumptions of prior computing knowledge, 00:02:45.721 --> 00:02:47.821 you need know nothing today other than how 00:02:47.821 --> 00:02:51.641 to operate, for instance, your own phone or a laptop or desktop or the like. 00:02:51.641 --> 00:02:54.041 And indeed, we'll assume a general audience. 00:02:54.041 --> 00:02:56.731 And in this Halloween week, will we also see 00:02:56.731 --> 00:03:01.261 if we can't scare you a little bit into practicing better practices when 00:03:01.261 --> 00:03:04.948 it comes specifically to the security or cybersecurity of the device 00:03:04.948 --> 00:03:07.531 you carry with you every day in your pocket, use on your desk, 00:03:07.531 --> 00:03:09.094 on your laptop, or beyond. 00:03:09.094 --> 00:03:11.011 So if you haven't already, whether you're here 00:03:11.011 --> 00:03:14.761 in person or tuning in online, go to this URL 00:03:14.761 --> 00:03:19.451 here, which will lead you to an interactive polling tool. 00:03:19.451 --> 00:03:22.831 Any phone or laptop or desktop suffices. 00:03:22.831 --> 00:03:25.381 If it's a little easier than typing in this URL, 00:03:25.381 --> 00:03:29.551 you can just scan this code with your phone's camera. 00:03:29.551 --> 00:03:31.411 Take a moment to just open your camera. 00:03:31.411 --> 00:03:33.421 And hopefully, if you're at a good enough angle 00:03:33.421 --> 00:03:35.171 and we've made this thing big enough, this 00:03:35.171 --> 00:03:38.371 is a two-dimensional bar code or QR code embedded 00:03:38.371 --> 00:03:40.271 in which is that exact same URL. 00:03:40.271 --> 00:03:43.021 We're increasingly seeing this throughout the world as a mechanism 00:03:43.021 --> 00:03:45.451 for doing what many of you are doing right now, linking 00:03:45.451 --> 00:03:46.981 the physical world to the virtual. 00:03:46.981 --> 00:03:50.259 But that URL, again, is simply this one here. 00:03:50.259 --> 00:03:52.051 And in a moment, you'll see on your screen. 00:03:52.051 --> 00:03:53.971 It's OK if you weren't quite able to get that working. 00:03:53.971 --> 00:03:56.461 Feel free to glance to the left or to the right of you 00:03:56.461 --> 00:03:57.721 for someone else who did. 00:03:57.721 --> 00:04:00.781 Let me go ahead and full-screen a question just 00:04:00.781 --> 00:04:05.221 to ask of everyone here as we focus today on cybersecurity. 00:04:05.221 --> 00:04:08.821 Is your phone secure? 00:04:08.821 --> 00:04:12.031 Whether an Android phone, an iPhone, or anything else, 00:04:12.031 --> 00:04:15.001 if you're holding it in your hand right now here in person or online, 00:04:15.001 --> 00:04:19.111 you should see three possible answers-- yes or no or unsure. 00:04:19.111 --> 00:04:21.571 We've got over 300 responses come in already. 00:04:21.571 --> 00:04:24.001 In a moment, I'll flip over and reveal the results 00:04:24.001 --> 00:04:29.371 and see if we can't see how much work we have to do together here today. 00:04:29.371 --> 00:04:30.311 A few more seconds. 00:04:30.311 --> 00:04:33.091 Almost up to 400 answers. 00:04:33.091 --> 00:04:34.128 Almost up to 400. 00:04:34.128 --> 00:04:35.461 It's OK if those keep coming in. 00:04:35.461 --> 00:04:39.001 I'm going to toggle back and show the results in just a moment here. 00:04:39.001 --> 00:04:40.861 And the results are now in. 00:04:40.861 --> 00:04:45.559 According to a response rate of over 400, it looks like 36% of you 00:04:45.559 --> 00:04:48.101 don't need what we're about to do here today, which is great. 00:04:48.101 --> 00:04:51.601 We'll see if we can't poke some holes though and maybe some assumptions you 00:04:51.601 --> 00:04:52.441 all are making. 00:04:52.441 --> 00:04:56.851 31%, 32% maybe of you are saying no, your phone 00:04:56.851 --> 00:04:58.771 is not secure, so so glad you came. 00:04:58.771 --> 00:05:01.781 And then understandably, to another third of you are unsure. 00:05:01.781 --> 00:05:03.871 So in very good company today, and we'll see 00:05:03.871 --> 00:05:07.711 if we can't open the eyes of everyone in each of these disparate audiences. 00:05:07.711 --> 00:05:11.011 Well, let's consider first for a moment exactly how we 00:05:11.011 --> 00:05:13.651 might think about the security of our phones, representative 00:05:13.651 --> 00:05:15.131 of just any computing device. 00:05:15.131 --> 00:05:17.761 And in fact, everything we discuss today could be extrapolated 00:05:17.761 --> 00:05:19.798 to laptops and desktops and servers. 00:05:19.798 --> 00:05:21.631 But all of us being so familiar with phones, 00:05:21.631 --> 00:05:23.401 let's start with phones themselves. 00:05:23.401 --> 00:05:25.651 Now, odds are you have on your phone, like so many 00:05:25.651 --> 00:05:29.641 other things in your life, a password or a passcode. 00:05:29.641 --> 00:05:33.181 And in fact, without raising your hands and, therefore, leaking information, 00:05:33.181 --> 00:05:36.061 think to yourself, well, what is my password or passcode? 00:05:36.061 --> 00:05:38.110 It's probably four digits. 00:05:38.110 --> 00:05:39.451 It's maybe four letters. 00:05:39.451 --> 00:05:40.591 Maybe it's even longer. 00:05:40.591 --> 00:05:41.811 Maybe it's even nothing. 00:05:41.811 --> 00:05:43.561 And I think maybe, from the chart earlier, 00:05:43.561 --> 00:05:47.251 we can assume that we have a third of each of those possible responses. 00:05:47.251 --> 00:05:49.561 So a password of course, is this super common mechanism 00:05:49.561 --> 00:05:53.971 that you and I are all using all the time to keep our devices secure. 00:05:53.971 --> 00:05:55.603 But do passwords keep things secure? 00:05:55.603 --> 00:05:57.811 Like how many of you, thinking about your phone right 00:05:57.811 --> 00:06:01.511 now and that specific password, might think it's secure? 00:06:01.511 --> 00:06:05.191 And if so, why do you think it's secure? 00:06:05.191 --> 00:06:08.594 We have at least 33% of you are ready to say that your password's secure. 00:06:08.594 --> 00:06:09.511 Don't want to know it. 00:06:09.511 --> 00:06:13.951 But why might it be, in your mind, secure? 00:06:13.951 --> 00:06:15.571 Why might you think it's secure? 00:06:15.571 --> 00:06:19.291 Or more generally, what makes your password secure? 00:06:19.291 --> 00:06:20.006 AUDIENCE: Random. 00:06:20.006 --> 00:06:20.881 SPEAKER: It's random. 00:06:20.881 --> 00:06:21.381 OK. 00:06:21.381 --> 00:06:22.061 So it's random. 00:06:22.061 --> 00:06:23.741 So random letters and numbers and the like. 00:06:23.741 --> 00:06:26.221 And that's great, because it's not just a word in the dictionary 00:06:26.221 --> 00:06:27.871 that someone could guess and type in. 00:06:27.871 --> 00:06:29.671 Downside, of course, I daresay is that it 00:06:29.671 --> 00:06:32.401 might take you as well as anyone else quite a bit of time 00:06:32.401 --> 00:06:34.651 to guess or figure out what or just to remember 00:06:34.651 --> 00:06:36.331 what it is, if it was indeed random. 00:06:36.331 --> 00:06:38.971 But randomness is going to be a primitive that really actually helps 00:06:38.971 --> 00:06:39.471 us. 00:06:39.471 --> 00:06:41.851 Unfortunately, you and I and really the whole world 00:06:41.851 --> 00:06:44.641 are not very good even at passwords, as omnipresent 00:06:44.641 --> 00:06:47.761 as they are as a defense against adversaries. 00:06:47.761 --> 00:06:56.111 In fact, if we look at the most common passwords from the past year, in 2020, 00:06:56.111 --> 00:06:58.801 I thought we'd share with you some of those results. 00:06:58.801 --> 00:07:01.291 This is the result of security researchers having 00:07:01.291 --> 00:07:05.671 found big exploited, compromised databases, analyzing them 00:07:05.671 --> 00:07:07.771 for what passwords are in them and then inferring 00:07:07.771 --> 00:07:10.651 from that what the most common passwords you and I are all using. 00:07:10.651 --> 00:07:14.611 Unfortunately, in 2020, the most common password, according to one measure, 00:07:14.611 --> 00:07:17.911 was one, two, three, four, five, six. 00:07:17.911 --> 00:07:18.701 [LAUGHING] 00:07:18.701 --> 00:07:20.041 Now, funny, yes. 00:07:20.041 --> 00:07:22.591 But if you're seeing your password on the screen already, 00:07:22.591 --> 00:07:24.091 not so funny perhaps. 00:07:24.091 --> 00:07:25.141 [LAUGHING] 00:07:25.141 --> 00:07:29.761 The number two password was not much better. 00:07:29.761 --> 00:07:33.961 Number three, picture one presumably for a device, 00:07:33.961 --> 00:07:36.121 a website that requires that it not just be a word, 00:07:36.121 --> 00:07:38.551 it have at least one number, which this person took-- 00:07:38.551 --> 00:07:40.981 these hundreds of thousands of people took literally. 00:07:40.981 --> 00:07:44.581 Password was number four this past year. 00:07:44.581 --> 00:07:46.561 1, 2, 3, 4, 5, 6, 7, 8. 00:07:46.561 --> 00:07:50.111 1, 1, 1, 1, 1, 1, really not trying hard there. 00:07:50.111 --> 00:07:53.101 1, 2, 3, 1, 2, 3, varying it a little bit. 00:07:53.101 --> 00:07:55.393 1, 2, 3, 4, 5, was number eight. 00:07:55.393 --> 00:07:58.171 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 was number nine. 00:07:58.171 --> 00:08:01.861 And then number 10, in 2020, was "senha," which-- 00:08:01.861 --> 00:08:03.751 any Portuguese speakers here-- means? 00:08:03.751 --> 00:08:04.096 AUDIENCE: Password. 00:08:04.096 --> 00:08:04.441 AUDIENCE: Password. 00:08:04.441 --> 00:08:05.281 SPEAKER: Password. 00:08:05.281 --> 00:08:06.101 Means "password." 00:08:06.101 --> 00:08:06.601 [LAUGHING] 00:08:06.601 --> 00:08:08.981 So made the list twice in this case. 00:08:08.981 --> 00:08:12.511 So one take away already today should be, if your password's on this list, 00:08:12.511 --> 00:08:16.231 like probably you're in one of those other 33% 00:08:16.231 --> 00:08:17.801 whereby we can do better than this. 00:08:17.801 --> 00:08:18.301 Why? 00:08:18.301 --> 00:08:19.471 I mean, really the obvious. 00:08:19.471 --> 00:08:22.711 If you're in this list, there's so many bad guys, 00:08:22.711 --> 00:08:25.961 so to speak, out there that are going to try guessing your password first. 00:08:25.961 --> 00:08:26.461 Why? 00:08:26.461 --> 00:08:30.061 Because just statistically, if they try 1, 2, 3, 4, 5, 6, 1, 2, 3, 4, 5, 6, 7, 00:08:30.061 --> 00:08:32.551 8, 9, they're just going to get into a lot of devices 00:08:32.551 --> 00:08:35.844 quickly, because they're just so commonly used, those passwords. 00:08:35.844 --> 00:08:37.261 You don't want to be on this list. 00:08:37.261 --> 00:08:41.041 Ideally, you want to be random, but we want to somehow balance randomness 00:08:41.041 --> 00:08:42.931 with memorability so that you don't actually 00:08:42.931 --> 00:08:45.391 keep forgetting your password, which, of course, defeats 00:08:45.391 --> 00:08:47.591 the whole point of these things in the first place. 00:08:47.591 --> 00:08:51.031 But in a class like this, CS50 and computer science more generally, 00:08:51.031 --> 00:08:57.361 let's be a little more thoughtful as to what we mean by a device being secure. 00:08:57.361 --> 00:08:58.861 Like what does it mean to be secure? 00:08:58.861 --> 00:09:01.903 And can we even slap some numbers on it so that we can make measurements, 00:09:01.903 --> 00:09:04.201 so that we can ideally compare and contrast 00:09:04.201 --> 00:09:07.601 one system versus another, one password versus another 00:09:07.601 --> 00:09:11.381 so it's not just our instincts arguing that my password is better than these, 00:09:11.381 --> 00:09:13.381 but how can you quantify that perhaps? 00:09:13.381 --> 00:09:14.551 Well, let's start simply. 00:09:14.551 --> 00:09:16.861 A lot of Android phones and iPhones these days 00:09:16.861 --> 00:09:20.161 require minimally that you have a four-digit passcode. 00:09:20.161 --> 00:09:22.921 You're minimally encouraged to have at least this bar 00:09:22.921 --> 00:09:26.221 set so that you're not having no passcode altogether. 00:09:26.221 --> 00:09:30.091 So if you do have a four-digit passcode, well, 00:09:30.091 --> 00:09:32.401 let me go ahead and ask this question. 00:09:32.401 --> 00:09:37.561 How much time might it take to go about cracking, so to speak-- that is, 00:09:37.561 --> 00:09:38.611 figuring out-- 00:09:38.611 --> 00:09:41.499 what a four-digit passcode is? 00:09:41.499 --> 00:09:42.541 In fact, let me go ahead. 00:09:42.541 --> 00:09:45.499 If you want to pull up your devices again, you should see on the screen 00:09:45.499 --> 00:09:46.621 this question now. 00:09:46.621 --> 00:09:49.201 How long might it take to crack-- 00:09:49.201 --> 00:09:51.421 that is, figure out, guess-- 00:09:51.421 --> 00:09:52.956 a four-digit passcode? 00:09:52.956 --> 00:09:54.331 For instance, on someone's phone. 00:09:54.331 --> 00:09:57.961 A few seconds, a few minutes, a few hours, a few days? 00:09:57.961 --> 00:10:00.331 Thinking here, from the adversarial perspective, 00:10:00.331 --> 00:10:03.061 if someone got ahold of your phone somehow, 00:10:03.061 --> 00:10:09.811 how long do they need to get into your phone if it has a four-digit passcode? 00:10:09.811 --> 00:10:13.471 A few seconds, few minutes, few hours, few days? 00:10:13.471 --> 00:10:16.661 Got about 300 responses so far. 00:10:16.661 --> 00:10:19.831 Let's give folks another few seconds here. 00:10:19.831 --> 00:10:20.981 Another few seconds here. 00:10:20.981 --> 00:10:21.481 All right. 00:10:21.481 --> 00:10:22.461 Up to 350 or so. 00:10:22.461 --> 00:10:25.211 In a moment, let me go ahead and flip screens over to the results. 00:10:25.211 --> 00:10:27.161 So we'll see the preliminary results here. 00:10:27.161 --> 00:10:31.651 And if I now pull this screen up, we see that 50% of you 00:10:31.651 --> 00:10:34.201 claim that it's going to take only a few seconds. 00:10:34.201 --> 00:10:36.501 Few of you say, about a third, fewer of you 00:10:36.501 --> 00:10:40.091 are saying that it takes a few minutes, few hours, and even a few days. 00:10:40.091 --> 00:10:41.341 Well, let's answer that first. 00:10:41.341 --> 00:10:44.731 Because honestly, if it's already a few days or even longer, 00:10:44.731 --> 00:10:47.591 our work is here probably already pretty done. 00:10:47.591 --> 00:10:50.941 Unfortunately, the problem with things like four-digit passcodes 00:10:50.941 --> 00:10:53.911 is that anyone who grabs your phone-- you step out of the room, 00:10:53.911 --> 00:10:57.611 you leave it behind, you lose it-- they could certainly mimic your input device 00:10:57.611 --> 00:11:01.651 and just use their finger pretending to be you, trying 0, 0, 0, 0. 00:11:01.651 --> 00:11:02.281 Nope. 00:11:02.281 --> 00:11:03.781 0, 0, 0, 1. 00:11:03.781 --> 00:11:04.351 Nope. 00:11:04.351 --> 00:11:05.771 0, 0, 0, 2. 00:11:05.771 --> 00:11:06.271 Nope. 00:11:06.271 --> 00:11:07.901 And it's a little slow, to be fair. 00:11:07.901 --> 00:11:12.451 It would take me a while to count all the way up to 9,999. 00:11:12.451 --> 00:11:14.921 That's 10,000 total possibilities there. 00:11:14.921 --> 00:11:18.501 But let's go ahead and consider exactly how else you could do it. 00:11:18.501 --> 00:11:21.561 For instance, here is an example of, in computer science, 00:11:21.561 --> 00:11:23.151 what we call a "brute force attack." 00:11:23.151 --> 00:11:26.721 And just an adversary using their finger is a brute force attack 00:11:26.721 --> 00:11:28.611 if they're trying all possible passcodes. 00:11:28.611 --> 00:11:32.798 The problem is, even if your passcode is way at the end of the list of numbers, 00:11:32.798 --> 00:11:34.881 eventually they're going to get it by brute force. 00:11:34.881 --> 00:11:38.361 Sort of like in yesteryear, using a battering ram or the like to brute 00:11:38.361 --> 00:11:41.211 force your way into a building, a castle, or the like. 00:11:41.211 --> 00:11:44.221 In software sense, it just means trying all possibilities. 00:11:44.221 --> 00:11:46.221 And you don't even have to just use your finger. 00:11:46.221 --> 00:11:46.721 Right? 00:11:46.721 --> 00:11:49.461 Anyone with some programming savvy, who's good with hardware, 00:11:49.461 --> 00:11:51.001 could maybe do something like this. 00:11:51.001 --> 00:11:52.611 Here's a quick video I'll hit play on. 00:11:52.611 --> 00:11:53.361 No sound. 00:11:53.361 --> 00:11:56.751 But a little bit of a robot that has an Android phone underneath it, 00:11:56.751 --> 00:12:01.101 and it's got a little robotic finger that's doing the work for you. 00:12:01.101 --> 00:12:03.291 You can step out of the room now as the adversary. 00:12:03.291 --> 00:12:07.401 Let the robot do its work trying 0, 0, 0, 0 through 9, 9, 9, 9. 00:12:07.401 --> 00:12:10.921 And ultimately, presumably get into that phone. 00:12:10.921 --> 00:12:15.831 So let's see if we can't quantify then exactly how fast the human or the robot 00:12:15.831 --> 00:12:16.426 could get in. 00:12:16.426 --> 00:12:18.301 Well, how many total possibilities are there? 00:12:18.301 --> 00:12:20.301 That's the right way to begin thinking about it. 00:12:20.301 --> 00:12:23.241 If you have 10 digits for the first one, 0 through 9, 00:12:23.241 --> 00:12:26.251 and then another 10 possibilities, another 10, another 10, 00:12:26.251 --> 00:12:30.381 the total number of possibilities, of course, between 0, 0, 0, 0 and 9, 9, 9, 00:12:30.381 --> 00:12:31.611 9 is 10,000-- 00:12:31.611 --> 00:12:33.901 10 times 10 times 10 times 10-- 00:12:33.901 --> 00:12:37.611 which gives us that much of a search space, a universe of possible 00:12:37.611 --> 00:12:39.831 passcodes to choose among. 00:12:39.831 --> 00:12:43.161 Unfortunately, you can do even better than your own finger 00:12:43.161 --> 00:12:44.211 or even that robot. 00:12:44.211 --> 00:12:48.051 Anyone in CS50 now who knows a bit of programming and languages called "C" 00:12:48.051 --> 00:12:52.783 or "Python" or anything else could open up a programming window and actually 00:12:52.783 --> 00:12:53.991 just start writing some code. 00:12:53.991 --> 00:12:54.908 And so let me do that. 00:12:54.908 --> 00:12:57.081 What you're seeing here, if a family member, 00:12:57.081 --> 00:12:59.481 is a programming environment called "Visual Studio Code" 00:12:59.481 --> 00:13:01.856 that students have been using for the past several weeks. 00:13:01.856 --> 00:13:04.608 Up here, we have a tabbed window where we can type our code. 00:13:04.608 --> 00:13:06.441 Down here, we have what's called a "terminal 00:13:06.441 --> 00:13:09.891 window" where I can type commands to make the computer run that code. 00:13:09.891 --> 00:13:11.631 And then over here is just a menu bar. 00:13:11.631 --> 00:13:15.051 So crack.py means I'm going to write a program to crack-- 00:13:15.051 --> 00:13:18.861 that is, figure out passwords-- using this language called "Python." 00:13:18.861 --> 00:13:21.201 And even though most CS50 students wouldn't 00:13:21.201 --> 00:13:23.721 know what code to start writing, they'd have 00:13:23.721 --> 00:13:27.511 to look up some of what I'm about to do, it's only going to be a few lines. 00:13:27.511 --> 00:13:31.311 So I'm going to go up here and say from string import digits. 00:13:31.311 --> 00:13:33.171 This is a fancy way of saying, hey, Python. 00:13:33.171 --> 00:13:34.941 Give me access to all decimal digits. 00:13:34.941 --> 00:13:38.161 It just avoids my having to type out 0 through 9 manually. 00:13:38.161 --> 00:13:38.661 All right. 00:13:38.661 --> 00:13:43.051 Then I'm going to say from either tools import product. 00:13:43.051 --> 00:13:46.051 This is another feature of Python that CS50 students, for the most part, 00:13:46.051 --> 00:13:48.111 have not yet seen that just says, hey, Python. 00:13:48.111 --> 00:13:51.781 Give me the ability to do like the cross product of a whole bunch of numbers. 00:13:51.781 --> 00:13:55.641 So these 10 times these 10 times these 10 times these 10. 00:13:55.641 --> 00:13:57.451 And then what am I going to do with that? 00:13:57.451 --> 00:14:03.351 Well, for each possible passcode in the product of those digits repeated 00:14:03.351 --> 00:14:06.831 four times, I'm going to go ahead and, for now, let's just 00:14:06.831 --> 00:14:08.751 print out what the passcode is. 00:14:08.751 --> 00:14:11.139 In other words, assume that I am now the adversary. 00:14:11.139 --> 00:14:12.931 I don't want to waste time using my finger. 00:14:12.931 --> 00:14:15.891 I don't have a robot that I made, but I am good at writing software. 00:14:15.891 --> 00:14:18.861 And heck, I've got like a USB or a lightning cable in my bag 00:14:18.861 --> 00:14:22.341 that I could connect your phone to my Mac or PC. 00:14:22.341 --> 00:14:24.741 And I could just have my code that I'm writing now 00:14:24.741 --> 00:14:27.801 send all the possible codes from laptop to phone 00:14:27.801 --> 00:14:31.011 to automate this process just using the little port at the bottom of all 00:14:31.011 --> 00:14:31.821 of our phones. 00:14:31.821 --> 00:14:34.641 Well, let me go ahead and maximize this so-called terminal 00:14:34.641 --> 00:14:37.371 window, which is, again, where I'm going to run this code. 00:14:37.371 --> 00:14:39.741 And again, the question a moment ago was, does it 00:14:39.741 --> 00:14:41.781 take seconds, minutes, hours, days? 00:14:41.781 --> 00:14:44.571 Well, let me go ahead and run Python of crack.py. 00:14:44.571 --> 00:14:47.781 I'm pretending, for the moment, that I did grab that cable from my bag 00:14:47.781 --> 00:14:49.041 and plug it into the phone. 00:14:49.041 --> 00:14:53.421 Hitting Enter and it didn't actually do anything. 00:14:53.421 --> 00:14:54.831 That was not supposed to happen. 00:14:54.831 --> 00:14:55.441 [LAUGHING] 00:14:55.441 --> 00:14:59.421 So in CS50, we spent a lot of time introducing students to bugs, 00:14:59.421 --> 00:15:01.191 which are mistakes in programs. 00:15:01.191 --> 00:15:04.581 Sometimes, not so deliberate. 00:15:04.581 --> 00:15:08.221 Let me go ahead and apologize. 00:15:08.221 --> 00:15:10.701 Let me open this file. 00:15:10.701 --> 00:15:12.801 This didn't technically happen. 00:15:12.801 --> 00:15:13.491 OK. 00:15:13.491 --> 00:15:14.701 Python. 00:15:14.701 --> 00:15:15.201 There we go. 00:15:15.201 --> 00:15:17.771 OK. 00:15:17.771 --> 00:15:20.554 In CS50, we now will run the code here. 00:15:20.554 --> 00:15:23.471 And I'm going to go ahead and run a command called Python of crack.py. 00:15:23.471 --> 00:15:25.761 I had the file in the wrong location a moment ago. 00:15:25.761 --> 00:15:29.571 And this is the equivalent, on a Mac or PC, of double-clicking an icon. 00:15:29.571 --> 00:15:30.071 Here we go. 00:15:30.071 --> 00:15:33.281 Is it seconds, minutes, hours, or days? 00:15:33.281 --> 00:15:36.851 Barely one second to try all 10,000 possibilities. 00:15:36.851 --> 00:15:40.061 You can't even see them all on the screen, but this printed out 0, 0, 0, 00:15:40.061 --> 00:15:42.677 0 all the way down, of course, to 9, 9, 9, 9. 00:15:42.677 --> 00:15:44.231 Plug in that cable and boom. 00:15:44.231 --> 00:15:47.231 The adversary doesn't need to be in that room for very long 00:15:47.231 --> 00:15:49.521 in order to get into that phone. 00:15:49.521 --> 00:15:50.021 All right. 00:15:50.021 --> 00:15:51.251 So what would be better than? 00:15:51.251 --> 00:15:56.351 Like clearly, four-digit passcodes, bad if you have someone in your life 00:15:56.351 --> 00:15:59.621 who has a finger or a robot or the ability to write code. 00:15:59.621 --> 00:16:02.201 And unfortunately, because of us, you now all 00:16:02.201 --> 00:16:04.841 have someone in the family with at least the third of those. 00:16:04.841 --> 00:16:08.171 How might we do better than this? 00:16:08.171 --> 00:16:10.361 What's better than a four-digit passcode? 00:16:10.361 --> 00:16:11.631 Anyone? 00:16:11.631 --> 00:16:12.131 Yeah. 00:16:12.131 --> 00:16:13.021 AUDIENCE: Six digits. 00:16:13.021 --> 00:16:13.291 SPEAKER: OK. 00:16:13.291 --> 00:16:14.086 So six digits. 00:16:14.086 --> 00:16:15.851 Heck, or seven digits or eight digits. 00:16:15.851 --> 00:16:16.351 Why? 00:16:16.351 --> 00:16:19.021 Because that's going to make, of course, the passcode longer, which means 00:16:19.021 --> 00:16:21.188 we're going to have to try more possibilities, which 00:16:21.188 --> 00:16:23.791 doesn't mean that the adversary is fundamentally stopped. 00:16:23.791 --> 00:16:26.341 But it is going to slow them down. 00:16:26.341 --> 00:16:28.711 It's going to take them more time probabilistically 00:16:28.711 --> 00:16:30.541 to get to your passcode. 00:16:30.541 --> 00:16:34.211 And it in a sense then increases the cost to the adversary. 00:16:34.211 --> 00:16:36.181 And indeed, that's the theme in cybersecurity, 00:16:36.181 --> 00:16:40.351 raising the cost to the adversary, either financially or time-wise 00:16:40.351 --> 00:16:41.039 or the like. 00:16:41.039 --> 00:16:42.581 Just like in the real physical world. 00:16:42.581 --> 00:16:43.561 Most of you go home. 00:16:43.561 --> 00:16:44.911 You lock your doors at night. 00:16:44.911 --> 00:16:47.461 You might have invested in a better deadbolt than another. 00:16:47.461 --> 00:16:48.211 Why is that? 00:16:48.211 --> 00:16:51.271 You really just want to be more secure than the house next door. 00:16:51.271 --> 00:16:54.571 You want to make sure that it takes too much time, too much effort, 00:16:54.571 --> 00:16:57.301 too much risk to the adversary to get into your home. 00:16:57.301 --> 00:17:00.301 And that's, again, what cybersecurity is all about. 00:17:00.301 --> 00:17:03.691 To say my phone is secure is sort of nonsensical. 00:17:03.691 --> 00:17:07.321 To say that your phone is more secure than someone else's, that's really 00:17:07.321 --> 00:17:09.361 a reasonable, fair statement to make. 00:17:09.361 --> 00:17:11.011 So I like this instinct. 00:17:11.011 --> 00:17:13.141 Let's see if we can't make things a little harder. 00:17:13.141 --> 00:17:14.808 And actually, let's go one step further. 00:17:14.808 --> 00:17:17.561 Rather than just numbers, you've probably noticed, on your phones, 00:17:17.561 --> 00:17:19.081 you can use letters of the alphabet, too. 00:17:19.081 --> 00:17:20.873 If you click the right option on the phone, 00:17:20.873 --> 00:17:22.751 you can start typing in words and letters. 00:17:22.751 --> 00:17:24.331 So how might we do that instead? 00:17:24.331 --> 00:17:27.691 Well, let's transition to four-letter passcodes. 00:17:27.691 --> 00:17:29.191 Four-letter passcodes. 00:17:29.191 --> 00:17:35.041 And if we do four-letter passcodes where the letters of the alphabet, 00:17:35.041 --> 00:17:38.251 for instance, are A through Z in English alone, 00:17:38.251 --> 00:17:41.881 let's go ahead and ask this question here 00:17:41.881 --> 00:17:44.286 if you have four letters of the alphabet. 00:17:44.286 --> 00:17:45.661 So let's not increase length yet. 00:17:45.661 --> 00:17:48.481 Let's just change to a bigger vocabulary. 00:17:48.481 --> 00:17:51.871 Now, we have A through Z instead of 0 through 9. 00:17:51.871 --> 00:17:54.451 How many four-letter passcodes are possible? 00:17:54.451 --> 00:17:56.911 How big is that universe that the adversary is going 00:17:56.911 --> 00:17:59.731 to have to search via brute force? 00:17:59.731 --> 00:18:05.771 So I'm seeing a lot of 7 millions, a bunch of 52,000s, 26,000s, 10,000s, 00:18:05.771 --> 00:18:09.971 9,999, a few smaller numbers here. 00:18:09.971 --> 00:18:11.521 Hopefully, it's not this low, right. 00:18:11.521 --> 00:18:15.301 Because we've already set the bar at 10,000 possibilities for numbers alone. 00:18:15.301 --> 00:18:18.211 Hopefully, if we've got English letters, A through Z, 00:18:18.211 --> 00:18:20.101 we can at least do better than 10,000. 00:18:20.101 --> 00:18:24.131 So I think we'll start to see maybe some of these bars change a little bit. 00:18:24.131 --> 00:18:27.121 But we've got 60% of you proposing 7 million. 00:18:27.121 --> 00:18:29.051 Well, let's go to the math. 00:18:29.051 --> 00:18:32.311 So here we might have a way of thinking about this, 00:18:32.311 --> 00:18:33.871 both uppercase and lowercase. 00:18:33.871 --> 00:18:36.961 Even better if you consider it that way, lowercase A through Z, 00:18:36.961 --> 00:18:40.561 uppercase A through Z. That's 52 possibilities for the first digit 00:18:40.561 --> 00:18:44.491 times 52 times 52 times 52, or 52 to the fourth power. 00:18:44.491 --> 00:18:48.011 That indeed gives you 7 million-plus possibilities. 00:18:48.011 --> 00:18:48.511 All right. 00:18:48.511 --> 00:18:50.136 Well, let's now translate this to code. 00:18:50.136 --> 00:18:53.641 That already sounds way better, 10,000 versus 7 million. 00:18:53.641 --> 00:18:55.981 This is definitely going to slow that hacker down. 00:18:55.981 --> 00:18:59.611 Well, let's consider exactly how fast or slow it might now be. 00:18:59.611 --> 00:19:02.171 Let me go into my crack.py program. 00:19:02.171 --> 00:19:05.311 And let me make a little tweak so that, instead of just using digits, 00:19:05.311 --> 00:19:07.351 this time I'm going to use letters-- 00:19:07.351 --> 00:19:10.231 otherwise, known as Ascii letters, as CS50 students will know. 00:19:10.231 --> 00:19:13.621 That just means familiar English letters of the alphabet. 00:19:13.621 --> 00:19:16.891 And I'm going to change my code to use these Ascii letters, four 00:19:16.891 --> 00:19:18.991 of them still, instead of digits alone. 00:19:18.991 --> 00:19:20.191 And that's the only change. 00:19:20.191 --> 00:19:23.401 Now, I'm going to pretend to plug my phone that I just stole from someone 00:19:23.401 --> 00:19:25.351 into a USB or a lightning cable. 00:19:25.351 --> 00:19:28.201 Let me maximize my window just so we can see things a bit more. 00:19:28.201 --> 00:19:30.811 Let me run Python of crack.py now, and let's 00:19:30.811 --> 00:19:36.151 consider how long it takes to do 7 million possible codes. 00:19:36.151 --> 00:19:36.651 OK. 00:19:36.651 --> 00:19:37.881 Slower. 00:19:37.881 --> 00:19:39.081 Slower. 00:19:39.081 --> 00:19:41.851 Can't dramatically just say in one breath that we're done, 00:19:41.851 --> 00:19:44.991 but we're already at the Gs and then the Hs. 00:19:44.991 --> 00:19:46.903 And it's kind of flying by. 00:19:46.903 --> 00:19:49.611 This is where the adversary is probably getting nervous in the TV 00:19:49.611 --> 00:19:50.451 show or movie. 00:19:50.451 --> 00:19:50.691 Right? 00:19:50.691 --> 00:19:52.611 Someone is tiptoeing around in the other room. 00:19:52.611 --> 00:19:53.903 You don't want them to come in. 00:19:53.903 --> 00:19:56.211 You only have this much time to crack the code. 00:19:56.211 --> 00:20:02.661 And we're at the Rs, the Ss, the Ts, Us, Vs. So this feels like, what a minute 00:20:02.661 --> 00:20:03.231 or so? 00:20:03.231 --> 00:20:07.131 It's a good number of seconds, but it's still pretty brief, 00:20:07.131 --> 00:20:08.911 certainly if someone has the ability to. 00:20:08.911 --> 00:20:10.641 And now, we've got to do the capital letters, too. 00:20:10.641 --> 00:20:12.951 Certainly, if someone has the ability not to just secretly do it 00:20:12.951 --> 00:20:15.801 like in Hollywood in the next room but just take it with them 00:20:15.801 --> 00:20:20.611 and do it over the course of a minute or two at home, this seems to be faster. 00:20:20.611 --> 00:20:21.111 Sorry. 00:20:21.111 --> 00:20:24.515 This seems to be slower, because we're trying so many more possibilities. 00:20:24.515 --> 00:20:27.831 But if the adversary takes your phone, has it long enough, 00:20:27.831 --> 00:20:29.604 this doesn't feel like terribly long. 00:20:29.604 --> 00:20:31.021 So what might be better than this? 00:20:31.021 --> 00:20:33.181 Let's take it one step further. 00:20:33.181 --> 00:20:35.121 What might be better than four letters? 00:20:35.121 --> 00:20:38.103 What do most websites ask you to add to the mix? 00:20:38.103 --> 00:20:39.311 AUDIENCE: Special characters. 00:20:39.311 --> 00:20:40.291 SPEAKER: So special characters. 00:20:40.291 --> 00:20:40.441 Right? 00:20:40.441 --> 00:20:42.011 And those things are darn annoying. 00:20:42.011 --> 00:20:42.511 Right? 00:20:42.511 --> 00:20:45.361 Because sometimes, they even tell you what letters or punctuation 00:20:45.361 --> 00:20:46.406 symbols you have to use. 00:20:46.406 --> 00:20:48.781 And then you type one and, oh, it's not on the damn list. 00:20:48.781 --> 00:20:49.823 I mean, it's frustrating. 00:20:49.823 --> 00:20:50.341 Why? 00:20:50.341 --> 00:20:53.381 Well, it's going to raise the bar, though, to the adversary. 00:20:53.381 --> 00:20:55.548 And that's, indeed, going to be the goal here, again 00:20:55.548 --> 00:20:58.291 just to increase the cost or time required for the adversary 00:20:58.291 --> 00:21:02.131 so that it doesn't finish like it did just now, after a couple of minutes. 00:21:02.131 --> 00:21:04.381 But it's going to keep going and going hopefully, such 00:21:04.381 --> 00:21:06.151 that they're going to lose interest in your phone 00:21:06.151 --> 00:21:08.371 and go try to crack into someone else's, presumably. 00:21:08.371 --> 00:21:09.461 So let's try this. 00:21:09.461 --> 00:21:13.681 Let me now go over to one other question here. 00:21:13.681 --> 00:21:17.141 And this question will now just be-- let's go from four characters. 00:21:17.141 --> 00:21:20.371 How about let's take it one step further and mix the two ideas here? 00:21:20.371 --> 00:21:23.611 More digits and longer passcodes. 00:21:23.611 --> 00:21:27.101 How many eight character passcodes are possible? 00:21:27.101 --> 00:21:31.741 And by character, as a CS50 will know, I mean number or letter 00:21:31.741 --> 00:21:33.601 or punctuation symbol now. 00:21:33.601 --> 00:21:37.231 And there's like 32 or so standard punctuation symbols, so we're 00:21:37.231 --> 00:21:39.031 up to a good set of numbers now. 00:21:39.031 --> 00:21:42.691 How many eight-character passcodes do you think are possible? 00:21:42.691 --> 00:21:45.901 Million, billion, trillion, quadrillion, or quintillion? 00:21:45.901 --> 00:21:48.911 All of which, of course, are better than 10,000 possibilities. 00:21:48.911 --> 00:21:51.204 So we're in a whole different space now. 00:21:51.204 --> 00:21:53.371 Looks like these answers are coming in a little more 00:21:53.371 --> 00:21:57.061 slowly, perhaps as folks think about this. 00:21:57.061 --> 00:22:02.821 Is 10 digits plus 52 letters plus 32 punctuation symbols. 00:22:02.821 --> 00:22:05.591 Much more secure, it would seem. 00:22:05.591 --> 00:22:06.091 All right. 00:22:06.091 --> 00:22:08.041 We're up to 230 responses. 00:22:08.041 --> 00:22:12.181 Give folks another second or so. 00:22:12.181 --> 00:22:15.181 If you're trying to do the math, 10 plus 52 plus 32, 00:22:15.181 --> 00:22:19.001 that's going to give you 94 possibilities for each of the digits. 00:22:19.001 --> 00:22:19.501 All right. 00:22:19.501 --> 00:22:25.461 We're just about at our 350. 00:22:25.461 --> 00:22:25.961 All right. 00:22:25.961 --> 00:22:27.391 I'm going to toggle over the screen here. 00:22:27.391 --> 00:22:30.121 Going to click over to the results, show them in just a second on the screen 00:22:30.121 --> 00:22:30.621 now. 00:22:30.621 --> 00:22:32.491 And this is an interesting distribution. 00:22:32.491 --> 00:22:34.533 I think some of you perhaps have the instinct now 00:22:34.533 --> 00:22:36.041 of just go for the biggest one. 00:22:36.041 --> 00:22:37.511 [LAUGHING] 00:22:37.511 --> 00:22:41.581 It's not quintillion, nice as that would be. 00:22:41.581 --> 00:22:43.851 Maybe it's quadrillion, trillion, billion, or million. 00:22:43.851 --> 00:22:45.101 We have more of a split there. 00:22:45.101 --> 00:22:47.161 So let's consider the math. 00:22:47.161 --> 00:22:50.221 So if we've got eight characters, and I claim 00:22:50.221 --> 00:22:52.231 that that's 94 possibilities for each. 00:22:52.231 --> 00:22:57.751 10 digits, 52 letters, 32 punctuation symbols. 00:22:57.751 --> 00:23:00.811 That's 94 to the eighth power, essentially. 00:23:00.811 --> 00:23:04.501 And that indeed is six quadrillion possibilities. 00:23:04.501 --> 00:23:06.901 Now, that's crazy big at this point. 00:23:06.901 --> 00:23:09.601 I daresay we're pretty safe from the human finger now. 00:23:09.601 --> 00:23:11.611 We're probably pretty safe from that robot, 00:23:11.611 --> 00:23:13.111 which is going to take a while, too. 00:23:13.111 --> 00:23:15.751 But Macs and PCs are pretty darn fast. 00:23:15.751 --> 00:23:19.591 And God forbid the adversary have a big server, use the cloud, so to speak, 00:23:19.591 --> 00:23:21.931 and really use a big expensive machine. 00:23:21.931 --> 00:23:26.971 How long does it take to get into six quadrillion possible passcodes? 00:23:26.971 --> 00:23:28.511 Well, how might we think about this? 00:23:28.511 --> 00:23:30.219 Suppose, just for the sake of discussion, 00:23:30.219 --> 00:23:32.731 it takes the adversary one second per code. 00:23:32.731 --> 00:23:35.101 Just so we have some unit of measure to start with. 00:23:35.101 --> 00:23:39.359 One second per code, which means, in the worst case, 00:23:39.359 --> 00:23:41.401 the adversary really gets screwed and my passcode 00:23:41.401 --> 00:23:47.011 is like 9, 9, 9, 9, 9, 9, 9 or with a lot of crazy punctuation symbols in it. 00:23:47.011 --> 00:23:49.681 If each passcode takes a second to guess, 00:23:49.681 --> 00:23:52.811 how long is it going to take the adversary if, in the worst case, 00:23:52.811 --> 00:23:56.341 they spend six quadrillion seconds? 00:23:56.341 --> 00:24:00.861 How many hours or minutes or days or-- 00:24:00.861 --> 00:24:01.593 AUDIENCE: A lot. 00:24:01.593 --> 00:24:02.301 SPEAKER: --years? 00:24:02.301 --> 00:24:03.351 I'm hearing a lot. 00:24:03.351 --> 00:24:05.361 A lot is in fact correct. 00:24:05.361 --> 00:24:06.681 I did do the math. 00:24:06.681 --> 00:24:09.801 The adversary, if they're lucky and get all this way, 00:24:09.801 --> 00:24:13.761 they're going to be 193,000 years old by the time they 00:24:13.761 --> 00:24:16.701 get to all of those possible passcodes. 00:24:16.701 --> 00:24:17.721 So this sounds alluring. 00:24:17.721 --> 00:24:20.421 And in fact, let's just change our code one final time just 00:24:20.421 --> 00:24:23.181 to get a sense of how this might look and behave. 00:24:23.181 --> 00:24:26.251 In this version here, let me go back into my code 00:24:26.251 --> 00:24:30.051 and let me change this now to use, not just Ascii letters, but digits. 00:24:30.051 --> 00:24:32.241 And I'm going to add in punctuation. 00:24:32.241 --> 00:24:34.371 For CS50 students, there is, again, this library 00:24:34.371 --> 00:24:37.371 called the string library that lets you just import all of these symbols 00:24:37.371 --> 00:24:37.954 automatically. 00:24:37.954 --> 00:24:40.941 So we don't have to type out every character on my keyboard manually. 00:24:40.941 --> 00:24:44.061 And then down here, I'm going to take the product of those Ascii letters 00:24:44.061 --> 00:24:47.421 again, plus those digits, plus the punctuation 00:24:47.421 --> 00:24:50.001 repeated eight times I claim this time. 00:24:50.001 --> 00:24:52.011 I'm going to now increase the size of my window 00:24:52.011 --> 00:24:53.594 just so we can see more on the screen. 00:24:53.594 --> 00:24:56.841 Rerun the code, and this is going to take 00:24:56.841 --> 00:24:59.901 us some hundreds of thousands of years. 00:24:59.901 --> 00:25:01.611 So we won't run to the end of this demo. 00:25:01.611 --> 00:25:03.261 Now, we seem to be in a better place. 00:25:03.261 --> 00:25:03.761 All right. 00:25:03.761 --> 00:25:05.301 So what's the takeaway here? 00:25:05.301 --> 00:25:08.511 Clearly, you should use a passcode, a password 00:25:08.511 --> 00:25:12.051 that's eight characters with letters and numbers and punctuation. 00:25:12.051 --> 00:25:14.251 Yes? 00:25:14.251 --> 00:25:14.879 OK. 00:25:14.879 --> 00:25:15.671 There's a mix here. 00:25:15.671 --> 00:25:16.471 Some of you are saying yes. 00:25:16.471 --> 00:25:17.011 Some are no. 00:25:17.011 --> 00:25:18.261 How about someone who says no. 00:25:18.261 --> 00:25:20.231 Why? 00:25:20.231 --> 00:25:20.781 Why no? 00:25:20.781 --> 00:25:21.281 Yeah. 00:25:21.281 --> 00:25:22.409 AUDIENCE: Recapture. 00:25:22.409 --> 00:25:23.201 SPEAKER: Recapture. 00:25:23.201 --> 00:25:23.441 OK. 00:25:23.441 --> 00:25:24.461 So there's other mechanisms. 00:25:24.461 --> 00:25:25.503 More on that in a second. 00:25:25.503 --> 00:25:26.441 Other instincts? 00:25:26.441 --> 00:25:27.725 Yeah. 00:25:27.725 --> 00:25:30.771 AUDIENCE: The computers are much faster than just one code per second. 00:25:30.771 --> 00:25:31.313 SPEAKER: Yes. 00:25:31.313 --> 00:25:34.041 I'm kind of cheating with my verbal simplification here. 00:25:34.041 --> 00:25:37.149 Even this computer is way faster than one code per second. 00:25:37.149 --> 00:25:39.441 So it's not going to be hundreds of thousands of years. 00:25:39.441 --> 00:25:41.871 Might be tens of thousands of years or hundreds of years, 00:25:41.871 --> 00:25:44.431 but it's not going to be quite as dramatic as this. 00:25:44.431 --> 00:25:46.337 So that's a concern. 00:25:46.337 --> 00:25:49.295 AUDIENCE: Can't some passwords be made secure 00:25:49.295 --> 00:25:51.669 where you can guess a certain number every hour? 00:25:51.669 --> 00:25:52.211 SPEAKER: Yes. 00:25:52.211 --> 00:25:54.141 So maybe there's other mechanisms. 00:25:54.141 --> 00:25:57.973 So maybe we don't have to be so extreme as to introduce all of this randomness, 00:25:57.973 --> 00:25:58.931 as was proposed before. 00:25:58.931 --> 00:26:02.201 Because honestly, there's this theme in computer science, too, and really 00:26:02.201 --> 00:26:03.941 information technology of trade-offs. 00:26:03.941 --> 00:26:04.441 Right? 00:26:04.441 --> 00:26:08.261 Sure, I can use a really big random password. 00:26:08.261 --> 00:26:10.751 But my God, I'm going to end up writing it on my monitor 00:26:10.751 --> 00:26:13.991 on a post-it note, which I suspect statistically some of you 00:26:13.991 --> 00:26:15.101 are guilty of. 00:26:15.101 --> 00:26:15.731 Right? 00:26:15.731 --> 00:26:18.431 And you shouldn't necessarily just blame yourself 00:26:18.431 --> 00:26:20.321 or your colleague who's doing this. 00:26:20.321 --> 00:26:23.261 Like this is a symptom perhaps of bad IT policy. 00:26:23.261 --> 00:26:25.751 If we don't have necessarily very usable systems, 00:26:25.751 --> 00:26:29.351 maybe we shouldn't blame the human for forgetting their very random password. 00:26:29.351 --> 00:26:33.081 Maybe we shouldn't require the human to have a very random password. 00:26:33.081 --> 00:26:33.941 So what could we do? 00:26:33.941 --> 00:26:36.431 A couple of technical mechanisms were just proposed. 00:26:36.431 --> 00:26:40.624 Let's go down this road of how we might try to defend against this. 00:26:40.624 --> 00:26:43.041 And I'll keep this running just for fun in the background. 00:26:43.041 --> 00:26:45.611 Let me switch back over to a Visual here now 00:26:45.611 --> 00:26:47.381 that we've considered that many codes. 00:26:47.381 --> 00:26:50.231 What if we do something that some of your own phones 00:26:50.231 --> 00:26:54.491 already have that slow the adversary down? 00:26:54.491 --> 00:26:57.471 And some of you might have seen, on your iPhone, a screen like this. 00:26:57.471 --> 00:26:58.571 Let me zoom in. 00:26:58.571 --> 00:26:59.711 IPhone is disabled. 00:26:59.711 --> 00:27:00.971 Try again in one minute. 00:27:00.971 --> 00:27:03.561 Has anyone locked themselves out of their phone like this? 00:27:03.561 --> 00:27:04.751 I have. 00:27:04.751 --> 00:27:07.871 I mean, it's embarrassing to admit, but it's not leaking any information. 00:27:07.871 --> 00:27:08.371 All right. 00:27:08.371 --> 00:27:10.281 So many of you have done that already. 00:27:10.281 --> 00:27:12.581 But why is this actually a compelling feature? 00:27:12.581 --> 00:27:15.161 Just to be clear, annoying as this might be, 00:27:15.161 --> 00:27:17.321 because you probably don't want your phone locked 00:27:17.321 --> 00:27:21.731 at the very moment you're trying to get into it, why might it be a good thing? 00:27:21.731 --> 00:27:23.014 Yeah. 00:27:23.014 --> 00:27:24.431 Let's go somewhere else if we may. 00:27:24.431 --> 00:27:25.839 Yeah, in back. 00:27:25.839 --> 00:27:26.936 AUDIENCE: Slows down. 00:27:26.936 --> 00:27:27.561 SPEAKER: Sorry? 00:27:27.561 --> 00:27:29.221 AUDIENCE: Slows down your response. 00:27:29.221 --> 00:27:30.679 SPEAKER: It slows down the process. 00:27:30.679 --> 00:27:32.011 It annoys you, to be fair. 00:27:32.011 --> 00:27:36.001 Like you pay a bit of this price, but it really slows down the adversary. 00:27:36.001 --> 00:27:39.391 Now, they're going to be able to type in not one code per second but one 00:27:39.391 --> 00:27:41.413 code per minute, a 60 times difference. 00:27:41.413 --> 00:27:43.621 That's really going to force them to pump the brakes. 00:27:43.621 --> 00:27:46.531 And unless that adversary is after you specifically, 00:27:46.531 --> 00:27:48.781 odds are they're going to go take someone else's phone 00:27:48.781 --> 00:27:51.781 or lose interest because you've raised the bar high enough to their 00:27:51.781 --> 00:27:52.471 getting in. 00:27:52.471 --> 00:27:55.798 On Android, if you do this, it depends on the operating system version. 00:27:55.798 --> 00:27:57.631 Here, might be something similar on Android. 00:27:57.631 --> 00:27:58.381 Too many attempts. 00:27:58.381 --> 00:27:59.041 Try again later. 00:27:59.041 --> 00:28:00.121 I mean, this is even more annoying. 00:28:00.121 --> 00:28:02.251 It doesn't even tell you when to try again later, 00:28:02.251 --> 00:28:05.161 but it does slow down the adversary. 00:28:05.161 --> 00:28:08.711 So if you don't have features like this enabled, you should. 00:28:08.711 --> 00:28:12.421 And if you're particularly security conscious or paranoid even, 00:28:12.421 --> 00:28:14.401 you can even enable a feature on these phones 00:28:14.401 --> 00:28:18.701 nowadays where they self-destruct, so to speak, after 10 wrong guesses. 00:28:18.701 --> 00:28:19.201 Right? 00:28:19.201 --> 00:28:20.131 Why 10? 00:28:20.131 --> 00:28:23.221 The presumption is, among Apple and Google and others, 00:28:23.221 --> 00:28:26.761 that, if you type your passcode 10 times wrong, 00:28:26.761 --> 00:28:28.711 you're probably not who you say you are. 00:28:28.711 --> 00:28:30.061 You're probably someone else. 00:28:30.061 --> 00:28:32.701 Although if you're a little groggy first thing in the morning 00:28:32.701 --> 00:28:35.281 or if you've been out late and having a good time, 00:28:35.281 --> 00:28:40.871 you might not be a high enough threshold to protect your phone from you. 00:28:40.871 --> 00:28:44.101 And so there, too, is this trade-off again, and that's an extreme one. 00:28:44.101 --> 00:28:48.571 If your phone deletes itself, which is what I meant by self-destruct, then 00:28:48.571 --> 00:28:50.761 that might actually be to your detriment. 00:28:50.761 --> 00:28:54.211 Unless you have backups and all of that, but that's another technology 00:28:54.211 --> 00:28:55.271 question altogether. 00:28:55.271 --> 00:28:56.611 So there, too, this theme of trade-offs. 00:28:56.611 --> 00:28:59.491 You raise the bar to the adversary, but you've got to pay the price. 00:28:59.491 --> 00:29:01.781 You're not going to get any such feature for free. 00:29:01.781 --> 00:29:02.281 All right. 00:29:02.281 --> 00:29:06.931 What's another mechanism that many of us increasingly, thankfully, are doing? 00:29:06.931 --> 00:29:09.601 Might be when you log into a website, like Gmail, 00:29:09.601 --> 00:29:12.241 to have two-factor authentication. 00:29:12.241 --> 00:29:14.491 Sometimes, called "two-step authentication." 00:29:14.491 --> 00:29:17.251 I mean, how many of you use two-factor or two-step authentication 00:29:17.251 --> 00:29:18.411 with at least one account? 00:29:18.411 --> 00:29:18.911 All right. 00:29:18.911 --> 00:29:20.101 So that's amazing. 00:29:20.101 --> 00:29:23.181 How many of you use it with all of your accounts? 00:29:23.181 --> 00:29:23.681 All right. 00:29:23.681 --> 00:29:25.141 Fewer of us. 00:29:25.141 --> 00:29:27.671 And there, too, that's not necessarily the wrong answer. 00:29:27.671 --> 00:29:28.171 Right? 00:29:28.171 --> 00:29:30.781 I have a lot of stupid websites that I have accounts on, 00:29:30.781 --> 00:29:32.521 like I bought something once on them. 00:29:32.521 --> 00:29:33.781 I don't really care about it. 00:29:33.781 --> 00:29:36.781 So there's a judgment call there in terms of what you really care about. 00:29:36.781 --> 00:29:39.811 But maybe your financial websites, your health care websites, 00:29:39.811 --> 00:29:42.571 or anything that's mildly sensitive to you probably 00:29:42.571 --> 00:29:45.491 should be raising the bar to the adversary by enabling this. 00:29:45.491 --> 00:29:46.291 So what is this? 00:29:46.291 --> 00:29:50.221 Particularly for those of you who didn't raise your hand, someone else, what is 00:29:50.221 --> 00:29:53.301 two-factor or two-step authentication? 00:29:53.301 --> 00:29:54.051 What's two-factor? 00:29:54.051 --> 00:29:54.739 Yeah. 00:29:54.739 --> 00:29:57.781 AUDIENCE: When you have to use your phone to verify that it's really you. 00:29:57.781 --> 00:29:57.991 SPEAKER: Yeah. 00:29:57.991 --> 00:30:00.511 So when you have to pull out your phone and verify that it's really you. 00:30:00.511 --> 00:30:01.651 And in the corporate world, you might have 00:30:01.651 --> 00:30:03.901 a little dongle, a key fob on your keychain 00:30:03.901 --> 00:30:05.291 that's got a little number on it. 00:30:05.291 --> 00:30:07.861 But generally speaking, two-factor authentication 00:30:07.861 --> 00:30:10.351 is all about, indeed, a second factor. 00:30:10.351 --> 00:30:12.331 It's kind of oversimplified as two steps, 00:30:12.331 --> 00:30:15.421 but it's really key technologically that it be a different factor. 00:30:15.421 --> 00:30:18.031 It is not two-factor authentication if you just 00:30:18.031 --> 00:30:21.148 have two passwords that you have to remember, because both of those 00:30:21.148 --> 00:30:22.231 could be forgotten by you. 00:30:22.231 --> 00:30:24.251 Both of those could be stolen by someone else 00:30:24.251 --> 00:30:26.543 if you write them down on the post-it note or the like. 00:30:26.543 --> 00:30:30.211 Two-factor authentication is about having a fundamentally different factor 00:30:30.211 --> 00:30:33.451 available to you so that the odds that someone 00:30:33.451 --> 00:30:36.781 get at something you know, like your password, and something you have, 00:30:36.781 --> 00:30:39.451 like your phone, is just much, much smaller 00:30:39.451 --> 00:30:43.011 than the threat of just figuring out something you know, like a password 00:30:43.011 --> 00:30:43.511 alone. 00:30:43.511 --> 00:30:45.469 So the factor is something that's fundamentally 00:30:45.469 --> 00:30:47.171 different from the other thing. 00:30:47.171 --> 00:30:49.441 And so once you configure this, the user typically 00:30:49.441 --> 00:30:52.171 sees a screen like this, for instance, in the context of Gmail. 00:30:52.171 --> 00:30:53.926 The screens vary here at Harvard and Yale. 00:30:53.926 --> 00:30:56.551 Students are familiar with something called "Duo mobile," which 00:30:56.551 --> 00:30:57.941 is the exact same idea. 00:30:57.941 --> 00:31:01.591 And they typically use one-time codes, six digits thereabouts. 00:31:01.591 --> 00:31:03.571 And you can only use that code once. 00:31:03.571 --> 00:31:06.691 And the idea is it's texted to you or pushed to your device 00:31:06.691 --> 00:31:09.421 so that you and only you can use it. 00:31:09.421 --> 00:31:13.041 Does this fundamentally secure your account? 00:31:13.041 --> 00:31:18.371 Is this enough, to just have a good password and two-factor authentication? 00:31:18.371 --> 00:31:22.430 Does that keep the adversaries out altogether? 00:31:22.430 --> 00:31:24.483 AUDIENCE: Not if someone wants to get in. 00:31:24.483 --> 00:31:25.691 SPEAKER: Not if someone what? 00:31:25.691 --> 00:31:27.051 AUDIENCE: Really wants to get in. 00:31:27.051 --> 00:31:27.321 SPEAKER: OK. 00:31:27.321 --> 00:31:28.911 Not if someone really wants to get in. 00:31:28.911 --> 00:31:32.691 Then you have other problems are certainly of concern, 00:31:32.691 --> 00:31:35.811 but you do want to ideally keep most adversaries at bay. 00:31:35.811 --> 00:31:36.591 And there are two. 00:31:36.591 --> 00:31:38.551 All we're doing is like raising the bar. 00:31:38.551 --> 00:31:39.051 Right? 00:31:39.051 --> 00:31:41.421 There's nothing stopping someone in physical proximity 00:31:41.421 --> 00:31:44.691 to me stealing my phone and getting into all of those accounts I just 00:31:44.691 --> 00:31:45.771 raised my hand about. 00:31:45.771 --> 00:31:48.681 But you at least protect yourself against the billions 00:31:48.681 --> 00:31:50.931 of other potential adversaries in the world that 00:31:50.931 --> 00:31:53.941 are geographically not near us, so you at least narrow the threat. 00:31:53.941 --> 00:31:55.251 So that's a good thing. 00:31:55.251 --> 00:31:56.391 But what else could we do? 00:31:56.391 --> 00:31:59.013 Because I feel like it's not fair for us to say, all right. 00:31:59.013 --> 00:31:59.721 Everyone go home. 00:31:59.721 --> 00:32:02.631 Start using better passwords-- longer, more complicated. 00:32:02.631 --> 00:32:04.311 Because again, there's this trade-off. 00:32:04.311 --> 00:32:07.491 We don't want to send everyone home essentially with a pad of post-it notes 00:32:07.491 --> 00:32:10.504 to then counterbalance what's an unrealistic expectation. 00:32:10.504 --> 00:32:12.921 So how many of you, perhaps with a show of physical hands, 00:32:12.921 --> 00:32:15.801 use a password manager already? 00:32:15.801 --> 00:32:17.991 This is something practical we can equip you with. 00:32:17.991 --> 00:32:18.491 OK. 00:32:18.491 --> 00:32:19.911 So that was relatively few hands. 00:32:19.911 --> 00:32:23.721 And those of you who are in the habit still of memorizing your password, 00:32:23.721 --> 00:32:27.981 or worse, writing down the password, there are better solutions today. 00:32:27.981 --> 00:32:29.961 But here, too, there's going to be a caveat. 00:32:29.961 --> 00:32:31.881 There's no clear win necessarily. 00:32:31.881 --> 00:32:34.131 A password manager is a piece of software 00:32:34.131 --> 00:32:36.711 that you install on your Mac or PC or your phone that 00:32:36.711 --> 00:32:38.331 manages your passwords for you. 00:32:38.331 --> 00:32:41.661 And these come either built into the operating system. 00:32:41.661 --> 00:32:43.251 Windows has credential manager. 00:32:43.251 --> 00:32:45.411 Mac OS has something called "keychain." 00:32:45.411 --> 00:32:48.441 There's third-party software like 1password or LastPass. 00:32:48.441 --> 00:32:51.194 Companies and universities often have site licenses 00:32:51.194 --> 00:32:54.111 so that students in particular can use these kinds of things for free, 00:32:54.111 --> 00:32:56.528 but the ones that come with your operating system or phone 00:32:56.528 --> 00:32:57.981 are themselves already free. 00:32:57.981 --> 00:33:00.811 And not using them is really the missed opportunity here. 00:33:00.811 --> 00:33:02.489 So what is a password manager? 00:33:02.489 --> 00:33:04.531 It's a program that, yes, manages your passwords. 00:33:04.531 --> 00:33:05.811 But it does a few things more. 00:33:05.811 --> 00:33:08.451 It generates passwords for you, typically. 00:33:08.451 --> 00:33:10.701 I mean, honestly, it's been years since I have 00:33:10.701 --> 00:33:13.011 chosen my own password on a website. 00:33:13.011 --> 00:33:16.011 I instead click a button in my password manager software 00:33:16.011 --> 00:33:19.131 or I use a keyboard shortcut to generate something 00:33:19.131 --> 00:33:23.281 that's eight characters, heck, maybe 16, 24, 32 characters long. 00:33:23.281 --> 00:33:27.381 I don't care because the software's job is to manage that password for me. 00:33:27.381 --> 00:33:30.921 That is, the software remembers this crazy long password for me. 00:33:30.921 --> 00:33:33.921 And better yet, it comes with a button or a keyboard 00:33:33.921 --> 00:33:37.531 shortcut that will automatically fill out forms for me on the web. 00:33:37.531 --> 00:33:41.091 When I say log me in, it will grab my password from my computer, 00:33:41.091 --> 00:33:42.741 plug it in, and voila. 00:33:42.741 --> 00:33:43.701 I'm logged in. 00:33:43.701 --> 00:33:47.871 The upside of this is that, even if that website is compromised 00:33:47.871 --> 00:33:51.321 and my password leaks out, I'm not using that password presumably 00:33:51.321 --> 00:33:54.561 anywhere else because the software's job is generally to create 00:33:54.561 --> 00:33:57.021 unique passwords for each website. 00:33:57.021 --> 00:34:00.021 And it's not going to be guessed via brute force, 00:34:00.021 --> 00:34:03.171 by one of you writing code, because it's just too long. 00:34:03.171 --> 00:34:06.771 Probabilistically, we're all going to be gone by the time your computer finishes 00:34:06.771 --> 00:34:08.491 trying to crack it. 00:34:08.491 --> 00:34:09.449 So what's the downside? 00:34:09.449 --> 00:34:10.533 I mean, this sounds great. 00:34:10.533 --> 00:34:13.581 If the software generates passcodes for you and plugs them in for you, 00:34:13.581 --> 00:34:16.021 where's the downside? 00:34:16.021 --> 00:34:16.521 Anyone? 00:34:16.521 --> 00:34:17.350 Yeah. 00:34:17.350 --> 00:34:19.433 AUDIENCE: If you're using somebody else's computer 00:34:19.433 --> 00:34:22.728 and you need to access it, then you don't know the password. 00:34:22.728 --> 00:34:23.311 SPEAKER: Yeah. 00:34:23.311 --> 00:34:25.381 If you use someone else's computer or you're 00:34:25.381 --> 00:34:28.563 in like a library environment, a lab environment, 00:34:28.563 --> 00:34:30.271 you don't have your passwords accessible. 00:34:30.271 --> 00:34:32.701 Now, there's a way to mitigate that so long as you 00:34:32.701 --> 00:34:34.441 sync the same software to your phone. 00:34:34.441 --> 00:34:36.871 You might have to pay another $1.99 or $20 00:34:36.871 --> 00:34:38.641 to have the same software on your phone. 00:34:38.641 --> 00:34:41.011 You can at least mitigate that by sharing the passcodes 00:34:41.011 --> 00:34:42.241 across your devices. 00:34:42.241 --> 00:34:43.171 Not as user-friendly. 00:34:43.171 --> 00:34:46.321 You're going to have to now manually type out this really long password 00:34:46.321 --> 00:34:49.081 and that, too, is annoying if you get one character wrong. 00:34:49.081 --> 00:34:50.761 But that's one way to mitigate that. 00:34:50.761 --> 00:34:51.624 Other concerns? 00:34:51.624 --> 00:34:54.791 AUDIENCE: If someone cracks the code, then they now have all your passwords. 00:34:54.791 --> 00:34:56.201 SPEAKER: That's maybe the biggest threats. 00:34:56.201 --> 00:34:58.841 I mean, you're kind of putting all of your proverbial eggs 00:34:58.841 --> 00:34:59.981 in the same basket. 00:34:59.981 --> 00:35:03.821 If someone now gets into my password manager, which I should stipulate 00:35:03.821 --> 00:35:07.001 is supposed to itself have a really big long password 00:35:07.001 --> 00:35:10.841 that I do have to remember, but only one such long password, 00:35:10.841 --> 00:35:12.561 I mean, then I'm really out of luck. 00:35:12.561 --> 00:35:16.851 Now, every single account I own is compromised except for those 00:35:16.851 --> 00:35:18.101 that at least have two-factor. 00:35:18.101 --> 00:35:20.801 Unless the adversary also steals my phone or my key fob. 00:35:20.801 --> 00:35:22.133 Other concerns? 00:35:22.133 --> 00:35:25.239 AUDIENCE: If someone is like [INAUDIBLE].. 00:35:31.701 --> 00:35:32.421 SPEAKER: Exactly. 00:35:32.421 --> 00:35:35.541 If someone gets physical access to your device, honestly in general, 00:35:35.541 --> 00:35:36.396 all bets are off. 00:35:36.396 --> 00:35:39.021 And this is why some of today's listeners are really important. 00:35:39.021 --> 00:35:42.973 It's only going to matter when you first lose your phone or someone walks off 00:35:42.973 --> 00:35:44.181 with your laptop or the like. 00:35:44.181 --> 00:35:46.056 There are certain things you can do to defend 00:35:46.056 --> 00:35:47.961 against that inevitability, dare say. 00:35:47.961 --> 00:35:49.881 But you want to make sure that, if you are 00:35:49.881 --> 00:35:52.220 using some of these solutions like a password manager, 00:35:52.220 --> 00:35:57.021 that that long primary password you use for it is itself really hard to guess. 00:35:57.021 --> 00:36:00.141 And I would say, I'm OK with you writing that down even 00:36:00.141 --> 00:36:01.901 but putting it in like a safe deposit box 00:36:01.901 --> 00:36:03.651 or hiding it somewhere in the house that's 00:36:03.651 --> 00:36:05.841 just very low probability of someone finding. 00:36:05.841 --> 00:36:08.970 Because the other problem with putting all of your eggs in one basket, 00:36:08.970 --> 00:36:13.701 if you forget your password, then you lose everything. 00:36:13.701 --> 00:36:16.471 And that, too, seems like a pretty serious price to pay. 00:36:16.471 --> 00:36:19.881 But this is a constant battle in computing nowadays, usability 00:36:19.881 --> 00:36:22.281 and security and finding that inflection point. 00:36:22.281 --> 00:36:24.571 But there, too, you can be selective. 00:36:24.571 --> 00:36:25.071 Right? 00:36:25.071 --> 00:36:27.661 I called out financial information, health information, 00:36:27.661 --> 00:36:29.151 your personal email, your calendar. 00:36:29.151 --> 00:36:31.861 Anything that's mildly more sensitive to you or important, 00:36:31.861 --> 00:36:34.461 raise the bar at least on those accounts even 00:36:34.461 --> 00:36:38.931 if you're not quite ready to go all in on all of these other factors. 00:36:38.931 --> 00:36:41.721 Well, let's consider then where we're using these passwords. 00:36:41.721 --> 00:36:43.971 Consider just a couple of specific examples. 00:36:43.971 --> 00:36:44.871 Email, of course. 00:36:44.871 --> 00:36:47.151 Gmail is the example I used earlier. 00:36:47.151 --> 00:36:49.431 Gmail and email accounts, more generally, 00:36:49.431 --> 00:36:51.101 are increasingly offering us features. 00:36:51.101 --> 00:36:52.851 And in fact, there's one that I thought we 00:36:52.851 --> 00:36:55.011 could highlight as an example of something 00:36:55.011 --> 00:36:58.101 that, as a CS50 student, a CS50 family member, 00:36:58.101 --> 00:37:01.311 you should really start viewing the world with a more 00:37:01.311 --> 00:37:03.741 skeptical eye, a little more paranoid eye, 00:37:03.741 --> 00:37:06.471 and not necessarily just believe things that websites say. 00:37:06.471 --> 00:37:09.021 I mean, it's mostly meaningless when a website says-- 00:37:09.021 --> 00:37:11.421 sometimes, with a pretty little logo or emblem-- 00:37:11.421 --> 00:37:13.551 our website is secure. 00:37:13.551 --> 00:37:14.851 What does that even mean? 00:37:14.851 --> 00:37:16.701 And it's again, all about relativity. 00:37:16.701 --> 00:37:19.791 And even Gmail, I daresay somewhat irresponsibly, 00:37:19.791 --> 00:37:21.441 has this feature in recent years. 00:37:21.441 --> 00:37:23.061 Confidential mode. 00:37:23.061 --> 00:37:26.721 Is anyone-- if you're using G Suite or Google Apps at work or workspace 00:37:26.721 --> 00:37:29.859 nowadays-- in the habit of using confidential mode? 00:37:29.859 --> 00:37:30.651 I mean, it sounds-- 00:37:30.651 --> 00:37:30.861 OK. 00:37:30.861 --> 00:37:32.451 No one's using this, so this is great. 00:37:32.451 --> 00:37:34.933 And I worry now that I'm introducing you to a feature 00:37:34.933 --> 00:37:36.391 that you shouldn't necessarily use. 00:37:36.391 --> 00:37:39.501 But all this time, if you're a Gmail user, 00:37:39.501 --> 00:37:42.081 there is, along the little menu bar, an icon 00:37:42.081 --> 00:37:43.706 that lets you enable confidential mode. 00:37:43.706 --> 00:37:45.289 And later tonight, play around for it. 00:37:45.289 --> 00:37:47.671 Just look for it, and you'll see exactly this screenshot, 00:37:47.671 --> 00:37:48.891 which I took yesterday. 00:37:48.891 --> 00:37:52.131 According to Google, recipients won't have the option to forward, 00:37:52.131 --> 00:37:54.871 copy, print, or download this email. 00:37:54.871 --> 00:37:55.371 Right? 00:37:55.371 --> 00:37:57.111 Great for lawyers, it would seem. 00:37:57.111 --> 00:37:58.041 Great for business. 00:37:58.041 --> 00:38:00.501 Great for private correspondence. 00:38:00.501 --> 00:38:03.531 But why is this perhaps a bit misleading? 00:38:06.201 --> 00:38:08.391 Where should the skepticism come from here? 00:38:08.391 --> 00:38:10.711 Even a company like Google, I dare say, they've 00:38:10.711 --> 00:38:13.731 probably buried the caveats that I'm hinting at under the Learn More. 00:38:13.731 --> 00:38:15.241 But unfortunately, that might be too late. 00:38:15.241 --> 00:38:15.741 Yeah. 00:38:15.741 --> 00:38:16.881 In back. 00:38:16.881 --> 00:38:19.381 AUDIENCE: Will they be able to take screenshots of the mail? 00:38:19.381 --> 00:38:19.591 SPEAKER: Yeah. 00:38:19.591 --> 00:38:20.461 I mean, those of you who know how to take 00:38:20.461 --> 00:38:21.811 a screenshot, that's the simplest way. 00:38:21.811 --> 00:38:23.311 If you don't know how to do that, well, here's a phone. 00:38:23.311 --> 00:38:26.531 I can just take a picture of what it is I see on the screen. 00:38:26.531 --> 00:38:28.681 And so these are software defenses that are 00:38:28.681 --> 00:38:31.771 in place that essentially disable the Forward button, 00:38:31.771 --> 00:38:33.219 disable the Print button. 00:38:33.219 --> 00:38:35.011 But honestly, as you probably already know, 00:38:35.011 --> 00:38:37.711 once something is already digital, I mean, it's out there. 00:38:37.711 --> 00:38:39.241 And there are other ways to get it. 00:38:39.241 --> 00:38:42.283 It might not be as high quality if you're taking out your phone to do it, 00:38:42.283 --> 00:38:44.611 but you should view things like this with skepticism. 00:38:44.611 --> 00:38:47.111 And even I, when I occasionally receive something like this, 00:38:47.111 --> 00:38:50.221 I kind of roll my eyes but regret that the user thinks what they're 00:38:50.221 --> 00:38:52.771 doing is consistent with this language. 00:38:52.771 --> 00:38:54.011 But it isn't necessarily. 00:38:54.011 --> 00:38:57.301 And so indeed, in part, from an introduction to computer science, 00:38:57.301 --> 00:39:00.688 you begin to get a little scared from what's going on out there. 00:39:00.688 --> 00:39:03.271 Because there are so many different threats and so many things 00:39:03.271 --> 00:39:05.221 that you can't, in fact, do. 00:39:05.221 --> 00:39:09.631 And the onus is, unfortunately, often on us users to read between the lines 00:39:09.631 --> 00:39:11.644 and see what actually is possible. 00:39:11.644 --> 00:39:14.311 Here's another one that you might be more in the habit of using, 00:39:14.311 --> 00:39:18.151 incognito mode or private mode in Chrome or Safari 00:39:18.151 --> 00:39:19.961 or Firefox or Edge or the like. 00:39:19.961 --> 00:39:24.031 What does incognito mode do, if familiar? 00:39:24.031 --> 00:39:24.961 What's incognito mode? 00:39:24.961 --> 00:39:25.726 Yeah. 00:39:25.726 --> 00:39:28.981 It doesn't log locally what you're doing. 00:39:28.981 --> 00:39:30.941 It doesn't log locally what you're doing. 00:39:30.941 --> 00:39:31.441 Exactly. 00:39:31.441 --> 00:39:34.561 Most people here probably generally know about things called cookies, even 00:39:34.561 --> 00:39:36.301 if you're not quite sure how they work. 00:39:36.301 --> 00:39:39.421 But they're like these little remnants or bread crumbs 00:39:39.421 --> 00:39:42.961 you leave behind when visiting websites that allow the websites to keep track 00:39:42.961 --> 00:39:45.121 of who you are in some sense. 00:39:45.121 --> 00:39:48.421 According to Google here, when you're using incognito mode, 00:39:48.421 --> 00:39:50.491 Chrome won't save your browsing history. 00:39:50.491 --> 00:39:51.811 So that's good. 00:39:51.811 --> 00:39:55.321 Cookies and site data, information entered into forms. 00:39:55.321 --> 00:39:58.501 But to their credit, they do disclaim that your activity might still 00:39:58.501 --> 00:40:01.921 be visible to the websites you visit, your employer or school, 00:40:01.921 --> 00:40:03.406 your internet service provider. 00:40:03.406 --> 00:40:05.281 So they're getting better at at least helping 00:40:05.281 --> 00:40:07.981 you evaluate by giving more of the facts whether you 00:40:07.981 --> 00:40:09.691 do or don't want to do this. 00:40:09.691 --> 00:40:14.461 But this doesn't mean that the websites you're visiting, indeed, 00:40:14.461 --> 00:40:15.271 don't know who you. 00:40:15.271 --> 00:40:17.363 Are all of our computers have unique addresses, 00:40:17.363 --> 00:40:20.071 these things called IP addresses that you might have heard about. 00:40:20.071 --> 00:40:22.501 In CS50, we'll explore these in another week's time. 00:40:22.501 --> 00:40:26.341 Your computer is constantly leaking information that 00:40:26.341 --> 00:40:28.691 could be used to infer who you were. 00:40:28.691 --> 00:40:30.751 So this is really just best left when you 00:40:30.751 --> 00:40:34.321 don't want to accidentally, on like a friend's computer or a lab computer, 00:40:34.321 --> 00:40:35.448 remain logged in. 00:40:35.448 --> 00:40:38.531 Because cookies are typically used to just remember that you've logged in. 00:40:38.531 --> 00:40:41.161 So if you use a friend's computer, you use incognito mode 00:40:41.161 --> 00:40:42.301 and just close the window. 00:40:42.301 --> 00:40:42.801 Boom. 00:40:42.801 --> 00:40:44.161 You're effectively logged out. 00:40:44.161 --> 00:40:49.501 But even as Google disclaims, there's other caveats there, too. 00:40:49.501 --> 00:40:52.801 So what else might we keep in mind? 00:40:52.801 --> 00:40:55.621 Let's consider one other big one that's another thing 00:40:55.621 --> 00:41:00.301 to start looking for increasingly in order to keep yourself secure, 00:41:00.301 --> 00:41:02.191 and this one's a little more technical. 00:41:02.191 --> 00:41:03.241 Encryption. 00:41:03.241 --> 00:41:06.481 And as CS50 students will know, this is something you can implement in code. 00:41:06.481 --> 00:41:08.064 And in fact, let me ask this question. 00:41:08.064 --> 00:41:11.221 What does it mean to encrypt something? 00:41:11.221 --> 00:41:14.994 Think back to pset2 and Caesar and the like. 00:41:14.994 --> 00:41:16.411 Let me look a little farther back. 00:41:16.411 --> 00:41:18.786 Almost any student hands should theoretically be up here. 00:41:18.786 --> 00:41:19.532 Yeah. 00:41:19.532 --> 00:41:22.418 AUDIENCE: You can substitute characters [INAUDIBLE] 00:41:22.418 --> 00:41:25.173 so that you can't read it as the first ones. 00:41:25.173 --> 00:41:25.881 SPEAKER: Exactly. 00:41:25.881 --> 00:41:28.941 Encryption is all about substituting one letter for another 00:41:28.941 --> 00:41:32.031 and generally scrambling the appearance of some message 00:41:32.031 --> 00:41:35.151 up so that the recipient knows how to reverse that process 00:41:35.151 --> 00:41:36.651 and see what you actually sent. 00:41:36.651 --> 00:41:40.011 But anyone intervening in between you can't actually 00:41:40.011 --> 00:41:41.751 see the information between you. 00:41:41.751 --> 00:41:48.341 So just to impress the parents in the room, any students, what does this say? 00:41:48.341 --> 00:41:49.391 We're not ending here. 00:41:49.391 --> 00:41:50.561 AUDIENCE: This was CS50. 00:41:50.561 --> 00:41:51.818 SPEAKER: This was CS50. 00:41:51.818 --> 00:41:53.901 That's what it would say, but notice the scramble. 00:41:53.901 --> 00:41:56.621 Let me go back and forth, back and forth. 00:41:56.621 --> 00:42:06.371 In this message, t becomes u, h becomes i, i becomes j, s becomes t. 00:42:06.371 --> 00:42:10.724 This is what we called a few weeks ago, in CS50, a rotational cipher a Caesar 00:42:10.724 --> 00:42:12.641 cipher, that literally does, as you described, 00:42:12.641 --> 00:42:14.531 substitutes one letter for the next. 00:42:14.531 --> 00:42:16.781 But it does so in a very predictable way. 00:42:16.781 --> 00:42:18.871 A becomes B, B becomes C, and so forth. 00:42:18.871 --> 00:42:22.121 And we also talked, weeks ago, that you don't have to keep it that simplistic. 00:42:22.121 --> 00:42:24.581 You can use a bigger mathematical formula 00:42:24.581 --> 00:42:27.671 to make it at least harder for some adversary to figure out. 00:42:27.671 --> 00:42:33.161 But you and I, as users these days, are constantly thankfully using encryption. 00:42:33.161 --> 00:42:36.461 You probably generally know that you should be hoping for, 00:42:36.461 --> 00:42:38.051 expecting this these days. 00:42:38.051 --> 00:42:39.761 Like HTTPS is a good thing. 00:42:39.761 --> 00:42:42.041 S means secure, literally. 00:42:42.041 --> 00:42:45.341 And any website that has that in its URL indicates 00:42:45.341 --> 00:42:49.031 to you that you and the website are having an encrypted, 00:42:49.031 --> 00:42:51.041 a scrambled communication, which means, if you 00:42:51.041 --> 00:42:53.411 type in your password, your credit card information, 00:42:53.411 --> 00:42:57.461 anything else personally, no one between you theoretically, points A and B, 00:42:57.461 --> 00:43:00.431 should be able to know what it is you've typed into that web page. 00:43:00.431 --> 00:43:02.861 The web page absolutely can, because they 00:43:02.861 --> 00:43:06.701 have the ability to decrypt that information, to reverse the process. 00:43:06.701 --> 00:43:09.651 But at least encryption is generally a good thing. 00:43:09.651 --> 00:43:12.881 But today, let's take that one step further and encourage you all 00:43:12.881 --> 00:43:16.421 to be looking for, expecting, if you will, as consumers increasingly 00:43:16.421 --> 00:43:19.571 in the coming years, something better than encryption alone 00:43:19.571 --> 00:43:22.541 but end-to-end encryption. 00:43:22.541 --> 00:43:26.094 And you're starting to hear about, read about this a little bit more. 00:43:26.094 --> 00:43:27.761 But it's perhaps a little less familiar. 00:43:27.761 --> 00:43:33.221 Someone in the room, who's familiar, what is end-to-end encryption? 00:43:33.221 --> 00:43:34.371 Let me give folks a moment. 00:43:34.371 --> 00:43:39.231 What is end-to-end encryption? 00:43:39.231 --> 00:43:39.731 OK. 00:43:39.731 --> 00:43:41.477 Yeah. 00:43:41.477 --> 00:43:46.297 AUDIENCE: It's where you always try [INAUDIBLE].. 00:43:46.297 --> 00:43:49.496 WhatsApp encrypts a message on one side and sends it 00:43:49.496 --> 00:43:51.121 where it's encrypted on the other side. 00:43:51.121 --> 00:43:51.704 SPEAKER: Good. 00:43:51.704 --> 00:43:54.161 So it's when an app, like WhatsApp, encrypts a message, 00:43:54.161 --> 00:43:57.131 but it's encrypted all the way to the other side, to the recipient. 00:43:57.131 --> 00:43:59.491 Even though Facebook, in this case, owns WhatsApp, 00:43:59.491 --> 00:44:03.061 even though your message is going through Facebook or MetaServers, 00:44:03.061 --> 00:44:05.731 they do not have theoretically the ability 00:44:05.731 --> 00:44:09.361 to decrypt your message, whatever chat message you've sent to a friend. 00:44:09.361 --> 00:44:13.981 They are just sending seemingly random zeros and ones all the way to the end 00:44:13.981 --> 00:44:15.811 user who can then decrypt it. 00:44:15.811 --> 00:44:19.271 If you're an iPhone user, iMessage, for instance, does this automatically. 00:44:19.271 --> 00:44:22.218 So long as your text messages are blue and not green, 00:44:22.218 --> 00:44:25.051 that means you're using iMessage in Apple's platform that does this. 00:44:25.051 --> 00:44:27.061 But let's focus perhaps on something that's 00:44:27.061 --> 00:44:30.701 been all too familiar to most of us over this past year, Zoom. 00:44:30.701 --> 00:44:31.201 Right? 00:44:31.201 --> 00:44:33.271 Zoom actually took some flack some months ago. 00:44:33.271 --> 00:44:35.063 Because in their marketing literature, they 00:44:35.063 --> 00:44:37.111 were advertising end-to-end encryption. 00:44:37.111 --> 00:44:41.281 They were not implementing end-to-end encryption, at least initially. 00:44:41.281 --> 00:44:43.703 This was probably marketing gone awry, not quite 00:44:43.703 --> 00:44:45.661 understanding what end-to-end encryption means. 00:44:45.661 --> 00:44:46.921 They were using encryption. 00:44:46.921 --> 00:44:50.071 And what that meant is that, if I were having a meeting with a colleague 00:44:50.071 --> 00:44:52.691 or you were sitting in on a class with a teacher, 00:44:52.691 --> 00:44:57.301 you might have an encrypted connection-- all of you-- to Zoom centrally, 00:44:57.301 --> 00:45:01.081 but they had the ability-- early on and still now if you leave this feature 00:45:01.081 --> 00:45:01.591 off-- 00:45:01.591 --> 00:45:05.731 to decrypt that information and see and listen to theoretically anything 00:45:05.731 --> 00:45:08.341 going on in that meeting or that classroom. 00:45:08.341 --> 00:45:11.641 Now, technologically, there's not really a good defense against that 00:45:11.641 --> 00:45:13.411 if using that older approach. 00:45:13.411 --> 00:45:14.941 All it really is is policy. 00:45:14.941 --> 00:45:18.521 Or hopefully, there's rules in place, there's contracts in place that say, 00:45:18.521 --> 00:45:21.001 well, yeah, that's possible, but don't do that. 00:45:21.001 --> 00:45:24.631 End-to-end encryption is a stronger guarantee for you 00:45:24.631 --> 00:45:27.716 that circumvents that risk altogether by ensuring 00:45:27.716 --> 00:45:30.841 that, if you're tuning into that class or you're logging into that meeting, 00:45:30.841 --> 00:45:33.691 all of the zeros and ones are going through Zoom servers, 00:45:33.691 --> 00:45:37.151 just like Facebook's, but only the end users-- 00:45:37.151 --> 00:45:39.901 only the students and teachers, only the colleague and colleague-- 00:45:39.901 --> 00:45:44.251 can actually decrypt and see and hear what it is that's being said. 00:45:44.251 --> 00:45:47.469 And if you're one who schedules Zoom meetings, you can actually see this. 00:45:47.469 --> 00:45:50.011 For instance, here's a screenshot that I took yesterday, too, 00:45:50.011 --> 00:45:52.171 scheduling like a Zoom meeting for today. 00:45:52.171 --> 00:45:55.441 And you'll see that you can choose the day and the time, the password. 00:45:55.441 --> 00:45:55.951 Haha. 00:45:55.951 --> 00:45:59.191 And also down here, the encryption level. 00:45:59.191 --> 00:46:02.701 And by default, it's typically enhanced encryption, which is stupid. 00:46:02.701 --> 00:46:03.866 Like enhanced encryption. 00:46:03.866 --> 00:46:04.741 It's just encryption. 00:46:04.741 --> 00:46:08.201 And in fact, it's sort of worse encryption than the other checkbox, 00:46:08.201 --> 00:46:10.991 which is end-to-end encryption. 00:46:10.991 --> 00:46:12.301 But there's this little caveat. 00:46:12.301 --> 00:46:14.941 And here, too, consistent with this reality in computing, 00:46:14.941 --> 00:46:16.111 there's always a trade-off. 00:46:16.111 --> 00:46:16.611 Right? 00:46:16.611 --> 00:46:19.141 It's not all upside and all win. 00:46:19.141 --> 00:46:21.661 Several features will be automatically disabled 00:46:21.661 --> 00:46:23.611 when using end-to-end encryption, including 00:46:23.611 --> 00:46:25.861 cloud recording and some phone stuff. 00:46:25.861 --> 00:46:28.531 I mean, that's already kind of a big loss for a class, 00:46:28.531 --> 00:46:31.201 for instance, a conference that wants to keep the sessions. 00:46:31.201 --> 00:46:32.461 But it kind of makes sense. 00:46:32.461 --> 00:46:32.961 Right? 00:46:32.961 --> 00:46:35.821 If the data is encrypted between all of the end users 00:46:35.821 --> 00:46:39.539 and, therefore, Zoom has no eyes into the data or ears, 00:46:39.539 --> 00:46:42.331 then it makes sense that they can't record it for you in the cloud. 00:46:42.331 --> 00:46:45.631 Because it's completely, completely scrambled to them, too. 00:46:45.631 --> 00:46:49.291 So a good primitive to have in place but also something 00:46:49.291 --> 00:46:52.261 that you need to sacrifice in terms of usability. 00:46:52.261 --> 00:46:55.051 Well, in our final moments here, let me flip back over 00:46:55.051 --> 00:46:57.241 to where our hacking tool is. 00:46:57.241 --> 00:47:01.171 It would seem that eight characters is doing really well, because we still 00:47:01.171 --> 00:47:03.521 got three As at the beginning of this. 00:47:03.521 --> 00:47:05.621 So that might be, in fact, one take away. 00:47:05.621 --> 00:47:08.671 And in fact, let me flip over and proposed three pieces of homework 00:47:08.671 --> 00:47:09.571 for everyone here. 00:47:09.571 --> 00:47:12.094 One, use a password manager, the one that's 00:47:12.094 --> 00:47:14.011 built into your phone or your operating system 00:47:14.011 --> 00:47:15.541 or pay a little something more for something 00:47:15.541 --> 00:47:17.191 that you might like a little better. 00:47:17.191 --> 00:47:21.511 Two, use two-factor authentication for more of your accounts. 00:47:21.511 --> 00:47:23.576 Maybe not all but at least more of your accounts, 00:47:23.576 --> 00:47:25.201 and that's certainly a net improvement. 00:47:25.201 --> 00:47:28.681 And then three, use not just encryption but end-to-end encryption. 00:47:28.681 --> 00:47:32.371 And unfortunately, these features are not all quite as simple as, oh, well, 00:47:32.371 --> 00:47:35.131 let me just check the box and turn on something 00:47:35.131 --> 00:47:38.281 that's always been available to me, because it's not always been available. 00:47:38.281 --> 00:47:40.984 And Zoom, only once they got in trouble for this, 00:47:40.984 --> 00:47:43.651 did they acquire some other company that implements this feature 00:47:43.651 --> 00:47:45.551 and then add it to their software. 00:47:45.551 --> 00:47:48.571 But as users, as consumers, as parents, as students, 00:47:48.571 --> 00:47:52.591 considering choosing one tool or another because of these features 00:47:52.591 --> 00:47:54.781 is really something you are empowered to do. 00:47:54.781 --> 00:47:56.761 And do not use those tools that you don't think 00:47:56.761 --> 00:47:59.473 meet some threshold of comfort for you. 00:47:59.473 --> 00:48:01.681 For more on this and computer science more generally, 00:48:01.681 --> 00:48:05.073 any of you can take CS50 online at edx.org/cs50. 00:48:05.073 --> 00:48:06.281 It's been so nice to see you. 00:48:06.281 --> 00:48:07.323 Happy to chat one-on-one. 00:48:07.323 --> 00:48:09.601 But otherwise, have a wonderful day here on campus. 00:48:09.601 --> 00:48:11.031 This was CS50. 00:48:11.031 --> 00:48:12.881 [APPLAUSE] 00:48:12.881 --> 00:48:45.000 [MUSIC PLAYING]