1 00:00:00,000 --> 00:00:02,480 [MUSIC PLAYING] 2 00:00:02,480 --> 00:00:09,894 3 00:00:09,894 --> 00:00:10,810 DAVID MALAN: Security. 4 00:00:10,810 --> 00:00:14,720 Let's start off with some scary stories about how your data and your devices 5 00:00:14,720 --> 00:00:17,330 are under constant threat, even if you don't necessarily 6 00:00:17,330 --> 00:00:21,260 realize as much yourself, and then consider how we might defend ourselves 7 00:00:21,260 --> 00:00:22,770 against some of these threats. 8 00:00:22,770 --> 00:00:25,490 Let's start, for instance, with privacy, keeping folks 9 00:00:25,490 --> 00:00:28,670 from seeing data or things that you don't want them necessarily to see. 10 00:00:28,670 --> 00:00:30,530 And specifically, let's consider this. 11 00:00:30,530 --> 00:00:34,140 If you've got some desktop computer, or some laptop computer, 12 00:00:34,140 --> 00:00:37,280 those devices alone are the most insecure thing you might have, 13 00:00:37,280 --> 00:00:40,430 and maybe even the device in your pocket that you even leave lying around, 14 00:00:40,430 --> 00:00:43,940 because at the end of the day, whether it's a laptop or desktop or phone, 15 00:00:43,940 --> 00:00:47,360 these are computers, and computers have on them data, 16 00:00:47,360 --> 00:00:50,450 and data is just a fancy way of saying, like, files. 17 00:00:50,450 --> 00:00:53,240 So files, of course, are just collections of zeros and ones, 18 00:00:53,240 --> 00:00:57,320 and in those zeros and ones, odds are, are numbers like financial information, 19 00:00:57,320 --> 00:00:59,600 or photographs that you've taken on vacation, 20 00:00:59,600 --> 00:01:04,220 or maybe it's financial documents that you've typed up on your computer. 21 00:01:04,220 --> 00:01:07,100 So suppose that you're already in the habit 22 00:01:07,100 --> 00:01:09,590 of trying to keep your data secure, because anything 23 00:01:09,590 --> 00:01:13,010 you don't want someone to see, you maybe are in the habit of deleting it. 24 00:01:13,010 --> 00:01:15,590 But let's consider first what it means to be deleted. 25 00:01:15,590 --> 00:01:18,920 Recall, after all, that files are generally stored on hard drives, 26 00:01:18,920 --> 00:01:19,820 or SSDs. 27 00:01:19,820 --> 00:01:23,217 And in fact, a hard drive is just a physical device, something like this. 28 00:01:23,217 --> 00:01:25,550 And there's magnetic particles on this particular device 29 00:01:25,550 --> 00:01:27,390 that represent our data. 30 00:01:27,390 --> 00:01:30,450 So what does it mean, though, to delete a file? 31 00:01:30,450 --> 00:01:33,410 On Macs and PCs and the like, when you delete a file, 32 00:01:33,410 --> 00:01:36,560 it simply disappears, typically, from your desktop or folder. 33 00:01:36,560 --> 00:01:39,630 But what's really happening, especially when at the end of the day, 34 00:01:39,630 --> 00:01:42,560 those files are on a physical device like this? 35 00:01:42,560 --> 00:01:48,804 Well, turns out the files are stored on a computer, and on a platter, 36 00:01:48,804 --> 00:01:50,720 if it's a hard disk, that might look something 37 00:01:50,720 --> 00:01:52,830 like this, although ideally it would be a perfect circle 38 00:01:52,830 --> 00:01:54,260 so that it can spin properly. 39 00:01:54,260 --> 00:01:57,660 And anytime you store a file, you might allocate some part of this disk, 40 00:01:57,660 --> 00:01:59,630 maybe that part of the disk, or the platter, 41 00:01:59,630 --> 00:02:02,190 so to speak, for all of your zeros and ones. 42 00:02:02,190 --> 00:02:05,360 And I'll just go ahead and draw some random zeros and ones up here. 43 00:02:05,360 --> 00:02:08,090 And what those zeros and ones are completely depend on the file. 44 00:02:08,090 --> 00:02:09,350 Maybe it's a Word document. 45 00:02:09,350 --> 00:02:10,250 Maybe it's an image. 46 00:02:10,250 --> 00:02:11,720 Maybe it's a sound file or a movie. 47 00:02:11,720 --> 00:02:12,740 Who knows? 48 00:02:12,740 --> 00:02:14,227 And then elsewhere on the platter-- 49 00:02:14,227 --> 00:02:16,310 and recall that there might be multiple platters-- 50 00:02:16,310 --> 00:02:18,060 will there be any number of other files. 51 00:02:18,060 --> 00:02:21,410 And even if it's not a platter, if it's instead a solid-state disk, 52 00:02:21,410 --> 00:02:24,110 electronically, are there still these zeros and ones, 53 00:02:24,110 --> 00:02:29,390 thanks to the tiny little devices that store those binary values for us. 54 00:02:29,390 --> 00:02:33,620 But what does it mean, now, if a file exists in your operating system, 55 00:02:33,620 --> 00:02:36,230 and your operating system is storing it, ultimately, 56 00:02:36,230 --> 00:02:39,530 on a physical device, whether a platter here in a hard drive, 57 00:02:39,530 --> 00:02:41,300 or electronically in an SSD? 58 00:02:41,300 --> 00:02:44,210 Well, somehow, your computer, specifically your operating system, 59 00:02:44,210 --> 00:02:47,270 needs to keep track of where these files are. 60 00:02:47,270 --> 00:02:49,260 And so an operating system typically has kind 61 00:02:49,260 --> 00:02:51,260 of the equivalent of, like, a little cheatsheet, 62 00:02:51,260 --> 00:02:54,960 or an Excel file, that keeps track of where files are. 63 00:02:54,960 --> 00:02:58,970 So for instance, one column might be the name of the file, 64 00:02:58,970 --> 00:03:01,400 and another column might be its location. 65 00:03:01,400 --> 00:03:04,770 But location, in this sense, is the physical location on disk. 66 00:03:04,770 --> 00:03:07,790 So if I've stored, for instance, my resume somewhere, 67 00:03:07,790 --> 00:03:11,300 and that might be at location 123, where this 68 00:03:11,300 --> 00:03:14,120 happens to be location 123 on the hard drive, 69 00:03:14,120 --> 00:03:18,136 specifically, byte number 123, because operating systems are 70 00:03:18,136 --> 00:03:20,510 going to store my data either at specific byte addresses, 71 00:03:20,510 --> 00:03:22,310 or maybe in certain cluster sizes. 72 00:03:22,310 --> 00:03:26,780 You might actually take collections of bytes and write files to those clusters 73 00:03:26,780 --> 00:03:27,920 all at once. 74 00:03:27,920 --> 00:03:30,290 But this table, then, of course, has other values 75 00:03:30,290 --> 00:03:34,710 as well, one value for every file that I have on my computer. 76 00:03:34,710 --> 00:03:37,040 So what does it mean, then, to delete a file? 77 00:03:37,040 --> 00:03:40,460 Well, graphically, it tends to disappear from my screen. 78 00:03:40,460 --> 00:03:42,270 And I know what you might be thinking. 79 00:03:42,270 --> 00:03:45,720 Wait a minute, it goes into the so-called recycle bin or trash can. 80 00:03:45,720 --> 00:03:48,770 But the funny thing about the recycle bin or trash can is what? 81 00:03:48,770 --> 00:03:52,670 Especially if you have maybe a nosy roommate or family member. 82 00:03:52,670 --> 00:03:56,960 It's not really sufficient to leave deleted files in the trash bin 83 00:03:56,960 --> 00:03:59,370 or recycle bin, because what can they do? 84 00:03:59,370 --> 00:04:00,650 They can, of course, just double click on the thing, 85 00:04:00,650 --> 00:04:03,691 drag the file out, and then hang onto it and actually see what was there. 86 00:04:03,691 --> 00:04:04,910 So oh, no, no. 87 00:04:04,910 --> 00:04:06,710 You're more security-conscious than that. 88 00:04:06,710 --> 00:04:10,220 You're in the habit of emptying your recycle bin, or emptying the trash. 89 00:04:10,220 --> 00:04:13,580 And it maybe makes a cute little sound, and then the little icon of trash 90 00:04:13,580 --> 00:04:15,290 disappears from the lid of the can. 91 00:04:15,290 --> 00:04:16,760 And you might think, whew! 92 00:04:16,760 --> 00:04:17,810 Got rid of that file. 93 00:04:17,810 --> 00:04:19,160 No one can now see it. 94 00:04:19,160 --> 00:04:23,600 But consider what might be happening underneath the hood, so to speak. 95 00:04:23,600 --> 00:04:26,150 Well, it turns out what a computer typically 96 00:04:26,150 --> 00:04:30,380 does, whether it's Windows or Mac OS or some other operating system, 97 00:04:30,380 --> 00:04:33,750 is it does nothing to the physical device over here. 98 00:04:33,750 --> 00:04:39,440 Instead, it just forgets that entry from this table. 99 00:04:39,440 --> 00:04:41,510 It just forgets where my resume is. 100 00:04:41,510 --> 00:04:44,960 And therefore, it knows implicitly, and thereafter it 101 00:04:44,960 --> 00:04:47,840 can continue using location 123. 102 00:04:47,840 --> 00:04:50,900 Sure, there are still zeros and ones from my old resume there. 103 00:04:50,900 --> 00:04:53,180 But no big deal, because the computer can just 104 00:04:53,180 --> 00:04:55,460 rearrange those zeros and ones into other ones 105 00:04:55,460 --> 00:04:58,100 and zeros in some other pattern and store some other file, 106 00:04:58,100 --> 00:05:02,240 so long as that new file is added to this table. 107 00:05:02,240 --> 00:05:05,390 But the implication, then, is that even though you've 108 00:05:05,390 --> 00:05:08,240 deleted a file by dragging it to the recycle bin or trash can, 109 00:05:08,240 --> 00:05:12,240 and you've had the wherewithal to empty the recycle bin or trash can, 110 00:05:12,240 --> 00:05:15,450 the computer really is just forgetting where that file is. 111 00:05:15,450 --> 00:05:18,760 It's not actually physically destroying the data. 112 00:05:18,760 --> 00:05:20,910 And so if you have the right software, or you 113 00:05:20,910 --> 00:05:24,510 have a sophisticated enough adversary who can write software, 114 00:05:24,510 --> 00:05:28,440 you can theoretically recover data from a hard drive or SSD 115 00:05:28,440 --> 00:05:30,780 just by looking for familiar patterns of bits 116 00:05:30,780 --> 00:05:35,280 that might represent a Word document or a JPEG photograph or something else 117 00:05:35,280 --> 00:05:36,720 altogether. 118 00:05:36,720 --> 00:05:38,200 So what's the implication? 119 00:05:38,200 --> 00:05:40,950 If this is the threat, and if you've got some really sensitive tax 120 00:05:40,950 --> 00:05:42,741 information on your computer and you really 121 00:05:42,741 --> 00:05:46,050 don't want other people to be able to see that, because it's personal, 122 00:05:46,050 --> 00:05:49,050 it's not sufficient, it seems, just to even empty your recycle bin. 123 00:05:49,050 --> 00:05:52,440 You need to somehow securely erase this file, so 124 00:05:52,440 --> 00:05:54,630 that programs like Norton Utilities and other tools 125 00:05:54,630 --> 00:05:57,610 can't recover the data subsequently. 126 00:05:57,610 --> 00:05:59,400 So what could you do? 127 00:05:59,400 --> 00:06:01,140 What would the approach be? 128 00:06:01,140 --> 00:06:04,200 Well, you might think that you maybe open up the file 129 00:06:04,200 --> 00:06:07,680 and then just start typing random numbers or letters into the file, 130 00:06:07,680 --> 00:06:10,845 resave it, and that might overwrite some of those same zeros and ones. 131 00:06:10,845 --> 00:06:12,720 But the operating system, frankly, might just 132 00:06:12,720 --> 00:06:15,027 use a different part of the disk to save that new data, 133 00:06:15,027 --> 00:06:17,610 especially if there's some kind of auto-recovery feature built 134 00:06:17,610 --> 00:06:19,294 into the file format itself. 135 00:06:19,294 --> 00:06:20,460 So that might not be secure. 136 00:06:20,460 --> 00:06:22,710 Really, you need to scrub-- 137 00:06:22,710 --> 00:06:24,800 or wipe, as people say-- 138 00:06:24,800 --> 00:06:25,770 these zeros and ones. 139 00:06:25,770 --> 00:06:27,870 Maybe they should be changed all to ones, or all 140 00:06:27,870 --> 00:06:32,400 to zeros, or maybe just random zeros and ones, so that no matter what was there 141 00:06:32,400 --> 00:06:34,529 is absolutely now no longer there. 142 00:06:34,529 --> 00:06:36,570 And for that, frankly, you need special software. 143 00:06:36,570 --> 00:06:39,570 And there do exist both commercial and free tools to do that, 144 00:06:39,570 --> 00:06:42,930 either to securely delete individual files 145 00:06:42,930 --> 00:06:45,285 or to do it to an entire hard drive, especially 146 00:06:45,285 --> 00:06:47,910 if you're selling it or simply recycling it, getting rid of it, 147 00:06:47,910 --> 00:06:50,610 and you don't want all of that data to remain around. 148 00:06:50,610 --> 00:06:54,491 Why do computers seem to have what seems to be this sort of fatal privacy flaw? 149 00:06:54,491 --> 00:06:56,490 Well, it's actually kind of a good thing, right, 150 00:06:56,490 --> 00:06:59,850 because if you're like me, odds are you probably accidentally deleted 151 00:06:59,850 --> 00:07:02,220 something before, or maybe you-- 152 00:07:02,220 --> 00:07:04,112 or someone else has deleted it on you. 153 00:07:04,112 --> 00:07:05,820 And so it's actually kind of a nice thing 154 00:07:05,820 --> 00:07:09,420 that computers don't actually, by default, necessarily scrub 155 00:07:09,420 --> 00:07:12,930 the information altogether, because that means we can recover files as well, 156 00:07:12,930 --> 00:07:14,632 if that's indeed a good thing. 157 00:07:14,632 --> 00:07:16,590 And frankly, years ago, for efficiency, it just 158 00:07:16,590 --> 00:07:18,959 made sense for computers to forget where the file is, 159 00:07:18,959 --> 00:07:21,000 rather than bother with this, because if you ever 160 00:07:21,000 --> 00:07:23,490 do try to securely delete a file or wipe a drive, 161 00:07:23,490 --> 00:07:26,031 you'll find that it actually takes quite a while, because you 162 00:07:26,031 --> 00:07:30,960 have to touch so many of the locations on that physical disk. 163 00:07:30,960 --> 00:07:34,710 But it's not just your files, and it's not just your computers themselves 164 00:07:34,710 --> 00:07:38,560 that are vulnerable to disclosures of private information. 165 00:07:38,560 --> 00:07:40,080 There's also your browser. 166 00:07:40,080 --> 00:07:42,960 And odds are you spend a lot of time on the worldwide web using 167 00:07:42,960 --> 00:07:46,974 Chrome or Edge or Firefox or Safari or some other browser altogether. 168 00:07:46,974 --> 00:07:49,140 And odds are you've heard of a little something that 169 00:07:49,140 --> 00:07:51,630 might be a little scary-sounding, as you've heard it, 170 00:07:51,630 --> 00:07:55,159 but cookies, pictured here adorably with Cookie Monster 171 00:07:55,159 --> 00:07:57,950 being a little surprised that his computer wants to delete cookies. 172 00:07:57,950 --> 00:08:02,340 What are these cookies, and how do they too threaten privacy in some sense? 173 00:08:02,340 --> 00:08:05,730 Well, it turns out, when you visit a website, 174 00:08:05,730 --> 00:08:10,110 these days, most every website frankly that is dynamic and interactive uses 175 00:08:10,110 --> 00:08:11,430 something called cookies. 176 00:08:11,430 --> 00:08:15,630 Cookies are a features supported by HTTP, hypertext transfer protocol-- 177 00:08:15,630 --> 00:08:18,300 that's the protocol that web browsers and servers speak-- 178 00:08:18,300 --> 00:08:21,030 and cookies are used to remember a little something about you. 179 00:08:21,030 --> 00:08:24,510 Often, they're used to remember that you've already logged in. 180 00:08:24,510 --> 00:08:27,390 Right, consider that when you log in to Gmail or Facebook 181 00:08:27,390 --> 00:08:30,030 or outlook.com or something else, generally you 182 00:08:30,030 --> 00:08:32,640 just type in your username and/or password once, 183 00:08:32,640 --> 00:08:36,929 then you see your inbox or your homepage or your news feed, 184 00:08:36,929 --> 00:08:39,570 and you don't have to log in on every subsequent click. 185 00:08:39,570 --> 00:08:42,261 Indeed, it would be infuriating and downright unusable 186 00:08:42,261 --> 00:08:44,010 if every time you followed a link, you had 187 00:08:44,010 --> 00:08:46,590 to reprove to Google or Microsoft or Facebook 188 00:08:46,590 --> 00:08:48,270 who you are by logging in again. 189 00:08:48,270 --> 00:08:52,950 And so cookies are these little files-- 190 00:08:52,950 --> 00:08:56,580 or really values, numbers or letters-- 191 00:08:56,580 --> 00:09:01,410 that a web server puts on your browser, saves inside of your browser, 192 00:09:01,410 --> 00:09:03,760 to remember that you've been there before. 193 00:09:03,760 --> 00:09:08,400 So if I log in with my username to some website, and I log in with my password, 194 00:09:08,400 --> 00:09:11,100 and then hit Enter, essentially the web server, 195 00:09:11,100 --> 00:09:16,380 upon responding to my authentication, is going to plant a cookie on my computer, 196 00:09:16,380 --> 00:09:20,670 either in RAM temporarily or maybe even on disk, on my hard drive or SSD, 197 00:09:20,670 --> 00:09:23,460 to remember that David is somehow authenticated. 198 00:09:23,460 --> 00:09:25,260 And that cookie hopefully doesn't actually 199 00:09:25,260 --> 00:09:29,760 contain my name or password or anything else that's personally identifying. 200 00:09:29,760 --> 00:09:33,510 Instead, it probably just contains a really big number, a really big value, 201 00:09:33,510 --> 00:09:37,740 that's also stored on a database, because the way HTTP works is every 202 00:09:37,740 --> 00:09:42,300 time I visit that website again, unbeknownst to me, at least until now, 203 00:09:42,300 --> 00:09:46,800 the browser is supposed to present that so-called cookie-- that value, 204 00:09:46,800 --> 00:09:48,270 big numbers, big letters-- 205 00:09:48,270 --> 00:09:52,110 to the web server to remind the server who I am. 206 00:09:52,110 --> 00:09:55,980 So if I log in to Gmail today, check my mail and maybe even close the window, 207 00:09:55,980 --> 00:09:58,470 and then tomorrow I come back and open up Gmail, 208 00:09:58,470 --> 00:10:00,957 odds are my browser is not going to make me log in again. 209 00:10:00,957 --> 00:10:02,790 The browser, or really the website, is going 210 00:10:02,790 --> 00:10:05,190 to remember that I logged in reasonably recently, 211 00:10:05,190 --> 00:10:07,420 and it's not going to pester me to log in again. 212 00:10:07,420 --> 00:10:10,890 And that's because my browser is, unbeknownst to me, sending 213 00:10:10,890 --> 00:10:13,500 that same cookie value that was planted there a day 214 00:10:13,500 --> 00:10:16,440 before to remind the server, this is David. 215 00:10:16,440 --> 00:10:17,340 You know him. 216 00:10:17,340 --> 00:10:19,570 He's already logged in once before. 217 00:10:19,570 --> 00:10:22,200 So how do the mechanics of this actually work? 218 00:10:22,200 --> 00:10:23,280 Well, consider this. 219 00:10:23,280 --> 00:10:29,490 This is a very simple HTTP request that might go from a browser to a server. 220 00:10:29,490 --> 00:10:33,180 Get slash, so get me the homepage using HTTP version 1.1. 221 00:10:33,180 --> 00:10:37,320 The host I'm visiting, in this case, is just example.com, some website. 222 00:10:37,320 --> 00:10:41,660 Now, typically, a web server is going to reply, hopefully with a HTTP 200, 223 00:10:41,660 --> 00:10:43,810 OK, all is well. 224 00:10:43,810 --> 00:10:48,150 But it can also reply with some other values in those so-called HTTP headers. 225 00:10:48,150 --> 00:10:54,150 For instance, a web server can reply not only with that 200, OK, all is well, 226 00:10:54,150 --> 00:10:59,070 it can also reply with another header below it called set-cookie. 227 00:10:59,070 --> 00:11:03,340 And then inside of that is a value, a key-value pair-- the name of the key, 228 00:11:03,340 --> 00:11:07,140 which in this case is Session, which is commonly used, but could be anything, 229 00:11:07,140 --> 00:11:09,180 equals, and then some big value. 230 00:11:09,180 --> 00:11:13,487 So when I said earlier that a big random value, numbers or letters, 231 00:11:13,487 --> 00:11:16,320 are planted on your computer, it looks a little something like this. 232 00:11:16,320 --> 00:11:19,980 This is just a really long, sort of standardized format for generating 233 00:11:19,980 --> 00:11:23,610 big random values that happen to contain numbers and letters, 234 00:11:23,610 --> 00:11:25,380 and also, it turns out, some hyphens. 235 00:11:25,380 --> 00:11:28,560 But that number, theoretically, uniquely identifies me. 236 00:11:28,560 --> 00:11:33,120 The server is not going to send that cookie to any other customers or users. 237 00:11:33,120 --> 00:11:34,740 It's just going to me. 238 00:11:34,740 --> 00:11:37,530 And my browser, by nature of understanding HTTP, 239 00:11:37,530 --> 00:11:40,590 knows how to look at that, knows what to do with it, 240 00:11:40,590 --> 00:11:44,070 and knows on every subsequent webpage I visit on example.com 241 00:11:44,070 --> 00:11:47,430 to send that value back to the server. 242 00:11:47,430 --> 00:11:50,970 So on every subsequent HTTP request, my browser 243 00:11:50,970 --> 00:11:54,045 is going to send a little something like this-- not just get slash 244 00:11:54,045 --> 00:11:56,670 or whatever the page is, not just host example.com, 245 00:11:56,670 --> 00:11:59,370 it's also going to send cookie. 246 00:11:59,370 --> 00:12:02,040 No Set, because Set came from server to browser, 247 00:12:02,040 --> 00:12:05,890 but just cookie colon, and then that same exact value. 248 00:12:05,890 --> 00:12:08,790 So if you've ever been to a club or an amusement park 249 00:12:08,790 --> 00:12:11,790 where you kind of want to come and go during the day or evening, 250 00:12:11,790 --> 00:12:15,870 those places might sometimes put a little ink-based hand stamp 251 00:12:15,870 --> 00:12:18,300 on your hand, so that they don't have to check your ticket 252 00:12:18,300 --> 00:12:21,360 or who you are every time you go in and out of the park or in and out 253 00:12:21,360 --> 00:12:22,050 of the club. 254 00:12:22,050 --> 00:12:24,681 You simply show your hand stamp, thereby reminding 255 00:12:24,681 --> 00:12:27,180 the bouncer, whoever is taking tickets, that you've actually 256 00:12:27,180 --> 00:12:31,210 gone through this process before, and don't have to be re-authenticated, 257 00:12:31,210 --> 00:12:32,110 so to speak. 258 00:12:32,110 --> 00:12:34,560 So that's all that's going on underneath the hood, 259 00:12:34,560 --> 00:12:38,730 and cookies make this possible because they've planted these values 260 00:12:38,730 --> 00:12:41,250 on your computer, thanks to the server. 261 00:12:41,250 --> 00:12:44,250 But where's the threat to privacy, then? 262 00:12:44,250 --> 00:12:47,820 Well, we're here looking at these HTTP headers on the screen, 263 00:12:47,820 --> 00:12:51,340 and you can't really see, like, Wi-Fi things going across the air. 264 00:12:51,340 --> 00:12:53,970 But if you have the technical savvy, you could certainly 265 00:12:53,970 --> 00:12:58,410 sniff all of the wireless traffic going between computers and phones 266 00:12:58,410 --> 00:13:00,616 and other devices in this general area. 267 00:13:00,616 --> 00:13:02,490 And that's a little worrisome, because if you 268 00:13:02,490 --> 00:13:06,430 have the technology and the technical know-how to do that, 269 00:13:06,430 --> 00:13:10,740 what if an adversary, a hacker, could actually see values like this, 270 00:13:10,740 --> 00:13:16,080 and could essentially see my hand stamp as I'm presenting it to a server? 271 00:13:16,080 --> 00:13:19,230 That hacker could, theoretically, if he or she 272 00:13:19,230 --> 00:13:24,035 knows how, pretend to be me by duplicating my cookie value, sort 273 00:13:24,035 --> 00:13:26,160 of doing this, like you might have tried at a club, 274 00:13:26,160 --> 00:13:30,450 and then presenting that stamp as his or her own to the same server. 275 00:13:30,450 --> 00:13:34,260 And indeed, this is what would be called a session hijacking attack. 276 00:13:34,260 --> 00:13:39,380 It is a way for a hacker to have access to a value like this, 277 00:13:39,380 --> 00:13:42,870 steal it as his or her own, and then send it, using the right software, 278 00:13:42,870 --> 00:13:45,060 to the same server, so that if you have already 279 00:13:45,060 --> 00:13:49,290 logged in to Google or Facebook or Outlook or some other site, 280 00:13:49,290 --> 00:13:54,390 you've essentially given this hacker keys to that same account, 281 00:13:54,390 --> 00:13:58,330 because he or she can just pretend to be you by sending the same value. 282 00:13:58,330 --> 00:13:59,785 So how do we protect against that? 283 00:13:59,785 --> 00:14:01,410 Well, there is a mechanism, thankfully. 284 00:14:01,410 --> 00:14:04,034 And most websites, including all three that I keep mentioning-- 285 00:14:04,034 --> 00:14:07,440 Facebook and Google and Outlook-- are just three of many, many websites 286 00:14:07,440 --> 00:14:11,070 that these days, thankfully, encrypt this information, scramble it, 287 00:14:11,070 --> 00:14:14,220 so that even someone sniffing wireless traffic wherever you are 288 00:14:14,220 --> 00:14:15,520 can't actually see this. 289 00:14:15,520 --> 00:14:17,310 It looks completely scrambled. 290 00:14:17,310 --> 00:14:20,400 But more on that in just a bit. 291 00:14:20,400 --> 00:14:23,640 There is, of course, with your browser, though, other some privacy concerns. 292 00:14:23,640 --> 00:14:28,170 Right, if you walk up to Edge, or you walk up to Chrome or Firefox or Safari 293 00:14:28,170 --> 00:14:31,680 or Opera or whatever, odds are, if you start typing in the URL bar, 294 00:14:31,680 --> 00:14:32,680 what do you see? 295 00:14:32,680 --> 00:14:34,470 You see maybe some search results. 296 00:14:34,470 --> 00:14:38,010 But for convenience, you also see your own what? 297 00:14:38,010 --> 00:14:39,420 Browser history. 298 00:14:39,420 --> 00:14:41,610 So there aren't just cookies on your computer 299 00:14:41,610 --> 00:14:43,800 that effectively are little breadcrumbs as to where 300 00:14:43,800 --> 00:14:45,690 you've been on the internet, like things like this, 301 00:14:45,690 --> 00:14:48,180 that do have to be saved somewhere in the computer's memory 302 00:14:48,180 --> 00:14:49,980 or on the computer's disk. 303 00:14:49,980 --> 00:14:52,170 But there's also the very websites you've visited. 304 00:14:52,170 --> 00:14:54,128 And so another threat to your privacy, frankly, 305 00:14:54,128 --> 00:14:56,640 is just walking away from your laptop or desktop, 306 00:14:56,640 --> 00:15:00,344 letting a roommate or a classmate or a family member just 307 00:15:00,344 --> 00:15:02,760 walk up to that same computer and just start poking around 308 00:15:02,760 --> 00:15:04,410 your so-called browser history. 309 00:15:04,410 --> 00:15:06,300 And browsers today are pretty powerful. 310 00:15:06,300 --> 00:15:09,447 I mean, they'll remember everything you've done, everywhere you've gone. 311 00:15:09,447 --> 00:15:11,780 And this is a good thing in some sense, because it means 312 00:15:11,780 --> 00:15:13,196 it's easier to get you back there. 313 00:15:13,196 --> 00:15:15,320 If you start typing the first few letters, 314 00:15:15,320 --> 00:15:17,330 your browser might remember where you've been. 315 00:15:17,330 --> 00:15:18,570 You can search your history. 316 00:15:18,570 --> 00:15:20,278 So if you're like, oh my god, where did I 317 00:15:20,278 --> 00:15:22,470 see that widget I wanted to buy online yesterday? 318 00:15:22,470 --> 00:15:24,720 You might be able to search your own history and find, 319 00:15:24,720 --> 00:15:27,620 among the websites you visited, what it is you're looking for. 320 00:15:27,620 --> 00:15:32,420 But the counterpoint here, of course, is that so can anyone else. 321 00:15:32,420 --> 00:15:35,760 So how do you defend against those threats to privacy? 322 00:15:35,760 --> 00:15:40,550 How do you defend against those threats to places you've been and breadcrumbs 323 00:15:40,550 --> 00:15:42,290 you've left lying around? 324 00:15:42,290 --> 00:15:43,760 Well, you could clear your cookies. 325 00:15:43,760 --> 00:15:47,390 Any browser, typically under the Preferences or Settings menu somewhere, 326 00:15:47,390 --> 00:15:50,420 has a way of clearing your browser history, 327 00:15:50,420 --> 00:15:52,712 and often clearing with it the cookies that 328 00:15:52,712 --> 00:15:54,170 have been planted on your computer. 329 00:15:54,170 --> 00:15:56,600 So what's the upside and what's the downside of that? 330 00:15:56,600 --> 00:15:59,690 Well, the upside, of course, is that all that information is thrown away, 331 00:15:59,690 --> 00:16:02,900 though, frankly, maybe not securely. 332 00:16:02,900 --> 00:16:05,210 To our point earlier about how files are deleted, 333 00:16:05,210 --> 00:16:07,940 odds are, even your history is not securely scrubbed. 334 00:16:07,940 --> 00:16:10,820 It just makes it harder for a bad guy to actually 335 00:16:10,820 --> 00:16:14,150 get at it, if he or she knows how to actually look at bits 336 00:16:14,150 --> 00:16:16,229 that were once on the computer's disk. 337 00:16:16,229 --> 00:16:18,770 But if we're really not worried about those kinds of threats, 338 00:16:18,770 --> 00:16:21,260 we're really just worried about people walking up to our computer 339 00:16:21,260 --> 00:16:24,140 and being a little too nosy, clearing your browser's history will 340 00:16:24,140 --> 00:16:25,010 address that. 341 00:16:25,010 --> 00:16:27,530 But it will also clear all of your cookies. 342 00:16:27,530 --> 00:16:30,110 And so what's going to happen if suddenly all of your cookies 343 00:16:30,110 --> 00:16:31,100 are deleted? 344 00:16:31,100 --> 00:16:34,467 Well, somewhat annoyingly, any website you've recently logged in 345 00:16:34,467 --> 00:16:37,250 to, or maybe even ever logged in to, is effectively 346 00:16:37,250 --> 00:16:39,230 going to forget that you have. 347 00:16:39,230 --> 00:16:43,315 And all of those cookies that were temporarily stored on your computer 348 00:16:43,315 --> 00:16:44,690 are just going to be thrown away. 349 00:16:44,690 --> 00:16:47,447 So the next time you visit Google or Facebook or Microsoft, 350 00:16:47,447 --> 00:16:49,280 they're going to prompt you again to log in. 351 00:16:49,280 --> 00:16:51,080 Not a huge deal, and it's better than just 352 00:16:51,080 --> 00:16:54,080 letting anyone see your own account, but that is an implication. 353 00:16:54,080 --> 00:16:56,030 And so if you're one of these people who opens 354 00:16:56,030 --> 00:16:59,360 lots of tabs, uses lots of websites, doesn't even quit your browser very 355 00:16:59,360 --> 00:17:01,460 often, let alone shut down your computer, 356 00:17:01,460 --> 00:17:05,119 odds are it might actually be annoying to have to delete all of your cookies 357 00:17:05,119 --> 00:17:08,089 in this way, because effectively, it's like washing your hand 358 00:17:08,089 --> 00:17:12,270 so that any hand stamps you had on your hands are completely washed off. 359 00:17:12,270 --> 00:17:14,220 So what's an alternative? 360 00:17:14,220 --> 00:17:16,490 Well, Chrome and Firefox and other browsers 361 00:17:16,490 --> 00:17:21,079 often have a sort of private mode, or incognito mode, as Google calls it. 362 00:17:21,079 --> 00:17:23,750 And this is simply a mode in your browser where you can open up, 363 00:17:23,750 --> 00:17:27,079 typically, a different-colored browser window, and in Chrome's case 364 00:17:27,079 --> 00:17:31,010 it's actually kind of a creepy guy with a little creepy hat on. 365 00:17:31,010 --> 00:17:32,870 We can kind of pull this up here. 366 00:17:32,870 --> 00:17:36,320 If I open up Chrome, for instance, and I decide I don't really 367 00:17:36,320 --> 00:17:38,660 want any of this ending up in my browser's history, 368 00:17:38,660 --> 00:17:40,910 I want my history to be automatically thrown away 369 00:17:40,910 --> 00:17:43,880 without affecting all of the other places I've been, 370 00:17:43,880 --> 00:17:49,010 I can actually go up to File, New Incognito Window, and ooh, spooky. 371 00:17:49,010 --> 00:17:50,420 I've gone incognito. 372 00:17:50,420 --> 00:17:52,910 "Pages you view in incognito tabs won't stick around 373 00:17:52,910 --> 00:17:55,460 in your browser's history, cookie store, or search history 374 00:17:55,460 --> 00:17:58,140 after you've closed all your incognito tabs. 375 00:17:58,140 --> 00:18:01,130 Any files you download or bookmarks you create will be kept." 376 00:18:01,130 --> 00:18:03,500 So essentially, this is just automating the process 377 00:18:03,500 --> 00:18:07,040 of letting you do your thing online and then automatically deleting it 378 00:18:07,040 --> 00:18:08,240 once you've deleted-- 379 00:18:08,240 --> 00:18:13,265 or once you've closed this and any other such private or incognito windows. 380 00:18:13,265 --> 00:18:15,890 So that's an alternative when you know you don't want something 381 00:18:15,890 --> 00:18:16,910 to end up in your browser history. 382 00:18:16,910 --> 00:18:19,279 And frankly, technical people also use this a lot, 383 00:18:19,279 --> 00:18:21,570 not so much for privacy's sake, but for technical sake. 384 00:18:21,570 --> 00:18:23,278 When you're building a website, or you're 385 00:18:23,278 --> 00:18:26,150 writing software that uses the web, sometimes you 386 00:18:26,150 --> 00:18:31,130 don't want the browser to remember past pages that your software has generated. 387 00:18:31,130 --> 00:18:33,729 So using incognito mode too is just a handy technical thing, 388 00:18:33,729 --> 00:18:36,020 because it means the browser is going to remember less, 389 00:18:36,020 --> 00:18:41,140 and therefore you won't accidentally see some of your oldest handiwork. 390 00:18:41,140 --> 00:18:46,020 But all of these scenarios rather assume that I've logged in to my computer 391 00:18:46,020 --> 00:18:46,590 first. 392 00:18:46,590 --> 00:18:48,990 Right, it should kind of go without saying these days 393 00:18:48,990 --> 00:18:51,930 that if you don't have a password on your laptop or desktop, 394 00:18:51,930 --> 00:18:55,500 or you don't have a password or passcode on your phone, 395 00:18:55,500 --> 00:18:58,620 or a fingerprint sensor these days on your phone, 396 00:18:58,620 --> 00:19:01,670 probably aren't practicing best security practices. 397 00:19:01,670 --> 00:19:05,340 Right, it's all too easy, then, for a nosy family member or a roommate 398 00:19:05,340 --> 00:19:08,310 or whoever to just walk right up to your laptop or desktop or phone 399 00:19:08,310 --> 00:19:12,627 and start poking around, which may not be a very good thing. 400 00:19:12,627 --> 00:19:15,585 But also, even if you're not really worried about the people around you 401 00:19:15,585 --> 00:19:18,971 you trust, you know, that laptop might leave your home or apartment pretty 402 00:19:18,971 --> 00:19:19,470 often. 403 00:19:19,470 --> 00:19:21,900 And certainly that phone is going with you, 404 00:19:21,900 --> 00:19:25,300 most likely, when you step out of the house or home as well. 405 00:19:25,300 --> 00:19:27,390 And so what if you just lose a device like this? 406 00:19:27,390 --> 00:19:30,330 If you don't have a password or passcode on your phone, 407 00:19:30,330 --> 00:19:34,350 and therefore you never authenticate, prove to the device who you are 408 00:19:34,350 --> 00:19:37,800 and that you know that password, let alone username, well, then anyone 409 00:19:37,800 --> 00:19:39,955 off the street, literally, can pick up that device 410 00:19:39,955 --> 00:19:42,330 and start going through your emails or your text messages 411 00:19:42,330 --> 00:19:45,760 or really pretend to be you, if you're logged in to various things. 412 00:19:45,760 --> 00:19:49,020 In fact, if you've ever seen friends of yours post sort of obnoxious posts 413 00:19:49,020 --> 00:19:51,450 on Facebook, might very well be your friends. 414 00:19:51,450 --> 00:19:53,580 But it could also be friends of your friends 415 00:19:53,580 --> 00:19:57,840 who have intentionally walked up to their phone or laptop or desktop 416 00:19:57,840 --> 00:20:02,250 and posted something on their news feed, so to speak, without them actually 417 00:20:02,250 --> 00:20:02,750 knowing. 418 00:20:02,750 --> 00:20:06,360 And that's just because they weren't requiring authentication. 419 00:20:06,360 --> 00:20:09,630 So it should go without saying that on your Mac or PC or iPhone or Android 420 00:20:09,630 --> 00:20:11,754 phone, you should have some form of authentication, 421 00:20:11,754 --> 00:20:15,270 some kind of prompt that challenges you to know something 422 00:20:15,270 --> 00:20:16,590 before you can proceed. 423 00:20:16,590 --> 00:20:20,460 And what you know is typically a password or passcode. 424 00:20:20,460 --> 00:20:23,010 On a phone, it might simply be a few digits. 425 00:20:23,010 --> 00:20:25,350 Unfortunately, using something like a few digits 426 00:20:25,350 --> 00:20:30,660 isn't necessarily the best idea, because if you only have a four-digit passcode, 427 00:20:30,660 --> 00:20:34,710 as was the default on iOS for iPhones for some time, 428 00:20:34,710 --> 00:20:36,830 it's not all that secure, right? 429 00:20:36,830 --> 00:20:41,490 Because if you think about a four-digit passcode, there's four possible values, 430 00:20:41,490 --> 00:20:44,430 and each of these values is 0 to 9. 431 00:20:44,430 --> 00:20:46,450 So this has 10 possible values-- 432 00:20:46,450 --> 00:20:50,250 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, so 10 possible values there. 433 00:20:50,250 --> 00:20:53,620 Another 10 here, another 10 here, another 10 here. 434 00:20:53,620 --> 00:20:59,970 So the total number of possibilities here is only 10,000 passcodes total, 435 00:20:59,970 --> 00:21:07,080 specifically passcode number 0000 through 9999. 436 00:21:07,080 --> 00:21:08,400 Now, that's indeed a lot. 437 00:21:08,400 --> 00:21:10,890 And frankly, it's going to be pretty damn tedious 438 00:21:10,890 --> 00:21:15,060 for a hacker or a nosy family member to guess your passcode 439 00:21:15,060 --> 00:21:19,380 if he or she has to try as many as 10,000, or at least half of that many, 440 00:21:19,380 --> 00:21:22,110 on average, to just guess what your passcode is. 441 00:21:22,110 --> 00:21:26,910 Plus, a lot of devices today, iPhones included, will insert delays. 442 00:21:26,910 --> 00:21:29,250 So if you guess your password wrong, even 443 00:21:29,250 --> 00:21:32,520 if it's you who've forgotten it temporarily, maybe three times 444 00:21:32,520 --> 00:21:35,310 or five or 10 times or some small number of times, 445 00:21:35,310 --> 00:21:38,230 the phone is actually going to say, slow down. 446 00:21:38,230 --> 00:21:41,280 You're going to have to wait a minute or so before you can try again. 447 00:21:41,280 --> 00:21:44,610 And this is a good defense mechanism, because if the search space is 448 00:21:44,610 --> 00:21:46,740 relatively small, the number of possibilities 449 00:21:46,740 --> 00:21:52,140 is relatively few, you can at least increase the cost of hacking 450 00:21:52,140 --> 00:21:54,690 into the device through this brute force method, 451 00:21:54,690 --> 00:21:58,470 where you just try all possible codes, by just slowing down the bad guy. 452 00:21:58,470 --> 00:22:01,770 Make every code take a full second, or five seconds, to type in. 453 00:22:01,770 --> 00:22:04,950 Make him or her wait maybe a minute before they can try again, 454 00:22:04,950 --> 00:22:07,290 because by then, hopefully, you'll have realized, oh, 455 00:22:07,290 --> 00:22:09,150 shoot, where did I leave my phone? 456 00:22:09,150 --> 00:22:11,130 And you can go chase it down and chase away 457 00:22:11,130 --> 00:22:12,780 the person who's trying to access it. 458 00:22:12,780 --> 00:22:16,980 Or, you're going to come home before that nosy neighbor or roommate has 459 00:22:16,980 --> 00:22:21,030 actually finished guessing all possible values to get into the device. 460 00:22:21,030 --> 00:22:22,860 Of course, there's a more effective way. 461 00:22:22,860 --> 00:22:24,510 Don't use four-digit passcodes. 462 00:22:24,510 --> 00:22:27,330 Maybe use a fifth or a sixth or a seventh. 463 00:22:27,330 --> 00:22:30,090 Or don't use numeric codes at all. 464 00:22:30,090 --> 00:22:33,660 What if, for instance, we introduce letters of the alphabet? 465 00:22:33,660 --> 00:22:36,930 If we introduce letters of the alphabet, even if we just 466 00:22:36,930 --> 00:22:41,850 have a four-digit passcode, that means, if this can be not just 0 through 9, 467 00:22:41,850 --> 00:22:46,320 but A through Z, and better yet, how about capital A through Z, 468 00:22:46,320 --> 00:22:50,010 and lowercase a through lowercase z, that gives me, what? 469 00:22:50,010 --> 00:22:53,820 52 letters and 10 numbers, 0 through 9. 470 00:22:53,820 --> 00:22:55,770 So that's 62 possibilities. 471 00:22:55,770 --> 00:23:02,760 So that's 62 times 62 times 62 times 62, and already this is starting to add up. 472 00:23:02,760 --> 00:23:08,060 If I pull up a fancy black-and-white calculator here and go ahead 473 00:23:08,060 --> 00:23:11,600 and just run the math, we know from before, it was 10 times 10 times 474 00:23:11,600 --> 00:23:14,150 10 times 10, which is, of course, 10,000. 475 00:23:14,150 --> 00:23:20,150 And 62 times 62 times 62 times 62, meanwhile, is much, much bigger. 476 00:23:20,150 --> 00:23:24,770 In fact, that's 14,776,336. 477 00:23:24,770 --> 00:23:28,520 So just by using more possible digits-- 478 00:23:28,520 --> 00:23:31,220 not just numbers, but letters, capital and lowercase-- 479 00:23:31,220 --> 00:23:34,580 we've really increased the cost for an adversary. 480 00:23:34,580 --> 00:23:38,750 And as such, we've effectively increased the security of my device, 481 00:23:38,750 --> 00:23:40,580 because now it's a lot harder to get into. 482 00:23:40,580 --> 00:23:42,800 And better yet, don't use four characters. 483 00:23:42,800 --> 00:23:43,470 Use five. 484 00:23:43,470 --> 00:23:43,970 Use six. 485 00:23:43,970 --> 00:23:44,690 Use 12. 486 00:23:44,690 --> 00:23:45,680 Use 20. 487 00:23:45,680 --> 00:23:47,630 There's just a price, ultimately, you pay. 488 00:23:47,630 --> 00:23:50,960 Right, if you were trying to be really secure, 489 00:23:50,960 --> 00:23:54,230 and you know therefore you shouldn't use four-digit codes, maybe even five 490 00:23:54,230 --> 00:23:59,480 or six, so you have a 20-digit passcode or password, why might 491 00:23:59,480 --> 00:24:01,942 that actually not be a good thing? 492 00:24:01,942 --> 00:24:03,900 Right, because according to that logic, why not 493 00:24:03,900 --> 00:24:06,380 have a 50-character password or 100-character password? 494 00:24:06,380 --> 00:24:09,110 No one is ever going to guess that, surely. 495 00:24:09,110 --> 00:24:14,030 Well, one, nor might you remember it, if it's that long or that arcane. 496 00:24:14,030 --> 00:24:19,440 Two, it's just going to be damn annoying to type in again and again and again. 497 00:24:19,440 --> 00:24:22,910 And so that alone is sort of downward social pressure 498 00:24:22,910 --> 00:24:24,310 on having passwords that long. 499 00:24:24,310 --> 00:24:26,360 So what's the best rule of thumb? 500 00:24:26,360 --> 00:24:29,000 There's not necessarily one fits all. 501 00:24:29,000 --> 00:24:31,220 But short, bad, longer, good. 502 00:24:31,220 --> 00:24:34,790 But it's only good so far as you can remember that password. 503 00:24:34,790 --> 00:24:39,089 And it's not, say, a very popular word or phrase or sentence, 504 00:24:39,089 --> 00:24:42,380 because the other thing bad guys will do is they're not just going to guess all 505 00:24:42,380 --> 00:24:48,200 possible values, like 0000, and 0001, and 0002, and so forth. 506 00:24:48,200 --> 00:24:50,450 Soon as you introduce letters of the alphabet, 507 00:24:50,450 --> 00:24:57,050 they're not just going to try AAAA, and AAAB, and AAAC. 508 00:24:57,050 --> 00:24:59,300 Odds are, they're going to start trying words. 509 00:24:59,300 --> 00:25:02,960 So in fact, if your password is "password," 510 00:25:02,960 --> 00:25:05,150 that's probably not a very good password, because it 511 00:25:05,150 --> 00:25:06,920 was the first thing I thought of, too. 512 00:25:06,920 --> 00:25:11,240 Or if your password is 123456, odds are, that's 513 00:25:11,240 --> 00:25:15,680 not too smart either, because it's also the bad guy's first thought as well. 514 00:25:15,680 --> 00:25:19,760 And now, tragically, while tongue in cheek with these kinds of examples, 515 00:25:19,760 --> 00:25:22,400 it turns out that these kinds of passwords 516 00:25:22,400 --> 00:25:24,590 are more common than you might think. 517 00:25:24,590 --> 00:25:29,090 So in fact, let me go ahead and pull up a list, as of 2017, some of the most 518 00:25:29,090 --> 00:25:31,070 common passwords in the world. 519 00:25:31,070 --> 00:25:37,280 The number-one password, according to one study online, was 123456. 520 00:25:37,280 --> 00:25:39,530 And odds are, the website's requiring this, 521 00:25:39,530 --> 00:25:42,490 or required at least six-character passwords. 522 00:25:42,490 --> 00:25:44,240 The number-two password this year thus far 523 00:25:44,240 --> 00:25:49,620 has been 123456789, so more secure in that it's longer, 524 00:25:49,620 --> 00:25:52,010 and that then you have to kind of guess more tries. 525 00:25:52,010 --> 00:25:56,090 But it's not all that hard to guess 123456789. 526 00:25:56,090 --> 00:25:57,440 "Qwerty," brilliant. 527 00:25:57,440 --> 00:26:00,380 That is literally the first five or six characters 528 00:26:00,380 --> 00:26:02,840 on top of the keyboard on the first row. 529 00:26:02,840 --> 00:26:05,840 12345678 came in a close fourth. 530 00:26:05,840 --> 00:26:07,100 So that's brilliant. 531 00:26:07,100 --> 00:26:12,380 111111 is coming in fifth. 532 00:26:12,380 --> 00:26:18,470 1234567890, 1234567, you can see the pattern here. 533 00:26:18,470 --> 00:26:21,280 "Password" came in, surprisingly, at number eight. 534 00:26:21,280 --> 00:26:25,280 123123, someone's thinking they're a little clever. 535 00:26:25,280 --> 00:26:28,370 And then the reverse, 987654321. 536 00:26:28,370 --> 00:26:32,150 And if you go online and just google "most common passwords of 2000 537 00:26:32,150 --> 00:26:34,640 whatever," you can see the most common passwords 538 00:26:34,640 --> 00:26:39,890 from any of the most recent years, thanks to security studies and websites 539 00:26:39,890 --> 00:26:42,650 like this one here that have been done online. 540 00:26:42,650 --> 00:26:47,840 So pro-tip-- if you see your password anywhere on this list, 541 00:26:47,840 --> 00:26:51,950 let alone in the top 20 or the top 100 or more, 542 00:26:51,950 --> 00:26:54,020 time to start changing your password. 543 00:26:54,020 --> 00:26:56,120 Because if you're using it, odds are a bad guy 544 00:26:56,120 --> 00:26:58,430 is going to know to try that password as well. 545 00:26:58,430 --> 00:27:01,100 And even though most of these aren't even actually words, 546 00:27:01,100 --> 00:27:05,299 it turns out that adversaries, hackers, certainly have access to dictionaries, 547 00:27:05,299 --> 00:27:08,090 like a Merriam-Webster dictionary, and so he or she could certainly 548 00:27:08,090 --> 00:27:11,450 write software that tries not only these common ones, 549 00:27:11,450 --> 00:27:13,800 but tries all the words in the dictionary. 550 00:27:13,800 --> 00:27:16,400 So if you think that, you know, you're being clever 551 00:27:16,400 --> 00:27:20,797 by putting "umbrella" as your password, because that's a pretty random word. 552 00:27:20,797 --> 00:27:22,380 Why would anyone use it as a password? 553 00:27:22,380 --> 00:27:24,130 Well, the problem is it's in a dictionary. 554 00:27:24,130 --> 00:27:25,970 And if it's in a dictionary, an adversary 555 00:27:25,970 --> 00:27:28,880 can write a program to try all possible words in the dictionary, 556 00:27:28,880 --> 00:27:32,060 and it will eventually get to "umbrella," at which point 557 00:27:32,060 --> 00:27:34,400 he or she now knows how to log in to your account. 558 00:27:34,400 --> 00:27:36,030 So not so good as well. 559 00:27:36,030 --> 00:27:38,840 So what's the takeaway, then, here, for the security 560 00:27:38,840 --> 00:27:41,300 of your accounts and your computers? 561 00:27:41,300 --> 00:27:45,470 Well, maybe you should use completely random passwords. 562 00:27:45,470 --> 00:27:49,790 Right, if words are bad, and patterns of numbers are bad, let's just go random. 563 00:27:49,790 --> 00:27:52,850 So bang, bang, bang, bang, bang on the keyboard, and see what comes out. 564 00:27:52,850 --> 00:27:55,250 Now, unfortunately, when you register for websites or set a password, 565 00:27:55,250 --> 00:27:57,416 you're going to have to bang, bang, bang, bang, bang 566 00:27:57,416 --> 00:28:00,720 out the same exact thing multiple times to confirm you actually know it. 567 00:28:00,720 --> 00:28:03,517 And frankly, if it is a really weird-looking random set 568 00:28:03,517 --> 00:28:05,600 of characters and numbers and punctuation symbols, 569 00:28:05,600 --> 00:28:09,080 honestly, I don't know if I'm going to remember it as well. 570 00:28:09,080 --> 00:28:11,050 So sometimes people think they're being clever. 571 00:28:11,050 --> 00:28:16,570 So instead of saying an L in a password, they might use a number 1. 572 00:28:16,570 --> 00:28:19,600 Or instead of an A in a password, they might use the number 4, 573 00:28:19,600 --> 00:28:21,460 because they all kind of look the same. 574 00:28:21,460 --> 00:28:25,670 But again, any heuristic like that, even if you think you're being clever, 575 00:28:25,670 --> 00:28:27,700 well, the adversary, the hacker out there, 576 00:28:27,700 --> 00:28:31,510 can also be just as clever as you, and try those things first 577 00:28:31,510 --> 00:28:35,590 before he or she even bothers trying the completely random ones. 578 00:28:35,590 --> 00:28:38,440 So generally, thinking of some nonsensical phrase, 579 00:28:38,440 --> 00:28:41,200 introducing some disparate capitalization, some upper case, 580 00:28:41,200 --> 00:28:43,390 some lower case, toss in some numbers there, 581 00:28:43,390 --> 00:28:45,820 some letters, so it's not entirely random, 582 00:28:45,820 --> 00:28:48,640 there is still some implicit mnemonic that 583 00:28:48,640 --> 00:28:52,990 allows you to remember what it is, is a better approach than choosing patterns 584 00:28:52,990 --> 00:28:55,090 of numbers like this, or words that you might 585 00:28:55,090 --> 00:28:57,790 think of off the top of your head, or even actual words. 586 00:28:57,790 --> 00:29:01,750 Introducing deliberate misspellings, or weird punctuation or capitalization, 587 00:29:01,750 --> 00:29:04,000 all lends itself to that. 588 00:29:04,000 --> 00:29:06,970 Of course, none of this matters if you're one of these people, 589 00:29:06,970 --> 00:29:10,360 and odds are you could walk around a lot of offices in the world 590 00:29:10,360 --> 00:29:13,360 and see a whole bunch of monitors on people's desks 591 00:29:13,360 --> 00:29:16,010 with one of these on the display. 592 00:29:16,010 --> 00:29:18,130 So if you're also one of these people, you're 593 00:29:18,130 --> 00:29:20,710 not a good person if you're putting your own passwords 594 00:29:20,710 --> 00:29:22,360 on a post-it note on your monitor. 595 00:29:22,360 --> 00:29:25,030 Or frankly, we don't have to put the entire blame on you. 596 00:29:25,030 --> 00:29:27,700 Maybe your company or your university's security policies 597 00:29:27,700 --> 00:29:29,950 are such that they're not really that reasonable. 598 00:29:29,950 --> 00:29:32,860 Maybe your company makes you change your password every three months, 599 00:29:32,860 --> 00:29:35,980 or every six months, which frankly, might be a net negative. 600 00:29:35,980 --> 00:29:39,220 Indeed, increasingly are people challenging this practice, which 601 00:29:39,220 --> 00:29:41,110 feels very intuitively reasonable. 602 00:29:41,110 --> 00:29:43,510 Like, make people change their passwords once in a while, 603 00:29:43,510 --> 00:29:46,090 just in case they've been compromised. 604 00:29:46,090 --> 00:29:48,185 This way, at least the bad guys out there only 605 00:29:48,185 --> 00:29:50,060 have a limited amount of time-- three months, 606 00:29:50,060 --> 00:29:52,870 six months, whatever-- to actually use that exploit. 607 00:29:52,870 --> 00:29:55,660 But the problem is, if you make me change my password every three 608 00:29:55,660 --> 00:29:59,170 months, or every six months, especially for websites or tools 609 00:29:59,170 --> 00:30:01,090 that I might not even use that often, thereby 610 00:30:01,090 --> 00:30:04,720 making it harder, and in some sense, more cognitively expensive, 611 00:30:04,720 --> 00:30:07,720 for me to remember your password, well, frankly, I'm 612 00:30:07,720 --> 00:30:11,410 going to probably start choosing easier and easier to remember passwords, 613 00:30:11,410 --> 00:30:14,560 or repeating some pattern in the past, so 614 00:30:14,560 --> 00:30:18,270 that it's not as hard for me to remember these ever-changing passwords. 615 00:30:18,270 --> 00:30:20,570 So in that sense, it might actually be a net negative. 616 00:30:20,570 --> 00:30:24,040 If you're accidentally conditioning your team members 617 00:30:24,040 --> 00:30:27,910 to lower their threshold for security by choosing easier passwords, 618 00:30:27,910 --> 00:30:31,900 maybe they should just pick one really good, really hard-to-guess password 619 00:30:31,900 --> 00:30:35,090 at the get-go, and never change it, or change it 620 00:30:35,090 --> 00:30:38,779 years later, not so frequently. 621 00:30:38,779 --> 00:30:40,570 So if you're doing this, though, minimally, 622 00:30:40,570 --> 00:30:45,550 take these down and address the crux of the issue, not just the symptom. 623 00:30:45,550 --> 00:30:49,699 But there's also other issues that arise with passwords and authentication. 624 00:30:49,699 --> 00:30:51,490 Now, odds are, you have, if you're like me, 625 00:30:51,490 --> 00:30:55,090 forgotten your password to at least one website. 626 00:30:55,090 --> 00:30:59,860 And that's often not such a dealbreaker, because what can you do? 627 00:30:59,860 --> 00:31:01,270 You've forgotten your password. 628 00:31:01,270 --> 00:31:04,150 You haven't logged in to some site in a while, or you're using a new computer 629 00:31:04,150 --> 00:31:05,705 and you don't really remember it. 630 00:31:05,705 --> 00:31:07,690 So you can reset most passwords. 631 00:31:07,690 --> 00:31:10,480 You can click a link on most websites that's literally called, 632 00:31:10,480 --> 00:31:14,660 like, Reset Password, or Forgot Password, or something like that. 633 00:31:14,660 --> 00:31:15,802 And what do they do? 634 00:31:15,802 --> 00:31:18,760 Well, they typically ask you, then, to type in, if you haven't already, 635 00:31:18,760 --> 00:31:21,520 your username or your email address. 636 00:31:21,520 --> 00:31:23,180 And then what do they do? 637 00:31:23,180 --> 00:31:27,454 Well, typically, you'll get an email, hopefully within seconds, maybe 638 00:31:27,454 --> 00:31:29,620 a few minutes, maybe it ends up in your spam folder, 639 00:31:29,620 --> 00:31:31,150 so you should check there too. 640 00:31:31,150 --> 00:31:32,590 And it contains a link. 641 00:31:32,590 --> 00:31:34,840 And that link is like your password reset link. 642 00:31:34,840 --> 00:31:36,820 And generally, if you look close at the URL, 643 00:31:36,820 --> 00:31:40,720 it hopefully goes back to the same website, so example.com or whatever. 644 00:31:40,720 --> 00:31:44,140 And then odds are it has a really big, seemingly random value, 645 00:31:44,140 --> 00:31:45,889 not unlike the cookie we saw earlier. 646 00:31:45,889 --> 00:31:48,430 So using random values in computing, especially for security, 647 00:31:48,430 --> 00:31:50,630 is generally a good practice. 648 00:31:50,630 --> 00:31:52,930 So it has a big, seemingly random value. 649 00:31:52,930 --> 00:31:54,060 You click that link. 650 00:31:54,060 --> 00:31:56,560 You're led back to the same website, but a different screen, 651 00:31:56,560 --> 00:31:58,750 and it asks you to choose a new password. 652 00:31:58,750 --> 00:32:01,420 And you type it in once, probably twice, hit Save, 653 00:32:01,420 --> 00:32:03,880 and your account is now updated. 654 00:32:03,880 --> 00:32:05,680 So what just happened? 655 00:32:05,680 --> 00:32:10,270 Well, when you clicked I Forgot My Password, or Please Reset My Password, 656 00:32:10,270 --> 00:32:13,450 the website probably has a database. 657 00:32:13,450 --> 00:32:17,350 It generated some big random code, stored that in a database, 658 00:32:17,350 --> 00:32:22,340 and made essentially a mental note for a computer, let David reset his password. 659 00:32:22,340 --> 00:32:25,150 How does it know that I'm David if I don't know my password? 660 00:32:25,150 --> 00:32:28,150 You almost have a sort of catch-22 situation there. 661 00:32:28,150 --> 00:32:32,980 Well, if David still has access to the email account with which he registered 662 00:32:32,980 --> 00:32:36,010 for this website, which is pretty much the assumption being made, 663 00:32:36,010 --> 00:32:39,550 well, let's send him a special link containing that really big code that we 664 00:32:39,550 --> 00:32:42,550 also stored in the database, and let's assume 665 00:32:42,550 --> 00:32:47,530 that anyone who can log in to David's email account is probably David. 666 00:32:47,530 --> 00:32:51,100 So let's let that same person choose a new password 667 00:32:51,100 --> 00:32:53,440 for this website, example.com. 668 00:32:53,440 --> 00:32:56,770 So you're trusting, to be fair, that I am indeed 669 00:32:56,770 --> 00:32:59,860 the David who's supposed to have access to that email account. 670 00:32:59,860 --> 00:33:02,320 But if that's really the only way, because odds 671 00:33:02,320 --> 00:33:04,930 are you don't want to incur the expense or the complexity 672 00:33:04,930 --> 00:33:07,390 of, like, having David call up and say, hi, I'm David, 673 00:33:07,390 --> 00:33:10,570 and then prove this by giving you personal details about me 674 00:33:10,570 --> 00:33:14,650 or values or information that I might only know, 675 00:33:14,650 --> 00:33:16,510 you can at least trust with some probability 676 00:33:16,510 --> 00:33:18,910 that only I have access to my email account. 677 00:33:18,910 --> 00:33:22,210 And that big random value, meanwhile, is checked 678 00:33:22,210 --> 00:33:23,980 on the website when I follow that link. 679 00:33:23,980 --> 00:33:28,000 And then you realize, oh, we know that the person who just followed this link 680 00:33:28,000 --> 00:33:31,480 is David, with high probability, because the only one in the world to whom we 681 00:33:31,480 --> 00:33:36,870 sent this big random value via email a moment ago was malan@harvard.edu, 682 00:33:36,870 --> 00:33:39,340 or whatever your actual email address is. 683 00:33:39,340 --> 00:33:42,700 And so you reset your password and you're back in business. 684 00:33:42,700 --> 00:33:48,010 Now, sometimes, you've wanted to know what your password is. 685 00:33:48,010 --> 00:33:49,540 But most websites don't do this. 686 00:33:49,540 --> 00:33:51,110 And if you call customer service-- 687 00:33:51,110 --> 00:33:53,380 not that most websites even allow this-- 688 00:33:53,380 --> 00:33:56,830 typically, the technical staff can't even tell you what your password is. 689 00:33:56,830 --> 00:34:00,070 Even if you prove by telling them who you are, where you were born, 690 00:34:00,070 --> 00:34:03,820 and everything about yourself, they cannot tell you, technically, 691 00:34:03,820 --> 00:34:05,070 what your password is. 692 00:34:05,070 --> 00:34:06,940 And that's a good thing, because odds are 693 00:34:06,940 --> 00:34:09,850 that means there's certainly good security practices in place. 694 00:34:09,850 --> 00:34:12,100 But odds are it means too that your password, 695 00:34:12,100 --> 00:34:16,570 even the old one you don't remember, is encrypted in some form-- or hashed, 696 00:34:16,570 --> 00:34:18,679 more technically-- somewhere in their database, 697 00:34:18,679 --> 00:34:21,550 so that even the IT staff cannot see it. 698 00:34:21,550 --> 00:34:24,699 All they see is some seemingly random value in their database. 699 00:34:24,699 --> 00:34:26,199 And that's not your actual password. 700 00:34:26,199 --> 00:34:30,560 It's a hash thereof, a scrambled version thereof. 701 00:34:30,560 --> 00:34:32,360 But some websites are really bad. 702 00:34:32,360 --> 00:34:36,040 And in fact, I can think of several times over the years 703 00:34:36,040 --> 00:34:39,730 when I've gotten a password reset email, and oh my god, in the email, 704 00:34:39,730 --> 00:34:41,380 is my password. 705 00:34:41,380 --> 00:34:42,547 And so that's fine. 706 00:34:42,547 --> 00:34:45,630 At that point I remember, oh, yeah, of course, that's the password I used. 707 00:34:45,630 --> 00:34:48,046 And I can just copy and paste it and go about my business. 708 00:34:48,046 --> 00:34:49,090 But what does that mean? 709 00:34:49,090 --> 00:34:52,010 If the company was able to email me my password, 710 00:34:52,010 --> 00:34:56,380 odds are it means it is not encrypted, or hashed, or scrambled, 711 00:34:56,380 --> 00:34:59,590 on their database, which means any one of their employees, 712 00:34:59,590 --> 00:35:03,160 or a hacker who steals their database, could see my password, 713 00:35:03,160 --> 00:35:07,240 log in to, and pretend to be me, whatever the website actually is. 714 00:35:07,240 --> 00:35:09,970 Moreover, they just emailed out on the internet, 715 00:35:09,970 --> 00:35:13,630 and odds are, partly wirelessly, if I'm on my laptop or phone, 716 00:35:13,630 --> 00:35:15,220 what my password actually is. 717 00:35:15,220 --> 00:35:19,390 And if my email server is not using encryption, as is not always the case, 718 00:35:19,390 --> 00:35:23,170 they might have just let anyone in the local Starbucks or airport or lecture 719 00:35:23,170 --> 00:35:25,900 hall that I'm in actually see what my password is. 720 00:35:25,900 --> 00:35:29,620 So bad, bad, bad, bad practice to not actually 721 00:35:29,620 --> 00:35:31,570 scramble passwords on a server. 722 00:35:31,570 --> 00:35:35,834 And yet this happens, tragically, more often than you might like. 723 00:35:35,834 --> 00:35:37,000 So keep an eye out for this. 724 00:35:37,000 --> 00:35:39,791 And frankly, there's not much you can do, other than really decide, 725 00:35:39,791 --> 00:35:43,240 I am not using this website anymore, because they don't really 726 00:35:43,240 --> 00:35:48,670 seem to have their act together when it comes to security. 727 00:35:48,670 --> 00:35:52,050 So what's one last threat when it comes to authentication? 728 00:35:52,050 --> 00:35:56,580 You know, odds are, if you're like me back in the day, though not so much 729 00:35:56,580 --> 00:35:59,130 anymore, you might get a little lazy. 730 00:35:59,130 --> 00:36:01,440 You might have kind of a favorite go-to password 731 00:36:01,440 --> 00:36:05,340 that maybe you use on your email, maybe your social media accounts, maybe, 732 00:36:05,340 --> 00:36:07,590 god forbid, your bank account, or more. 733 00:36:07,590 --> 00:36:08,970 This too is bad. 734 00:36:08,970 --> 00:36:10,260 If you are in the habit-- 735 00:36:10,260 --> 00:36:12,720 and it's understandable, but still bad-- 736 00:36:12,720 --> 00:36:16,874 of using the same password on different websites, what's the threat? 737 00:36:16,874 --> 00:36:17,790 And what's the upside? 738 00:36:17,790 --> 00:36:20,070 Well, the upside is just it's convenient, right? 739 00:36:20,070 --> 00:36:22,300 Why remember 10 different passwords for 10 websites 740 00:36:22,300 --> 00:36:24,690 if I can use one password on all of these websites? 741 00:36:24,690 --> 00:36:26,520 It's just convenient for us humans. 742 00:36:26,520 --> 00:36:28,770 But what if one of those websites is hacked? 743 00:36:28,770 --> 00:36:32,790 Or what if a bad guy figures out, by guessing, maybe your child's birth 744 00:36:32,790 --> 00:36:37,000 date, which happens to be your password, what your password is on one website? 745 00:36:37,000 --> 00:36:39,660 Well, he or she might get a little curious, a little greedy, 746 00:36:39,660 --> 00:36:42,300 and try using that same password on all other websites 747 00:36:42,300 --> 00:36:45,630 that they know you visit to see if you're also lazily 748 00:36:45,630 --> 00:36:47,640 and insecurely using the same there. 749 00:36:47,640 --> 00:36:51,990 So this is alone a good reason to use a different password on every website. 750 00:36:51,990 --> 00:36:54,580 But here too there's this theme of trade-offs. 751 00:36:54,580 --> 00:36:58,080 Right, it's now becoming more expensive cognitively 752 00:36:58,080 --> 00:37:01,860 for you, just in terms of remembering all this darn stuff, if we're making 753 00:37:01,860 --> 00:37:04,200 you then have one password for every website. 754 00:37:04,200 --> 00:37:06,060 And we visit, we humans these days, probably 755 00:37:06,060 --> 00:37:07,480 way more than just 10 websites. 756 00:37:07,480 --> 00:37:10,500 It might be dozens, if not hundreds, over time, 757 00:37:10,500 --> 00:37:12,300 that we actually have accounts on. 758 00:37:12,300 --> 00:37:15,780 So surely you can't expect me to remember 100 different passwords. 759 00:37:15,780 --> 00:37:17,040 Well, there are tools. 760 00:37:17,040 --> 00:37:20,220 There's software, free and commercial alike, that you can install, 761 00:37:20,220 --> 00:37:22,290 that are generally called password managers. 762 00:37:22,290 --> 00:37:27,537 And these are tools that store, on your own phone or hard drive or SSD, all 763 00:37:27,537 --> 00:37:29,370 of your usernames and all of your passwords. 764 00:37:29,370 --> 00:37:33,340 But, if they're good software, they encrypt it on your hard drive. 765 00:37:33,340 --> 00:37:36,060 So you choose, when you install this software, 766 00:37:36,060 --> 00:37:40,410 one main master password, something that's ideally really big, really 767 00:37:40,410 --> 00:37:42,490 pretty random, still memorable. 768 00:37:42,490 --> 00:37:45,540 And maybe here, just to be super safe, you write it down somewhere 769 00:37:45,540 --> 00:37:49,920 and tuck it away somewhere super secure, like, physically in a safe deposit box 770 00:37:49,920 --> 00:37:54,720 or into a vault, somewhere that's not a post-it note on your monitor. 771 00:37:54,720 --> 00:37:57,960 And then, you store all of your usernames and passwords 772 00:37:57,960 --> 00:38:00,330 in that software, and protect all of them with just this 773 00:38:00,330 --> 00:38:02,220 one master password. 774 00:38:02,220 --> 00:38:04,800 So in this way, you can literally have a completely different 775 00:38:04,800 --> 00:38:07,320 and even a completely random password for every website you 776 00:38:07,320 --> 00:38:10,290 visit, because these password managers not just let you copy and paste 777 00:38:10,290 --> 00:38:13,204 your password from them into a website when logging in, you can often 778 00:38:13,204 --> 00:38:15,120 use keyboard shortcuts, so you don't even have 779 00:38:15,120 --> 00:38:17,260 to remember your username or password. 780 00:38:17,260 --> 00:38:19,590 You just hit a keyboard shortcut, and voila, 781 00:38:19,590 --> 00:38:22,320 the password manager logs you into websites for you, 782 00:38:22,320 --> 00:38:25,020 so long as you have logged in to the software 783 00:38:25,020 --> 00:38:27,060 itself, as you would typically do once a day 784 00:38:27,060 --> 00:38:29,910 or every time you wake up your computer. 785 00:38:29,910 --> 00:38:32,220 So this is amazing, because now it means I 786 00:38:32,220 --> 00:38:35,910 can have 20-character, 100-character passwords, if websites allow it, 787 00:38:35,910 --> 00:38:36,662 on any website. 788 00:38:36,662 --> 00:38:39,120 And frankly, these days, I don't know most of my passwords, 789 00:38:39,120 --> 00:38:43,230 because I let the software generate something big and random and therefore 790 00:38:43,230 --> 00:38:45,300 more secure, theoretically. 791 00:38:45,300 --> 00:38:48,600 But there is a big, big, big gotcha here. 792 00:38:48,600 --> 00:38:53,220 If, god forbid, I forget or lose that master password, 793 00:38:53,220 --> 00:38:57,030 I have very, very securely encrypted all of my accounts, none 794 00:38:57,030 --> 00:38:58,890 of which I can now access. 795 00:38:58,890 --> 00:39:01,990 So that's that one password you just cannot forget. 796 00:39:01,990 --> 00:39:05,567 And so I literally mean it when I say you should probably write it down, tuck 797 00:39:05,567 --> 00:39:07,650 it in a bank vault, tell it to someone you really, 798 00:39:07,650 --> 00:39:11,460 really trust who needs to have access, because you've just kind of moved 799 00:39:11,460 --> 00:39:16,130 the threat to a different location, to your own recollection thereof. 800 00:39:16,130 --> 00:39:18,300 So trade-offs to be sure, but on the whole, 801 00:39:18,300 --> 00:39:22,890 probably much more secure than the passwords you're currently using. 802 00:39:22,890 --> 00:39:24,510 Now, there are some better defenses. 803 00:39:24,510 --> 00:39:27,690 Not all websites support this, but increasingly 804 00:39:27,690 --> 00:39:31,140 are they doing so, even apps on phones as well. 805 00:39:31,140 --> 00:39:34,440 So not too long ago, this was the primary form 806 00:39:34,440 --> 00:39:37,530 of something called two-factor authentication, where 807 00:39:37,530 --> 00:39:40,110 two-factor authentication refers to having not just one 808 00:39:40,110 --> 00:39:43,120 factor, but, surprise, two factors. 809 00:39:43,120 --> 00:39:44,120 So what does this mean? 810 00:39:44,120 --> 00:39:46,290 Well, the first factor, and the factor we keep talking about, 811 00:39:46,290 --> 00:39:47,520 is a password or a passcode. 812 00:39:47,520 --> 00:39:48,900 It's something you know. 813 00:39:48,900 --> 00:39:51,150 And historically, we have used something you 814 00:39:51,150 --> 00:39:55,020 know to authenticate you to a device or a piece of software or to a website. 815 00:39:55,020 --> 00:39:59,550 I am malan@harvard.edu, and here is my 123456 password, 816 00:39:59,550 --> 00:40:03,690 something theoretically only I know, at least if it were a better password. 817 00:40:03,690 --> 00:40:05,670 But that's not that great, because, of course, 818 00:40:05,670 --> 00:40:10,020 passwords can be stolen or guessed or posted on post-it notes. 819 00:40:10,020 --> 00:40:14,330 So slightly better than one factor is two factors. 820 00:40:14,330 --> 00:40:16,080 And that second factor should be something 821 00:40:16,080 --> 00:40:17,820 that's fundamentally different. 822 00:40:17,820 --> 00:40:20,920 Not something you know, like a second password, 823 00:40:20,920 --> 00:40:25,170 which is at risk for the same exact threats, but something you have. 824 00:40:25,170 --> 00:40:27,390 So this thing here is literally something 825 00:40:27,390 --> 00:40:30,810 you would carry around on your keychain, made by a company called RSA, 826 00:40:30,810 --> 00:40:33,870 and it's got a battery and a little computational device, 827 00:40:33,870 --> 00:40:38,280 that shows on the screen a number, six-digit number in this case. 828 00:40:38,280 --> 00:40:41,580 And that number changes every minute or so. 829 00:40:41,580 --> 00:40:43,650 And it does so on a schedule. 830 00:40:43,650 --> 00:40:46,440 So theoretically, it stays synchronized with a server. 831 00:40:46,440 --> 00:40:48,927 Indeed, there's a server somewhere else that knows 832 00:40:48,927 --> 00:40:51,260 what the unique ID of the device is, and you can usually 833 00:40:51,260 --> 00:40:54,260 read that off of a sticker on the back or something like that. 834 00:40:54,260 --> 00:40:59,060 And it knows that that sticker, that device, is currently showing 159759. 835 00:40:59,060 --> 00:41:01,580 And a minute later, it knows, the server, 836 00:41:01,580 --> 00:41:03,580 what new number this device is showing. 837 00:41:03,580 --> 00:41:05,330 So theoretically, they should stay synced, 838 00:41:05,330 --> 00:41:08,660 and there's ways to help them stay synced over time. 839 00:41:08,660 --> 00:41:12,290 But what's nice now is that if I have an account that's 840 00:41:12,290 --> 00:41:15,320 protected with two-factor authentication, 841 00:41:15,320 --> 00:41:18,770 or two-step authentication, then it's not just something 842 00:41:18,770 --> 00:41:21,780 I know that I have to use and type into the screen. 843 00:41:21,780 --> 00:41:25,700 I also have to pull out my keys, in this case, read off the number 159759, 844 00:41:25,700 --> 00:41:27,270 and type that in as well. 845 00:41:27,270 --> 00:41:30,050 So if an adversary gains access to my password, 846 00:41:30,050 --> 00:41:32,570 or just guesses what my password is, it's not 847 00:41:32,570 --> 00:41:36,590 a huge deal, because he or she is then going to be prompted for something 848 00:41:36,590 --> 00:41:37,850 they have. 849 00:41:37,850 --> 00:41:42,570 And so long as they also haven't stolen my keychain, they don't have this. 850 00:41:42,570 --> 00:41:44,570 They therefore don't know the number to type in, 851 00:41:44,570 --> 00:41:46,700 and they don't have the second factor. 852 00:41:46,700 --> 00:41:48,860 And they can't get past that second gate. 853 00:41:48,860 --> 00:41:50,510 So it really raises the bar. 854 00:41:50,510 --> 00:41:54,650 It does not stop a hacker from taking or guessing my password. 855 00:41:54,650 --> 00:41:56,960 And it certainly doesn't stop them from physically 856 00:41:56,960 --> 00:42:00,110 going after the device I have on me. 857 00:42:00,110 --> 00:42:01,520 But it does raise the bar. 858 00:42:01,520 --> 00:42:04,790 And at least I'm a little less worried about the people in this room 859 00:42:04,790 --> 00:42:09,380 than I am about millions of random potential hackers on the internet. 860 00:42:09,380 --> 00:42:12,410 And thankfully, this technology, two-factor, is getting even easier. 861 00:42:12,410 --> 00:42:14,534 You don't need a physical device like a company 862 00:42:14,534 --> 00:42:15,950 like RSA used to have to send you. 863 00:42:15,950 --> 00:42:19,550 You don't need your bank, for instance, to send one of these dedicated devices. 864 00:42:19,550 --> 00:42:20,870 You can actually use software. 865 00:42:20,870 --> 00:42:22,400 So Google Authenticator exists. 866 00:42:22,400 --> 00:42:25,483 There's something called Duo Mobile, that's a commercial alternative there 867 00:42:25,483 --> 00:42:28,910 too, that allows you, on your phone, Android or iOS, 868 00:42:28,910 --> 00:42:33,060 to just hit a software-based button, see what the code is, and type it in. 869 00:42:33,060 --> 00:42:36,470 So Gmail supports something like this, as do many other websites 870 00:42:36,470 --> 00:42:38,807 these days, increasingly so, especially banks. 871 00:42:38,807 --> 00:42:40,640 Right, and there, too, I would encourage you 872 00:42:40,640 --> 00:42:44,450 to consider these various trade-offs, and to consider which accounts 873 00:42:44,450 --> 00:42:46,440 are really the most vulnerable. 874 00:42:46,440 --> 00:42:48,592 Which accounts do you worry the most about? 875 00:42:48,592 --> 00:42:50,300 Maybe you don't really care all that much 876 00:42:50,300 --> 00:42:51,966 about one of your social media accounts. 877 00:42:51,966 --> 00:42:55,310 But maybe you care a lot more about your bank and your savings amounts 878 00:42:55,310 --> 00:42:55,970 and so forth. 879 00:42:55,970 --> 00:42:58,190 And so maybe you should be thinking about which 880 00:42:58,190 --> 00:43:01,730 websites to enable two-factor on, if it supports it. 881 00:43:01,730 --> 00:43:04,610 And frankly, maybe you should even be choosing websites or banks 882 00:43:04,610 --> 00:43:08,000 based on which of them support these kinds of defenses, 883 00:43:08,000 --> 00:43:09,500 because it only raises the bar. 884 00:43:09,500 --> 00:43:11,374 And they don't even require special software. 885 00:43:11,374 --> 00:43:15,952 You can actually use the SMS app on your own iPhone or Android device. 886 00:43:15,952 --> 00:43:17,660 And what companies can increasingly do is 887 00:43:17,660 --> 00:43:21,210 they'll send you a text message with a code that you then have to type in. 888 00:43:21,210 --> 00:43:24,110 So now those two factors are something you know 889 00:43:24,110 --> 00:43:31,810 and also something you have already, something physical, like this. 890 00:43:31,810 --> 00:43:32,620 All right. 891 00:43:32,620 --> 00:43:35,540 So what about the network itself? 892 00:43:35,540 --> 00:43:38,710 We've talked really about physical, proximal threats thus far. 893 00:43:38,710 --> 00:43:43,561 But what about the security of the networks we actually use, 894 00:43:43,561 --> 00:43:45,310 especially when so many of the networks we 895 00:43:45,310 --> 00:43:51,340 use these days are wireless-- my phone, my laptop, other devices in my home 896 00:43:51,340 --> 00:43:54,430 too, all somehow use wireless especially. 897 00:43:54,430 --> 00:43:57,829 So typically, you can pull up a little menu on your computer, 898 00:43:57,829 --> 00:43:59,620 whether it's Windows or Mac OS, and see all 899 00:43:59,620 --> 00:44:01,600 of the wireless networks in proximity. 900 00:44:01,600 --> 00:44:05,320 And odds are, by now, you've been conditioned to look for free Wi-Fi 901 00:44:05,320 --> 00:44:06,250 in some form. 902 00:44:06,250 --> 00:44:09,700 Right, one of the icons that does not have a padlock on it. 903 00:44:09,700 --> 00:44:14,500 And you choose that one, whether it's Harvard University or some other SSID, 904 00:44:14,500 --> 00:44:17,770 as it's called, the identifier for a wireless network. 905 00:44:17,770 --> 00:44:18,820 You connect to it. 906 00:44:18,820 --> 00:44:21,490 And then usually a little icon kind of blinks and pulses. 907 00:44:21,490 --> 00:44:25,119 And then hopefully, within a couple seconds, you're connected to Wi-Fi. 908 00:44:25,119 --> 00:44:26,410 Now, sometimes it doesn't work. 909 00:44:26,410 --> 00:44:28,930 And sometimes, even though a network doesn't have a padlock 910 00:44:28,930 --> 00:44:31,907 and it seems to be free, just doesn't work for any number of reasons. 911 00:44:31,907 --> 00:44:33,490 One, it might not be working properly. 912 00:44:33,490 --> 00:44:36,040 Two, it might require that you pre-register the device 913 00:44:36,040 --> 00:44:36,740 on that network. 914 00:44:36,740 --> 00:44:38,906 So there's different reasons that it might not work. 915 00:44:38,906 --> 00:44:42,610 But sometimes it does, especially at Starbucks and airports and hotels. 916 00:44:42,610 --> 00:44:44,050 Sometimes you have to pay for it. 917 00:44:44,050 --> 00:44:46,010 And indeed, sometimes the first time you visit a site, 918 00:44:46,010 --> 00:44:49,330 you're prompted to pay, or at least tell them your room number, in a hotel. 919 00:44:49,330 --> 00:44:51,040 But otherwise, it just works. 920 00:44:51,040 --> 00:44:53,170 But the problem is, in all of those scenarios, 921 00:44:53,170 --> 00:44:56,400 even if you pay for that Wi-Fi, if there's 922 00:44:56,400 --> 00:45:00,210 no padlock on the wireless network to which you've connected, 923 00:45:00,210 --> 00:45:02,430 it's insecure by definition. 924 00:45:02,430 --> 00:45:07,710 It's not encrypted, at least not by the network in the room that you're in. 925 00:45:07,710 --> 00:45:13,080 Now, you might still visit websites that start with https://, 926 00:45:13,080 --> 00:45:15,560 that are using secure connections and encrypted connection. 927 00:45:15,560 --> 00:45:16,560 And that's a good thing. 928 00:45:16,560 --> 00:45:18,480 And that mitigates this issue. 929 00:45:18,480 --> 00:45:21,150 But maybe your email doesn't use encryption. 930 00:45:21,150 --> 00:45:25,230 Maybe a lot of websites you visit don't use encryption either. 931 00:45:25,230 --> 00:45:29,880 They start with http://, and so that means, 932 00:45:29,880 --> 00:45:34,560 on insecure wireless networks that have no padlock and therefore no built-in 933 00:45:34,560 --> 00:45:38,250 encryption, everything you do on the internet can in fact be seen, 934 00:45:38,250 --> 00:45:41,940 or sniffed, so to speak, by someone else in the nearby area, 935 00:45:41,940 --> 00:45:43,900 let alone elsewhere on the internet. 936 00:45:43,900 --> 00:45:46,260 So if you see some creepy person on their laptop, 937 00:45:46,260 --> 00:45:48,630 you know, Mr. Robot there in the corner, he or she 938 00:45:48,630 --> 00:45:50,790 might actually be on their laptop sniffing 939 00:45:50,790 --> 00:45:53,040 all of the wireless traffic in that Starbucks, 940 00:45:53,040 --> 00:45:56,190 and anyone who is not using HTTPS-based websites, 941 00:45:56,190 --> 00:46:00,270 for instance, he or she might see everything that's actually happening. 942 00:46:00,270 --> 00:46:01,990 And what can you do then? 943 00:46:01,990 --> 00:46:04,920 Well, one, don't use that particular network. 944 00:46:04,920 --> 00:46:08,890 Or two, maybe use something like a VPN, a virtual private network. 945 00:46:08,890 --> 00:46:10,780 Now, not all people have access to these. 946 00:46:10,780 --> 00:46:13,380 Sometimes, if you work for a company, or go to a university, 947 00:46:13,380 --> 00:46:15,879 you can actually install software that allows you to connect 948 00:46:15,879 --> 00:46:18,180 to a VPN, a virtual private network. 949 00:46:18,180 --> 00:46:21,660 And what this means is that your connection to the internet 950 00:46:21,660 --> 00:46:23,490 is indeed encrypted. 951 00:46:23,490 --> 00:46:28,530 So for instance, if this is you here on your laptop, 952 00:46:28,530 --> 00:46:31,620 and here we have the internet, and here we 953 00:46:31,620 --> 00:46:34,650 have some websites inside some company's building 954 00:46:34,650 --> 00:46:37,680 that you're trying to connect to, typically, if you're 955 00:46:37,680 --> 00:46:40,500 using insecure Wi-Fi, your zeros and ones 956 00:46:40,500 --> 00:46:43,770 might go here through the internet onto that company 957 00:46:43,770 --> 00:46:47,130 and then back in the other direction, completely insecurely, 958 00:46:47,130 --> 00:46:49,770 which means anyone in Starbucks near you over here, 959 00:46:49,770 --> 00:46:52,140 anyone theoretically with physical access to the wires 960 00:46:52,140 --> 00:46:55,380 and such on the internet itself could access that data, 961 00:46:55,380 --> 00:46:57,960 if it's all unencrypted from the get-go. 962 00:46:57,960 --> 00:47:01,680 But what you could do, especially if you're worried about Mr. 963 00:47:01,680 --> 00:47:04,710 Robot in the cafe in which you're sitting, 964 00:47:04,710 --> 00:47:10,630 if you do have a VPN at your company or university, like this one here-- 965 00:47:10,630 --> 00:47:12,060 we'll call it Acme-- 966 00:47:12,060 --> 00:47:17,460 where you work or go to school, you can first establish an encrypted connection 967 00:47:17,460 --> 00:47:22,497 here, where "encrypted" is going to mean scrambled in some way. 968 00:47:22,497 --> 00:47:24,330 It's not just text and numbers that you see. 969 00:47:24,330 --> 00:47:26,910 It's sort of random permutations thereof, 970 00:47:26,910 --> 00:47:29,010 because of an algorithm that's being used. 971 00:47:29,010 --> 00:47:33,180 And now you can let your company or university 972 00:47:33,180 --> 00:47:36,190 do all of the talking with the rest of the internet. 973 00:47:36,190 --> 00:47:40,620 So you're essentially tunneling, so to speak, all of your internet traffic 974 00:47:40,620 --> 00:47:46,100 through your own company or university by way of this thing called a VPN. 975 00:47:46,100 --> 00:47:50,340 There's still a flaw here, though, and you can kind of see it in the picture. 976 00:47:50,340 --> 00:47:53,240 VPN is between you and, like, your company, or university, 977 00:47:53,240 --> 00:47:54,950 or frankly, there's third parties you can 978 00:47:54,950 --> 00:47:56,960 pay these days some number of dollars a month 979 00:47:56,960 --> 00:47:59,360 so you can actually have a VPN connection somewhere else in the world, 980 00:47:59,360 --> 00:48:00,170 even. 981 00:48:00,170 --> 00:48:03,320 But there's still an insecurity here. 982 00:48:03,320 --> 00:48:04,480 Where? 983 00:48:04,480 --> 00:48:07,700 Well, I've only labeled this channel of communication 984 00:48:07,700 --> 00:48:08,930 back and forth as encrypted. 985 00:48:08,930 --> 00:48:12,740 And that's because odds are, if you're just visiting an insecure website 986 00:48:12,740 --> 00:48:17,870 that's just http://, well, it might actually still be insecure once it 987 00:48:17,870 --> 00:48:18,990 leaves your company. 988 00:48:18,990 --> 00:48:20,570 So here, too, there's a trade-off. 989 00:48:20,570 --> 00:48:23,930 You've increased the security around you, 990 00:48:23,930 --> 00:48:26,242 but you've really just pushed the threat away. 991 00:48:26,242 --> 00:48:27,200 There's still a threat. 992 00:48:27,200 --> 00:48:29,033 It's just now random people on the internet. 993 00:48:29,033 --> 00:48:31,390 It's not Mr. Robot in the very same cafe that you're in. 994 00:48:31,390 --> 00:48:34,640 So maybe that's OK, because maybe you're really only worried about nosy people 995 00:48:34,640 --> 00:48:37,640 here, and not random people on the internet. 996 00:48:37,640 --> 00:48:42,200 Or-- but, rather, you've paid another price. 997 00:48:42,200 --> 00:48:48,320 Turns out that any time you do something more to a process, as we're doing here, 998 00:48:48,320 --> 00:48:50,810 odds are you're increasing the cost involved. 999 00:48:50,810 --> 00:48:53,780 Right, I don't know much about encryption right now in the story. 1000 00:48:53,780 --> 00:48:56,780 But I do know it's something I wasn't doing earlier. 1001 00:48:56,780 --> 00:49:01,400 So surely, doing something must take more time than doing nothing, 1002 00:49:01,400 --> 00:49:02,480 to put it simply. 1003 00:49:02,480 --> 00:49:05,840 And so by encrypting my data, by doing whatever algorithm 1004 00:49:05,840 --> 00:49:08,122 is necessary to scramble my zeros and ones, 1005 00:49:08,122 --> 00:49:09,580 must be taking some amount of time. 1006 00:49:09,580 --> 00:49:12,017 And indeed, it might somewhat slow down your connection, 1007 00:49:12,017 --> 00:49:14,600 to use a VPN, which might be a trade-off, especially if you're 1008 00:49:14,600 --> 00:49:18,290 on a plane or something like that, where your network connectivity is really 1009 00:49:18,290 --> 00:49:19,940 quite limited. 1010 00:49:19,940 --> 00:49:21,620 So a trade-off there. 1011 00:49:21,620 --> 00:49:25,700 Now, fortunately, companies, and even personal computers, 1012 00:49:25,700 --> 00:49:29,900 have special devices, or special software, called firewalls, 1013 00:49:29,900 --> 00:49:30,860 that I'll depict there. 1014 00:49:30,860 --> 00:49:35,090 And even your own laptop, in some sense, has 1015 00:49:35,090 --> 00:49:37,604 turned on, or most likely has turned on, its own firewall. 1016 00:49:37,604 --> 00:49:40,520 And I'm drawing it as a physical line, as though it's a physical wall. 1017 00:49:40,520 --> 00:49:41,020 It's not. 1018 00:49:41,020 --> 00:49:42,140 It's just software. 1019 00:49:42,140 --> 00:49:46,366 A firewall is just, in the physical world, an actual wall. 1020 00:49:46,366 --> 00:49:49,490 So if you've got, like, a strip mall with lots of little companies and lots 1021 00:49:49,490 --> 00:49:52,610 of stores, one of which might catch fire for some reason, 1022 00:49:52,610 --> 00:49:54,740 historically, a lot of these kind of setups 1023 00:49:54,740 --> 00:49:57,830 would have physical walls, special layers of bricks or other material, 1024 00:49:57,830 --> 00:50:01,490 in between the stores, so that if there's a fire in one store, 1025 00:50:01,490 --> 00:50:04,070 it might still get hot, but hopefully it does not 1026 00:50:04,070 --> 00:50:06,980 pass through into the next-door store, because 1027 00:50:06,980 --> 00:50:10,250 of that additional insulation between them, firewall. 1028 00:50:10,250 --> 00:50:13,460 Now, in the software world, it's kind of the same idea, but it's all digital. 1029 00:50:13,460 --> 00:50:16,970 You might have software running on your Mac or PC over here at left, 1030 00:50:16,970 --> 00:50:20,300 or your company is going to have some kind of special software running 1031 00:50:20,300 --> 00:50:24,260 on the periphery of their network, where the routers typically hand off data 1032 00:50:24,260 --> 00:50:26,630 to other networks altogether, or other ISPs. 1033 00:50:26,630 --> 00:50:30,590 And those firewalls look at things like the IP addresses 1034 00:50:30,590 --> 00:50:33,590 to which you're sending, or from which you're receiving data, the TCP 1035 00:50:33,590 --> 00:50:35,080 port numbers that are being used. 1036 00:50:35,080 --> 00:50:39,080 And these firewalls can help keep bad guys out 1037 00:50:39,080 --> 00:50:41,340 and help keep internal data inside. 1038 00:50:41,340 --> 00:50:43,410 So there's that additional defense as well, 1039 00:50:43,410 --> 00:50:45,412 which is just yet another piece of the puzzle. 1040 00:50:45,412 --> 00:50:47,120 Now, if you're running Mac OS or Windows, 1041 00:50:47,120 --> 00:50:49,190 odds are you just want to check if you're actually 1042 00:50:49,190 --> 00:50:51,023 enabling that on your computer, so that when 1043 00:50:51,023 --> 00:50:56,480 you are on a public, especially insecure network, unencrypted, to be sure 1044 00:50:56,480 --> 00:50:59,417 that no one can really be hacking into your computer 1045 00:50:59,417 --> 00:51:01,250 with this high probability, because at least 1046 00:51:01,250 --> 00:51:04,790 your computer is kind of keeping them at bay. 1047 00:51:04,790 --> 00:51:06,620 But what does it mean to encrypt data? 1048 00:51:06,620 --> 00:51:08,620 Right, I've just kind of been taking for granted 1049 00:51:08,620 --> 00:51:10,520 that you can encrypt information in this way. 1050 00:51:10,520 --> 00:51:12,330 Well, what does that actually mean? 1051 00:51:12,330 --> 00:51:15,500 Well, suppose that I want to send a message to someone, 1052 00:51:15,500 --> 00:51:17,060 like, the message, "Hi." 1053 00:51:17,060 --> 00:51:20,060 But I don't want anyone else in the room, anyone else in the cafe, 1054 00:51:20,060 --> 00:51:23,810 to know whom I'm saying hi to, or that I'm saying hi. 1055 00:51:23,810 --> 00:51:26,060 I might want to scramble this message. 1056 00:51:26,060 --> 00:51:27,207 So how might I scramble it? 1057 00:51:27,207 --> 00:51:28,040 Well, you know what? 1058 00:51:28,040 --> 00:51:32,540 Rather than send "H-I," I'm going to send "I-J," 1059 00:51:32,540 --> 00:51:36,750 because that is not English, and that makes no apparent sense. 1060 00:51:36,750 --> 00:51:40,400 So I'm going to send that in a message, or that in an email 1061 00:51:40,400 --> 00:51:45,660 or a text message or some other digital medium, from me to some other person. 1062 00:51:45,660 --> 00:51:47,300 Now, why did I choose "I-J"? 1063 00:51:47,300 --> 00:51:48,230 It's deliberate. 1064 00:51:48,230 --> 00:51:49,610 It's a little stupid. 1065 00:51:49,610 --> 00:51:50,930 It's not very secure. 1066 00:51:50,930 --> 00:51:52,760 But it's an attempt to be more secure. 1067 00:51:52,760 --> 00:51:56,290 "H-I" is the message I want to send. 1068 00:51:56,290 --> 00:51:58,550 "I-J" is what I'm actually sending. 1069 00:51:58,550 --> 00:52:00,500 But I've just used a simple algorithm here. 1070 00:52:00,500 --> 00:52:04,100 I took a letter that I want to send, and I changed it by one. 1071 00:52:04,100 --> 00:52:10,610 So H became I, and I, coincidentally, became J. So I send "I-J," 1072 00:52:10,610 --> 00:52:14,010 and I send that message to someone else in the cafe, or across the internet. 1073 00:52:14,010 --> 00:52:15,890 What does he or she have to now do? 1074 00:52:15,890 --> 00:52:20,240 Well, he or she has to know that the secret algorithm I'm using 1075 00:52:20,240 --> 00:52:23,270 is to not only rotate letters by some number of places, 1076 00:52:23,270 --> 00:52:24,860 but they need to know the key. 1077 00:52:24,860 --> 00:52:29,964 The key to this algorithm is the number of places that I'm shifting letters by. 1078 00:52:29,964 --> 00:52:31,880 So he or she has to know that it was just one. 1079 00:52:31,880 --> 00:52:34,040 And that's why I say it's kind of dumb, because one is not 1080 00:52:34,040 --> 00:52:34,880 that hard to just guess. 1081 00:52:34,880 --> 00:52:36,713 I could just try one, and oops, there it is. 1082 00:52:36,713 --> 00:52:37,430 Hello. 1083 00:52:37,430 --> 00:52:41,150 But they have to know to unrotate these letters by one place. 1084 00:52:41,150 --> 00:52:45,380 So I now becomes H again, and J becomes I. 1085 00:52:45,380 --> 00:52:48,530 So this, then, was my plain text. 1086 00:52:48,530 --> 00:52:51,020 This, then, is my so-called cipher text. 1087 00:52:51,020 --> 00:52:54,019 And once decrypted, becomes my plain text as well. 1088 00:52:54,019 --> 00:52:56,060 Now, it turns out this is an example of something 1089 00:52:56,060 --> 00:52:58,100 called a Caesar cipher, a rotational cipher. 1090 00:52:58,100 --> 00:53:02,240 We could make it a little more interesting by rotating by two 1091 00:53:02,240 --> 00:53:05,280 places, or three, or 13, or even more. 1092 00:53:05,280 --> 00:53:08,750 But it's not all that secure if it's pretty easy to just guess. 1093 00:53:08,750 --> 00:53:12,050 Right, even a bad guy who intercepts this message could just try rotating 1094 00:53:12,050 --> 00:53:15,860 by one, rotating by two, rotating by 25, and figure out, 1095 00:53:15,860 --> 00:53:19,370 just intuitively, and a little methodically, what it is I'm 1096 00:53:19,370 --> 00:53:20,210 actually sending. 1097 00:53:20,210 --> 00:53:24,300 So rotational ciphers, not really used on the actual internet. 1098 00:53:24,300 --> 00:53:26,430 There's more sophisticated means. 1099 00:53:26,430 --> 00:53:29,790 But there's also another glaring flaw here to encryption, 1100 00:53:29,790 --> 00:53:32,750 which is, my friend to whom I'm sending this message apparently 1101 00:53:32,750 --> 00:53:34,670 needs to know what that key is. 1102 00:53:34,670 --> 00:53:38,380 He or she has to know that the secret was, in this case, one. 1103 00:53:38,380 --> 00:53:41,210 Now, that's kind of a chicken and the egg problem. 1104 00:53:41,210 --> 00:53:46,370 Right, because for him or her to know what key we're going to be using, 1105 00:53:46,370 --> 00:53:49,040 we have to agree upon it in advance. 1106 00:53:49,040 --> 00:53:50,736 So how do we agree upon it in advance? 1107 00:53:50,736 --> 00:53:53,360 I can't just send them a message and write the number one on it 1108 00:53:53,360 --> 00:53:55,367 and send it, because it would be unencrypted. 1109 00:53:55,367 --> 00:53:57,200 And if I even wanted to encrypt it, I can't, 1110 00:53:57,200 --> 00:54:00,732 because he or she doesn't know how many numbers of places to rotate it yet. 1111 00:54:00,732 --> 00:54:01,940 So maybe I pick up the phone. 1112 00:54:01,940 --> 00:54:05,480 I use a different technology, and I say, hey, let's use a key of one! 1113 00:54:05,480 --> 00:54:08,480 But at that point, the story is kind of stupid for a different reason. 1114 00:54:08,480 --> 00:54:12,114 Why don't I just tell them "hi" at that same time? 1115 00:54:12,114 --> 00:54:14,780 Right, so if I'm already talking to them via some other channel, 1116 00:54:14,780 --> 00:54:15,905 just give them the message. 1117 00:54:15,905 --> 00:54:17,090 Don't worry about a key. 1118 00:54:17,090 --> 00:54:20,270 And this is absolutely the case when you visit a website. 1119 00:54:20,270 --> 00:54:22,430 Like, I don't really know anyone personally 1120 00:54:22,430 --> 00:54:24,770 at amazon.com who can sell me a book. 1121 00:54:24,770 --> 00:54:29,210 I don't really personally know anyone at Gmail who can send me my emails. 1122 00:54:29,210 --> 00:54:30,620 I know the website gmail.com. 1123 00:54:30,620 --> 00:54:33,230 I know the website amazon.com. 1124 00:54:33,230 --> 00:54:36,040 And my computer certainly doesn't know another computer there. 1125 00:54:36,040 --> 00:54:39,940 It just knows its domain name and maybe its IP address, eventually. 1126 00:54:39,940 --> 00:54:44,590 So it turns out, what we just described, rotating characters one place, 1127 00:54:44,590 --> 00:54:47,380 is what's called secret key cryptography. 1128 00:54:47,380 --> 00:54:50,680 So secret key cryptography is predicated, of course, 1129 00:54:50,680 --> 00:54:55,600 on keeping that key, the number one or 13 or 25 or something else, secret. 1130 00:54:55,600 --> 00:54:58,780 But there's also something called public key cryptography that 1131 00:54:58,780 --> 00:55:04,610 satisfies this issue of chicken and egg, where you need a secret, 1132 00:55:04,610 --> 00:55:07,660 but you can't establish a secret before you have a secret. 1133 00:55:07,660 --> 00:55:10,600 Public key cryptography addresses this as follows. 1134 00:55:10,600 --> 00:55:15,490 Whereas in the secret key scenario, you have just one key, 1135 00:55:15,490 --> 00:55:19,330 in the public key scenario, every person has two keys. 1136 00:55:19,330 --> 00:55:23,509 One key is private, and one key is public. 1137 00:55:23,509 --> 00:55:26,800 And it turns out, there's a mathematical relationship between these two values, 1138 00:55:26,800 --> 00:55:31,960 public and private, so that you use the public key to encrypt information, 1139 00:55:31,960 --> 00:55:34,700 but you use the private key to decrypt it, 1140 00:55:34,700 --> 00:55:41,440 which is to say that if I have two people here, let's say Alice and Bob, 1141 00:55:41,440 --> 00:55:46,175 Alice has her private key, we'll call it A, 1142 00:55:46,175 --> 00:55:50,620 and her public key, public A. And Bob, meanwhile, 1143 00:55:50,620 --> 00:55:57,070 has his private key, B, and public key, B. 1144 00:55:57,070 --> 00:56:03,460 And so when Alice wants to send Bob a message, she sends it from A to B. 1145 00:56:03,460 --> 00:56:11,390 And she uses Bob's public key. 1146 00:56:11,390 --> 00:56:14,420 Bob, upon receipt of that message, uses what? 1147 00:56:14,420 --> 00:56:15,991 His private key to decrypt it. 1148 00:56:15,991 --> 00:56:17,990 And again, for now, let's just stipulate there's 1149 00:56:17,990 --> 00:56:21,170 a mathematical relationship such that algorithmically, 1150 00:56:21,170 --> 00:56:25,310 Bob's private key can undo the effects of Bob's public key. 1151 00:56:25,310 --> 00:56:29,960 Meanwhile, if Bob wants to reply, let's consider what Bob uses. 1152 00:56:29,960 --> 00:56:32,360 Bob wants to send a reply to Alice. 1153 00:56:32,360 --> 00:56:35,285 So Bob uses Alice's public key. 1154 00:56:35,285 --> 00:56:39,270 1155 00:56:39,270 --> 00:56:42,540 Alice receives the message and uses what to decrypt it? 1156 00:56:42,540 --> 00:56:44,790 Alice's private key. 1157 00:56:44,790 --> 00:56:48,780 And by nature of public, these keys, A and B, 1158 00:56:48,780 --> 00:56:50,880 can literally be posted on the internet. 1159 00:56:50,880 --> 00:56:53,040 They can be read aloud on the phone. 1160 00:56:53,040 --> 00:56:55,050 They can be sent in an email or a text message. 1161 00:56:55,050 --> 00:56:57,120 They are public because mathematically, they 1162 00:56:57,120 --> 00:57:00,240 are meant to be divulged to anyone who wants to know it, but especially 1163 00:57:00,240 --> 00:57:01,980 the person who's going to use it. 1164 00:57:01,980 --> 00:57:05,520 The private keys, though, meanwhile, Alice and Bob have to keep private. 1165 00:57:05,520 --> 00:57:06,480 They can't reveal that. 1166 00:57:06,480 --> 00:57:08,040 They can't email it out. 1167 00:57:08,040 --> 00:57:11,419 And all of this happens automatically in today's browsers. 1168 00:57:11,419 --> 00:57:13,710 In fact, when your browser, Chrome or Edge or whatever, 1169 00:57:13,710 --> 00:57:17,750 uses the internet to connect to amazon.com or gmail.com, 1170 00:57:17,750 --> 00:57:22,560 your browser has its own public and private key, as does Amazon's server, 1171 00:57:22,560 --> 00:57:24,990 as does Google and Facebook and any other website. 1172 00:57:24,990 --> 00:57:27,670 And unbeknownst to you, just underneath the hood, so to speak, 1173 00:57:27,670 --> 00:57:32,790 is your browser using this crypto system, this public key cryptography 1174 00:57:32,790 --> 00:57:37,500 mechanism, to exchange a secure message with Amazon or Google or Facebook, 1175 00:57:37,500 --> 00:57:42,870 even though your laptop has never met anyone at those companies before. 1176 00:57:42,870 --> 00:57:47,760 And so turns out, for efficiency, what's ultimately used later 1177 00:57:47,760 --> 00:57:50,130 is very often secret key cryptography. 1178 00:57:50,130 --> 00:57:52,350 In other words, you use this whole public key system 1179 00:57:52,350 --> 00:57:55,740 to just exchange a secret, like the number one, but much bigger 1180 00:57:55,740 --> 00:57:58,410 number than number one, and much bigger than 13 and 25. 1181 00:57:58,410 --> 00:58:02,190 You just use it to exchange a secret that you probably dynamically randomly 1182 00:58:02,190 --> 00:58:03,220 generate. 1183 00:58:03,220 --> 00:58:07,980 But this public key system is what solves, ultimately, that chicken 1184 00:58:07,980 --> 00:58:09,330 and the egg problem. 1185 00:58:09,330 --> 00:58:12,120 So even then, within the world of our network, 1186 00:58:12,120 --> 00:58:16,170 do we have not only constant threats, especially these days wirelessly, we 1187 00:58:16,170 --> 00:58:19,350 do have a number of protections-- software, 1188 00:58:19,350 --> 00:58:22,380 but also algorithms-- that help keep some of those threats at bay, 1189 00:58:22,380 --> 00:58:28,720 and also help us avoid some of those threats altogether. 1190 00:58:28,720 --> 00:58:29,790 So what remains? 1191 00:58:29,790 --> 00:58:33,540 Well, going around this campus lately are actually posters like this-- 1192 00:58:33,540 --> 00:58:34,950 Report Phishing. 1193 00:58:34,950 --> 00:58:39,060 And this is a technique that's actually been around for years now, 1194 00:58:39,060 --> 00:58:42,090 but it seems to kind of be gaining even more momentum, frankly, 1195 00:58:42,090 --> 00:58:45,420 especially as email clients are getting a little more sophisticated 1196 00:58:45,420 --> 00:58:46,800 and a little more featureful. 1197 00:58:46,800 --> 00:58:51,090 Phishing attacks are when some adversary, some bad guy, 1198 00:58:51,090 --> 00:58:54,660 sends you an email, typically, that looks legitimate, 1199 00:58:54,660 --> 00:58:57,930 looks like it's from paypal.com, looks like it's from your own bank, 1200 00:58:57,930 --> 00:59:01,320 looks like it's from an actual website on which you might have an account. 1201 00:59:01,320 --> 00:59:05,430 And it usually says something stupid like, please click here to-- 1202 00:59:05,430 --> 00:59:06,340 it's not even stupid. 1203 00:59:06,340 --> 00:59:08,640 It's just completely malicious. 1204 00:59:08,640 --> 00:59:10,470 "Click here to reset your password." 1205 00:59:10,470 --> 00:59:12,660 Or, "click here to confirm your identity." 1206 00:59:12,660 --> 00:59:15,180 Or, "click here to confirm your bank account details." 1207 00:59:15,180 --> 00:59:17,490 And sometimes it will start with a preamble explaining 1208 00:59:17,490 --> 00:59:19,500 how they're doing this as standard security practice, 1209 00:59:19,500 --> 00:59:20,874 or sometimes they're doing this-- 1210 00:59:20,874 --> 00:59:24,090 they say that, oh, something has been hacked 1211 00:59:24,090 --> 00:59:25,920 and we need you to change your password. 1212 00:59:25,920 --> 00:59:27,750 It doesn't even matter what the story is. 1213 00:59:27,750 --> 00:59:33,450 The point is, they're sort of trying to fish and reel you in and trick you 1214 00:59:33,450 --> 00:59:38,070 into giving them information that they really shouldn't have. 1215 00:59:38,070 --> 00:59:39,990 And so this is so rampant lately at Harvard 1216 00:59:39,990 --> 00:59:42,630 that there's posters all over campus encouraging people 1217 00:59:42,630 --> 00:59:45,240 to report phishing attacks, so then at the network 1218 00:59:45,240 --> 00:59:47,640 level and the email servers, these kinds of attacks 1219 00:59:47,640 --> 00:59:49,650 can hopefully be filtered out. 1220 00:59:49,650 --> 00:59:52,470 Because what actually happens in these attacks? 1221 00:59:52,470 --> 00:59:55,440 You get an email that might look like it came from Gmail. 1222 00:59:55,440 --> 00:59:56,820 It might have Google's logo. 1223 00:59:56,820 --> 00:59:58,980 You get an email that looks like it might have come from PayPal, 1224 00:59:58,980 --> 01:00:01,396 and it's got their logo, and it's got a lot of fancy text, 1225 01:00:01,396 --> 01:00:03,390 and it has even a secure message on it. 1226 01:00:03,390 --> 01:00:08,550 But the link that's in it, odds are, does not go to paypal.com, 1227 01:00:08,550 --> 01:00:13,230 and does not go to google.com, or your own particular website. 1228 01:00:13,230 --> 01:00:16,050 Odds are it goes to a completely random URL, 1229 01:00:16,050 --> 01:00:19,740 or maybe it goes to a slight misspelling of that URL 1230 01:00:19,740 --> 01:00:21,150 that someone else has bought. 1231 01:00:21,150 --> 01:00:23,441 And it might even lead, once clicked, to a website that 1232 01:00:23,441 --> 01:00:25,860 looks like identical to the real PayPal or gmail.com, 1233 01:00:25,860 --> 01:00:29,940 but that's just because someone knows HTML and copied PayPal's or Google's 1234 01:00:29,940 --> 01:00:31,290 or whoever's HTML. 1235 01:00:31,290 --> 01:00:33,660 All that's pretty darn easy. 1236 01:00:33,660 --> 01:00:38,250 They're just trying to socially engineer you, trick you as a human, 1237 01:00:38,250 --> 01:00:41,660 into believing them, because it looks like a legitimate email, 1238 01:00:41,660 --> 01:00:45,960 into behaving in a reasonable way, but in the wrong place. 1239 01:00:45,960 --> 01:00:47,850 And the phishing attack leads, generally, 1240 01:00:47,850 --> 01:00:52,071 to you accidentally or unknowingly giving someone your identity, giving 1241 01:00:52,071 --> 01:00:54,570 them, god forbid, your bank account details, your usernames, 1242 01:00:54,570 --> 01:00:58,620 your passwords, because you've been duped by a social engineering attack. 1243 01:00:58,620 --> 01:01:00,510 So what's the giveaway there? 1244 01:01:00,510 --> 01:01:04,140 Well, one, distrust most emails that you get. 1245 01:01:04,140 --> 01:01:07,230 Even when you do get an email from your bank and it looks legit 1246 01:01:07,230 --> 01:01:11,670 and maybe it is legit, don't click the link in the email, right, just in case. 1247 01:01:11,670 --> 01:01:14,520 You know you're a customer at BankOfAmerica.com. 1248 01:01:14,520 --> 01:01:20,280 So you go to your browser and type in, literally, BankOfAmerica.com, Enter. 1249 01:01:20,280 --> 01:01:22,440 Go there without using the link in the email. 1250 01:01:22,440 --> 01:01:24,480 Log in, and then find your way to whatever 1251 01:01:24,480 --> 01:01:27,060 it is that email was telling you to do. 1252 01:01:27,060 --> 01:01:28,620 Don't click on a link from Google. 1253 01:01:28,620 --> 01:01:31,860 Go to gmail.com, hit Enter, log in in the usual way, 1254 01:01:31,860 --> 01:01:33,120 and don't trust the email. 1255 01:01:33,120 --> 01:01:35,770 But look at these emails with a discerning eye, too. 1256 01:01:35,770 --> 01:01:39,540 Does it look like it came from a sketchy-looking email address, 1257 01:01:39,540 --> 01:01:42,232 sort of a random Gmail address, not an official-looking account? 1258 01:01:42,232 --> 01:01:43,440 But even that can be spoofed. 1259 01:01:43,440 --> 01:01:44,824 So it's not a tell. 1260 01:01:44,824 --> 01:01:46,740 But sometimes you'll see typographical errors. 1261 01:01:46,740 --> 01:01:48,740 Hopefully, you think, good marketing departments 1262 01:01:48,740 --> 01:01:51,160 don't send out emails with typographical errors. 1263 01:01:51,160 --> 01:01:52,350 So that could be a tell. 1264 01:01:52,350 --> 01:01:56,010 These are not reliable tells, though, because you can forge an email address, 1265 01:01:56,010 --> 01:01:58,860 and you can certainly spellcheck a phishing attack. 1266 01:01:58,860 --> 01:02:02,340 But these are just things that should raise red flags in your mind 1267 01:02:02,340 --> 01:02:03,840 and should set your radar off. 1268 01:02:03,840 --> 01:02:06,630 But in general, just avoid clicking things 1269 01:02:06,630 --> 01:02:10,470 that themselves might not be safe, because what might happen? 1270 01:02:10,470 --> 01:02:14,910 Well, you might indeed end up giving away sort of the keys to the kingdom, 1271 01:02:14,910 --> 01:02:18,420 like your identity, your bank account, your usernames, passwords, and more. 1272 01:02:18,420 --> 01:02:20,670 But your computer might even get infected somehow. 1273 01:02:20,670 --> 01:02:25,650 Right, it's often the case that these URLs lead you to websites that are 1274 01:02:25,650 --> 01:02:29,370 infected with something-- malware, malicious software-- 1275 01:02:29,370 --> 01:02:30,690 that can do anything. 1276 01:02:30,690 --> 01:02:33,840 Especially in the Windows world, where computers have historically 1277 01:02:33,840 --> 01:02:36,330 tended to be under greater attack, you might 1278 01:02:36,330 --> 01:02:40,050 be led to a website that somehow injects into your browser, 1279 01:02:40,050 --> 01:02:44,460 and in turn into your computer, a piece of software that someone with way 1280 01:02:44,460 --> 01:02:48,090 too much free time and way too many malicious intentions 1281 01:02:48,090 --> 01:02:52,710 has written in order to erase your hard drive or send spam from your computer 1282 01:02:52,710 --> 01:02:54,060 or encrypt all of your files. 1283 01:02:54,060 --> 01:02:56,935 Indeed, some of the attacks these days do something really draconian, 1284 01:02:56,935 --> 01:02:59,850 which is they'll encrypt data on your hard drive, or for a company, 1285 01:02:59,850 --> 01:03:02,790 they'll encrypt a company's database, and then send them 1286 01:03:02,790 --> 01:03:07,110 a nasty-written email saying, pay us $500, pay us $5 million, 1287 01:03:07,110 --> 01:03:10,600 in order to get the key to decrypt your data. 1288 01:03:10,600 --> 01:03:12,750 And maybe that key doesn't even work-- 1289 01:03:12,750 --> 01:03:17,480 that's even unclear-- effectively giving term to the word 1290 01:03:17,480 --> 01:03:21,120 "ransomware," where it's software that effectively ransoms 1291 01:03:21,120 --> 01:03:24,600 your data, expecting some kind of payout before it's given back to you, 1292 01:03:24,600 --> 01:03:26,940 or effectively, decrypted for you. 1293 01:03:26,940 --> 01:03:28,960 So malware can be anything. 1294 01:03:28,960 --> 01:03:31,360 At the end of the day, any piece of software 1295 01:03:31,360 --> 01:03:33,777 can do anything on your computer that it wants, especially 1296 01:03:33,777 --> 01:03:36,359 if it's been installed somehow with administrative privileges, 1297 01:03:36,359 --> 01:03:38,380 or has taken advantage of bugs in software, 1298 01:03:38,380 --> 01:03:42,130 to somehow get onto your computer in ways that weren't intended, 1299 01:03:42,130 --> 01:03:43,750 but that are nonetheless possible. 1300 01:03:43,750 --> 01:03:46,180 And so this is even a more worrisome threat, 1301 01:03:46,180 --> 01:03:48,280 because you might not even realize thereafter 1302 01:03:48,280 --> 01:03:50,655 that you've been compromised, and the software might just 1303 01:03:50,655 --> 01:03:53,170 keep running and running and running. 1304 01:03:53,170 --> 01:03:55,870 And that, at the end of the day, is kind of the core issue 1305 01:03:55,870 --> 01:03:58,550 with all of these threats to one's security, 1306 01:03:58,550 --> 01:04:00,880 privacy, your data, your devices, and more. 1307 01:04:00,880 --> 01:04:03,160 It really boils down to trust. 1308 01:04:03,160 --> 01:04:05,020 Do you trust the people around you? 1309 01:04:05,020 --> 01:04:08,440 Do you trust the algorithms and the software that you're using? 1310 01:04:08,440 --> 01:04:11,320 Do you trust the manufacturers of the hardware that you're using? 1311 01:04:11,320 --> 01:04:13,900 Consider, after all, that we've focused for the most 1312 01:04:13,900 --> 01:04:17,560 part on Mr. Robot in cafes, random people on the internet, 1313 01:04:17,560 --> 01:04:21,040 and nosy neighbors and roommates and family members. 1314 01:04:21,040 --> 01:04:23,290 But where did all of the hardware and software 1315 01:04:23,290 --> 01:04:28,000 come from that's legitimately being used by you on your phones and laptops 1316 01:04:28,000 --> 01:04:29,320 and desktops every day? 1317 01:04:29,320 --> 01:04:33,190 Well, a lot of it comes from Apple, or Microsoft, or Google, 1318 01:04:33,190 --> 01:04:34,090 or other companies. 1319 01:04:34,090 --> 01:04:37,300 But odds are, all of us have installed software from the so-called App Store 1320 01:04:37,300 --> 01:04:40,360 or Google Play, or from random websites, or we've 1321 01:04:40,360 --> 01:04:42,850 bought software and installed it on a computer, 1322 01:04:42,850 --> 01:04:45,000 or downloaded it in some form. 1323 01:04:45,000 --> 01:04:50,600 But who's to say that Microsoft Word isn't logging every keystroke you type, 1324 01:04:50,600 --> 01:04:53,410 whether or not you're inside the program itself? 1325 01:04:53,410 --> 01:04:57,820 Who's to say that Google is not watching everything you do within Chrome, even 1326 01:04:57,820 --> 01:05:00,160 if you're not on google.com? 1327 01:05:00,160 --> 01:05:02,710 If they wrote the software, Microsoft or Google, 1328 01:05:02,710 --> 01:05:06,280 they could be doing both, or all of those things, or none. 1329 01:05:06,280 --> 01:05:07,990 Hopefully none. 1330 01:05:07,990 --> 01:05:12,700 But it's all about trust, because even though we could audit our computers 1331 01:05:12,700 --> 01:05:15,070 and we could kind of use the activity monitor or process 1332 01:05:15,070 --> 01:05:17,260 manager to see what it is they're doing, there 1333 01:05:17,260 --> 01:05:20,320 have been cases where the specially malicious software has 1334 01:05:20,320 --> 01:05:22,520 been written to cover its tracks. 1335 01:05:22,520 --> 01:05:26,560 So it doesn't even appear in the process monitor or process manager or activity 1336 01:05:26,560 --> 01:05:27,220 monitor. 1337 01:05:27,220 --> 01:05:30,470 So it's still there and running, but it's kind of hiding itself altogether. 1338 01:05:30,470 --> 01:05:34,570 And that makes it even harder for all but the most sophisticated security 1339 01:05:34,570 --> 01:05:37,720 folks to actually find, let alone little old 1340 01:05:37,720 --> 01:05:41,740 me or random users on the internet who might be infected. 1341 01:05:41,740 --> 01:05:44,950 Right, so who's to say the very software we're using 1342 01:05:44,950 --> 01:05:47,320 is actually doing what we say? 1343 01:05:47,320 --> 01:05:49,930 Who's to say that Snapchat is actually deleting messages 1344 01:05:49,930 --> 01:05:51,960 after three seconds, or 10 seconds? 1345 01:05:51,960 --> 01:05:52,960 It's just what they say. 1346 01:05:52,960 --> 01:05:53,740 What if there's a bug? 1347 01:05:53,740 --> 01:05:54,850 What if there's a malicious intent? 1348 01:05:54,850 --> 01:05:57,266 What if there's a malicious employee who simply programmed 1349 01:05:57,266 --> 01:05:59,352 those devices to do something else? 1350 01:05:59,352 --> 01:06:01,060 So at the end of the day, it is very easy 1351 01:06:01,060 --> 01:06:05,509 to sort of curl up into a ball and sort of tearfully worry about all 1352 01:06:05,509 --> 01:06:06,550 of these various threats. 1353 01:06:06,550 --> 01:06:10,570 But at the end of the day, what really we need to do is decide whom to trust, 1354 01:06:10,570 --> 01:06:12,970 and how much to trust, and what kind of risks to take. 1355 01:06:12,970 --> 01:06:15,136 At the end of the day, there are no surefire answers 1356 01:06:15,136 --> 01:06:16,400 to any of these threats. 1357 01:06:16,400 --> 01:06:19,420 There are defenses, but they really just raise the bar to the adversary. 1358 01:06:19,420 --> 01:06:21,460 They raise the cost to him or her, and they 1359 01:06:21,460 --> 01:06:24,610 increase the probability of your security and your privacy, 1360 01:06:24,610 --> 01:06:25,900 but they don't guarantee it. 1361 01:06:25,900 --> 01:06:28,699 You yourself have to decide how much you're comfortable 1362 01:06:28,699 --> 01:06:30,490 doing on the internet, how much data you're 1363 01:06:30,490 --> 01:06:34,390 comfortable storing on your computers, and ultimately, whom to trust, 1364 01:06:34,390 --> 01:06:36,250 and just how much to trust them. 1365 01:06:36,250 --> 01:06:39,720 That, then, is security. 1366 01:06:39,720 --> 01:06:41,029