1 of 16

SOFTWARE THAT BYPASSES 2-FACTOR AUTHENTICATION GAINS POPULARITY AMONG CYBER CRIMINALS

CS10�The Beauty and Joy of ComputingLecture #6

Social Implications I: �Privacy

https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html

UC Berkeley

Teaching Professor

Dan Garcia

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (1)

Friedland

2 of 16

10 Principles for Online Privacy

teachingprivacy.icsi.berkeley.edu

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (2)

Friedland

3 of 16

Principle 1: You’re Leaving Footprints

  • Information footprint is not just what you post online
    • Also Includes:
      • Information others post about you
      • Information gathered by online services about you
      • Inferences gained by compiling this information
  • How? IP Addresses
    • Using the internet is like sending a letter in the mail
      • Requires a receiving address and a source address
  • Much of your behavior on devices can be tracked
    • Even information like where your mouse cursor goes

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (3)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (3)

Friedland

4 of 16

Principle 1: TO DO

TO DO

  • Inform yourself!
  • Know that connection data is ALWAYS stored
  • Check your privacy settings regularly!

Your information �footprint is �larger than you think!

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (4)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (4)

Friedland

5 of 16

Principle 2:There’s No Anonymity

  • Information Footprint + IP Address = Identity
  • Nothing is fool-proof
    • Not even:
      • VPNs and other proxies
      • Private Browsing
    • Only getting harder the more technology advances

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (5)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (5)

Friedland

6 of 16

Principle 2: TO DO

TO DO

  • Constantly be aware nothing is anonymous, even when claimed by website.
  • Don’t do anything you wouldn’t do in public!

There is no anonymity on the Internet!

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (6)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (6)

Friedland

7 of 16

Principle 3: TO DO

TO DO

  • Only share what you have to.
  • If you are not sure how the information is used: Don’t share it!
  • Check privacy policies: Opt out if you can!

Information about you on the Internet will be used by somebody in their interest — including against you

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (7)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (7)

Friedland

8 of 16

Principle 4: Someone Could Listen

  • Communications over the internet are not sent directly
    • Bounce from multiple servers until it reaches the destination
      • Message is saved and can be intercepted at each server
  • Messages often intercepted by hacking of login credentials

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (8)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (8)

Friedland

9 of 16

Principle 4: TO DO

TO DO

  • Use strong passwords, keep them private.
  • Computers are fast enough: Use encryption whenever you can!
  • Assume it’s public if it’s not encrypted.

Communication over a network, unless strongly encrypted is never just between two parties

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (9)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (9)

Friedland

10 of 16

Principle 5: Sharing Releases Control

  • Remember: Online just means on the internet
    • Doesn’t mean easily accessible
  • Even information held on safe-guarded company servers are susceptible
    • Ex. 2014 Sony Hack
      • Hacker group “Guardians of Peace” leaked Sony projects, disabled their network, confidential documents, employee HR records, and more
  • TO DO: Be cautious about what information you release into the internet

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (10)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (10)

Friedland

11 of 16

Principle 6: TO DO

TO DO

  • Actively monitor your information footprint!
  • Tools will most likely become available in the future

Just because something can’t be found today, doesn’t mean it can’t be found tomorrow

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (11)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (11)

Friedland

12 of 16

Principle 7: TO DO

TO DO

  • Online actions have real-world consequences.
  • Real-world actions have online consequences.
  • Be constantly aware: There is no difference!

The online world is inseparable from the “real” world

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (12)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (12)

Friedland

13 of 16

Principle 8: Identity Isn’t Guaranteed

    • Phishing
      • How hackers commonly get login credentials
      • Often those unfamiliar with tech are more susceptible
      • Two-Factor Authentication can help

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (13)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (13)

Friedland

14 of 16

Principle 8: TO DO

TO DO

  • Consider the consequences if the person you are giving the information to is not who they claim.
  • Use secondary sources of verification.
  • If in doubt: Don’t share!

Identity is not guaranteed in the Internet

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (14)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (14)

Friedland

15 of 16

Principle 9: TO DO

TO DO

  • Laws regulate what employers can share – inform yourself.
  • Share what you have learned today with your colleagues, friends and family – they are your biggest information leaks!

You can’t avoid having an information footprint by not going online

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (15)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (15)

Friedland

16 of 16

Principle 10: TO DO

  • Privacy requires work!
  • Visit: www.teachingprivacy.org for more information!

Only YOU have an interest in maintaining your privacy

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (16)

Friedland

UC Berkeley CS10 “The Beauty and Joy of Computing” : Social Implications II (16)

Friedland