The Absolute Beginners Guide to Cyber Security - Part 2 | Alexander Oni | Skillshare

The Absolute Beginners Guide to Cyber Security - Part 2

Alexander Oni, Web Developer & Cyber Security Expert

Play Speed
  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x
82 Lessons (6h 23m)
    • 1. Course Promo

      2:11
    • 2. Connect with Me - Cyber Platforms

      3:46
    • 3. Networking 101 Section Preview

      1:03
    • 4. Meet Julian Assange

      1:49
    • 5. IP and MAC Addresses

      7:36
    • 6. Hubs Switches and Routers

      5:20
    • 7. Ethernet 101

      2:34
    • 8. HTTP, HTTPS, SSL and TLS

      6:29
    • 9. The Internet Protocol Suite

      6:47
    • 10. The DNS System

      6:22
    • 11. The Internet and Survival of the Paranoid Section Preview

      1:22
    • 12. Privacy Anonnymity Pseudonymity

      4:38
    • 13. Identity Strategies

      10:37
    • 14. How We Are Tracked Online

      5:18
    • 15. FaceBook vs Cambridge Analytica Scandal

      7:45
    • 16. Exercise How muc data does Facebook have on me

      3:18
    • 17. 5 Places You are Being Tracked

      4:16
    • 18. Browsing Incognito

      3:55
    • 19. Introduction to DuckDuckGo

      6:25
    • 20. Introduction to Brave Browser

      4:20
    • 21. How to Disappear Online

      3:56
    • 22. Introduction to Stylometry

      6:02
    • 23. Annonymizers Section Preview

      0:55
    • 24. Anonymizer

      3:52
    • 25. Introduction to Proxy Servers

      7:19
    • 26. Introduction to Virutal Private Networks

      4:52
    • 27. Types of VPNs

      6:16
    • 28. NordVPN

      7:46
    • 29. VPN Myths Debunked

      6:40
    • 30. Using Tor

      9:57
    • 31. Tor Weaknesses

      5:03
    • 32. Attacking Tor

      4:40
    • 33. The Dark Web

      8:15
    • 34. The Darknet

      3:24
    • 35. Combining VPN and Tor

      5:13
    • 36. Meet Eldo Kim

      1:52
    • 37. Malware Section Preview

      0:46
    • 38. Introduction to Malware

      4:52
    • 39. Viruses and Worms

      4:51
    • 40. How an Antivirus Works

      4:34
    • 41. Choosing an Antivirus Software

      8:34
    • 42. Rootkits

      5:06
    • 43. Securing the Windows 10 Boot Process

      5:27
    • 44. Using GMER Rootkit Scanner

      1:39
    • 45. Ransomware

      8:00
    • 46. Using the builtin Antiramsomware Tool

      2:14
    • 47. Using the CCleaner Software

      7:57
    • 48. Using Bleachbit

      3:50
    • 49. Malwarebytes

      6:35
    • 50. Backups and Encryption Section Preview

      0:54
    • 51. How to Backup Windows 10

      4:26
    • 52. Introduction to Cloud Computing

      9:39
    • 53. Encryption and Decryption

      4:24
    • 54. Encryption with Veracrypt

      9:22
    • 55. Encryption with Bitlocker

      2:06
    • 56. MAC Encryption with Filevault

      0:57
    • 57. Self Encrypting Drives

      0:44
    • 58. Encryption Attacks and Mitigations

      6:02
    • 59. How to Password Protect USB Drives and Folders

      10:46
    • 60. Social Engineering Section Preview

      0:49
    • 61. Introduction to Social Engineering

      10:30
    • 62. Reconnaissance

      8:42
    • 63. Anatomy of a Social Engineering Attack

      8:50
    • 64. The Way Back Machine

      3:43
    • 65. Meet Kevin Mitnick

      1:38
    • 66. Emails Section Preview

      1:09
    • 67. Email Basics, Ports and Protocols

      6:01
    • 68. How to Track Sent Emails

      3:10
    • 69. How to Detect Email Tracking

      2:38
    • 70. Using Guerrilla Mail

      4:38
    • 71. Using Proton Mail

      4:13
    • 72. Phishing Attacks

      5:12
    • 73. Windows 10 Hardening Section Preview

      0:39
    • 74. Patching and Updates

      4:22
    • 75. Turning off ad tracker

      2:29
    • 76. Restricting Cortana

      3:22
    • 77. Turning off Location Tracking

      3:12
    • 78. Turning off Peer Updates

      3:43
    • 79. The Windows 10 Firewall

      2:22
    • 80. The Windows 10 Smart Screen Filter

      2:39
    • 81. Randomizing the MAC Address

      2:07
    • 82. Conclusion

      0:54
13 students are watching this class

About This Class

Take your basic knowledge of cyber security to a whole new level with this exciting course that promises to be educational, informative and fun filled. 

Build upon a basic foundation in Cyber Security with a strong focus on the following core topics.

  • Networking

  • Privacy & Anonymity

  • Malware

  • Email Security

  • Backups & Encryption

  • Windows 10 Hardening

What are the main benefits of taking this course?

I am glad you asked. This course has been designed to provide you with the knowledge and tools to not only better protect yourself against malware but to also prepare you for a career in the cyber security field if you so wish. 

You will learn all the latest techniques used in the world of cyber security today and understand how a lot security technologies work behind the scenes.

In this course you will learn the following practical skills

  • How to use a proxy server

  • How to setup and use a virtual private network

  • How to use Tor to access the dark web anonymously

  • Best practices to browse the internet securely and privately

  • How to set up a firewall

  • How to use a rootkit scanner

  • How to encrypt your emails

  • How to track emails you have sent and also how to detect if you are being tracked

  • How to use 3 major anti-malware software products

  • How to completely harden the Windows 10 operating system

  • How to backup and encrypt your hard drive

  • How to choose the right anti virus

  • and much much much more

You will also learn how to use a wide variety of software to improve your security game and these include:

  • Virtual Private Networks

  • Kaspersky Antivirus

  • Bitlocker

  • Proxy servers

  • Bleachbit

  • Tor

  • CCleaner

  • Protonmail

  • Duckduck go

  • Brave Browser

  • Ugly Email

  • Mail Tracker

  • Nord VPN

  • GMER Rootkit scanner

  • Secure Boot

  • Veracrypt

  • Filevault

  • Guerrilla Mail

  • Comodo Firewall

  • Lastpass

 Jobs in Cyber security are plentiful and this course will help prepare you for entry level roles by providing you with a solid set of skills to build up on.

* PERFECT FOR BEGINNERS *

You don't need to have a background in cyber security though any sort of prior knowledge would be beneficial. This course is designed in such a manner that as long as you know how to use a computer and the internet, you will be able to understand and apply everything you are taught.

Content and Overview  

Suitable for non professionals and students with a basic understanding of cyber security. In this course of nearly 100 lectures and almost 7 hours of content, you’ll learn all of the core cyber security fundamentals and develop a strong understanding of how security and privacy can either be maintained or deprived from a user. Each chapter closes with a section review highlighting the core points raised in the section.

Starting with Networking 101, you will learn the basics of networking including what the TCP/IP protocol suite is and how the domain name system works.

With the basics of networking mastered, you will be ready to jump into the course proper with the following section where you will begin to learn about privacy and anonymity. You will learn how advertisers and websites are able to track you online and what you can do about it.

You will then move on to a more advanced section where you will be introduced to Anonymizers. You will learn how to work with proxy servers and how to setup and configure a Virtual Private Network. We will also explore how to use Tor to access the dark web as well as the pros and cons of using anonymizers. By the end of this section, you would have learned techniques and skills that you can use to secure your privacy online.

Section 5 covers malware with a special focus on viruses, rootkits and ransomware. You will learn how these various forms of malware can affect you plus you will also be introduced to a variety of anti-malware software that you can use to fight against malware.

We will then move to discuss about backups and encryption. You will learn about cloud backups as well the advantages and disadvantages of using this type of technology. I will then show you how you can back up and encrypt your hard drive and sensitive files.

Section 7 covers one of the most interesting aspects of cyber security - Social Engineering. You will learn about the different tactics employed by social engineers to extract important information without using any technical skills. We will explore how hackers exploit human psychology and fool their targets.

Email security will be covered in the very next section. Emails are a fundamental component of our daily lives and you will learn exactly how emails are sent and received behind the scenes. You will learn how to track emails and how to use mail services like guerrilla mail and proton mail.

In the final section of the course, you will learn how to harden the Windows 10 operating system against malware. Windows 10 by default is vulnerable to malware but with a few adjustments, you can make it far more secure and you will learn this tricks in this section.

Complete with resources and section reviews, you’ll be able to apply what you have learnt in this course either at home or at your place of work and will receive a verifiable certificate of completion upon finishing the course.

Take control of your privacy and security - Enroll Today in one of the very best cyber security courses you will find online.

Transcripts

1. Course Promo: welcome to part two off the absolute beginners guy to cybersecurity Siri's My name is Alex , and I will be your instructor. Now, if you're watching this video, I'm going to assume that you've already enrolled in completed part one. If you haven't and you don't have any background knowledge of cybersecurity, I would highly recommend you and rule and finished up cause first before you in wall here in part two. So here, in part two were taking turns to the very next level. In part one, you really learned about the basics of cybersecurity. But here, in part two, you're gonna learn real practical walls, skills that you can apply either at home or at your place of work. So what exactly are you gonna learn here in part two? We're going to start first by learn about the basics of networking. You will learn about the TCP I P political suit and also the Vienna system. You'll don't let about privacy and anonymity. You will understand how companies track you online and how you can prevent that from happening. Well, don't take a very special look at VP ends and demises and proxies and how you can use them to preserve and ensure your privacy while you're browsing online. We'll also take a look at mall way and how you can use a wide curative. And Malbert, used to fight against Paris is in other forms off malware. You'll don't learn about the dangers of electronic e mails and how you can stay safe while sending or receiving emails. You will also let other practical skills just how to back up your computer, how to encrypt your hard drive and also how to pass. Protect your USB drives. You will learn about social engineer and you'll learn about fishing, reconnaissance and also about the way back machine. And they will also be a very special section dedicated to teaching you how you can harden your understand open system against embarrasses and mount, where by the end of this course you'll have gained a tone off practical cybersecurity because you can apply. It's a place of work or at home. So when I went in for in Mall Today as that learning real practical Cyrus go to skills I hope to see on inside and I'll talk to you soon. Bye bye 2. Connect with Me - Cyber Platforms: so welcome to this very special video. And yes, I know that I do look very different from some of the other videos that you may see in this course. But that's because this coast was made a couple of years ago. And, as you can imagine, with cybersecurity there a new technical just coming out every time and in an effort to keep the course updated and ensure that you get in the best information, I do have to go on updates. Now this particular video isn't about an actual lesson in the course. It's more about ways how you can connect with me outside off the platform where you may be taking this course in. So essentially, I would like to invite you to connect with me outside off the educational platform. And if you're on LinkedIn, I do have a London account. My name is Alexander Bony. That's me right there. You can send me a connection requests, and please just mention that you are a student of mine and I'll happily accept your connection. I also have a page on it linked in a brand new page. It's called Lab Cyber. That's actually the name off my cybersecurity Educational platform lab cyber. That's the logo right there. So I do have a page on lengthen out, encouraged to please follow the page on later. Because I do update and provide lots off news regarding cybersecurity in general. So if you go to send me connection request only, then please also follow the page lab Seiple on Lincoln as well. I do have my page on Facebook, Lap cyber as well. So if you do have a account on Facebook, it's actually ah, love cyber training. But you can just sit for lab cyber on the sidebar. Andi, I believe you will find the link for you to follow now. Very, very important. If you do have a page, I'm sorry. An account on Facebook. I would encourage you to join the group. I do have a very special are private group. It's called the Cyber Monks. So I would encourage you to follow or join a group at least that where you can reach out to me a lot faster, a lot easier. Plus, you can also learn from other students who are in the group as also anything cybersecurity relate head are we discuss it in that group. Now, when you try to join, you will be acts. Two questions first is you'll be execute from that you have purchased one of my courses or that you enrolled in anyone. One, of course, is say yes. And then, please, the second question you'll be asked. Okay. Name one of the courses. Please ensure that you answer these two questions. If you don't, there is a possibility that I might not let you into the group. This is just to ensure that you are who you claim to be, because I don't people from outside who haven't and all that any of my courses to join the group. So it's not the most effective way, but at least it does help in in a certain way. So please do ensure that you answer those questions. And finally, I do have a brand new YouTube channel. It's called Lab Cyber Brand new. I just publish this channel about two days ago, so they consider. Right now it's still new. Only have three videos, but by the time you watch in this particular video, I might already have probably will have already are some other videos in there is also, if you if you want to learn more about cybersecurity because there's just so much so much happening in seven security, it's hard for me to make a course out of it. So I have referred making videos on YouTube and just to explain to you what's going on and things like that. So if you're interested, it will help encourage you to subscribe to the channel and also hit the bell S O that you notified whenever I upload a new video. So that's basically it's you can connect with me on LinkedIn, Facebook and YouTube. So that's a thank you so much. Now let's continue with the vest off the course. 3. Networking 101 Section Preview: Well, hello and welcome officially to the very four section here. Networking 11 Now I know what you think. It you enrolled in his cybersecurity course. Why are you learning about networking? Well, you see it? Networking in cybersecurity go hand in hand. Pretty much anything involved in cybersecurity world involved in networking either Directly , indirectly. So to have a proper understand off cyber security concepts, you do need to have a foundational knowledge off networking. So in this section, I'm gonna teach you about the most important topics on the network in such as the d N A system the TCP I people to call and also infinite 11 You will also and about the most important protocols, such as http https and S s l. But before we get started, let's take a minutes. You watch this documentary about one of the most controversial figures in the world of cyber security 4. Meet Julian Assange: meet. Julian Osanai, Julian Paul Assange Change and Australian comforter programmer came into international attention in 2010 when Wikileaks, a website he founded, published a series of leaks provided by chills a man in a former United States Army soldier . Among this leaks included the now infamous and damming collateral murder video that showed American soldiers killing unarmed Iraqi civilians. I'm all up. Following leaks, the American government launched a criminal investigation against Wikileaks, a sand who had already been released on bail. After surrendered himself to the UK police breached his bail and absconded after fearing he could be extradited to the United States. He sought refuge and was granted asylum at the Ecuadorian Embassy in London in August 2012 and has been there ever since. During the 2016 U. S. Presidential elections. Wikileaks and astonish once again Boston to attention when they released e mails sent and received by Hillary Clinton. These e mails have been stalled on a private server used by Hillary Clinton when she was a secretary of state. It is believed by some that the strategic release off these e mails may have helped Donald Trump win the election What do you think about it? In a sandwich? Is he a hero or a traitor? A libertarian. Oh, a criminal. 5. IP and MAC Addresses: All right, So let's first talk about Mac addresses and I p addresses. Now put a show you fit oven. I peer just before every time you browse your church connected Internet, you would always need to use an I P. Address. So I'm sure you've heard of I p addresses. But what about a Mac address? You may or may not of head of one, but let's jump right into it by first talking about the I P address. Now I p if you've ever wondered what that is, it stands for Internet protocol, and all you need to know here is that the Internet Protocol is basically a set of laws that govern how computers browse on the Internet. Now, that is, this is a very, very lay man, very basic explanation of the whole concept. But that's all you really need to know about the Internet protocol. Now an I P addresses assigned whenever a device joints a network to make the device traceable. So whenever you connect your laptop or your mobile device to the Internet, your device will be assigned an I P address. And the old idea here is just to make sure that your device can be traced. Okay. Ah, this person is browse and film the United States. It's 1000 film Germany. It is the I. P address will be used to track entries Your computer, your device which whichever one you're using to connect to the Internet. Now there are two types of I p addresses you have the EPA vision for and you have the I P version six. I will show you examples of that a little bit later. One very important thing you need to understand about I p addresses is that if you browse on the Internet together, browsing and you're connected using a rata, it is the I P. Address off your voter that will be made visible to the Internet. So whenever anyone is trying to trace you, they will find the I P. Address off your router. It will not be the i p. Address off your own device itself. Because what happens here is that whenever you connect via a router, your daughter will provide you with a private rate i p address. That's basically how it works. So the I p address, whatever. It'll be the one visible to the Internet while your own I p address of your computer or your mobile device, your laptop, whatever it is reason to. Bills will be assigned a private i p address by the voter. And of course, if you directly connected to the Internet well, it is their pictures off your own computer that will be made visible to the incident. So basically, whenever you browse, you want to go through a lot of it provides an extra layer off security. That's kind of the whole idea behind using vouchers for protection Now Mac address first things first. What exactly is Maxwell that stands for Machin? Access control sounds very robotic. I know there is nothing sexy about a Mac address. They're basically unique serial numbers and saying to every network adapter when manufactured. So unlike I P addresses, that can be changed depending on the network. When the device joins the Internet, MAC addresses are assigned whenever that network adapter is built. These are physical physical numbers assigned to near took adopters, and they're meant to be unique. Okay, now Mac addresses are typically used to direct traffic or direct data from one device to the next. As data travels on a nettle, that's all are basically marketers they're used for. The basically used to track different devices on a local area network so that the network knows that. Okay, this particular data is meant for Computer A. This one is meant for Come Toby by simply using their Mac addresses. We'll talk about this a bit more when we talk about switches and voters now finally, are a Mac address cannot be hidden. Okay, I appear just can be hitting by using VP ends, and we'll talk about this a bit later. But the Mac address You can't really hide the Mac ages, but the thing about the Mac addresses that they're not as important is I p addresses. I pages are far more important, and these are usually what hackers would go after Mac addresses. That kind of like OK, well, it's good to protect the Mac addresses, but then you can't really hide them. But at the same time, Mac addresses don't travel beyond the local network, so the Mac edges off your computer or your device is not really exposed to the Internet. If you understand what I'm trying to say here, so Mac addresses don't believe, bother about them. They're not too important. But then again, it's always nice to know what they are and how they differ from unhappy address. All right, So before I round up this video, I want to show you how you can get the I p address or few advice as well as the Mac address or of your network adaptors. Now I'm on. Understand what? You want to do it. They're supposed to Windows key and are This would give you the run command. And I'm gonna type in cmd press enter And from here right now and just go ahead and expand my command window, I'm gonna type in the words I p config ford slash Uh, Okay, press enter. And now what you're gonna get here would be the i p addresses, and the mac addresses off all the network adaptors on your computer right now. Them to show you what I have here. First of all, now, over here, I do have let me just school old way up here. All right? What do we have? I have have my infinite adapter. Ethan, it right here. This is the network adapter for my physical connection. If I if I was going to use a cable, you can see right now that I do have the physical address right here that the Mac address off my infinite adapter. Right now you can see I don't have any I p Vision four provisions six. Because I am not using it to bows. But if I scroll all the way down here, But I have my wireless Lana data y find is autumn reason right now to browse, You can see it's the Qualcomm Mackerras QC a 61 X For a while, it's been took a doctor. This is the physical address, the Mac address off my wireless adapter. And right now you can see that I do have an EPA vision six. Because that's what these rebels in you can also see. I do have the i p. Vision four address as well. So this is the I P. Vision for address assigned to me by my router. Okay, this is the local pie. I've eight iPad Just at that. I'm using right now for my adopt up. And of course, if I school all the way down here as well, you can see I do have another one of the Ethernet adaptor Bluetooth, and you can see this is the physical or the Mac address as well. So this is one way how you can find out to the Mac addresses of all the network adaptors you have. Keep in mind, it wants a game that Connecticut that adopters would be things like your Bluetooth adapter , your wireless adapter, your Ethernet adaptor and so on. And so, for all of them will have their own unique Mac addresses. And whichever one you're using to browse will have your vision for as well as the I P Vision six. You can see how the I P vision six eyes different from the I p vision for it's a lot more complicated has a lot more digits than, um, provisions for. So that's basically the Mac addresses and I p addresses and not show. If you have any questions about this, feel free to reach out to me thinking fortune. And, of course I will see you in the next class 6. Hubs Switches and Routers: All right. So welcome to the very next lecture. And here we're going to talk about hubs, switches and routers. Now, I'm pretty sure you have heard of the term a router before. Most positive about that. You may have heard of a switch before, but ah, Hub. You may or may not have heard of a Hobbit before, but basically all these are used for connecting devices and networks together. They're basically networking equipment. That's all they are really Now. They, of course, have ports for wires that do the physical connection. So typically you would connect one end of a cable Teoh hub, and then the other end would go to the device. Whether it's a laptop server, what have you. And of course, we have switches and routers that also have wireless connectivity as well. Now, what exactly is the difference between these devices? It's do intelligence levels. It is the intelligence levels that is the chief difference between these three devices. All right, so what I wanna do right here is to give you an example of how hubs switches and others would work on a network. Now, over here, you can see we have a hub, and then we have three devices A, B and C on the local network. Now imagine a message, Kim, in full computer A and it passes through the hub. Now you think to yourself Well, the hope will just simply take the message and give it to device A. Unfortunately, hubs kind off stupid. They're not intelligent, but also, what they're gonna do instead would be to give that message to every single device on that local area Nettle because the heart doesn't know which one is device eight all it is a civil devices connected to it. That's all it knows. So in other, for the hope to guarantee that the message will get to the device A. It will send out the message to every single device on that network. So basically, the priest looks basically, this results in very heavy performance issues. He basically performances degraded, because what happens is you have systems such as system be your system. See, right here in Bagram, they end up receiving messages not meant for them. So basically the hope that stops them saying Hey, hey, device be or whatever you are, is this message is this message meant for you and in device be has to say no, it's not for me. It's for device A. You're such an idiot. I'm Device B and the public. Okay, I'm sorry. Well, I don't know. You know what your name is? I'm just sending out messages, okay? Don't hate the messenger. Hate. The message is basically what the hope will tell all the devices connected to it. But basically, that's how the hope operates. It doesn't know what devices are connected to it. It's a politics a message and then broadcasts that message to every single device on its own network. Now, let's compare this with a sweet shorter. Now, these are far more intelligent than someone defense than hub. So in the same scenario, if a message comes in four system A or device A This which order Votto would know that. Okay, this message is actually meant for device ace. I'm gonna go ahead and give that message to device A. So what you have here is you have much more improved performance. Efficiency is increased because right now, systems that are sentiments to be saved messages would not receive those messages. It's all of devices or systems that have a message for them. Those are the ones that will end up receiving that message. So overall switches and routers are far more intelligence. They're far more effective then. Our hopes hopes are just stupid, basically. So now that you've seen the major difference between hubs and switches and routers, let me now try and differentiate between switches and routers. What are the core differences between these two devices? Well, a switch is physical, used for transmitting data or information amount if ices on a local network while a router is used for Felton data among networks, so basically the voter is used for connecting networks together, think of it outweigh while a switch is used for connecting devices inside of a network together, that's basically the court difference here. The 2nd 1 here is that switches use Mac addresses Wild Walters used I P addresses. So that's another core difference between the two. Switches will use Mac addresses to do the switch in, but as we use I P, addresses for the are out. And finally, which is, of course, the main differences of outers are far more powerful and to provide additional features such as our file protection as an example, as which is just a very intelligent hub. It's which will help you transmit data between devices on the network. But that's about what a switch can do that doesn't get her hand a formal powerful and can do so much more. So these are the difference between switches That route is on. I hope overall, you now understand, are the core differences between hubs and switches and routers on what exactly they used for as always. If you have any questions, feel free to tell to me Thank you Fortune. Let's jump on to the next the next class. 7. Ethernet 101: Let's talk about if Net not Internet, but if in it and you might have heard of this term before. But what is it and what does it do? Well, if in it is the protocol, the determines how data is transmitted in a local area network, it's also technically refer to as our Tripoli 802.3 protocol. So even impress your friends or your family rather than say, if you just say actually eight or 2.3 protocol and they'll think you're some sort of genius , so they are used widely in offices, banks and in homes. So whenever you walk into an office where you have computers connected to one another through maybe a switch and then you also have print has which the competence can use, that's basically a local area network. Now you have a wide every network, which is much bigger. In this case, you might be talking about connecting the network off one building in one part of the city to another building that's just around the same place in that same city, right? That's basically what the white eminent work is. A local area network is a lot smaller than a wide area network. All right, so most laptops and PC's do come with integrated Ethernet cards. If you have a PC or a laptop, you very likely have an infinite card inside of it. So what are the network requirements for? If it well, you need computers and devices like a printer, computers are. You need even the cards and ports, like another 45 port hopes that switches cables, obviously, and finally, you need a software to manage the network. So it's a very simple kind of network with all of those devices. So what is the process like, how those Ethan it actually work? So let's say, for example, device A wants to send data to device be. What is gonna do is it will check to see if the carry another carry in this case is the main. Why connecting the devices? It's gonna check if that career is free. If it's free device A will send a data packet on the network, and obviously device be would receive the packet. Now, if no device A would simply wait for some thousands of second before trying again to send the packet. So this is a very re simplistic explanation off. Definite in action. You can obviously go a lot deeper and a lot more technical. But for the purposes of this course, this is all you need to know about Internet. Thank you for watching. I will see in the next class. 8. HTTP, HTTPS, SSL and TLS: next list like a belt. Http. Https SSL anti l s So many acronyms, So little time. Oh, boy, H t t p. Will this tense for the hypertext transfer protocol? That's basically what HDTV stands for. It defines how messages are formatted entrance meted over the Web, but not just that. It also determines what actions, Web service and browser she'll take in response to various commands. So, http, basically is the model off all protocols involving the World Wide Web. It's basically behind every single request. How request a handle between Web browsers, Web servers and so on and so forth. Very, very important protocol. So how, exactly those H t t P work? Well, the first thing you have to understand is that every Web server has something called a demon. The Damon is a program that is designed to which specifically for http requests and then handle them when they alive. That's the job of the Damon. Now your Web browser, whether it's Firefox or Google, chrome or safari is what we call an http client, and they make requests to the Web service on your behalf. So when you enter the euro off a website looks. If example are www dot spots dot com, or you click on a hyper link on the website. Your brother will build an http request and send it to the I P address indicated by the U. R L that you've added to the Plaza. All right, now the age to dip it, Damon in the Distinction seven mission will receive your request and send back the requested file or files associated with your requests. So that's basically how HDP works in a nutshell. Now H T T P s. It's hypertext transfer protocol secure. This is the secured version off H T T. P. So basically, it's secure because communication between your Web browser and the Web server is encrypted . Very, very, very important. And this is a most for websites were sensitive information like passwords, credit card details I exchanged. Never, ever provide your past ward or your credit card details on the site that doesn't have https , and I'll show you in just a second how you can check to see whether or not this site has https winning on it now for https to work encryption Most implemented and it's implemented . Making use off TLS or S s air. That's how encryption is implemented in https. So SSL What is this? This stands for the secure sockets layer, and it establishes an encrypted link between your Web server and the browser. That's what it does now. Your Web server requires an SSL certificate to be installed on it. So if you have a website and you wanted to establish a securing between your observer and any browser out there that wants to have any sort of access to your website, you need to install an SSL certificate right. This certificate will serve us proof that your website is secured with SSL, but it also has an expiry date. So any time a brother from around the world tries to access your website, it will check to see if the certificates has expired before completing the connection. So if you have a website out there, it's very, very important that you have an SSL certificate. Heaven and SSL certificates will prove to the pistol of your on your upside Debts hate. My website is secure. Don't worry. You can provide with passwords, credit card details. It's all encrypted now. TLS stands for the transport layer security ends basically the success or two SS L and being the successful. Naturally, it's more advanced and offers higher degree of encryption and security. So SSL is becoming a bit more dated. TLS is the new kid in town. They should also know that SSL and TLS are used interchangeably. So don't be too confused when someone mentions this a sale when in fact, my friend to TLS, they basically used interchangeably all the time. So not to show you https and action as well as http, so one very quickly. How you can find out whether or not a website is secured with https is to pay attention to these taters over here, where you have secure with the green padlock taken. See, it's https. This is Amazon. So if I click on secure it, say's your information. For example, passwords or credit card numbers is ply vite when sent to the site, so you can see this is the indication right here that https is active on amazon dot com. However, if I go to ABC News, shame on them. This is a major website, and they still don't have https. If I click on the I button right here. Okay. It's a Z. Your connection to this site is not secure. You should not enter any sensitive information on this site because it could be stolen by Attackers. So it's really mind boggling how in 2018 there were still many major upsets out there that haven't implemented https. It really is a shame. So if you have a website out strongly recommended to get SSL not all of those who provide security for your clients, but it actually helps with your are boosting in the Google search engine, the Google search engine and other majors. Such engines give you extra points when they know that you're one in https on Europe. So that's a fact. Now, to get as a self certificates, usually most good Web hosts out there will provide you with a free SSL certificate. I use side Gun is an example, but if for some reason your Web holes doesn't provide free SSL certificates, you can go to Let's encrypt that or this is one of the very best sites waken get ah, free SSL certificates. So that's it. Thank you for watching if you have any questions about this to let me know. Thank you for watching and I'll see you in the next class 9. The Internet Protocol Suite: Now let's talk about an extremely important topic in the world off the Internet, and that is the Internet protocol suit. So what is this Internet protocol suit? Well, it is the conceptual model and set of communication protocols used on the Internet. It provides and ended a communication specifying how data should be privatised, addressed, transmitted, voted and received. So, in other words, it is responsible for data. Whether it's an image on audio, follow a video file, send former host to a destination and vice versa. So whenever you go online and you upload, Ah, videophile or you download an audio file, all you send an email, basically anything you do on the Internet or whenever you communicate with another computer . Maybe you sent some files over your local area. I talked to another computer. That entire process, the entire process off data living your computer, going to another computer. The entire process is covered by the Internet Protocol suit. That's the best way to think about it. All right now it is commonly referred to ask TCP i P the two foundational protocols off the Internet political suit. TCP stands for transmission control protocol. I P stands for the Internet. Political will talk about this to in just a minute. Now. TCP I p is divided into four main layers. You have the link lee At the bottom. You have the Internet layer transport layer, and finally, the application layer. These other four men layers off your Internet Protocol suit. Now the link. Leah. It is Louis Leah in the TCP AP Architectural. Now what you have year, our communication protocols that on Lee operate on the link that a host is physically connected to. So think about this for a minute. How is your computer connected? Is it connected via wireless? Maybe. Is he connected with a cable? Maybe it's connected with an HD HD, my cable or some sort off Ethernet cable, and so on and so forth so the cans of protocols would find Here. Include your Mac, your media access control, which remember, is the number saying to your network adapter your physical antic adapter. You have Ethan it as well, and then you have I Triple E eight or 2.11 which is the technical term for WiFi. So these are the kind of particles that exist at the link Leah. Whenever protocols help to attach, link your computer to a network or another computer that is covered by the link layer. So next we have the Internet layer. Now this handles Internet walking between networks. So whenever you're transmitting information or data from one network to another, that's when the Internet lier takes over. Now, contrary to popular belief, the Internet Leah is not responsible for a reliable transmission. You might think yourselves. Hey, okay, since I'm sending data from this network to another and the INTENTLY is responsible should on the Internet Leah account for the label transmission, the answer is no, and I will tell you the layer that is responsible for this in just a minute. But what is the Internet layer responsible for? Well, it captures data pockets and sends them to their public transport. Leopold A Call. It also provides able detection and diagnostics. So whenever there is a problem transmitting for transferring data from one network to another intimately, it was responsible for daggers and what happened and provide analysis. Now the summer protocols include your I P I, P vision for an APP version six and your ICMP. The Internet control message protocol used for aerial detection. These are the two most popular protocols that exist in the Internet. Layup Next is going to be the transport layer layer number three. Now these handles host to host communication. So for me, complete another computer from the network to another network. This is Les that handles such communication. Now it is transported that is responsible for reliable transmission. It's also responsible for flow control and prevents congestion so that whenever you're transmitting data from monitor to another, too much of that is in transit at once. It's basically the just believe, responsible for making sure that you don't have any congestion. Now the core protocols in the chest, Malia, are TCP, which we talked about and you dp. These are the two main particles that exist in the transport Layup, The last journalist. We have the application layer. Now these handles that exchange between applications. That's all this layer doors. And of course, it makes use of specific protocols in the layers beneath them. So say, for example, your G mill service, for example, operates in the application layer. Filed Love, which is a software for downloading files over the Internet, can exist in the application layer and so on. Answer for your Web browser, as all these exists in the application layer. So some protocols would include your eight city P, which is used by a Web browsers you have as a cell for providing security as well. You have FTP for downloading files over the Internet, and you also have s MTP Simple message transmission protocol, which is used for e mails and every sent emails over the Internet. These are the kinds of particles that exist in the application layer. Now two runners up honor to share you an image I got from Wikipedia. Here you have a network topology describing the Internet protocol in action. So you have, ah, host a it company A on the left, and then you have computer be on the white and they're too loud says in between them. So if Coast A wanted to send, let's say, an e mail, for example, to course to be first of all, host a needs to be connected to the Internet light. So first you have the link Leah, which in this case will be Ethernet connecting host A to the Internet next since host a is sending an email overnight over the network. The Internet layer comes into play because now you're transferring information from a computer to another commenter to another network. Basically, next will be the transport layer responsible for the actual transmission. Off the data from Host A to host be. And then finally you have the application. Elliot G. Meal, in this case right now being used to send the email from Host A to host Be So this is kind of like an idea off how the Internet political suit works. So if you have any questions about these, sure to let me know you can ask me questions. I'll be more than happy to answer them. I think it's much fortune and of course I will see you in the next class. 10. The DNS System: before we conclude this section, let's talk about one final topic, which is the Almighty DNS sister, and I'm pretty sure you might have heard of the term before. DNS. But what exactly is this? DNS? Well, it stands for the domain name system, and it's responsible for translating domain names into I P addresses. So say, for example, you wanted to go to w w dot Alex dot com. DNS will translate w w dot Alex dot com into one a 1.43 that one into the 45 What am I talking about here? Well, you see Web servers where? Brows as they don't understand names like Alex. Not calm ESPN dot com CNN will come. They don't all they understand our i p addresses. But now imagine if letter than typing into the domain names. We had a typing The I P addresses off such websites. Just how difficult without be forced a lot of time memorizing I P addresses instead of domain names. So what happens here is this. When you go to repertoires, any type in www dot Alex dot com, a press enter, it is DNS that will translate that domain name into an I P address that the job off the DNS . And that's why it's so important. It's basically the phone book off the Internet. That's basically what the DNS is. So the DNS delegates the responsibility off a sign in domain names and mapping those names to in an Internet resources by designating authoritative name service for each domain. In other words, the domain name system isn't just one big central database that has all the list of the websites and, ah, correspondent I P addresses. No, you have several server several data service scattered all over the world that can help you map i p addresses to domain names. So, of course, this helps to avoid having one large central database. Imagine if if the Dennis was just wanted, the base and it field will all be in trouble will not be able to browse. So the dentist servers they walk in and heavy vehicle structure of ever important. At the very top of the structure, we have something called the root name service, these guys extremely important. Now they are responsible for returning a list off the authoritative name servers for each top level domain. Remember that every website you visit has either dot com dot edu dot biz dot or and so on and so forth each off those top level domains dot com that it do they have one major DNs ever that help that has the least off all the websites and the I P addresses under that specific domain right now, they are also that is do with themselves. They are also the first stop in resolving domain names into I P addresses. And every DNS server contains a list off the root servers nowadays. Is that going to explain to you the entire concept off DNS and how it works? So step number one, Let's say, for example, you're trying to access your company dark home. What's gonna happen here is that you go to Firefox workroom. You type in your committal. Comey, press enter Yoba. Broza is going to contact the d n. A server for your I s be asking. Hey, can you help me find the I P address for your company? Telkom? If this is the first time you are accessing this website, it's possible that your eyes bees Dennis ever will not know the I P address So what's gonna happen? Your eyes piece Dinner service going to contact one off the wood DNS service. Remember that every single Dennis ever has a list off all the root DNS servers. So is gonna contact with Dennis ever saying, Hey, can you help me find the i p. Address for your company, Telkom. Now, the wood dinner server isn't good to know. The exact I P address for your company will come. But do you know what they were? Dennis ever knows It knows the top level, Deanna. Several specifically full dog comb. And remember the top leveled in a service Fourtou, com or the base or dot ET You are going to have the entire list off all our I P addresses and the domain names that correspond to those I practices under that specific. I don't mean all right. So they would, Unless it was going to say, hey, here is the contact information for the top level Dennis of aforethought Corn. Ask him and potential. He will know the i p address for your comp intercom. So step number five your eyes business. If it will now contact the top level dinner seven for the comes. And hey, can you help me find the I P address for your company will come and says this is the top level, Dina. Seven photo comb is that we're gonna have the i p address for your company becomes so the top level Dennis I was gonna say OK, well, here's the I p address for Gil Capital calm. So your I asked. Is this ever going to say thank you very much? I've got in the I p address, then your s business. It will not give the appropriate app address back to your web browsers. And hey, here's the I P address for your company and your common. That's how you ableto access your company stock home Now that your eyes business ever knows the i P address for your Continental calm, it is going to cash. That knowledge is going to cash that I p address. So the next time you're trying to access your company, they'll calm, vital and go through the entire process again. Your eyes basically going to check its cash table and see whether or not you're coming back Almost access. Basically, since it was access recently. Your eyes space, Dennis a will say, Oh, here's the I P address and it's gonna be a little faster flee to access that website. That's why sometimes you may have noticed that when you visit a website for the very first time, it might take a while. But the next time you visit that website is gonna be a lot faster. That's because off what's just happened. He has explained it. So that's it for the DNS. If you have any questions about this, feel free to let me know. Think of fortune and I will see you in the next section. 11. The Internet and Survival of the Paranoid Section Preview: welcome to the new section, the Internet privacy and its survival over the paranoid. Now, just like you, I love the Internet. With the incidents, we can pretty much do anything. We can interact with our family and love members. We can buy things we can do a sharp pain. We can study, do lots of things on the line. Unfortunately, despite a lot of the convenience that the Internet has provided us, we've also lost something very essential. And that's our privacy. You see, lots of companies are able to track us and they able to track whatever we do online. They pretty much know what we spend our money on. They know where we go to, and there is even a joke that advertising companies know us better than we do ourselves. So basically, in this section, you're gonna learn exactly how companies track you. Whenever you browse on line, you're gonna understand the concept of cookies and also how these companies are able to advertise potential services and products that you might be interested in. But more importantly, you're also gonna learn exactly how you can fight back. What kinds of tools can you use to ensure your privacy? Whenever you girls on light, you excited? Let's get started 12. Privacy Anonnymity Pseudonymity: Okay, So before we jump into the actual lectures in this particular section, I need to explain to use some key concepts and some key technologies, which we're going to be using throughout the duration of this particular section. And we're talking about privacy on anonymity and sued enormity. It's very important that you understand what these three concepts are now. Privacy. What, exactly? It's private civil. This is the ability to protect valuable and sensitive information medical records, credit card information, things like that, but also ensures that your personal information is collected, processed, used and destroyed in illegal and fair manner. So privacy is not just about making sure that no one can have access to your records. It could also mean that you're actually allowing some organization like a hospital, for example, to have access to your medical records. But in return, you expect them to not share your medical records with thought parties and whatever they use your information for, they use it in a legal and fair manner. So that's a deep explanation of what privacy actually is anonymously, on the other hand, is basically keeping a user's identity hidden. People do things online, but we don't know who they are. That's basically what are now limiting is being anonymous. So actions carried out cannot be tracked back to the user. This would be the ideal conditions off our non emitting where you do things, and no one can trace those actions back to you. This is obviously a hackers dream. Hackers do all sorts of militias, things online. So if they can remain anonymous, well, that is exactly what they strive for. However, these can never be guaranteed. It doesn't matter what systems the user is owned or how good user is. You can never guarantee anonymity 100%. There is technically, always away how someone's actions can be traced back to that particular person. Now a pseudonym. ET is the near. And in most states where a user has a consistent and it's fire that is not the real name, basically a pseudonym. That's what pseudonym ET is. So in such systems, the real identities are available to administrators. A classic example would be like the hookup sites, so you know you have lots of users who go in there and create user names like Ah, Big Jones, 69 Big John six, and that's gonna belong to some person out there. But obviously, Big John, 69 is not his real name. That's his pseudonym, however. Here's the thing. When Big John signed up to this particular hookup dating sites with the name Big John, 69 he had to reveal some real information about himself. Maybe he used, he would have had to maybe use his real email address or something like that. So the actual real identities off such users are known to the system administrators off such systems. People who own such systems will still have access to the real agencies off such individuals. Now there's a very special concept here, which is the pseudo anonima t Ok, now this one is the appearance, but not the reality. Off anonymity on line. What am I talking about? Basically enables and in most posted without the need for an identifier, it's Sudan in. So such a system would allow anyone to come in at any time liver comment without having to use either the real name or even a pseudonym. It's a completely ah blank way of just making comments, and government actions are online. However, like I said, Elia Anonymous. He can never be truly guaranteed because users can still be traced through I p addresses and are generally required to provide some sort of idea whenever they sign up to such systems. So, really, at the end of the day, you can never guarantee anonymity 100%. So that's it. Hopefully, you now understand what privacy is. What anonymity is. What's unanimity is, and also pseudonym ity as well. It's always I was Medical visit between Sued Enormity and pseudo anonymity album always kind of confused whenever I talk about those two things every thank you for watching, I will see you in the next class. 13. Identity Strategies: Now let's talk about a very interesting topic that I personally feel people don't talk enough about. And that is our own line identity or identities. Now, why is this important? Well, Chris Better, who is a very popular etiquette or said that in the future your digital footprint will carry far more weight than anything you put on a resume, and this is absolutely true. So there are key questions we need to ask ourselves today right now. What do we do on line? What kinds offsides do we visit? Can our actions today affect us in the future? Who do we follow? What do be like on social media? So a post to be right to date and then be positive Facebook. It could potentially affect their chances of being elected into office or getting a job six months from now a year from now, because we have our digital footprint. So it's very, very important that we think twice about the kinds of things we invite on Facebook, on social media, the kinds of people we followed, the tens of pages, a bill like it is crucial because further down the line, we never know what might happen tomorrow. We might want to get a job in a particular company that we may have written something about negatively in the past or Ramona one for political office or things like that. So it is very, very, very important that we get stopped views to adjust to protect us whenever we go on line. Now, for my experience, we generally tend to have two personalities. Most people tend to have two personalities online we have on this professional. And then there is one that is the more personal are kind of our profile on line and only show you an actual example. Take a look at my two pictures right here on the left. You can see me. That's my Facebook profile picture. I'm holding the glass of red wine, smiling and you can see a moment a T shirts that showing all my muscles and then to the right, you can see my LinkedIn profile picture. That's me right there with my white well pressed Ah Teoh, a long sleeve shirt and then my black tie, my large looking, all very serious and, you know, formal. So most of us tend to have these two different kinds of personalities, one that's for the LinkedIn. And then you know what? That's for actual Facebook or Twitter or what have you. But with that being said, it is very important that we adopts views toward strategies to protect us online. And I have identified five main types off strategies. Everyone on the Internet adopts at least one off these kinds of strategies. We have the open strategy, avoidance, persona, compartmentalization, and then finally, the selective or the custom strategy. So what exactly are these different kinds of strategy? While the very 1st 1 is the open strategy, it is the most authentic kind off strategy that you can employed by authentic. I mean, you're real, you basically honest you write about it in June, right about you, like those who you like. You really don't care about what anyone says about you. So if you're level, for example, you write about your liberal views on Facebook and you do the exact until on linked in as well U s authentic US view as they come. Not while this may be good for you, because you have nothing to hide. You have nothing to lie about. It also leaves you vulnerable as well, because again, if, for example, you were liberal and on Facebook, you want something very negative about those who are conservative further down the line. You might want to get a job at a company whose CEO or whose HR manager is a conservative. And if they trace the distance that you've written online about those who are conservative , then you could be denied the job. So while you're real and authentic, it could leave you very, very vulnerable. So open strategy may not be the best strategy for us. The 2nd 1 is the avoidance strategy. Now this one is the extreme. Basically, you're not on social media. You don't have a Lincoln Accounts. You don't have a Facebook account, you know, tweet. Are you hoping to rest on instagram? You just You basically have a blank profile on any social media platform you don't exist. The obvious advantage here is that no one can say anything about you. No one can hold you accountable to anything that you've written or talked about in the past . The obvious disadvantage here is that it deprives you off any possible benefits that you might have had for being on line. So you miss out on all of the information, the pummels advertisements and if you have, like a business that you miss out on all the overs benefits of having a social media presence. So avoidance strategy is not the best. But believe me, there are lots of people who are topped the strategy, and it seems to work for them. The next one here is the persona strategy. Now this is the vulnerable fake personality, and it's very common with journalists and politicians. Well, what I'm talking about here, basically these kind of strategy is you adopt you create aides, is setting kind or profile that that has a sit off beliefs, and you never deviate from those beliefs. So, for example, you might be 80% conservative, 20% liberal. But then, because you're a journalist in a company that is heavily label, you might be forced to create this kind of persona online, where everything you believe in is labeled you. Have you 100% of attempted disagree with conservatives. And like I said, this is very, very common with journalists, especially in the US, where a majority of the media companies are liberal a lot of journalists might actually have conservative views on certain kinds of topics, but because of the companies they work for, they are forced to always go in the same direction. Toe always voice the same kind off our opinion, basically. So that's a very common kind off our strategy adopted by generalists and, of course, politicians. Obviously, politicians will always adult whatever I can astrology that can help them get elected. So the personal strategy is not the best. Because no matter the kind off person are you create eight. You're always gonna have enemies save 100% conservative. You're gonna have labels who would not like you. If your 100 label you're gonna have conservatives hoping not like you. There is another strategy ridges now the compartmentalization strategy. But you basically adopt different kinds off personas for different kinds of platforms. So on Facebook, you're basically you. You're being honest. You say whatever you want to sell Facebook. But in a LinkedIn, for example, you always come across as a conservative or a liberal, so this could walk to a certain extent. But if anyone does a proper researcher investigation on you, they will discover that Hey, you're kind of like a hypocrite. So you say, Hey, something's on one platform. And then in a platform you said the exact opposite. So it's not the best. Now the recommended strategy, which I recommend for used today, is the selective of the costume. Strange that you basically adopt different kinds of strategies based on different kinds of platforms. So basically, for example, on Facebook, you could be you. You could post it is that you want to post things that are safe. You shy away from controversial topics. So you withhold your opinions on things like abortion on are gone rights. You know, you keep those to yourself. You don't talk about them online on Facebook, you post pictures off your trip to Brazil or what you at your fine on London, for example. Right now you post everything that's related to your actual work again, you shy away. You stay away from controversial topics on lengthen. And then if you want to find a means of actually voicing you opinion on very controversial topics, you can create a pseudonym for yourself. And then you can go on popular platforms like Reddit, for example, where you don't have to use a real name. You can sign up with some sort of alias, and then you can write whatever it is that you want to write about. So this is basically the best cannon strategy that you can adopt on platforms where you have to show your face. Do not talk about country controversial topics. Keep them to yourself on other platforms where you can hide behind a pseudonym like converted, for example, fill fruit to voice your opinion and talk about whatever it is that you want to talk about . Remember that the Internet never forgets the Internet never forgets. And there have been so many examples off celebrities, politicians, spots, people, sportsmen and women who many years ago they said something about one particular person. And then five years later, you know what, what they tweeted about, what the president, his book is now revealed, and it's controversial. So again, everyone is entitled to their own opinion. You might have an opinion on a certain topic, and you may actually be right. But no matter how late you are, you will always have those who will be against you and you don't know, very gonna meet those people in the future. You don't if you will need their help. So, Billy, at end of the day, I personally feel that it's always best that you think twice about the teams you post online, the people you like, the pitches you follow. Think twice before you do those kind of things. And I will want to get your opinion about this very important topic. If you feel like sharing your own opinion, please feel free to comment on the video. You can send a message of it more than happy to respond to you, sir. Thank you very much for watching, and I will see you in the next class. 14. How We Are Tracked Online: it is when you search for something online, let's say a vacation to Bangkok. It is not unusual to see adverts for cheap flights. Hannah tell deals in Bangkok on every site that you visit there after for the next few days . Now three of us understand what's actually happened behind the scenes for these ads to be served. All online advertising has been there since the early days off the Internet, but it has been far more sophisticated in recent years. The ads we see now are often the product of digital stalk, and as companies traded truck are every browsing move. But how does this happen in the first place? You see, when you look at the Web page, there is content visible to you. But there is also invisible content or technology purely for the purpose of tracking what you are doing. While this technology is really good at doing, it's following you from site to site, tracking your your actions and compiling them into a database. It knows when you come back, it knows to look you up, and based on what it has profiled a bunch in the past, it will treat your Connelly and decide which advertisements to give to you. Now we know the companies are collecting data about us, but there's very little transparency in terms of the techniques they use. And there are a lot of misconceptions. We don't really know exactly what data they're collecting or what they might use it. For now, the information is most useful for them. Would be to collect our browsing history and are such history. And of course, this that is collected, analysed and then used to target those with relevant ads. But it can also be used in all the ways now, in some cases, research for Sean the data may even be used to Tila Paice is sometimes prices for the same product being sorted different. Sometimes it's different products with different price when he's being pushed to the consumer. Now, for example, back in 2012 it was discovered that the trouble up said Orbits will showing Mac users pricier hotel options than PC uses, the assumption being here that Mac users had more money than PC users now. Later, in the same, The Wall Street Journal reported that the Staples upside was tracking vistas, locations and Onley, applying price discounts if there was a competitive store within 20 miles off them. So dinner today. The big question right now is how are they actually tracking us? Well, it turns out that every device behaves in a different way when the cold on the webpage interacts with it in a manner that's completely invisible to the user. And these can be used to devise a fingerprint off the device. So the thought parties comptel when the same user off the same device is visiting again. This technique is known s canvas fingerprinting. When one of the scripts is running on a website visits, it will instruct your Pazar to draw an invisible image. Now, because every device does it in a unique way, it can be used to ascend in number to your machine and effectively track your browsing. Now there is also a process called cookie sinking, which allows the entities that tracking you on line to share the information they've discovered about you and link together the ideas they've created to identify your device. Now they can compare notes and build a better profile of you, and all this is done without your knowledge or impute they are even waste to associate two different devices belonging to the same user. Now Communist can establish that they are owned by the same person, even be felt attaching your name to them. So let's say, for example, you have a laptop and a smartphone, and you are traveling with them and you're buzzing through the Web were abusing. Maybe the local WiFi. Now the advertiser or the company notices that there are two particular devices that always connect to the Web site from the same network. Now the chance of this happened. Coincidentally, it's similar to the chance off two people having the same travel itinerary. So after a period of time, I'm if it keeps happening, they can deduce that, Oh, it's the same person that owns these two different devices. Now they can put your brother behavior on one device together with your browsing behavior on the other device and use it to build a deeper profile off. Now, of course, we're often told by these companies that they are only collecting anonymized data, which means that the data they collect cannot be traced to one particular person. But we all know this is a lie. If it's gotten to the point where companies can begin offering special prices based on a customer's location and even the device they use. Then there is really nothing anonymous about the data they collect about us whenever, where browser now is there. So at the end of the day, we cannot trust anyone of those companies, and we always to ourselves to take the proper steps to ensure that our privacy is secured and insured whenever we're brought in on the Internet. So I hope you've enjoyed this presentation. Now let's continue with the course. 15. FaceBook vs Cambridge Analytica Scandal: Well, hello and welcome to this very special video which I wasn't planning on making. But something happened a few days ago, and I just have to talk about this now. Another from out of this video is a bit different. You can actually see me in the video, but that's because I want it is to be as relaxed and as informal as possible that want you to feel like you in the same room with me. And I'm talking to you one on one. So I am filming this in my apartment. So do forgive me if the Latin is not so good. Also, you might hear some background noise. That's because it's Saturday. The neighbors around kids up in everywhere. So do you forgive me if you hear some background noise? All right. So what is this scandal? What happened that I'm so eager to talk about? Well, it turns out of a few days ago it was revealed that 15 million Facebook profiles were harvested for Cambridge Analytica. Cambridge Analytica is a major data collection firm. They collect data. That's what they do now. The term have ist It'll have us What this means is data is collected from users of a particular app or social media like Facebook. That data is then analysed and processed. The end result is a profile. Now that profile of the individual can be used to determine what that individual would likely by in the future. Are if they're likely to take a financial loan, are the kind, of course. Is there likely to support the kinds of politicians they're likely to vote for as well? That's basically what have it still is now, this fellow over here to get with the pink hair here is a look about and say, Look, I used to work for Cambridge and we collected data illegally from tens off millions off Facebook users in America, And that data was used by the Donald Trump campaign doing the election. That's where the whole big scandalous is from. So how exactly did this happen? Well, it says over here that Cambridge obtained voter data through a Facebook link app named This Is Your Digital Life. Through the APP. One of the members of Cambridge, Aleksandr Kogan, he paid Facebook users in exchange for a detailed personality tests supposedly for academic research purposes. Now here's the thing. Facebook is fighting back physically. Clementa. Look, this wasn't a major data bridge. It wasn't a date. A British like hackers, somehow gained access to Facebook service and was able to get information and data all on its users. No, that's not what happened. Facebook. Actually, women only allowed Cambridge to collect the data because Cambridge claimed that the data was gonna be useful academic with such purposes. Now, Facebook would actually allow any thought particle like data from Facebook users, as long as that data is used only for academic purposes. The data is not meant to be transferred. It's not meant to be sold. It's not meant to be sold to ever advertising companies, and it's centrally not meant to be used for political purposes. But so that's Facebook affecting physical saying, Look, this wasn't a major data, which we really allowed Cambridge to collect data. But here's the thing. But the APP also pulled personal data from all of the testing has linked Facebook friends without their consent. So that's where the real issue is right now. It's not because physical allowed Cambridge to collect it in the first place, but because Cambridge were able to collect additional data, which the participants of those quizzes did not provide in the first place. That's what the real issue is. The fact that they thought particle com on Facebook and say, Hey, this app is a personality quiz test. Please take the quiz. The results are meant for academic purposes, and that's it for another Clinton more today from you. The fact that such thought parties can actually collect data where's the participants know provide in the first place behind their backs shows you just how on secure Facebook really is. And this is ready. Real issue is right now. The fact that you have two parties who can collect data from Facebook users without users even do in the first place. And look, the only reason why we're talking about this is because this guy, once again this guy came out and said, So he was doing who said everything said, Look, this is what happened. We got data from all this users and they didn't even know about it. If this fell did not come out and see anything, we would not know, we wouldn't be having this conversation right now. We would not know and That's a very, very scary thought, because right now you have to think yourself. How many times has something like this happened before? How many times of third parties put up APS on Facebook? Facebook users have used those APS, and then those third parties have collected additional data from those juices without even physically realizing or even knowing. And who knows what the data has been used for. Maybe it's been sold. Maybe they used it for some political campaigns. Who knows? There is a advice from this site. Tech trade up over here, it says, Don't trust thought. Party personality quizzes. So from now on, please, whenever you see such quizzes or tests on Facebook, don't take them. Do not take them. And I'm pretty sure you might have seen a few of them before video. Say things like, Oh, you know, take, take this quiz. Take this personal to test and you will find out you know who you're supposed to date or what's your stuff like that. Don't take such tests anymore, because Facebook cannot protect you from that third party or that app collecting additional data from you. That's just a fact. So right now the Senate in America are really pissed. They want to grill Mac Zuckerberg over the scandal and I think has been summoned by the Senate. So it'll be interesting to see how that develops. But of course, Mexico big has apologizes, apologizes for the mistakes. But the truth is, Facebook really needs to do a better job of protecting the privacy off its users and the Children's. We can really trust Facebook, Who knows? No, no one really knows what Facebook actually does with the data that they collect from the from its users. Nobody really knows so Mexico, but can come out and apologize for the once. You can probably hear an airplane flying over again. I'm sorry about this. I'm actually close to an airport. So do forgive me. But again, the point here is this We can't really trust MacIsaac a big you can trust Facebook. So bottom line here is Be careful before you post online. Take a due diligence. Don't take personality tests anymore. Be careful about the kind of information you give away on social media sites like Facebook . Twitter, Pinterest. What have you be very, very, very careful. So that's it. I'm gonna poses links and the resources So you can read more on this particular topic and I would encourage you to follow what happens with this. With this scandal, maybe the Senate might bring out some new regulations. May be fizz with maybe first to change its policy. Who knows? We'll see what happens. So thank you so much for staying with me and for hopefully enjoying this special lecture. Thank you so much. And as always, I will see you in the next class. 16. Exercise How muc data does Facebook have on me: Do you want to know how much information Facebook has on you? At a minimum, if the answer is yes, then I'd like you to try out this five steps provided by none other than Julian Assange. Remember Julian Assange? We talked about him in the beginning off the course. So he says, Go to Facebook or comforts like settings down in the copy of your Facebook data. Wait for an automatic email from Facebook down zip file and then extracted and open html four slash index HTM. All right, so let's do this. First of all, go to your physical. Come force less settings, and then download a copy off your Facebook data. Just click on dollar the copy, right, And then you click on download archive. You will have to provide your password. Just click submit. All right, so right now it is downloading because this is the second time I am making this request. Today, if it's going to be your first time, you will receive an email, an automatic email from Facebook, saying we've got in your request and compelling your data. And then, after maybe 20 minutes, maybe even 30 minutes, you will then get another e mail from Facebook like this. It will look like this. It will say, Ah, you recently Because of the copy of your Facebook data, it's now ready for you to download. All right, so once you've downloaded the file is gonna be a zip file extracted. Once you extract the folder, you will see things like this instead of the folder. I open up index dot HTM. Open that up with your favorite browser. I opened mine using brief bells The end The amount of information here is incredible. It really, really, really is scary. Every single page f ever liked every single photo ever uploaded Every single video ever uploaded messages between me and my friends. My address is my phone number. Oh, my God. It is so much. And the reason why I clicked on contact info, right? His Because it's the only tablets blank. Every other single tab right here has ah lot of data and a lot of information that I don't want to share our public publicly on this video. So I would like you to try this out for yourself and then just cooking a poor filed hamline photos. You will see every single thing you've ever done on Facebook. It is scary. This is the kind of data that Facebook has on you. At a minimum, that's the cue. Would, At a minimum, there might be other information they have on you which they will not provide you in the zip folder that you've downloaded, who knows? So it really is scary. And once again, once again, you really have to think about what it is that you do online, especially on the Facebook, especially on social media science. So once again, we really have to tank Julian Assange for providing those tips like this. And if you're on Twitter, I'll recommend you full of people like him. They can always give you very useful tips on how to check out. Sometimes we got in privacy and other issues like that. So be sure to share the steps with friends of yours. Your family members. It is really, really important. OK, let them know just how much data Facebook has on them. So try this exercise out and let me know what you found. Thank you so much fortune. I will see you in the next class. 17. 5 Places You are Being Tracked: If you often browse on the Internet, maybe you casually check your email. So you brought through your social media feeds your favorite websites, the chances all you have been tracked in some weight, whether it's advertisers Logan in your user habits and creating a profile of you, or whether it's Big Brother potentially stripping in on your emails, we are all at risk of being tracked online in this video. I'm going to show you the top five places you are likely to be tracked on a daily basis is the number one spot on this list is obviously going to be our social media accounts Now, social media tracking is perhaps one of the most treasured methods utilized by advertisers . Now, through social media, we tend to give a very detail profile off our user habits are likes our hobbies and a lot more. It's basically a gold mine off information just waiting to be tapped by thought party advertisers. Now Facebook will take your information and pass it along to physic advertisers who can then tailor ads to suit your interests. Twitter isn't any better. Last year, they announced that they will call it information on all although APS a user has downloaded onto the phone to help improve targeted advertising. Now if you think you're safe on Instagram, well, think again. The popular app. Joe tax your images every single time you upload a photo, even if you did not use the name this location feature. Such engines are essential for us to find what we're looking for online, but unfortunately they can also be used to truck our activity. The Google, in particular rule toe leather, adds to suit your interests based on your search history, and Google is constantly trying to build a consumable fell. A few amble, even filter there such results for you based on your purse to search history, yahoo and being and not that different. Either. They tend to plan cookies on your computer to store your information and remember your location Now. Did you know that you can be trucked by companies whenever you open an email, you said, by merely clicking to open that email you are relaying to the centre than Onley that if opened it, but also where you were and on what device you used. Now this technology has been used by marketers and advertisers for many years, but also by foot stars. Unfortunately, your favorite websites may be checking you more than you think. Now these were obsessed into use cookies to store your information alongside directing. We marketing adds to you whenever you visit or the websites. Now, when you visit such websites, you're also potentially sharing extra data such as your I P address, which can reveal your location. Now. Last but not list will be your downloaded APS. Now the APS you install on your phone can be used to profile you on social media sites such as Twitter. Also the apse you've downloaded maybe tracking your location without your knowledge by using your phone's GPS. So it's important to keep tabs on which APS have access to such sensitive information. Now I'm gonna give you five quick tips to make it really hard for Communist to track you on line, And the very first appear would be to make use off a reliable VPN. Virtual private networks, a fantastic venture in your privacy whenever you browse the Internet. Second would be to exercise some caution. Whenever you receive a suspicious email, think twice before you open that email or click on any of the links in such suspicious emails. Third would be declare your search engine browse and cash asked frequently, as you can remember, that every single browser you use will keep track your browsing history and that can be used to track you. Fourth will be to adjust your privacy settings on your social media accounts and APS to help protect your privacy and finally adjust your location services on you mobile device by disabling G. P s tracking. 18. Browsing Incognito: Now let's talk about browsing incognito, and I'm pretty sure you most of browsed incognito at least once before. Every single browser has a way off going incognito. Basically, the whole idea behind going incognito is that you launch a private window where your searches, your cookies and someone will not be stored by the Broza. So, as an example on come to go in cooking until you use control shifting and for fire, focus, control Shift and P. Now it's very important that we understand what exactly isn't stored by your balls off whenever you go incognito, all your searches, your history and your cookies. These are the three men things that your brother will not store when you go incognito. But there is this huge misconception around that whenever you go incognito, then you are completely ply vit. That is not exactly true because there are two things that are actually stored and recorded even when you go incognito, and that would be your bookmarks and your downloads. These two things are tracked and monitored and recorded whenever you go incognito, so it's very important that you are careful with what you bookmark with what you download, even when you have gone incognito. Also, it is important to realize that your employer at a place of work and your r sp kids to recognize you even when you go incognito as an example. Now, routers and remote servers are unaffected by your pearls mode. Voters don't care that you've gone incognito. Recognize your I P address? They're able to keep track of whatever it is that you're doing on line. We godless off your bills and mode, so searches for illegal downloads can be monitored. It is very, very important to keep that in the back of your mind. Don't think because you've gone incognito, your eyes be will not be able to track you There will still be able to track you. So be careful. And, um, of course, is the employer. I You might be at a place of work. Maybe it's illegal for you to use YouTube stuff like that. And you go ahead. You launch an incognito window, you think yourself. Oh, my employer will never know that I'm on YouTube. Think twice. Thing toe has your employer, especially the using equipment that they've paid for. They could monitor exactly what you're doing on your computer, so don't think you can fool them. Also, websites and APS can still recognize you even when you go incognito as an example, sites with logging requirements like social media sites like Facebook and even maybe Amazon . Now your browser would not know that you're going to Facebook or Amazon, but Facebook and Amazon would know because you had to log in so they will be able to keep track of whatever whatever it is that you're doing, even though you've gone incognito. APs like key loggers and security soft can still track you and monitor you even when you're gone. Incognito and finally, very important. Setting brother extensions have been known to keep track off whatever it is that you're doing, even when you going incognito, ideally because it's extensions are part off your browser. They're not supposed to be active when you go incognito, but Firefox in particular. Some extensions have been known to still be active. Even when you've gone incognito. So do be careful about what it is that you do when you go incognito. You're not completely private. Yes, your searches and your cookies will not be stored, but you can still be tracked and monitored. So I hope you now have a better understanding of what it means to go incognito. Thank you for watching. And I will see you in the next class. 19. Introduction to DuckDuckGo: Dr Go. Now, I'm not particularly sure if you've ever heard of Dr Go before you might have, but I'm willing to bet that you probably don't use this search engine if you do. Kudos to you. I'm giving you a high five. You are a champ if you don't. I'm here to tell you exactly why you need to start using Doctor Ghost. Let's jump right into it. All right. So, Doctor go is just like Google all bank. It's a search engine. The difference, though, between Doctor go and Google being is that on, like Google and bank Doctor Gold actually respects your privacy. This is a search engine that will not keep track off the sites you visit. It will not stop cookies. It would do things like that. As you can see right now on the homepage of Dr Go it say's we're setting the new standard of trust online, empowering people to take control off their information. So this is is such engine. The judge in Uli cares about your privacy and I really want encourage you to start using Dr go to date. If you go to Doctor, gotta come for the very first time in your in your browser you're very likely going to see a box like this that asks you to add Doctor, go to your browser. So just go ahead. Click the add doctor. Go and then allow. Just allow the app to have access to your data. Things like that. So once you have Dr Gordon in on your browser, you will see the icon right here. A That's the doctor. Go Privacy essentials. Alright, let me jump back to Kuhm and when you search using doctor go as well. The interface is very similar to what you have in Google except that at the vital party you're gonna have Web results, images and videos. Now, to be honest, I think Google still does a better job. A special moment when it comes to you search and four images is or if you're searching for very specific files of documents, all links Google still has that advantage because it's been around longer and you're going to get more results with Google. But to be honest, you everyday searches for different kinds of topics or subjects. You're better off a doctor. Go, Doctor, Go does a very good job of providing you real results as well. So don't feel like you're missing out. If you don't use Google, you can use Google to search for very, very, very specific files, documents, links or images. But for your regular searches, please use Doctor gold and just like Google, just like being you can filter out your searches as well. Based on time, you can turn on the safe. Such as? Well, things like that. So it is a very, fairly easy search engine to use now. One very awesome cool feature about Dr Goal is that every single site you visit the app, the search be app. The search engine would actually tell you how secure that particular website is. And it will also tell you just how many trackers are on that site. What am I talking about? Take a look at this. So I'm on cso online dot com. I'm gonna go ahead now and click on the Be Okay. I'm gonna click in there, and right now this be actually represents the grade. It represents the great off the site of absence. The privacy. Great. You can see right now that we have a result assaying enhanced from D to be. If you click on the arrow right here, it actually shows you the reason why this particular site initially got a privacy grade off D. But once Doctor go took over and employed its own security features that great improved from D to be take a look at this so encrypted connection. This site has an encrypted connection, which is very, very good. You want to make sure that just about bolt nowadays has an included connection. But take a look at this. It actually had 20 trackers. It had two major trackers and it also had several or non privacy practices. So this is why this side caught an initial school off D. But once doctor go to go buy it upgraded the privacy great from D to be so, Doctor Go does a very good job of telling you Hammond trackers on a particular site that you visit and how a dangerous a site is potentially to your privacy if you go back right here, you can also click on the all truck on the talks link right here. And what this does is that Dr Go will tell you the biggest track is the biggest list of trackers from the size of investing. So right now since choose a gentleman for 2018 truckers were found on 62% off all the sights I have visited. And Google, unsurprisingly, presently tops the list of those trackers with 68%. So 68% of the sites I visited from Google had trackers, and them Facebook comes second again on surprise left on a 5% and Microsoft at the bottom with 5%. So again, Doctor Go does a very good job of telling you how many trackers you've encountered in your brows and adventures. So overall, I really must command this guy's a doctor. Go. I think they do a really, really good job off trying to protect your privacy. And again, I really want encourage you to start using this tool. It's very, very easy. Another very first time you use it, it might feel kind off all quart. You might feel like No, I want to go back to Google. I like Google. Uh, but trust me. After the first few days, you're going to stop thinking about Google and you will just love doctor Go. Also, final tip here is on the home page. If you go to the about page, our school all the way down, Okay. And make sure to the mailing list they do send some really awesome privacy tips. So coming here, put your email and subscribe. You're gonna get some really awesome privacy tips from Doctor Go. So that's it about Dr Go. If you've been using this particular search engine and you have won a feat want two things to say about it, feel free to send me a message. I'd love to hear about your opinion on this particular search engine, so thank you for watching. I will see you. 20. Introduction to Brave Browser: Have you ever heard of the brother called brave before? Well, if you have ones, don't feel too bad. I only heard about the brother myself a few months ago. Now, just like Dr Go. This is a browser that promises to respect your privacy. And I gotta admit, this brother actually does a very good job of blocking ads and trackers end you feel more secure and you feel like a privacy has actually been enforced. Whenever you use brave now, brave is free. All you gotta do is to go to briefed or com. Click on the dollar button right here and you will find the version that suits your open system. So they have two versions for Windows. If it's an X 64 32 bits, they've got the Mac OS version. And of course, if you Ln x user, you will find a vision that suits you. So brave really does a good job of blocking ads and it actually shows you right here real data as to why these brothers actually faster than cool. And our safari. I still think Firefox's maybe slightly faster than brave, but I haven't tested that. But you can see right now, the brother promises to be faster than Kuhlmann Safari and also tells you why it saves you money because it blocks download ads and tractors and things like that. And also best of all is that and I will show you this very, very soon. It can actually show you how much time it's saved for. You have the truckers. It's blocked. I mean, it adds, it's blocked and how maney https emigrated. Stone do in the time you've been using the particle, oppose our so don't waste any time. Go ahead, download the plaza instead using it. Once you've installed it, you will see the lion head. That's the icon right there, just clicking there. And as an example, I have gone to CSO online Dark home now, two things to pay attention to. First of all, at the right here you will see 2.24 seconds. This how much time it took for the brother to load this site. But then you'd also see why, down the lion's head you will see 13 Cleveland lion's head. That 13 represents the number off trackers and adds that have been blocked on this particular site. which is really, really awesome. It will also tell you if they have been any https upgrades. Now what this means theeighties GPs of great is that if there any on secure connections, the Basel would actually make that connection secure. So they go through about CSO online is that just about every connection here is secured. That's why we haven't had any upgrades to https. That's why, but it will also show you the most gets blocked and fingerprinted metals blocked as well, if any. But the one really cool feature about brave is that for every individual site you can actually control whether or not you want to display ads. The funds allow ads and track in, and then cookies as well. You can choose to block on Lee. Third party cookies block all cookies. You can allow all cookies. Same everything up in the production as well. So it's really, really cool that you can actually do this for every individual sites that you visit. Let's jump down here to gold dot com, and, uh oh boy, take a look at that. That's the want Ads and trackers blocked three https upgrades and finally, let's go to hacker news. So we have 15 ads and trackers blocked and so on and so forth. Now, if I opened up a new tab now I know this is a fresh cleaning solution off the browser, so I've only used the buzzer for about an hour right now. And as you can see right now, so far, it's blocked with four trackers. It's block 89 adds, There have been six https or grades, and it saved me six seconds. So this is a brother like no other. I don't know of any other present that those stuff like this, so I haven't really used brave for too long Now it's only been a few months or a couple of months, but I'm really, really stand to enjoy using this bozo. It's very fast, and also there's a very good job off protecting your privacy. Far, far, far better than cool off Firefox safari or whatever brother you use. So I held encourage you to take a look at brave today. Tell your friends, tell your family members start using brave. I think this is actually a very good brother you can use to ensure your privacy. If you have any questions about this browser Filthy to reach out to me. Thank Fortune. I'll see you in the next class. 21. How to Disappear Online: all right. I wanna show you a very interesting post from in goal. And it's basically a post on how to disappear on line, and it basically highlights you nine different ways. How you can completely disappear from the Internets. Now, I have to be honest with you. I don't think it's possible for you to completely disappear online. I still believe that there are still ways how people can still trace you melt. Remember, Tracy, But they can still dig up are things that you've done online before. I don't think you can ever completely clean out your digital footprint. I dont think its possible However there is. What I'm showing this particular post with you is because there are some actual, very useful tips that you can do to make it really, really hard for anyone. Tonkov are all trace you online, so let me show you the actual article. So the very first hip step here will be step, which is to deactivate primary accounts. So you go on Facebook, Twitter, LinkedIn, Google Plus, and then you basically deactivate your accounts on such our sites. The 2nd 1 here would be to search for yourself, so basically you go on every Mitchell such engine out there, whether it's being Google, Yahoo, Yandex, Baidu and you search for yourself and you basically try to delete any information that you may find about yourself over there, Step three would be to falsify accounts that you cannot delete. So if for some reason they're settin sites that don't like to deliver account, you can go in there and falsify the data that you have there. So change your sex, change your name. Change of address change of full number. I create like a fake profile on such sites. Step four will be to on subscribed from mailing list. So go true, the mills that you get for marketers and gurus off certain subjects whose emails you never read and on subscribed from them. That's basically another step that you can take. Step five will be to delete your search engine results. Angle does have a you are held level to toe help you that this process you can basically go in there. Submit a particular year bill that you want Google to delete, and they will do so for you. Step six would be to contact Web masters over work says that you have no control over now. Of course, this is you know, they say things like be polite, be patients. There is no guarantee that the Web masters world Ah, listen to you will help you out. But step seven here would be to construct data claiming houses. So there are companies that truculent behaviour. And we know this. Companies like Intel, your spokeo people find as so too diligent permission from such sites. Well, over here you have the guideline making absurd amount of phone calls. Fill out a metric ton of paper walkers effects machine Consider paid seven, such as delete me to do all off the leg work. So again there is no guarantee that this would work. But if you're really, really serious about letting your digital footprints for some reason, then these are war. Given a shot step aid would be to check in with your phone company and make sure that your provider has you on a list ed. And then step name would be to delete your e mail that will be basically on the last step that you can take. So again, I don't think it's possible to really be able to disappear completely on a line, but you can do some of this tends to make it really, really half a bill to trace you and uncover what it is that you may have said or done in the past. So these is an article warmth are taking a look at, So I will share the article on the resources. So if you're not tickle with more about this article, you'll find a link in the resources. So thank you for watching. I will see you in the next class. 22. Introduction to Stylometry: I want to introduce you to an application known as style loam. ETrade Now over your Wikipedia, it say's that it's often used to attributes authorship to anonymous, all disputed documents. Sounds very simple light. But my friend, in reality, Stella Matori is a lot scarier than this style. Um, a tree actually has the capability to determine whether or not an and non the most document may or may not have been written by you. So let's say, for example, I as a single individual, I have my blood over here. I right to think it's of articles wide with my name attached to the articles. But then, let's say at night I decided to go to get it. I sent it with my pseudonym. My name on Reddit is John Doe 69 excellent in all sorts, off articles, very, very controversial articles. It turns out that style of battery can determine to an 80% a coup, asi that I might have actually regional. These controversial articles on reddit and the way it does this is this it was telemetry has access to some of my documents here on my blawg. It needs about 5000 to 6000 words. And what it does with all that data is it analyzes my writing style, my grandma, and then it will basically create a profile waiting for file off me. It will then use that poor well to determine whether or not of the articles that I have written on Reddit were actually written by me. So there's the really scary thing about style of matches. Telemetry can be used to determine the actual author off articles off anonymous articles. There's actually a video over here on YouTube. You can take a look at it. It's called us telemetry and online on the gun markets. It's a very interesting speech. It only has about 1000 7 views, which is kind of surprising because this is actually very, very interesting electoral. You can watch it and so interesting. You lend more about Stella Metric, but want to show you a difference. Kind off. One of the times of Stella Metric systems. This one is known as signature, so it stays here. That same signature can be used to compare the styles off Jane Austen and other novelists. It can also be used to examine the authorities signature off the place, written by all controversially attributed to Shakespeare and even Hit, was used to determine whether or not Obama's book was written by an ex terrorists, which is just which is very, very, very funny. So that is one kind OFs telematics system out their signature Now, due to this technology due to this application, they're counters. There are different ways how people now try to prevent telemetry form, determining that they were the ones who actually hold certain kinds of articles. So one of them here is known as the unknown the mouth, and it's a gentle based application that aims to give users the tools and knowledge needed to begin and in the minds in documents they have written. So again, you can take a look at an animal fits of a very interesting concept, but I'll show you something known as we lank. This is an anti Stella mitri tool. So it says, use this tool to mask your personal, unique writing style in order to deceive authorship detection. So let's say, for example, I'm gonna jump in here right now, and I'm gonna grab so text from one of my documents over here. Okay, Let's grab all this stuff right here. That's copy that. Let's jump over here to re Lang. Let's go ahead and paste the text. Let's feel in the capture. Let's submit. Oh, I'm sorry. Online. Three incurred. Capture entered. Wow. Diplo Jai's. I may have made a mistake with the capture. Let's try that again. Quite five x V t five. Okay, I hope I got this this time. There you go. So right now, you can see this was the input. And now this is the output. So basically, what willing those is that it tries to re walk any examples of Texas you may have written and then basically just tries to make sure that you cannot be identified through the use of tell a metric tools. So over here, I can see that basically capitalizes many off the words which I didn't capitalize into Pius document and original document. And I can't really see all those things. It's done, but it is something you can play around with. You can get very, very large pieces of text, maybe 1000 words. 2000 words paces in here feeling the capture and and see the kinds of output that you get so before I go. There is also a very interesting article. It's actually a hidden article on the Wikipedia, and it's basically the and most writing style where you have guidelines on how to write. It starts to ensure that Stallem a trip would not be able to determine that you're the one who actually wrote an article. So you have the typographical style right here, the electrical style. They consider it here all the advice and guidelines on how to write and anonymously I'm going to provide you with the link. However, you're going to need to use tall in order to open this particular link. If you open this link on a Google a browser, it's not going to open. If you have talk fine, go ahead and open the link if you don't have to, or if you don't know what talk is, don't worry. We'll talk about two or later on in the course. So that's it. First telemetry. Thank you for watching. I will see you in the next class 23. Annonymizers Section Preview: welcome to this brand new section where we're going to go deeper into the topics of privacy and and no enmity. Then people section really talking about how companies can track you whenever you browse online. And you've also learned a few ways how you can ensure your privacy whenever you browse online. But in this section, we're gonna go much deeper. So in this new section you're gonna learn about Anonymizer is you will learn about approx is virtual private networks and also a very controversial tool known as Tor. Basically, all these tools are used to ensure your privacy and anonymity whenever you're browsing online. So this section is all about introducing you to these tools and how you can use them to stay safe. Whenever you're browsing the Internet, let's get started. 24. Anonymizer: all right, so let's talk about and minimizes, and this is a term that you may have head off. But it's also a term that is often misused. So the term Anonymizer is the collective term for tools and software that are used to make your activity on the Internet on True, a symbol. It is the collective term. It's kind of like malware. That's the collective term for things like viruses, route kids warms and so on. Anonymizer is just a collective term that's used to describe all this tool that you could employ to provide you with some anonima t when you're browsing on line. So the obvious advantages of using an Anonymizer XYZ that one it's offers protection against hackers and identity theft. Naturally, because now, if you've made it very difficult for people to track what you doing online, it becomes really difficult to hack U in the first place and obviously identity, it becomes more difficult. It provides. Apply V C, and this is very, very, very important. We've been talking about privacy so much in this course, and using Anonymizer is a great way to provide you with some privacy, and it also bypasses censorship, providing you with access to information. And this is very, very key in setting conscious like China, for example, where there's a lot of censorship, you're not allowed to use YouTube, Facebook sites like that, but with the use of anonymized as you can actually bypass, they put a cause in place and gain access to this sites. So this is kind of like very simple topology off the use of Anonymizer on the left. You have your regular computer making an http request, which is a brother request. And you can also see the AP address. Why, dear 1927411156 So what happens is the request made by the computer will pass through the Anonymizer, and then the Anonymizer, in turn, will now direct their records to the Internet. But a difference here right now is that the request becomes anonymized, which means that the website that's been requested that website will now be hidden from whoever might be tracking what this particular computer is doing. But you can also see that the I P address will be changed as well. In most cases, not near P addresses 134 89 2 or three. So this is the simplest way I can describe the use off an Anonymizer. Obviously, there are more complicated to put it out there now. Overall, there are two types of Ananda misers. We have the single point, and then that's walked Anonymizer Now with a single point. As the name suggests, this will pass your softened requests through a single point to protect your identity. And the classic example here would be the use off a proxy server. You considered apology right? They're very similar to what I should in the previous slide. But then we also have the nets walked and on the miser, which is far more effective. But it's also more complicated. What happens here is that your communication is transferred through a network off computer , so right now it's multiple points. The best example in this case would be tall, which will talk about a bit later. And as you can see from the topology right now, you have your clan complete on the left request, goes through several nodes or computers before it eventually, which is the Internet. So that's what and misers are far more effective. But They also have the are corns as well. So join me in the next series of classes of all particular. Look at all this individual tapes off Ananda Misers. Thank you for watching, and I will see you in the next class. 25. Introduction to Proxy Servers: Okay, so let's talk about the very first type off Anonymizer, and that would be the proxy server. So basically, a proxy is a severed that acts as an intermediary or as a middleman for request made by clients. Second resource is from Web service, So basically, the proxies sits in between you and the Web server that you're trying to access. Now the good thing about proxy servers is that they can provide you with a proxy i p address, which could be used for defeating restrictions and censorship. So the party doors is that it hides your public i p address and uses a different I P address to gain access to that website that they're trying to visit and a search it bypasses your I S P Save your eyes. P has laid a restriction saying you can't use tall and so you can visit the something kind of website. Using epoxy is a great way to defeat such restrictions. And just as I said, it's useful for torrents. If you're trying to Donald files online, especially reduce of torrents, proxies are a great way to do so, but proxies often perfect, and you can have some issues when you're using them. And the first thing is speed, speed can be an issue. Now, naturally, whenever you use any sort of anonymizer, your speed is going to be reduced because now you are going through at least one extra layer off security, so speed will be reduced. However dependent on the kind of proxy you use, the delay in speed can be significant. So you need to be careful about the kinds of proxies you use. Second, here is the reliability is not a guarantee. Just because using a proxy does not mean that Fox is actually good. You have to perform due diligence before you choose a proxy server to use. And then the major issue pox is. And this is for all proxy service, by the way, is that it provides no encryption. You do have some proxy servers that will actually encrypt the initial connection between your computer and do observer, but the actual traffic, the exchange of information between that Web server and you can tell will not be encrypted . This is the major issue with using pox is So now let's take a look at my top to be recommended proxy servers all right. So the very first proxy server on our list is going to be Hide Star. And in my humble opinion, this is one of the very best Web proxies you can use out there. So to use it is very, very simple and has some really cool features. All you got to do is to go to Hightstown dot com and then over here you can add your U R L , which is the sexual visits. In this case, let's go to the Web monkey academy dot com. Now to the left, you have the option of choosing a US server or a sever from Europe over here to the white, where you have the gear button, you have additional features you can choose to encrypt the you are well, you can just allow cookies from the site, and he contrived to remove scripts as well. So these are really awesome features a constant height. Stop. Let's go ahead now and surf and in the mostly and see what happens now. It's gonna take a while to get to the site, because remember whenever, Okay, that was quite fast, actually. But remember, whenever you're using a proxy server, you are bound to have some issues with speed. It's just natural one or the really cool things you know about height. Stop. Is that a pattern? Hide in your I P address. You can also choose to change the browser and the open system you're using. Right now, I'm on Windows 10 and I'm using KUHM, but you can actually tell height start to tell whoever might be listening that Hey, I'm actually running Windows XP with Firefox eight. Okay, so this is another extra layer of security that hide start provides for you. You can actually pretend to be using a different open system, or even a different browser with heights are so it's a great, great, great free process ever to use. The 2nd 1 here is going to be hide. Don't me. It's also free, and it's also excellent. What you want to do is when you go to the main site, how high Don't me. You will see free proxy over his a click on free proxy. Now, over here you have the option of choosing three different service one from Holland, Germany and then the United States. And then, just like height star, you have the option off allowing cookies are kept in the pages of in scripts and so on and so forth. So again you paste your UML in here and then you can visit another, more Celestica look and see how this would actually look like visit under new. Mostly who this is bad advertisement thing. This is bad. It is. But it's a is the service currently busy and unable to process your request. We apologize for any inconvenience. Ooh la la. This is bad. Anyway, it happens, OK, it's free. It's a proxy. Ah, lot of people all over the world using it. So you know, these are some of the things that you get whenever you use in free proxies. So it is what it is. Anyway, The last one here is going to be proxy site that come now. To be honest, I've actually never really used this proxy before, but I know people who use it, and they say it's really, really awesome. Now, the one that I have noticed about proxies side is that you can actually access easily the likes of YouTube, Facebook, Twitter and so on. Directly from the proxy side dot com So as an example, you could click on YouTube, Okay, and then you'll have to. But you tube, you don't necessarily have to sign, and you can watch Videos are anonymously, right? But if you're going to Facebook, you're still going to have to look in. So remember that when you're using proxies, you might be able to hide what you're doing from your eyes. Be Facebook will still know what it is that you're doing. So be careful about the cape. So apart from that, it's basically the same process. You know, you pissed your your bill in here, and then you can choose the different kinds of service from the United States, all from Europe. And then you go ahead and you click gold. So let's see how this would look like. Okay, okay. So you can see it wasn't quite as fast as heights I thought had. So it's pretty quick. But nevertheless, we're now over here on the Web Monk Academy and just like with height, star and hide me, you can choose to allow cookies any remove scripts and so on and so forth. So these all the three main fox It was out the comment. Hide, star, hide me and, of course, are the proxy site dot com. So I think is much for watching if you have any questions or if you have an additional proxies you've used before, do be sure to let me know. I'd love to hear from you. So thank you for watching, and I will see you in the next class. 26. Introduction to Virutal Private Networks: Okay, Dokey. Let's take a look at what is one of the most popular anonymous in tools out there, which is the virtual private network. Now a V P N is a solution that allows users like you and I to send and receive data while maintaining the secrecy off a private network so it acts just like a proxy server. It sits in between you, the client and the Internet, but it's more powerful than it proxy server. And in what way is a VPN more powerful than a proxy? Well, unlike the proxy that does not encrypt your traffic a VP and would actually create an encrypted tunnel that secures the traffic between you, the client and the VPN server. So this is a fantastic way full enhancing security and also enhancing your privacy. Now let's take a look at a sample topology off a V p n. Now. Usually you would have your computer and you'll have the Internet with irregular connection , right both throwing a VPN server and things change. What exactly changes here? Well, unlike the proxy server, VP Enseval actually encrypt the traffic between you, the client and the VP and server, so your requests your I p address everything. All the traffic between you and defensive, it will be encrypted. The actual communication between the VPN server and the World Wide Web will not be encrypted, because at this point there's really no need to do so because the initial communication between you, the client and every principle was already encrypted. So this is one way how the VPN server is much more powerful than a proxy server. Besides acted as an intermediary, the reprints ever actually would encrypt the traffic between you, the client and the three pence of itself. There's one thing to keep in mind about the VP and is that in theory it can provide optimal privacy but not total privacy. This is one limitation about the VP end now. Besides the obvious advantages of a VPN being able to allow you to bypass allies, speed restriction, censorship, VP ends are becoming very popular and the walled off business because now you have employees who are able to access their company's intranet if they're in a different city in a different country by simply using a VP, ends of VP ends are becoming very, very popular in the business world. Now enough mention in the past that using an Anonymizer service like proxies or VPNs can slow down your Internet connectivity. However they're set of instances were using a VPN can actually increase the speed off your Internet connection. Take a look at this article from 9 to 5. Mac dated August 2013 to 17 and stays North VP and confirms that using a VP and will bypass the license. Third, fling off all video streams. Now, if you're not familiar with Verizon or what thought Lin is, well, villages in the one of the biggest I S P s in the United States of America and just like any other major iess be, they have their own limited plants where they promise you on limited data. But in reality, there is no such thing as on limited data. What they do is they would actually provide a cap. There is a limit to how much bandit you can actually consume, especially when using video services like YouTube or Netflix. So clicking on this link right here, you can actually take a look. Just go to the article right here, and then you'll see the one here that saves throttle all video streams. You can click in there, and this is the other articles over here. It's a Z ours. The Verge reports. As the verge reports, Verizon is splitting out its so called unlimited plan into three versions. Go on limited beyond the limited business A limited. Now you can see they have caps at 4 80 p on smartphones, 7 20 p on tablets and then the best being being a limited, which is capped 27 20 on smartphones and then 10 80 p on tablets. So even if you pay the so called are unlimited plan, you also have a cap on the video quality for smartphones of some 20 p and then tablets on 10 80 p. So using a VPN can actually bypass this cap it that can actually bypasses restriction and allow you to watch your videos at much higher quality, simply placing a VPN. So this is all those very few instances where using a VPN can actually increase your Internet connectivity. So that's it's a quick introduction to VP ends. Thank you, fortune. I will see you in the next class 27. Types of VPNs: Okay, so now let me show you some of my favorite VP. And so they said the ones have used before. These are the ones that I can vouch fall. And the very 1st 1 here is going to be North VP End. This is actually my favorite VP. And it's the best in my humble opinion, and I'm actually gonna show you how you would use not VP and in the very next video, But right now you can send the home page. You can see my I p address, my SB and my status is said to be protected. This is because I'm actually using a VPN right now, which means that this I p address and this SPR all fake It's not true the Cape. But I'm actually not using Nord VPN in using a different VP and and that is tunnel beer. The reason why I'm is Internal Bay is because I just wanted to show you how it works because 10 Albert is one of the very few VPs have actually provides you with a free version . The issues with the free version is that it's slower than the paid version, and then you only have 500 mega bytes. OK, but what I want to do is to go to Tom Better com click on the download link and then you can choose the version that's suitable for you again. Amoco, Mannitol Bay as a stock. If you're someone who's new to the world of VP ends, then you should definitely give tell bay a trial. So once you've downloaded and installed the app, this is the icon right here. Let's click in there. What's gonna happen here? Islam Atanasoff. First of all, what's gonna happen here is you will see the map of the world. These are all the service that they have to have in Japan, in India and Singapore on then, lots off service in Europe and of course, in night states Mexico, Canada and in Brazil. So these are where they have their servers. And against the right now, I've used about 22 megabytes of the 500 that I have for the month. And of course, if I upgrade, I'll get more. So the way this works is right now you can see the bear. This is my current location. I'm in Thailand right now. Now, if I wanted to tunnel all the way to. Let's say no way I'm going to click on Norway and then I can click. Yes, so right now what's gonna happen here? It's tunnel bit is gonna make it look like I'm actually browsing from Norway In case L. That's basically how it works. It's very simple Verse trade Ford. Over here, you have your settings button and this is where you can do things like Launch tunnel, bear on startup Do a anticipate of allied and so on and so forth. But I wanted to show you security. These two are very, very important. The very 1st 1 here say, is vigilant bear block all traffic while tunnel bear connects enemy connects. What this does is you're basically saying that you do not want any Internet traffic at all On less. Talbert is fully activated and working. So there are times when whenever you use in a V p and it might lose connectivity it trust to reconnect doing that period. You don't want any Internet traffic. That's basically what this does. She can turn it on, and this will really enhance your privacy. Second, Ghost Bay is a little iffy And the reason why I'm using that term is because it's not something that you should always turn on what goes bad. Those is that sometimes if you decide to use tall bear your eyes, P may actually recognize that. Hey, this fellow is trying to use a VPN. Let's block his connectivity. That happens a lot. And the reason why the able to identify that using a VPN is because obviously your traffic becomes encrypted. That's one away. How your I speak and identify that you are using a VPN. So what this does is when you turn this on, tunnel bay will make a look like you encrypted data is just any other regula traffic. So this can actually fool your eyes. Be so if you use internal, they are trying to use tunnel pay and you discover that you can't connect to the Internet. This would be the ideal time for it coming here and turn this on. However, if you've used to know bear, you're connecting to the Internet. No problem, and you don't need to turn this on because what is those? Is it? Basically, add another layer of security and it will slow down your Internet speed even further. So that's basically it for tunnel bear. Finally. Okay, You have trusted networks which you don't really need to go into an infinitely. You have your account where you would find your email address and stuff like that. So that's basically tunnel bay in a nutshell. Out encourage violence against you. Try it out. Let's go back to what I have over here. This the third VPN is going to be cyber ghost. I have you saw a ghost a few times in the past is actually quite good price and wise, they are not as expensive as North VP and but I don't think they're quite as good as North v p n. I think not appear is better than them. But still, Saira ghost is really good. If you've trade is another VP ends and you don't like them. You can definitely give cyber ghost a trial and the last one here is going to be pure VP and pure VPN is reputed to be the fastest of all the VP ends and personally, I don't know if that's true, but nevertheless, this is still a very good VP and you can actually use as well. So just to give you a quick recap, Nord VPN is my favorite. And I'll show you the very next video how she's not VP. And but then if for some reason you don't want to go ahead and stop paying for not keeping because they don't have information, definitely check how to tunnel bam. Download the free version. Run it tested out. See if you like it. And if you actually feel like to know Bay is great for you, you can just simply go ahead and upgrade to the pay division of fraternal bail. And then your last two options would be cyber ghost and pure VPN. These are the other two VP interviews before and that it was I can also recommend so thank you, Fortune. I will see you in the next class. 28. NordVPN: Okey dokey has promised. Let's not talk about my favorite VPN, which is the Nord VP. And before we go any further, I need to tell you that I am in a fuel eight funneled VP animal. This means is because I use them because I trust him because I convert for them. I promote not VPN whenever I can. So attacks to this video in the resource is you will find an affiliate link If you click on that link and then by not VPN service Through that link, I will get a small commission. As a result, I'm not trying to pressurise you to use in my link. It's really up to you. But if you use my link, I will get a small commission and I really appreciate it. But if you don't want to use my link simply go to Nord VPN will come and buy the service from there It's really up to you. So anyway let me know show you the back end off North VP and how it actually works. So right now you can see the map. This is what you would see once you start not VP end. You can see all the servers we have in different parts off the world, you click and countries and these are all the coaches were not. VPN has service in from Albania, Argentina to Croatia all the way to Vietnam. Now in each country, if you click on the menu button right now, same old over. Let's click on the many button. You will see the number of servers in signed off Moldova. Moldova has or looks like five or four. Let's close that Romania has Ah, lot of many has close to 37 or something like that. It's quite a lot. So to the fight, you will see two figures. Right now we have 3% and then we have for for 80.62 miles. What the percentage means is how low did this particular server is? So the law, the figure the better. All right, so 3% isn't bad at all. The mileage here represents how far you are from this network. So the greater the distance, the more times will take for it to connect to that network. And that could potentially affect how quickly you can solve for the Internet. But it really called in about not VPN is that it will actually recommend to you service based on your current location and in seven underwater. Commend for me is Thailand one and it's actually one of my favorites because it always works for me. But one of the villas separates, not VP, and from all the VPN is out there is thespian Sha LTE servers. These are specialty service dedicated of a specific tasks and the three one's honest talk about a double VPN owning of a VPN and into P two p. These three add extra layers off security to you already secured VPN connection double VPN . As name suggests, these actually connects you to to VP ends simultaneously so you can see the very first VPN that VP Annable then connect you to the second VP end before eventually connecting you to the Internet. So as name suggests, it's double VPN double the layers off security double the layers of encryption pretty awesome. You have onion over VP end. This is potentially even more secure. This does is once you've connected to your VPN network that net local. Then transmit your request through a series off computers before eventually which in the Internet. So this takes privacy to a whole new level. It's really Moodley awesome. P two p will offer you military grade encryption. It's perfect if you're torrential upload files or Dallas fouls or share fouls. The people all across the world, various intolerance P two p is fantastic for such thins and then we have settings. And of course, this is where you can change the basic and advanced configurations off north. V p n you have the option off auto connecting started, not depend on Start up and then you have the Internet kill switch. This is a very, very cool feature. What is does is basically, if you don't connect to not VP, and you will not be able to access the Internet. So if you're the kind of personal feels like I can't discipline myself to always use not VPN and advice to my computer, you can turn this on. This will always make sure that you start not even because if you don't start not VP, and you will not be able to access the Internet. We also have the app kill switch A really fantastic feature. What is those is if there are certain absent. You're running that you don't fully trust you. Comptel, not VP and to kill those APS to stop this absolute monument Ever. The VPN connection unexpectedly drops. So all you gotta do is to come in here, click on, add more applications and they can add those applications and that's it. It's a really, really awesome future. Over here we have the advanced settings. Now you really shouldn't be here. You don't need to temper with any of the sessions in here. However, the one thing I did change share was to change from UDP to TCP. These are the two protocols that work with BP end. There isn't why Sudhir was because by default nor VP and uses re DP. However, if you use not VPN and you're having trouble connecting to the Internet once you've activated VPN, you might want to communion and switch from UDP to TCP. All this depends on the configuration of the network adapter. So I'm not saying this will work for you, but it's something to definitely try first of all before you contact not ignored. Europeans are supported by the way their support is fantastic. Let no go ahead and connect So you consider it their be a connection to tail and one connecting, connecting connecting Thailand one, do you with me? Talam on over. Alright, this might take a few more seconds and Oh, actually, I think it's connecting. And there you go. Okay, so now we're connected to tile land. So now let's try soften of the Internet. I'm gonna go ahead now and open up and you tab and ah, let's go to Golden Comb, my favorite sucker website. So there you go. So you could see right now I'm able to access the Internet. It's naturally just a few microseconds slower than the owner of the connection. But, hey, your privacy is your security is far more important than if you extra milliseconds. So I really want to encourage you to start using VP ends. You don't have to use not VPN. It's not again. I'm not trying to pressurise you to use the North VPN because I'm affiliate. I really want you to get into the habit of using PPE ends. They're good for your privacy, they add. Actually, as of security for you, it's something you that you really need to get used to. If you don't like no VP in their order of opinions out there. Cyber ghost on obey the list goes on. But like I said, I've using a VPN for quite a long time now, and they all really awesome. I love them, and that's why I'm not feel it for them. So once again, you will find my fill it link in the description. When the resource is, you can click on the link and you can buy. No VP ends service. By the way, they do have a 50 day back morning guarantee so you can buy, not VP, and today and use it. If you don't like it, you can always request for your money back within 30 days. Oh, by the way, they also protect up to 60. Fice is simultaneously. That's another reason to go with North 50. And so that's it for not VP. And if you have any very specific questions about North VP, and please feel free to reach out to me all the more than happy to answer your question, so think is much fortune to video. I will see you in next class 29. VPN Myths Debunked: what I want to do this video is to debunk all of the major myths about using VP ends. Europeans are becoming more more popular, and as a result, you have a lot of people out there saying someone true and funny things about them. And I would like to debunk all the major myths. And this video, in the very first myth, is that a free VPN is just as good as a paid V. P n. A little question why you should pay for every peon when you have free alternatives? Well, I'm going to give you several reasons why you might want to pay for a VPN, and the very 1st 1 here is that they paid VPN. You have access to bigger data allowances. With a free VPN, you'll have a restriction a cap of maybe 500 megabytes to one gigabyte per month, but with a paid VPN, you'll have much bigger data allowances. Second, is this speed. A paid VPN will offer you faster speeds than a free VPN. It's a simple as that third you have better security. Better encryption with the paid VPN, most for Europeans will give you an encryption off 128 bits, but with a paid VPN, this can go as high as 256 bits Encryption. So, in a nutshell, you get what you pay for when you pay for EVP, and naturally, you'll have access to much better services than when you use a free V p n. The second myth here is that VP ends reduce Internet speeds Now, in all honesty, it isn't exactly a myth because it is actually quite true. VPN encryption can slow down speeds. But the truth is, when you pay for a VP and its speed is almost as good as an on encrypted connection, it's almost negligible. So I don't feel that Oh, if I pay for this VP and then my connectivity is going to go down, it's going to go south. No paid VPN speeds, actually quite good. And just as I mentioned in the previous electoral in setting conditions like with using video streams, VPNs can actually increase the speed off your Internet connectivity. The third myth is that the PM's can provide you with complete anonima tea and this is not true now. Yes, 200 for this is bit encryptions can be very difficult to crack, but they can still be cracked. That's just a fact. It's just ah, lot harder, but they can still be cracked and then logs off the use activity are kept and they can be subpoenaed by a court. So don't think, because using a VP and there is no active to local what you're doing, there is a possibility that your VP and could be keeping track of what you're doing via log . And then if for some reason the court asks your VP and to provide a log of your activity, they will have to comply. So that's another reason why VP ends do not provide complete enormity, and then third use of VPN can actually be established by an observer. If your eyes p or in nation state, or whoever is watching you closely, they can actually establish the fact that you are using a VP. And once they notice that they can't actually see the request you're making, it's almost easy for them to establish the fact that you are indeed using a VPN, and then they can begin to take the necessary steps to uncover what you're trying to do and then using a VPN can actually have your account suspended on setting the websites or services. So it's one thing to keep in mind about the use of a VPN. VPN can provide you with a lot of privacy, but not complete. Anonima t. The fourth Myth year is that all VP ends are equal and safe, and this is just the one that makes me laugh all the time. This is so not true. It's kind of like saying all cars are the same, their equal in every regard. It's not true, applies in speeds are not the same. You have certain VPs will provide you with a very fast pace, but also more expensive and a new have opinions that are not quite it as expensive but whose speeds may not be quite as fast. Second, major differences here is that VP ends set of Europeans can provide you with support for different platforms, so they provide service for Android's Windows Mac and so on. While you will have other depends that might only provide service for Windows as an example . So that's another thing to keep in mind, and then third letters. The levels very due to number of available servers you have a VP ends with a very robust and in above service that they have all over the world. But then you also have some other VIP Ian's that may have several Onley in the United States and Europe. And as a result, if you're trying to use such a few pain from, let's say, Africa, your letters levels can be a lot higher than if you're using a VPN that actually had a several in the African continent. So that's another thing to keep in mind now, when it comes to security and safety, well, a VPN is not an all in one security solution. Just because using the VPN does not mean that you completely safe the use a VPN is just a part off the puzzle. As an example, a VPN is not a substitute for an anti virus. While everything can provide you with a lot of privacy and a settler of level off anonymity , a VPN cannot protect you from the Harris is so don't think VP ends are all in one security solution, like some people do. The final myth here is that Europeans are only for advanced users. Now, obviously, using a VPN is not for a nervous user. If an individual doesn't know how to send an email or what a video lined, and obviously they cannot use a VPN. But for most users like you would resume, using a VPN is actually not that complicated is actually quite easy to set up. So if you've ever had that doubt in your mind, that oh isn't a VPN is too complicated. I have to be like a hacker. I have to be like a genius. That's not true. You can use a VP, and it's actually quite easy to use so that those are the five major myths that bunked. Thank you for watching. I will see you next class. 30. Using Tor: all right, So let's talk about one of the most popular tools out there for Anonima t. And that is going to be toll tour is, without question, one of the most powerful tools you can use to provide you with some anonima t. Went your browsing on the Internet. So what I want you to do right now is to go to Tor Project Ogg. Simply go to the site and you can go ahead and download Tor. It's free. Click on the big download button right there. And of course, they have different versions for Windows for Lennox for Mac, So download the appropriate version for your open system. But if you've instant note about tour, is that first of all, it is different from a VPN right? VP ends Focus more on privacy. Two, on the other hand, focuses more on and nonentity, so that's kind of like a key difference between VP ends and talk. Now on the download page, there are some useful hints and tips from the Dave's on how to use tour, and you really need to pay very close attention to this tips. First of all, they say, use the toll plaza right Tor does not protect all of the competences in traffic when you want it tall only protects your applications that are properly configured to send very Internet traffic through tour. All right, so to avoid problems with talk configuration, we strongly recommend you use the tour browser, which we'll talk about in just a second. The next up is don't torrent over torso. If you're the kind of person who uses torrents, you don't know. Use that with tour. It's not a very, very good combination. You really don't want to do that. If you're going to use you're Tolins, you're better off using a VP and instead, all right and see don't enable. Installed girls are plug ins. They say Toe Basel will block was a plug in, such as Flash will play a quick time. They can be manipulated into a villain your i p address. So again, if you're gonna use tall, make sure you don't have any brother plug ins enabled or installed, they can harm your nonentity. The fourth of TPL is used eight to DPS visions off websites so it stays tall, will encrypt your traffic tour and within the tor network. But the encryption of your traffic to the final destination. Upset depends upon that websites, all right, so it's kind of very similar to a VPN. Remember that in a VPN, the traffic between your computer and the VPN server will be encrypted. But then the final traffic from the VPN server to the Internet will not be encrypted. So it's kind of very similar with talk, except that Torre says, that to help and show private encryption to up sites, Tall Brother includes https everywhere to force the use off https encryption with major websites that supported. And I will show you this in just a second as well. Now fifth, and this is probably the single most important tip. Whenever using tall, don't open documents downloaded through tall while on line. If you're using tour, you go to excite you dollop video, a PdF or text file. Whatever. Do not open that file while you are still on line. If I don't open a file and make sure you are disconnected from the Internet, and the reason why is because when you open those files while you're still online, your real I P address can actually be revealed so It's kind of very similar to what we have with the don't enable installed browser plug ins because they can be manipulated into a villain. Your real I p address. So again, if you're gonna download documents while using tall, make sure you don't open them while you're still on line, right? That's the key right there. And finally use bridges and or fine company. Torre tries to prevent Attackers from learning what this national upsets. You connect you, however, by default. It does not prevent somebody watching your Internet traffic from letting that you're using tour. So it says. If this matters to you, you can reduce this risk by configuring talk to use a tor bridge. Really, rather than connecting the little to the public in my humble opinion, you don't necessarily have to use a tor bridge. Really. It's kind of when you're using tall and then you combine it with VPN, which we'll talk about later. Your privacy and anonymity is our idiot on very, very high levels. So using a toll bridge, really, that's really taken anonymously to it, to the to the extreme, in my opinion. But anyway, once you've downed their tour, this will be the This would be the icon right here in the caves. I'm gonna go ahead now and click on the icon. So this is what you will see. This is the tor browser itself, and it stays. Welcome to Tor browser. You're now free to browse the Internet anonymously. What you can do is you can click test for test tor network settings. All right, so you can click on this link. Wait here just to see if everything is in good condition. Our asses. Congratulations. This brother is configured to use Tore. Your I P address appears to be this. So this is the AP. Just a tour will show the world that Oh, yeah, this is my i p address. Which is, of course, Fiqh. All right, if you other things to notes over here where you have, like, an onion, you can click on the dollar button, all right? And basically, you can see right now that this is my torch. Second, we'll talk about the topology off tour in just a second. But right now, this is kind of like how it works from my browser is going to go all the way to France. Then the connection go to pull under to go back to France, and then finally, the Internet. So this is kind of like the pathway that my Internet traffic will go through right now as it is that I'm gonna go back and I'm gonna click on the onion button again. The download button, the job Dumbarton! Sorry. Now you will see something called the Tor Network Settings. You can click in there and you have three additional sentence over here. First of all, if you are in a country like China, Iran, we're told maybe sensitive. You can definitely take the books right here to help you with your configuration. If you're using a proxy again, you can also check this box and then finally, if you're using a firewall that only allows commissions to set imports, you can check check this box as well. All these are meant to help tour figure out the best network configuration for you. So these are three additional options to choose from. If tour isn't working for you now, you would also notice that over here to the right, we have the S one. This basically means that https has been encrypted every way. So every site you visit, you will have the https configuration. So now let's talk about the actual tort apology itself and how tall walks behind the scenes are already familiar with the topology off a VPN where you have your clients complete on the left, you have the Internet, all right. And then you have your VPN server in between tall walks very differently and over. You won't assure you the very first image, which is from the tour website itself. And over here, this is Step one off. How talk actually works. You have Alice Alice, in this case, we're now being your computer. The very first step your computer's gonna do when it's when in tour is that it obtain a list off tor notes form to the Victory Server. The tor nodes could also be irrigated as the pathways, the different pathways your computer can take to reach its final just mission, which is the Internet to consider the way, too. We have the different nodes. And then we have Jane and Bob, which are two different websites. Let's say Bob is Facebook. Jane could be google dot com. So step two right Now, once your computer has gotten the least off defense paths, your tor browser is going to peak one random path to the decision server. So this gets right now, you can see Bob at the bottom right there. Let's say Bob represents facebook dot com so your computer Alice is trying to go all the way to facebook dot com. The Internet traffic is gonna pass through all this nodes white here, and because it's in green, it is encrypted. So the traffic passes through the very first node goes. The second note goes to the third noted, and finally, that thought note passes your request to facebook dot com. Notice that the link between the last note and Bob is in red judgment. It is on encrypted. So again, this is one similarity between tour and VP and the very final. The final traffic between the last exit node and the Internet will not be encrypted now in Step three, if you decide to use talk again, your client is going to choose a different pathway. It's not going to use the same pathway it used the first time, so now you can see that the path is a little bit different from the very 1st 1 But then again right now, you can see that the destination this goes right now is Jane Jane be being google dot com. She can see right now that the final exit node right here is different from the initial path that went to Facebook took home. So this is how tall walks tall would never use the same pathway more than once. Every single time you try to go on, the internet is in tall, tall will choose a different pathway each time. 31. Tor Weaknesses: all right, So now that you've been introduced to Tall, I would like to tell you the major weaknesses off Using this particular kind of technology now tall is fantastic, right? It's very popular. I It's great for making you anonymous, but it does have some weakness is it's not a perfect technology. And the very first major weakness of using tour is the fact that if you do use tour, you could be marked ours an extremist or a person off interest. Now take a look at this article from Silicon Angle, and it's a Zen Esa's X key score dissected all tour uses marked as extremists. Okay, now this in itself by the NSA is quite extreme to label all toys as extremists. But when you think about it, they you can kind of understand Were they coming from and think of it this way? Okay, we do know for a fact that you have good people who used to call purely for the visions of staying anonymous. But then you also have other people, bad people who used tall to commit illegal acts like selling drugs, Dylan and child pornography, and so on and so forth. So due to the fact that the NSA and the authorities in different countries cannot tell they can't differentiate between those who you store for good purposes and then those who used to for bad purposes. They unfortunately have to label every single tour user as an extremist or a person off interests. It's just the way it is. So keep in mind that you do want to risk or been labeled as a person of interest. If you decide to use talk also, the N S A in particular and other intelligence agencies around the world, they are constantly looking for ways on how the comic tall, less effective. So it's It's a constant battle between the authorities and the developers of talk. The authorities want to make sure that tour is ineffective while you have the developers of tour who keep on bringing out new ways of making or keeping tall as effective as it is. But you should know that behind the scenes the N S A and all these other intelligence agencies, they're constantly looking for ways to make talk less effective. So the first Mitchell bigness is if you use tall, you could be branded as an extremist or a person of interest that the major weakness of tour. And that's one of the reasons why I personally don't you store unless for very, very, very specific purposes. The second Mitchell bigness of tour is the fact that it is complicated. It is quite complicated to use tall and used tour effectively. There's a massive difference. Massive difference between just using tour and actually using tour effectively in order to use tour effectively. You do need to have a deep understanding off how the Internet works and how networks work. If you don't have that understanding your on the risk off mishandling and misusing talk. Also, it's not just about you having a deep understanding of how things work behind the scenes. You also need to have the necessary software. It is always recommended that if you're going to use tall on a regular basis, do not install tall on Windows or Mac windows in particular, because the Windows Open system does have a lot of loopholes. So if you're gonna be using tall on a constant basis, install tour on Olympics open assistant, preferably the Debian Arlen. It's open system that is way more effective for you don't install tall on windows. So this is another basically another step that you have to concrete from to your store. You have to have the deep understanding of how things work behind the scenes. But you also need to have the necessary software and open systems to on tour effectively. Another major disadvantage of using tall is the fact that you accounts can be suspended, especially if you're I S B has some sort of agreement riff you where they claim that you know, if you're using tall, they have the rights to suspend your account. They can do so if they know using tall. Also, there are a lot of websites that simply block tour users. If they know using tall, that will block your connection and you have a list of many of them. Over here, you have quicks list. Nike Hilton. You have Fox News Shop clues, Best buy and so on. And so far, there are a lot of websites nowadays that when they realize that this incoming connection is from a tour network, they will simply block that connection. So this is on the major reason why using toward may not be such a great idea. All right, so those are all the three major weaknesses of reason to all. Join me The next class, we'll we'll take a look at a very specific way on how tall is actually attacked by hackers and intelligence agencies. Thank you for watching. 32. Attacking Tor: Now let's talk about the major attack against Tall, and this attack is known as the end to end coalition attack. So how does this work now? We already know the topology off a tour network. You have your complete on the left. You have the Internet on delights. Now you're trying to connect to the Internet using talk. What happens is when you launch tour, Tall will generate really notes. Once you start your browser, your top wells it's will choose a random path to the Internet. In this case, right now, you can see that the initial connection goes through. It passes through the first note, goes to a second or the third note, and then finally it goes to the footnote, which then passes your request to the Internet. Now it is worth knowing that the very fish node on the tour secret is called the entry node . That is the very first note that your request passes through, and the final note, the one that passes the final request to the Internet, is known as the exits It node. Remember very, very important that the actual connection inside off the Tor network is encrypted. But the final communication between the exit node and the Internet is on encrypted. This is really the real danger lies in. If a hacker is able to somehow gained access to that, one included information, and they are also able to get access to the initial communication between your computer and the entry node. They can establish who you are, and this can be. Don't simply by correlating the film off transmitted data all by comparing the times at which packets are transmitted. So this is what is known as the end to end correlation attack. This is why it's always recommended that whenever you use tour your initial requests. In fact, all your requests should always be encrypted. You should always use https or SSL whenever you're making your initial request to the tour entry note so that this way, the entire communication will be encrypted from the beginning until the end. And if the final communication between the exit node and the Internet is encrypted, it's going to make it a lot harder for a hacker to figure out who you are. This by this recommendation and the actually of security tour is still susceptible, and this is because whoever is in control off the exit node off your connection can see your request. And just like the hacker, if they are able to get access to the initial requests you made to your entry node, they can figure out who you are. Remember that all these relays, all these notes are managed by volunteers. And this is why for tour to work effectively, the volunteers who minded these notes have to be trust worth. You should also know that the developers have specifically addressed this kind of attack and take a look at this article from the tall blawg. It say's that the tour design doesn't try to protect against the attacker who can see or measure both traffic going into the tor network and also traffic coming out off the tour network. The way we generally explain it is that Tall tries to protect against traffic analysis where an attacker tries to learn whom to investigate. But talk hands protect against traffic conformation, also known as the anti and coalition where an attack, a trust to confirm a hypothesis by monitoring the wet locations in the network and then doing the math. So there you have it the deaf so specifically said that they cannot prevent at Attackers or hackers from trying to collate traffic from the entry node. Toothy exit notes. So that's one thing you should keep in mind. Looks like the end to end collision attacks are here to stay. Now, while we're on the same page, let me also inform you off a second type of a technology as the tag in attack. We're basically the attacker is able to modify the initial connection between your computer and the entry node and then can check to see ive. That modification exists at the other end between the exit node and Internet. If they're modification is there, then the user knows that. Okay, This particular connection is from the original question that I attacked that were able to establish who you are. That's known as the tag an attack. So that's it for the middle attacks on Tall. Think of watching. I'll see you in the next class 33. The Dark Web: and pretty sure you've heard off the dark Web before, which is supposed to be the other side off the Internet, where you have all sorts off shady people, like drug dealers are people went to child pornography. That's basically where they all meet to exchange services and communication. But I should also let you know that it's not every person who visits the dark Web. That's a bad person. Sometimes you have people who visit the dark Web primarily for educational purposes. And what I'm gonna do in these videos, I'm going to show you how you can actually access the dark Web. But before I do so I need to put out a disclaimer. Okay, I am not in any way encouraging you to visit this sites and then use the services on these sites. I'm not in any way encouraging this. I'm only showing you this because it's educational, and I feel if you're taking a course on cyber security, you should know about the dark Web. You should know how to access the dark Web. That's the only reason why I am making this video. So please, if you do visit any of the sites and you decide to make use of the services and you are caught. Please did not mention my name again. I am not in any way encouraging you to make use off their services with that being said before we progress there a few things I need you to do to protect you from possible questioning or interrogation in the future. Who knows? I'm not saying it's gonna happen, but there is a chance it could happen if you don't take the necessary steps to protect yourself. So first of all, go ahead and start your VPN. You can see right now I have my not VP and switched on its turned on. So please go ahead and use your VPN if you don't have VP and then, at the very least, start your tour browser. This is my tor browser right here. Make sure you start it. One thing you should absolutely not do when you've wants tour is to expand the window, keep the original size off your window that pops up when you start the tour. Browse up. Believe it or not, if you decide to expand the window that could actually be used to trace the kind of device you are using. So if you've made the mistake of studying tour and you've exponent the window, closed the window and we start tour and keep the original size that shows up Okay. Once used at a tall go to the bottom right here the onion click on the except on Advil and then go to your security settings. Switch from standard all the way to safest. Very, very, very important. All right, click OK, and now you are ready to proceed to the dark Web. Now go to this site in your torpedoes to go to this site. Https paste, being dot com z 77 m y three k Go to that site now, once you're there, basically what you're seeing, right here are the deep Web links. These are links to all sorts of different kinds off services. She school old way down here and you have a bit coin laundry as an example. Let's go ahead and open this upon like in a new tab and let's see what's going on there. You have counterfeit U. S. Dollars double your Bitcoins high quality tutorials. Let's see what this one is all about. Open delegate in new tab. Let's keeps cooling down at a something called Project Evil. Discounted drinks Kouds, UK guns and ammo. Okay, let's keep us Cool it down. You have the hitman network. I don't even want to click in there. It's keeps going down. Let's see what else we have here. We have cannot grow for Bitcoins. Okay, let's open this and see what this is about. Let's keeps cooling down. Let's see what else we have. So you can see right now that some understates actually not open in. So sometimes their particular link maybe down due to one reason or the other. So you can always check back if you want to. But Kamakura for Bitcoin is actually open. And what is this? Uh oh, there. Viagra tablets. Very popular, successful and widely accepted treatment for erectile dysfunction. Wow. Okay, so I guess here you can basically buy Camargo in exchange for Bitcoin. That's how. Oh, by the way, Bitcoin is the possibly the only way Hey can actually pay for services in the dark web. So you basically by your camera guy and you pay in Bitcoin So do I'm just gonna go ahead and go back in here. Let's go ahead and close the first a lynx because they were not opening. Let's keeps cooling down. They something, Something here. An open letter to revolutionaries. Let's see what this about upon that Lincoln in you Tab, uh, keeps cooling down. Oh, put Mike on on most GTs firm safe platform, sweets, email and so on and so forth. So ah, lot of this over and a hackle. It's what is about So you can also rent hackers on the day. But there's basically nothing you can do in the deep Web. Lend a hacker experience Hacker offering his services. Okay, All right, so, Well, there you go. That's basically the dark Web. In a nutshell. You come in here and you can find different kinds of links to different kinds of services. I'm gonna go ahead and close all of this. Another side you can visit to search for deep Web links is a h h m i a dot f I. So in here you can simply coming here, type in your key award and then click search. There's an example. After I've been hacking and click Search and you have all these deep Web links to different kinds off hacking services, information and so on and so forth. So this is another tool you can use to search for deep web links. And finally, you have the least off tor hidden services. Simply go to Wikipedia and search for the least off tor hidden services. So all these are divided by category. You have commerce, you have communications, financial, government, whistle blowing as well nonprofit organizations. Uh, Okay, well, I'm not even gonna talk about that. We have search engines, social media on films, and so on and so forth. So again, I'm hoping that you're not someone who's going to make use off any one of these services. But again, as a cyber security specialist or someone who wants to learn about seven security, you should know that this services do exist. They are out there. There are people who pay for the services, and you should know that it exists. And you should know how how it happens, how you can actually get to these sites and how you can Well, in theory, pay for these services. So that's it for the dark web. Thank you for watching. If you have any questions about this particular video. If there's any particular information you want to share, feel free to reach out to me. Think if watching. And of course, as always, I will see you in the next class. 34. The Darknet: Let's talk about some other websites classified on the dark Web. Now these are Web says, that allow you to do the thinking of things. Another Muslim, the very 1st 1 here, is going to be free net. Now this is a very straightforward services. The software, actually that you can download and install on what it does is it allows you to browse websites. You can post questions and forms. And, of course, you can also do all of these and 19. Mostly, that's the beauty off free net, so it's free. You can go ahead, download it and use it to build up sites anonymously. Next is going to be the I two p. This is also known as the invisible Internet Project. It basically lies to do everything online and non immensely. So it is a software that you can also download and install, and they also have it available on Mac, the next Libyan and also on enjoyed. I do have it, and I'm gonna show you a quick peek into the interface in the lunch the browser and there you go. So from here, one of the very best services that you can get with a two p Ease email. You can actually send emails and receive emails anonymously, and I'm trying to open the link right now and Okay, there it is. It took a while. So here it is. You can create an account with a cheap email and you consent emails and receive emails. And none of mostly that's one of the best ends with I to Pete. They do have torrents. You can click on tormenting and at Turin's Create Alliance and Donald Files as well. And they do have hidden services off interests. You can take a look at all of them now. You can't just open them just like that. You do have to use a certain service to open up these services. And if you've been fooling the course, I'm pretty sure you know what service you need to run another to open up this hidden services off interest. All right, let's jump back. Next one is going to be worn swamp now. I have never actually used this service before, but I do have people in the industry friends of mine who have used it, and to say it's pretty good. The thing about it, though, is If you are specifically on Windows 10 you're out of luck because they don't have vision for understand. They do have for me 27 Vista XP. They do have for the Mac OS X and Linux excited to beat N 64 bit, so you might wanna take a look at this software. Last Panelist is retro share, and this is one of the very best off the bunch. Think of retro share as kind of like Facebook, but then it think of it as a private Facebook where you can share pictures, committed the offence and family and without worrying about any third parties pine on your pictures or invading your privacy. It's really awesome. You can see screenshots of how it looks like. So if you ever wanted to quit Facebook and just have, like some sort off encrypted private social media, you can post photographs committed with your friends and family. Veteran share would be my top choice. It's really, really also making chat, send email, share files, post links, messages and firms, and so on and so forth. So Vetra share is definitely one of the very best off the dark Web website, so to say so that's, I think, is what fortune and as always, I will see you in the next class 35. Combining VPN and Tor: Now that we've talked about Tall and VP ends, the natural question might have is, well, can we combine both of them to improve our levels of privacy? Anonymity? And the answer is yes. We certainly can. A few things to point out, though, remember that VPs provide more privacy, while top of IEDs and non mitty VPNs are generally faster than tall. But the good news, like I said earlier, is that you can combine both of them to mitigate the drawbacks of reason. Either technology, exclusively the major Khan of combining both tall and VPN, is that well, your connection can be quite slow. That's the major corn. Now, when it comes to combining both tor any VPN, there are two ways. How you can actually achieve this on the first way is going to be connecting tour through a V p n. So what you have right now is that you have your complete on the left and you have the Internet on the right. You have the VPN server right now sitting in between your computer and the actual tour network. So what happens here is that your request goes through the VPN server, which will then be transmitted to the Tor network with Richard Entrance meets your initial request finally to the Internet. Now, the pose of this kind of connection is that first of all, the use off tour is hidden from your I s b. Remember that David Peon serving this case will provide you with privacy. So the use of tour will not be known by your I s P Second, the tour entry note will never see your i p address. But that off the VP and because the VPN server is now sitting in between your computer and the tor network and finally you will have access to hidden tor services and the websites, which is really, really important On the flip side, the corns here as that first of all, your VPN provider will still know your real I p address. So you're not really gonna be anonymous because your VPN provider will still no Your natural I p address is, and in second, the tour exit notes are on encrypted and they can be monitored. So there's on the major drawbacks off such a connection and finally taught exit nodes can be blocked, which is in general a common issue with using tall. Now, the second kind of connection is going to be the VPN through the tall connection, and this is a bit more complicated. So what you have right now is you have your competent left. You have the Internet on the lights. Now, in between your computer and the Tana talk, you have the padlock that Pavlik is actually in Quip shin, provided by your VP and server. So the initial request you make from your computer to the Tana Talk will be encrypted. That traffic will then passed through the tone. It's walk to your VP and provider, which will then relay that your request to the Internets. That's basically how this topology works. Now the major pros here is that first of all, it's going to bypass all blocked exit nose and Second, your VPN provider will not see your real I. P address. You become really anonymous because, well, your tor networks. It's in between your computer and the VP and servant and finally you have protection from militias exit nodes due to encrypt the data entering and exiting the tor network. Remember this encryptions provided by your VP and server, the Mitchell cones here is that Well, the VPN provider can still see your traffic So you don't really have that much privacy. But due to the fact that you actually have real anonima t, this really isn't a major corn, and it's going to be more susceptible to the end to end time and attack. But overall over world, the VPN through the tor connection provides strong anonymity and is more secure than the tall through VP and connection. So now let me show you how you connect to talk through your VPN. Using Lord V p n. All you have to do is to go to countries and then you click on specialty servers and they're gonna click on Connect to Onion over V P n on your means, Theo non voter, which is essentially tall. So all you have to just a click in there and automatically not VPN will choose the best server for this. So this is basically you connecting to Tor through V p n. It is not connecting to VPN through tor. Unfortunately, end, you already know that connecting to your VP and through tour is more secure than connecting to talk through your VP end. Unfortunately, only very few Rvp ins actually provide that service. We can connect to them through tour. Nevertheless, connecting to tour through your VPN is still a very secure way off browsing on line. So there's basically how you did out with Nord VPN. Every other VPN out they would have similar sentence, so that's it for combining VP ends and tour. If you have any questions about this particular electoral, feel free to Children. You think if watching and I'll see you in the next class. 36. Meet Eldo Kim: meet elder Kim back in 2015. Elder Kim, a Harvard University student, was due to have an exam on him on the morning. Unfortunately, Elder was not feeling particularly confident about taking the exam, so he decided to come up with a master. Planted, postponed the exam. So what did he do? He wrote an email to the school authorities with the title bombs placed around campers and in the email claimed bombs had been placed in four buildings. Now Elder took some steps to try and be an animal Swinson in the email. First, he used guerrilla mill service, which can be used to create temporary in a non most email messages. And he also used stole when sending the email. There was a result of his email. The habit book is called the FBI, the Secret Service and the Boston Police Department. The buildings were evacuated and, of course, of the exam was postponed. L'd oh thought his plan had worked, But two days later, the authorities showed up on his doorstep and he promptly confessed. So how exactly was he traced? Despite the steps he had taken? The big mistake, El Tomate was that he sent the email using Harvard's local WiFi. You see, Elbow did not realize that the I s P in this case, they have a network could tell when they use a uses Tall. Furthermore, connecting to the Harvard network meant the Mac address of his computer will have been registered another for him to log into the network in the first place. All the authorities had to do was to check to see if anyone had used talk at the time the email was sent and it didn't take long for them to find out it was poor eld. Oh, now that you know what Elder did wrong, what lessons can you learn from this? What do you think you should have? Don't differently. What extra steps do you think he could have taken to protect himself? 37. Malware Section Preview: no sign mistake. Articles can be complete without talking about malware. Now, I never really think about malware in pop one off this Siri's. But in this section, we're going to go a little bit deeper into the world or Moloch. Specifically, I'm gonna show you exactly how you can choose the right kind of anti powers. Softer because we know there is so many of them. All of this. How do you choose the light? One I'm also going to do suits you a wide variety or do you think kinds of anti malbert products such as blood bit marble bites and so on? I will show you exactly how you can use these tools to fight against Molly. Ready? Let's jump right in. 38. Introduction to Malware: Okay, so let's talk about Mal. Where? And I'm pretty sure this is a word that you've heard before. Unfortunately, this is also award that is always misused by a lot of people. So what exactly does the term mal away? Meanwhile, malware is the collective term for all malicious forms, off software and programs. So whether you're talking about viruses, worms would kids. All these are types off mild. Malware comes from two words. Malicious and software. That's how the wooden Mahler was from, says, basically the general term for all these malicious programs that can harm your computer and your data. One very important thing to note about Mall Way is that there is no all in one solution. A lot of who believe that. Oh, if I have in a diverse on my system that I'm fine, it's gonna protect me against viruses and in wombs and Georgians. No, that is a life. Having an intervals helps, but it's not gonna protect you from all the different forms of model that we have out there . So it's important to note that when it comes to mile, where there are so many forms off model, but the main ones are viruses, warms Trojans, got good kids, van some way and then exploits. But you also have spyware, adware, logic bombs and the list goes on and on. But these are the six mean ones viruses you for the viruses so many times before. These these are easily the most are popular forms off malware. Now various is replicated themselves by contaminating lady programs with their own code. That's how they are able to spread. They first have to infect a program before they can begin to spread warms. On the other hand, they can self replicate, which means that they don't have to attached themselves to any program application. Once the immune system, they can replicate themselves and then spread through the network. Trojans are very dangerous, and it's because they pretend to be real programs. You might have gone online before, and you see this new software that helps you convert our YouTube videos to an MP four format or something like that. They might think, Oh, this is actually a really good littered program. Let me go ahead and download. Install it. That could actually be a Trojan. So that's out. Virgins operate. They pretend to be alleged applications to pretend to be games. You install them thinking Oh, yeah, this is This is great. I know you actually have a torch in winning on your system now. Good kits. There is a very specific reason why the I read, and that's because these are quite possibly the most dangerous form of malware. These guys are extremely nasty. They are very hard to detect and very hard to eradicate. One. Make them even more nasty is the fact that they provide access to all unauthorized areas. What about kids? Way Very soon. And then you have around some way. These are becoming more and more popular. Basically around somewhere from of Mulberry will block access to data programs until a ransom is paid. So it's basically your system being hijacked, paid his ransom or say goodbye to your files, you know, stuff like that. And then we have exploits. These guys take advantage of Boggs and vulnerabilities that might exist on your open system or any of the applications of programs that you're currently when in on your PC. So these are the six main types off Mulberry out there now, before I round up this quick introduction. I want to show you this graph that I got forms that ista any physical demonstrates the number off new malware specimen created every single year. And he consider numbers are wise in from 130,000 back in through the 2007. 10 years later, we're havin projected numbers off over seven milion, new forms off, mildly created. And, of course, various is are the very top it for 9% origins, 30% warms 11%. Severa assist. Origins and warms are usually the three main forms of moderated constantly being created. However, around somewhere like I said about some was becoming more and more popular. So it's kind of ridiculous how many forms and types of defense off Faris Eastwick is that we have to worry about. It's it's insane. So this is just let you know that really mile way. It's something that you need to take very, very seriously. It's one thing Teoh to worry about the N S A. Or advertising companies spine in your privacy, and it's quite another to worry about marble, which can actually destroy data that you have on your system. So thank you so much for watching, and I'll see you in the next class 39. Viruses and Worms: So let's talk about the two major forms off malware, which are the viruses and warms very similar and what they do but are actually different in the way they operate. So what exactly of ounces and alarms? Well, they're basically malicious code that is developed to change the way a computer or a network operates. Always keep it in the back of your mind that various is and warms attack network systems also not just computers but also network systems as well. Now there is a major difference between houses and warms, and that is the fact that while a virus would require an active host or and already infected system enough to unsuccessfully, a warm, on the other hand, is self replicating and self propagating. Now what this means that a warm or warms can spread themselves without any help. They have the ability to reproduce on their own and spread themselves toe all the networks and computers without any help. Viruses, on the other hand, require an active host or an already infected system. Enough for them to long successfully. That is the major difference between the two. So you could say that warms arm or advanced than viruses. Now let's talk about Vallis is in general. Well, there are four basic stages in which a veils goes from been developed to actually causing harm on a computer system, and the very first stage right here is a very well typically attach itself to an executable file or award document. That's typically how they attached themselves. And then they will spread via email attachments, infected websites and flash drives. These are typically the three major ways how vows is are able to spread themselves, and then, once they get into a computer system or a network, many verses can remain dormant until the infected file or system is activated. So if vows to be written to Onley act when something has actually happened on a system, say, for example, a veils could be written to become active only when a user visits a particular website. That's how developed valances can be. And then once they're activated, the veils goes onto course destruction. That's basically how various is operates with warms, even though they're more advanced the way the open is actually very, very easy. They first of all, spread themselves or enter systems via nettle connections or downloaded files is a basically the two ways how warms are able to enter systems, and then was they do so they can make copies of themselves and then spread again. Vire in network or Internet connection kind of like Agent Smith form the movie matrix. If you haven't seen it, go ahead and see Matrix. It's a wonderful movie, so going back to Vallis is again wanting you to keep in mind is that valances can vary widely in their objectives. Warms 99% of the time, warms our destructive but various is can vary widely in the way they operates. For example, you could have some viruses that are purely destructive. Their intent. The objective is to destroy files. That's all they're there to do. But you could also have some various is that won't slow down system performance, so they're not really destroying files, but they are there just to slow down the way a competent system operates. And believe it or not, there were actually some viruses that are known destructive, that is their late in Paris. Is there just there? They're not really doing anything that not causing any harm there. Just there now the three best ways. How you can fight against valances and warms would be the use off Ontiveros and anti malware products. These are some of the two best ways they can fight against Paris is in warm ups, but it could also restrict the use off flash drives. Remember that vows is, and warms can spread rapidly with the use of a flash drive and then finally scanning email attachments still one of the most popular ways how warms in particular are able to spread via email attachment. So whenever you see animal attachment, always be sure that it is from a trusted source. Or make sure that you use can before you download it to your system. So with these three methods, you can hire really restrict the effectiveness off houses and warms on any computer system on the talk system. 40. How an Antivirus Works: So let's talk about one of the most popular, always off protecting systems against viruses and hackers. And we're talking about the anti viral. So what, exactly is an Auntie Vera's well and enter? Verus is a software that is used to protect a computer from all way. This is about the simplest explanation one can give as to what an anti virus is. But how exactly does an anti verus work? How does an anti virus identify if a hail as well There are basically two ways, and the very first will be to use something called signatures. Now is signature, refreshed to a pattern off data or behavior that is known to be related to an already identified malware. Now, take a look at this image right here. We have to the left. We have the source code off an executable file. Now what happens here is the anti virus will scan the source code off the file, and then to the right, you can see that there is a dictionary file or a database where the anti virus has all the cold off. All previously identified Violence is so basically, the antivirals would compare the source code off the file toe what it has in its dictionary . If there's a match, that means that that file is a valueless. If there's no match that it means that the file is possibly illegitimate, file the other way would be, for the anniversary employ something called a hubristic method, where the anti verus is able to predict that a file is militias by simply stored in its behavior. Now, one of the key ways how the intervals can do this is by using something called sandbox testing in a sandbox testing. Basically, the file is allowed to loan in a controlled virtual environment to see how to file actually behaves. So the thing here is that the antivirals is acting like a predictable. It can tell that in the future or in the near future, this particular file is going to become militias by simply starting how it's acting. The downside here is there. There is a possibility off something called a false positive of a very popular terminology . In the world of I T security, false posting means a legitimate program was wrongly classified as a mile where so there is the tendency for an intervals to Longley predict the legitimacy off a program. However, this really happens most of the time when an anti Vallas detective vows through hubristic methods, it's very often correct. One should take note of that. All right, so what exactly do we have under the anti vowels or privations? Well, we have on access scanning, where the answer veils constantly checks every file or program that is opens is basically an anti virals on demand. Every time a new fell is open, the intervals checks to see if that file is legitimate or not. And then there's, of course, the full system scan where the antivirals would want a full system scans. Can the memory the hardest? Make sure that the entire computer is free off viruses? Speaking of viruses, there is one particular kind of virus that you should know off, and that's called the poorly morph IQ virus. Now this is a various that has the ability to morph or change It's cold, making it very difficult to be detected. Polymorphic viruses are one of the most difficult kinds of viruses to detect. The good news, though, is that many Ontiveros software these days are becoming more and more able to detect polymorphic viruses moving on what separates an antiviral software from another? Well, there are basically two off them. The very 1st 1 would be the ability to detect viruses so different and develop systems will have different rates off detection. Some are better at detecting Valassis than others, while orders could use less. Resource is some anti viruses would use lots of stem resources like the process saw the memory, while others will not use quite as much. So that's basically an introduction to anti virus software and how the walk Thank you for watching and I'll see in the next class. 41. Choosing an Antivirus Software: all right, so we took the bolts fire assays as well as the anti virus. But then, how do you determine the right anti virus software for your PC? Because we know there are so many companies out that we have. McCafe is Kaspersky Norton, their semantic, vast defender and so on. How do you decide to light anti virus product to go with before I answer the question? I need to point out something first. And as a fact that anti virus determines Evaristo, even anti virus companies. They have evolved far beyond just providing you with protection against viruses. Take a look at this cusp. Ask as an example. Under the home products, they have anti virus. They have Internet security, and they have total security. Okay, Big Defender has anti virus plus Internet security and total security. So this is a regular thing you'll likely find with other anti virus companies. Now they provide you with all the products and not just the regular anti virus product. So what that will separate these kinds of products? Wanna know? That would be the additional features that they provide. So, as an example, Internet security focused basket will provide you with more protection against our save regular anti virus. So readily divers will protect you against viruses. Maybe Trojans maybe warms Internet. Security in this case will provide you with ah protection whenever you browse online so it could protect you against phishing attacks. If you're trying to visit the site that might have malware on it, the intense security will warn you. And then total security will provide you with even more features like firewalls and I, D s and P s and so on. Now there is a very good chart over here for Wikipedia that compares the features available for the different cancel versions off are different are anti malware or anti virus products . So take a look at this. We have a vast So Fs has four different visions. They've got the free and Cerberus. They've got pro anti virus, intense security and in Crimea, so you can see right now about, for example, with the A. P s intrusion professional system, you don't have that available with the Oh, actually, you don't have that available for any off their visions. That's that's That's bad. Our antispam in this case, okay, antispam isn't available with the Free Ontiveros or the pro anti virus. But then you've got antispam for the instant security and then the premier. So that's something that plays to lots of all these other kinds Off have put its over here a bit defender, for example. Big event and various plots doesn't have it does not firewall ideas. I PS signal security, but and big defendant Internet security has All this food is available so and so on and so forth so you can use You can use this chance just to give you an idea off what you're likely to find with the Internet vision off it product and then competitively, the let's say, the total our little security vision off the particular kind of product. So, really, when it comes to you to decide whether or not you want to go with the incident security or with it'll security, I'll just stick with irregular and verus. A lot depends on whether or not you already have all the security software available to you . So as an example, if you have a firewall already installed does a good job, then you might not need The total security is an example because you really have a firewall . However, if you don't have any form off security software services on your PC right now, it's always best to go with the total security. It's of course, the more expensive. But then they offer you with the best protection possible. If it's too expensive, then please go with the incident Security. The regular anti virus products are not the best. They can protect you, but in my humble opinion, they won't protect you. Will enough? All right, So now how do you choose the intervals company to go with? Do you go with my cafe? Do you go to Spassky or do you go with, say, Norton? In my humble opinion and I've been using anti virus bullets fall How, 12 13 years Now, in my humble opinion, I would say that Kaspersky is the best I've used so far. I have used Norton. I've used a V G. I have used my cafe. I have used semantic and have used Spassky. Kaspersky, in my humble opinion, is the best out off all the intervals social F ever used, and I really, really love Kaspersky. But with that being said, if you go online and you begin to compare and say Okay, what did this guy say? Which is the best and differences guys recommend. You're gonna get different kinds of opinion as an example. With PC mag, you have the title the best and diverse production of 2018. All right, You can see right now that our cat Spassky, Defender, Webroot and Norton all have 4.5 e set has four out of five. So going by this list, you would think that Kaspersky is better than he said, right? However, if you go with Tech Reda All right, let's take a look at what they have to say. Oh, big defenders number one Guess who's number two e set is number two and Kiss. Paska is all the way here at number four, so you can see a different opinion from a different our publisher. You come down here to secure life, and right now they're ranked the different reasonable one Kaspersky as number two and then all the way down here at number 15 is he set So again you can you can't you're never going to get one are universal opinion that say's okay, this particular and diverse is the best you're never ever, ever gonna get that one publisher will prefer Kaspersky. Another would prefer big defender I for one, I prefer Kaspersky because the truth is I have never used bit defender before. But there is quite a lot off talk about defended these days, to be honest with you. And they have been so many articles online compared the defendant Kaspersky top 10 reviews here say is that the defender is better than Kaspersky. You've got top 10 kids, it seems, is the same sex opportunities. OK, I want to show you something over here will quickly them just go all the way down here. All right. So as an example, right now they top the reviews will give you with ratings based on different kinds of services. Right? So the best anti virus software they say for Windows is bit defender best in diverse mobile protection is a vast best in diverse swollen banking is Kaspersky and so on and so forth. So at the end of the day, against my point here is you're never gonna get a supreme anti virus product, a product that is the best in every category and and and diversity that everyone agrees is the best. Opinions are always going to defer, and I personally, like I said, I've never used to be defended before. But a lot of people seem to love the defender. They said very, very good. Personally, I cannot recommend them because I have never used a defender before. But in my humble opinion, the best anti Vasbert I've ever used is Kaspersky. I love Kaspersky because it does a really good job. It doesn't slow down your system, and Kaspersky really is a very, very, very fantastic cybersecurity company in general. They offer you some really good features, and the price in isn't that bad either. It's quite reasonable in my humble opinion. So if you wanted my recommendation, I would say Go with Kaspersky. Kaspersky would be my recommended intervals Compton to go with however you arm or than welcome to try out other and diverse companies out there. So good luck with trying to find the right and the various for your PC. I hope I have been able to at least provided with some guidance on what to look for and how to decide which intervals to go. It so thank you for watching if you have any questions, please. If you have any questions about his do, let me know. But more than happy to answer your questions and help you in any way that I can. So thank you for watching. I will see you in the next class. 42. Rootkits: as I've mentioned, LF good kids are one of the most dangerous, if not the most dangerous form of malware out, which is why I felt we should take a few minutes to discourse these guys. So good kids think of rickets as the bagua hiding in the attic. There's a bubble in your house. You can see him, but he's there. He's watching you, and he's just waiting to pounce when you list suspects they are, as I've mentioned before, the hardest malware to detect, and we move. Now take a look at this. They allow viruses and other malware to hide in plain sight by disguising them as real essential files. So root kits they not only have very impressive destructive features which they implement on their own, they can actually improve the features off or the model way by making those forms of mother look like a legit files. This is just how powerful these guys are. Plus, they can bypass encryption and evade anti malware programs. Rule kids are extremely nasty, but hey, that's not all. Guess what they run when the system starts to boot. His most forms of work. It's run when your system starts to boot, while other forms of malware have to wait until your system has boot head. Are you going to deck? Stop root kits begin to operate as soon as you press the power button on your PC. These guys are extremely nasty. Just think of what kids as the Superman Thistle man of all forms of malware. That's how powerful these guys are. So, unfortunately, if you ever have a would get infection, well, the recommended solution will be to buy power to your hard drive. Yes, there are software out there for scanning your hard disk for good kids, but the truth is, you can never be ah, 100% sure, if you have better whether or not you have ah, would kids infection? It could never be 100% sure. So usually the best solution would be to buy political hard drive. Unfortunately, so let's talk about the five different types of good kids, and the very 1st 1 is going to be the kernel level. This is one type of risky that loans when your system starts to boot. They have the highest privilege and can inject code into the core off your open system. These are easily the most dangerous forms off kids the wrong. Once you, Simpson's to boot and they can execute the high yes, levels off commands on your system that basically they can turn your piece into a complete zombie. Next, you have the application level. Now these guys have to. This guy's gonna only one. Rather, when you're stem has finished Putin, so they work like viruses. They modifying the behaviour off existing applications. That's kind of like how these guys work. Then we have the library level. This can hook patch on the place system calls with malicious code to hide the presence. So these guys are the masses of these guys. Next, you have the hyper vice or level another route kid at ones. When it system begins to boot, they target the boots, sequins and load themselves as an hyper visor. No wonder wouldn't happen. Vice is. It's basically a programmer, a softer that can create a virtual machine so you have root cause they can create virtual machines inside of your PC. That is a very scary thought, and finally you have the firmware level and know the type of wood cadets ones. When your system boots. This guy's basically effective buyers. So that's what these guys do. The affected buyers and they live with, get to install and hide malware. So these are the five main types of work is that we have out there very, very, very nasty, nasty set of malware. So let's talk about the different types off symptoms because it is very important that you are able to identify when you might have a would get infection. So the very 1st 1 is, Well, big surprise. Your anti malware doesn't walk animal. See if you have any from invented virals and is it off so fair for protecting your piece? And you discover that, Hey, this guy isn't working anymore. You probably have a wood kit infection. Next. You mean those settings change? P NYTimes on your task bar background image index of changes Things like that. Hey, you might have a root kit. Infection Next fills an input devices like a mouse and keyboard, and this actually happened to me before. If your mouse or your keyboard your webcam. If they freeze for no reason, you just might have a wood kid infection and finally, high network usage on an Idol computer. If you're not one in powerful applications in your PC, but that you notice there's a lot of talk usage, you probably might have it would kids infection? 43. Securing the Windows 10 Boot Process: due to the massive threat posed by would kits. Microsoft very recently came out with a variety off countermeasures to ensure that your system doesn't boot. It would get along with it. Now, this is an excellent documentation film. The Microsoft website called the Secure the Windows 10 boot process. I will attach these document to this video. But what I want to do his own explain to you how the process works using these documentation. So first things first is there is something known as the unified extensible firmware interface. This is basically a way for your system to boot to provide something known as the trusted boot process. I will show you in just a second how you can check to see if your computer doors support this interface. If you're running Windows 10 on a new computer, maybe your body come a time maybe a year ago. It's very likely that you do have this future enable, but no boys, I'll show you how you can check. So basically the way dance actresses works is this You've got four countermeasures. All right. You got secure boots. You have the trusted boot. You have the a launch on tamal way, and then you have the measured boot. Now the two that I'm most interested in are the secure boot and the trusted. But because it's likely, like I said, that your PC does have these two available. So here's what happens All right. Secure boot. When a PC starts, it first finds the open system. Put loader. This is the very first step. Whenever your system boots, you have a part of your open system known as the boot loader that actually does the bulletin. So what happens here is this. When a PC equipped with you, if I starts the PC first, verifies that the family is digitally signed, reducing the risk off family with kids if secure boot has enabled the firmware examines the boot loaders digital signature to verify that it hasn't been more defined. So here's what happens. Good kids like to you instead themselves into the boot loader off your PC. So what happens here is this. Whenever a wood could contaminate your boot loader, the digital signatures of a bullet that will change. So what happens here is a secure but well, first of all, check to see Eve. Those signatures have changed off for your boot loader. If they've changed, then you send knows that all K there's below. There has been compromised. They would. Kids don't put. However, if the signatures are intact, then your system knows that it's safe to boots. But that's all that's for secure boots. Next comes the trusted boots. Trusted boot takes over, were secure. Boot lives off the boot loader verifies the digital signature off the understand Colonel before loading it. The minister and Cornell, in turn, very finds every other competent off the windows to the process, including the boot drivers, stubble files and a lamp. Now take a look at this diagram over here. So we have put kids I haven't talked about Put Kids Book. It's are very, very similar to what gets, except they tend to trade to infect your the boat. Load off your open system. While would kids tried to infect the load of different system, the Cornell system, generous and so on and so forth. So basically, secure boot ensures that the boot kid does not load along with the boot loader off your PC , and then after the bullet that has been checked, the next steps involved in the putting process, where your open system loads the canal, low system devils load trusted boot and shows that good kids did not infect all one along with anyone off this files so you can see it's a two step process. First we have the secure boots, and then you have trusted boot these two combined and show that your sister's remains safe from the but in process to when you actually log into your windows computer. Now there is a dagger move. I Here's a screenshot of my PC, so what you have here is a woman you can check to see if your system supports three U F I salute your BIOS, go to your buyers and probably go on that security or boots, depending on the manufacturer. And you should see something like the U E f I put. If you see that, then good. That means your system supports the U. F I. And you should see secure boot, and it should be enable us you can see in mine. Mine is a noble and the secure boot notice said to stand at, so you want to ensure that those two are in nibbled and standard. Now there is another way of putting called the legacy boot, that you can see that basically just put your system. Normally, the major disadvantage off the U. E. F I boot is if you try to install a different open system on your PC, maybe you have windows on one petition and then you want to install limits on another petition, you might have issues. Okay, so that's kind of like the major disadvantage off one in the U. F I bought, which is where a lot of people tend to disable it because they want to install two different kinds of when systems on the A P. C. So that's kind of like the major down side of the U. F I boots legacy. But on the other hand, you can create as many petitions as you want, and still, as many different events isn't as you want. No problems. However, the boarding process is not secure. So once again, I real attach. Ah, this documentation to the videos. She can read more about the entire process. So I think fortune I will see you in the next class 44. Using GMER Rootkit Scanner: If you're looking for your free software to scan your PC for root kits, then the one I can recommend is the G M e R Software. By a vast, it's free and it does a really good job. So all you gotta do is to go to G M g m e r dot net school all the way down here and you can download the executable file for the software. So when you run it, what you want to do here, Is this okay? First of all, you want to make sure that over here, to the light, all these boxes have been checked because you want to make sure you're scanning every single part off your open system and your PC. Next on check. Quick scan and check the second box, the one indicating your systems or petition because you want to do a thorough scan. This is kind of like when you on an inter various and you just can't assist them. You typically have a quick scan, but then you also have a full skins. You want to go with a full scanning whenever you want. In this software, it might take an hour. Two hours, maybe even three hours for your system to be completely scan forward kids, but it's worth it. So once you've done all this, just go ahead and click scan, and that's pretty much the entire process. So just sit back, relax, and hopefully you're going to find any of your fails contended by would kit. Now, if by some means if, if one of your felt has been corrupted, you will find had this kind of one insane Jimmy hours phoned system modification and then it to be highlighted in red assed you can see and then you will be able to delete. The file has been contaminated. So that's it. Thank you for watching and that we'll see in the next class. 45. Ransomware: Now let's talk about in some way, which is becoming one of the biggest forms off mild way in the world today. So what exactly is Van? Somewhere? Ransomware is a form of malware where an attacker is able to prevent the victim from getting access to the computer or the files in the computer. And yet Attacker is able to do this by encrypting the infected files. Now, in order for the victim to have access to those files on the computer, they will have to pay a ransom. Once a ransom is paid, the attacker will provide the decryption key to the victim. It's, in other words, you in some way is hijacking it process where it victim's computer or the victims. Documents and data are hijacked by the attack, and the victim has to pay a ransom before they can gain access back to their fails or the computer. Here's an example off a real life message where the attacker is claiming that the files have been encrypted and the only way for the victim to decrypt those fouls is to pay up, and the attacker is demanding payment off $300 worth of Bitcoin before the victim can get access to the decryption key. Here's another example. Form the Golden I ran somewhere, the attacker here again saying that the files have been encrypted and the only way to get the decryption key is to pay up, and the attacker even goes this foster provide instructions on how to download the Tor browser and how to make payments. So what are the two main methods of infection? We have Emily attachments and exploits. Many times, victims get attacked whenever they click on suspicious links, since them by email, but not just links. Also attachments. They download attachments into them by the attacker, and they get infected. That's basically what happens with the email attachments exploits in this case. Right now, the attacker is able to take advantage of Boggs and unpatched vulnerabilities on the PC. This is the second middle way how ransomware attacks are carried out. So here are around somewhere by the numbers, some damning statistics, and you can see from the left On top. 50% of incidents came from employees clicking on something they shouldn't have in emails. It can see once again that a big part of the problem are people who just click on the links sends them via email, and you can see right now that it cost due to in some way is expected to reach one billion globally by 2016. This is 2018 so you can be sure that the cost has surpassed a $1,000,000,000 and there's some other really damn instead of six. Friday through, the 3% of Soviet healthcare organizations reported a ransomware attack in the past four months, and 3% efficient emails are pushing one somewhere. 4000 deliverance on the attacks says generally 1st 2016 Some really damning statistics about when somebody right there. So what are the biggest attacks we've done somewhere? Well, the very 1st 1 is the infamous Crypto Locker. This was the first major on somewhere attack, and it infected over 500,000 companies back in 2015 before it was eventually taken down. And, of course, it will spread mostly via email attachments. Next is the Tesla crypt, probably one of the strongest forms off ransomware attack. Now this targeted gamers it take that video games, and as of 2016 it made up 48% off all handsomely attacks. The interesting thing here is that eventually the developers off this Tesla equipped decided to repent, and they actually ended up providing the decryption keys to the victims. And then it disappeared. Wonderful. Next is a simple lock in This appeared in Little 15 and it's specifically targeted. Enjoyed users and it spread using a Trojan. And finally, we have won a CLI, one of the biggest ransomware attacks of all time. This occurred in May 27 2017. And if that tax specifically Windows PC's now the warm used in this attack was called the crypto warm and it affected over 200,000 compete doesn't believed that this attack originated from North Korea. Wow! All right, there is a very special form of van somewhere called docks in Docks. In Is the public Willis off private information about an individual or company? That's basically what docks and is so induction attack. The attacker threatens to a list sensitive information unless the victim pays up. So it's kind of like the opposite off around somewhere in Van Somewhere, the attacker is preventing access to information in docks in the attacker is threatening to provide access to sensitive information to everyone else. So it's kind of like the opposite of an somewhere, and it's potentially more effective then traditional on somewhere Texan. That's because when it comes to traditional one somewhere attacks, the victim can decide to buy another PC. The victim can decide to forgo the data that's been crypt that has been encrypted. The victim could have made it back up off the data that's encrypted, and so he or she can decide not to pay up. But with docks in once the attacker has access to that sensitive information, there's really nothing the victim can do on except to pay up because of the signals and pay up the attack and simply list information online. And who knows how damaging that could be to the victim. So prevention methods? What are the best ways to prevent you from becoming a victim off ransomware attacks? Well, first of all, email attachments do not open suspicious attachments or links sent via email. If you don't trust the source, never open up the links or attachments. Next exploits always update and patch whenever possible. If you're in the middle specifically and there's a new patch, Obed HPC, By the way, Mal way. Install anti malware software. It's not another one solution, but it would at least help to prevent the possibilities of you becoming a victim and then, of course, backups. Now this one prevented tax, but it will reduce the severity off a successful attack. If you make regular backups off your competent files, you're not really going to care if an attacker was able to encrypt those files because you still have it back up. You can easily tell that I got to go away, and you can simply get those files back for your backup. So that's the advantage of having backups. And finally, finally, one major were preventing attacks. Is hope science? Do not visit porn websites in particular order websites that are very, very similar in nature. These is a major source off ransomware attacks. So what had been said? There is a major question. It's always acts if I become a victim, should I pay? What of the data that's been encrypted is very important, and I need the data. Should I pay or should I say no? My personal advice to you? It's not to pay, Do not pay because when you pay, you are encouraging the attacker to continue doing what they're doing. And second, even if you pay, there is no guarantee that the attack will provide you with the decryption key. There is no guarantee at all. So what you can do is one of them become a victim. Take the next say steps today to prevent yourself from the committed victim in the first place. Thank you for watching and I will see the next class. 46. Using the builtin Antiramsomware Tool: one of the best things about Windows 10 is the fact that it does have an in built, anti round somewhere tool. So I decided I'm going to show you exactly how you can make use of this tool and prevent yourself from becoming a victim of a ransomware attack. So first things first. I needed to go to your windows defender. Security sent. I can simply come down here in your such Bunches typing Windows Defender Security Center. So once you get to this page, click on vows and Threat protection and then click on various and threat protection settings and in from Here school old weight down and you will see controlled folder access . Turn it on. So what this does is it prevents unauthorized changes to your particular folders by an external application or program. This is the inbuilt anti van somewhere to so by default. Windows will include certain fold as as protected and can view them by clicking on protected folders. So for me right now, you can see these are my protected folders, documents, pictures, videos, music, text up favorites. I can't remove them. They are protected by default for good reason. So if you wanted to add an additional folder, you can simply click on the plus button and then simply add the folder you wanted to protect. Now here's the thing, though. If there is a certain application on app that you want to have access to this folders, what you can do is just go back. And then over here you can click on allow an app through controlled for the access you click in there and then you consider remote from, and he does it for me Right now. I do have my camped A Zia added, because I am his income teaser to record my videos. So all the details just click on add and allowed app and then just trace where that AP Is it zit Simple. Is that really so? This is how to make use off the inbuilt anti ransomware tool on Windows 10. I highly encourage you to spend the next two minutes to implement this. You will not regret it. This would severely reduced your chances of becoming a victim off Avon somewhere, Tax. Thank you for watching. I will see you in the next class. 47. Using the CCleaner Software: one of the very best software you can use to clean up and optimize your PC is the sea cleaner. I have been using the software off if about 10 years now, and I can vouch for them. I can stake my name on this software. It's really, really good. The best news of all is that Davies, a free vision you can download and use right now. So all you gotta do is to go to see clean. It'll calm, and you will see the link for two free download. But they also have to premium visions, which you can buy as well. The bad news, though, is that this is only available for PCs. So if you want any Mac or your Lennix, this is not going to walk. However, if you do have an android, they do have a vision for the android phone as well, so you can download that into accommodates right here for Mobile. You have just see colorful enjoys. You can cook in there and get it on the Google Play store for your android device, but go ahead and click on free download. And then from here you can see the three different types off sick Linna visions that we have free, professional and in professional plus professional comes with a trial version as well, so you can try the free version first. You like that. You can have grits, a professional for trial, and then, if you're really, really happy, you can just go ahead and buy it. The professional plus and honestly, it's absolutely worth it. It's not that expensive right now. It's in silver for the box, and in my humble opinion, it is totally worth it. I do have the professional preservation, by the way. That's what I use anyway. Go ahead, download the free version, install it and then I will show you now how you can want the software. All right, so this is the very first thing you're going to see as soon as you want. See cleanup over here to the left. You have clean out registry tools options and then upgrade now on the cleaner. As the name suggests, This is where you can clean out unwanted files from your computer. Now there are two tabs. You have the one for windows for specific Windows applications like your Mexico edge into the Explorer Windows Explorer system and so on. And then you have on the applications. So whatever extra brothers you have installed, you go to clear their history. That cash, the cookies, you can see I have Firefox after fairy and I have Google kuhm. So all you got to do here is just click on, analyze out, recommend that you don't on tick on, check any one of these boxes and then check some other ones. Just leave these as they are, just click on analyze. So right now, because I do have Crume opened, I will noble to clean out Klum properly. So it's after recommended that before you run the cleaner close all your browser's. Okay, so I just click on No. And right now, you can see I can clean up to nine gigabytes off data right now if I wanted to. So this is really, really, really awesome. You can see I can couldn't stuff for my temporary files. My memory dumps my log files and so on and so forth files. I don't need any more. Really, really cool. Right. So on the registry again, This is where you can clean up the registry. All you have to do just click on scan for issues. And while I do have a lot of issues on my registry, okay, so it's after recommended that you make it back up off the registry. And the good news is from here. If you click on fix selected issues, you will be prompted to make a backup off your register. So just go ahead, click on yes, and then you can save that's let's see your documents or wherever you want to save you, too. So just click on save. Oh, it looks like I have an additional issue over here so I can just go ahead and say Click, fixed issue. I just say, Fix all selected issues and that's pretty much my ministry cleaned out off issues as you can see right there. Pretty, pretty awesome. All right, let's go to tools. Now, over here, you have the ability to uninstall programs that you have installed on your computer on your PC. You can say that I have quite a lot. All I have to do is just to take one of the boxes right here and then go over here and click on install. It's a simple as that you have start up. This is really, really good for seen the programs that one whenever your system starts. So if you ever notice that your pieces will in slow, it's getting so one stories because you probably have some additional softer That one s not Your system starts. So right now you can see I've got things like my Nord VPN. I've got one drive, got the companion of good job box and elsewhere have twitch. That reminds me I do need to We moved twitch for my for my startup twitch always ones whenever I put my system and I think I need to fix that So all you have to do just in this case I would just click on Twitch and then click on Disable. And that's it, which is not going to run whenever I put my system again. So awesome. All right. So browser plug ins as well you can take a look at all the extensions you have installed in your individual browsers. This is for Explorer. This is for Firefox. And then this is for Clement. And of course, I can simply click on one of them and then disable just like that, you have the disc. Analyze, awaken, analyze what's happened in your disc. Simply click on, analyze and then you can see demons of space that individual files occupying on your PC. You've also got the duplicate find. This is really cool. It's possible you might have to pick it Files on your system. Say, for example, you have a video on your text up. You might have the exact same video in your downloads folder or in your documents folder. So this is a great which is such for duplicate files on your system and then you have system. We storm. If you've created multiple backups or restore points in the past, you can delete them from here. But is against you right now that the latest one is disabled for system safety, you always want to have at least one. Are we stop point available for you should in case anything happens to your PC. And then finally, you have to drive y poverty. Can my part free space securely, then options again go to settings. You can change things like one secret. Nobody. Computer starts are informal, obviously sick. Lena, you have cookies as well really, really, really awesome. This is where you can actually clean out cookies from your computer. Now, over here, to the right, we have cookies to keep. Say, there are specific cookies you wanna keep. You can simply click on one of them and then click on the button right here to add them to the Do not touch cookies list. But over here can see at a glance all the cans of cookies that you have right now on your PC. Very scary. Let's click on. Include, if our if there are specific files a folder that you want Sickler to remove specifically, you can add them over here and just with exclude it specific fouls or fold us you don't want sickly not to touch. You can add them in here as well. Now monetary in uses an advanced. Unfortunately, I'm sorry. Oh shed ling monitoring and users are only available with the pro visions off the software now advanced again. You have additional options like our show initial results in a little view showdown after cleaning hydrogen messages and so on and so forth. And then finally, the most part of all the about tab you can full of singling out on social media and upgrade to the professional vision if you wanted to. And there it is a very help grade, so that's pretty much how to lawn see cleaner out. Recommend that you learned this program at least once every week. Clean out files on your system. Make sure your registry is intact and it's just really a great piece of software to maintain and optimize your piece and also does a lot for security because you can see at a glance the plug ins you have installed in your browser as you can see the cookies that you have installed, and so on and so forth. So don't forget once again that there is the version of the before your android device. If you have an android phone, I would recommend you go to the Google play, stop and download division and clean out your phone as well. So thank you for watching. I will see you in the next class 48. Using Bleachbit: Let's take a look at a very popular and yet a very controversial tool called Blitch Bit. Now, remember when he lived, Clinton wiped out over 30,000 of emails from her email server. Well, it turns out that she used Blitch bits, blip it, wars, this stuff that she used. And has he consider reading on the home page? There is a very funny ad right here with Hillary Clinton saying, Like with a cloth or something. This is the reference to when she was axed by the Senate, whether or not she cleans her email server and then she jokingly acts. Oh, do you mean with a cloth or something? Well, it turns out that she does clean her emails ever end. She used bleach bit not just any ordinary piece of cloth, so because she used bleach bit. There's been a lot of talk us to whether or not she actually had something to hide. Like, why would he use bleach bit to wipe out your email server? Personally, I don't know. I will leave that for you to decide, but blood, but it really is a very powerful tool for cleaning out data from your system you can clean out cookies, incidents, history, your cash logs, template files and so on, and it is available for both clinics and windows. So I'll be honest with you. Before I heard about the Hillary Clinton scandal in a little bit, I had never used a little bit before. But because of politically United States, you download and try out the software. So this is the back invited. This is basically the platform, So all you have to do really, is to take a look at what you have on the left. You will see your major browsers as well some of your app. So let's say, for example, I wanted to clean out into that explorer. I will click on the checkbooks right here, all right, and then click on preview and you can see. Right now these are the files will be deleted if I decide to click on clean. So it's not so much space still be saved. Just 16 kilobytes. That's that's not good enough. Let's go to system as an example. All right, so it's one of me that this is gonna take some time. I'm gonna click. OK, All right, so let's go ahead now and click on preview and Oh, wow. Oh, wow. Wow. Wow. UPU Wow, this is Oh, I'm actually generally shocked. This is Oh, wow. This is a lot. This is almost five gig, five gig of disk space that can be saved. Wow. Well, to be honest, I have not used to see Clinton in a while, so I guess that's why I already have so much junk on my system. But this is this is really good. This is actually pretty good. So, Ivana, to clean out all of this, all simply click on clean, and that will be that. So again, in all honesty, I haven't used this software for a long time. I still prefer to use see, clean up. But you can do is try out a little bit and see whether or not you might actually preferred to see cleanup. So before I go out to play you, Justin, except off the interview between Fox News and the actual founder off Blitch. But this is actually very, very funny tickle. Listen, thanks for joining us. I'm sure your business, but just slow down with you can e I just thought that was fun. and I wanted to share that with you and I'll just thinking to myself when they wanted to be great if you and Abby could maybe create some sort off app program and then a very influential politician ends up using that app, and then everyone gets to know about it. That would make us instant millionaires because everyone would only use our product and we think is much for watching the video. And I hope you had fun. I will see you in the next class. 49. Malwarebytes: Let's talk about another awesome and T mobile product, and this is going to be malware bytes, and this is actually a full package that similar put that you can use in place, often anti virus. So they do have different visions for Windows, for Mac and for Android, and they also have a very special program called the Moloch Bites Adware Clinic, which, of course, cleans our adware from your system. The unfortunate thing here, though, is that this is only available for PC users. I tried such a provision for Mac for Lennix. I couldn't find any, so that's kind of a bummer if you are a Mac user. But still, the actual malware bytes software is pretty awesome. Let me jump down here to price in no. I and show you what they've got, so they do have a free version it can use. You don't have to pay, but there's just complimented Anti virus. It's not going to offer you full protection, all right, if you want to go with the actual premium version, you do have it available on Windows Mac enjoyed and this world stuff. Ransomware attacks prevent infections safe barrels in an automatic protection updates. So with the mother bites free version, you're only going to get the ability to clean a device that's already been infected. All right, so what you can do here is you can actually download the trial version of the premium version of this will give you two weeks, right? All you really have to do is just on the home page. I just go down here to whether it's for Windows or Mac O Android and just click on the download button, right? So formulas or click on download and automatically it will begin to don't. As you can see, it's telling you right now, as you can see, So this will be the trial of vision, which I'm going to show you how to use. All right, So once you've installed mulberry binds, this is exactly what you're going to see on your dashboard and can see. Right now, I am using the trial vision because I wanted to show you exactly what to expect when you used to trail vision. Mine stays. My premium traveled and in 13 days. But that's because I installed is yesterday, right. When you install yours, you will get 14 days. A full two weeks. Now, before I show you how to scan, let me point out A few things on the settings favor important. Let's go to settings now on the application. Make sure that the 1st 2 options in here are turned or images to automatically download updates and then notify you when full vision orbits are available. Make sure these two are always on on the protection by default on the scan options scandal , would kids will be turned off. You want to make sure this is turned on, all right, and finally down here. This is not compulsory, but I prefer to have as few programs as possible. Run whenever I'm starting Windows by default, the slope option for more. But it's it's set to on whenever, when those starts. I'm gonna turn this off right so that this way you would have to manually turn on malware bytes whenever when those boots. I think I prefer it that way, but then it's up to you. You can prefer to have mullet bites just one automatically. Once Windows starts, it's really, really up to you. All right, let's not jump over to scan so you can see right now, I have done some scan in the past scandals. Five minutes. I scanned of, Ah, 300,000 items. I had nine threats detected and one equipment, and then it closed this good luck to scan. All right, So basically, you have three different types of scan. You have the threat scan, custom skin and hyper scan. Hyper skin is the quickest. This will just can your memory to check if there are any mall way and that's it. Threats can is the deepest. It's the most comprehensive skin you can go with. So this is the one that you want to go with whenever you really want to scan your system thoroughly and then just simply click on stat scan. And that's pretty much how what you're gonna see once these can begins, right? I'm just gonna go ahead and cancel this for now. All right, let me cancel that. Now, if you have any threats detected, malware bytes will put those programs in a special folder known as the Question Tine folder . Right. This is very similar to what you have with many anti virus products. Once they find a threat that they feel can harm your system. They will put a threat on the A very special folder known as the current Time folder. So over here, right now, you have the option of either deleting these items or if you feel Molly Bites made a mistake, then you can restore that file backs. And this gets right now. If I felt e p m. That's the exit was a mistaking can simply click on the box right here and then click on we stored down here and the programmable we start back to its original destination, which was the downloads are folder. Otherwise, if you don't know what that program is, then it's more than likely to be from of malware. So just simply allow um, Ali Bhai's to delete all the programs that you find on the mile on that the Quentin folder . So on the reports as well you can click on us can report in here, click on the report and see you know what the Mali bites put him found can take a look at the summary. You can go under advance as well, if you know exactly what it is that you're doing, what you looking for and so on and so forth. That's basically it with malware bytes it question might have here is Alex. Should I just forget about them, too? And virus and just simply use mobile points. Well, it depends on two things. Okay, first of all, it depends on the price in. If you feel Muller by, it is more affordable than an inter virus, then, yes, you want to go with marble bites. But the second thing to consider is the fact that marble bites, even inspiring package may not offer you as many features as a premium. Auntie Vera's put it will. So you might not get things like a firewall or an intrusion prevention system, for example, with mother bites. While you might get that with an anti virus so really attentive they it comes down to two things. Pricing and features available personally personally, if you don't want to use and various Mamba bites is probably the number one product alpaca meant to anyone to use in place of an anti virus. I have use mullah bites. It's very good. It works, and I would not be commanded, put out, which I haven't personally used before. So that's I think is much for watching again. As always, if you have any questions about marble bites, viruses and virus Ilford to post your questions Atmore than happy to answer them. Thank you so much. I will see you in the next class. 50. Backups and Encryption Section Preview: welcome to this venue section. Where will bulletin if you're more practical skills, such as how to back up a computer and also how to encrypt your hard drive? Backups are something that's very, very essential because you never really know what's gonna happen. To mow. You might lose files. You might get infected by some sort of really mean various that my do little your files. So learn how to back up your files is a very, very important skill. But also how to encrypt your hard drive should, in case it gets stolen, is also another very, very important skill. So in this section of in a teacher exactly how you can backup and encrypt a computer and then also around of this section by showing you how you can hassle protect USB thumb drive , excited, let's get started. 51. How to Backup Windows 10: before we begin encrypt in our hard drive and taking a look at different ways how we can protect our files. It is very, very important that we make a backup off our computer, and this is something you should be doing every now and then there is nothing worse. Then switching on the computer only discovered that your hard drive has been corrupted and you've lost all your files. It's happened to me before, and it's not a great feeling. Trust me. So you really want to learn how to back up your computer? So a moment those 10 and I have gone to the control panel. So from the control panel to gonna do is gonna click on backup and restore Windows seven. You click in there and I'm gonna click on, Create a system image. Now, I should let you know that there is difference between Kuwait in a system image and just creating backups off your files and data. When you create normal backups of your 1000 data, you can restore them individually. You can choose the first to restore, and it wants to ignore. When you create a system image, you're basically restoring your entire PC back. You cannot choose the individual files or images that you saw the individual files or data that you want to reach. So that's why it's called a system image, basically taking an entire image off your system as it is in the present. So let's click on Create a System image. Now you need a backup device, but it's DVDs or hard disk. I do have a hot disconnects L a hard disk attached to my PC like now, and that's why you can see it's called Pre Load and I have about 150 gig free. That should be enough to back up my computer as it is. If you had DVDs that you can choose second option or if you wanted to back up your computer until a little location, then you would choose the third option. But you should know that it's not securely protected, so that's kind of like the main issue it beckoned to in network location. All right, I'm gonna click on a hard disk, and I'm gonna click on next and basically saying there's a backup cortical 2144 gigabytes, and I'm just gonna go ahead now and say, start the backup. So this can take an hour. Two hours, Three hours, depending on ham. On how many fouls you're backing up Right now, my hard life is about it has about 150 or 140 gig gigabytes off our off information. So this could take quite sometimes. What I'm gonna do right now is I'm going to pause the video and I'll resume the video once the backup has been completed. Okay, so as you can see right now, the backup has been completed and it took about 30 minutes for this to finish. Now, once your backup has been completed, you will see this window asking you if you want to create a system repair disk. Now this system appeared. Disk is a disk that you can use to boot Your computer should in case your computer doesn't put any more. Now you can decide to do so right now. If you have a disk drive, you can insert a DVD and in cyclically key s, and then you will choose your disk drive as the destination of it. You want to create your system? Appeared disk. If you don't have it destroyed like like me. I don't have a district on my laptop. What you can do is you can always create a brutal USB drive with Windows 10 our file so you don't necessarily have to create your system. Appeared disc. Right now, it's something can always do later, either with a city or with a USB drive. So what? I'm gonna do it National. Simply click No and clothes and that's it. The backup has been completed. Now, backing up your Windows 10 computer is just the first part of the puzzle. How do you actually actually restore the fails? Should in case something happens to your hard life. What I'm gonna do is I'm going to attach this link to this article so you can read on how you can restore your files should in case you need to. We start back up off your computer so you just go all the way down here and you will see the section that say's how to restore a system image backup of Windows 10. It's fairly straightforward. It's not that complicated. And I'm pretty sure you will be able to do this on your own shooting case. You have to restore your back up. So thank you so much for watching. And of course, I will see you in the next class. 52. Introduction to Cloud Computing: okay, it's that time again, let's discuss everyone's favorite topic. The cloud. That's a joke in pretty sure the cloud is not your favorite topic to discuss, but, seriously, what is the cloud? I'm sure you've heard of the cloud before. The cloud, the cloud, the cloud. Everyone talks about the cloud, but how does it work now? The cloud or cloud computing simply means storing and accessing files and data on the Internet rather than on a local hard wife. And this has obvious advantages. No longer do you have to worry about storing files on your physical hard drive and then taking that hard drive with you. Everywhere you go, you no longer have to do that. You can simply store your fells online and access them anywhere. It can also improve productivity and efficiency. Say, for example, you are in Singapore and you have a business partner in Australia, and you wanted to give them access to some of your files. You can simply put the files online and then shadows fouls with your business partner in Australia. It can really improve efficiency and productivity. A few things to point out is that first of all, the term cloud is just a metaphor for the Internet. It's amazing how this single would the cloud makes it look so complete. Kate ID like when you think of the cloud of a person that comes to your mind is the sky thunderstorms rain? You know things like that. So when you combine cloud and in computing, it's like what you know, like, what are you talking about? Or cloud storage? It becomes really complicated, Beautiful. The people who didn't grow up using computers. So it's really amazing how that one award cloud mix It all sounds so technical end favor. A complicated. Now, the backbone requirement of cloud computing is that data should be accessible anyway in any time with an Internet connection. This is the very essence, the very call requirement off cloud computing. But it's not just about data and files. We also have Web based applications of the part of cloud computing, allowing you to access software on line without having to install them on your computer and a classic example here is office online. You no longer have to install Microsoft War, the Microsoft Excel or PowerPoint. Like the good old days, you can simply access this software on line. So the types off cloud services out there you know about Google Drive iCloud for Mac users , Amazon Up services. And then we also have dropbox, which is actually a hybrid cloud computing service. Ward women by hybrid. Well, in addition to allowing you to store files on the line, Dropbox also can synchronize your locally stored files on your hard life with its cloud computing service. That's why it's called a hybrid. Say those two things. This is basically a very simple topology off how cloud computing works. You have your client computer Evan. It connects to eight The control. No, the control node in this case could be the application that you're using, whether it's Google Drive or iCloud. Now what happens is once you upload files and data, the iCloud or Google Drive will then stole those files. And instead of a stories all over the world, that's basically how it works. It's very, very simple, and vice versa. If you wanted to retrieve data from the cloud you connect to your control. No, the application and the application. Will Dan retrieve those files from wherever it's stored online? It's very, very very simple. Now, cloud computing isn't all about red roses and chocolate. There are problems, big problems with cloud computing, and the first major argument against cloud storage is control, privacy and trust issues. When you have your files and data with you at all times on your physical hodge life, it is a lot more secure. Think of it like storing one in the bank. You feel more secure when you have your money with you because it's with you. You can spend the money. You have access to that money at all times. But when you give money in a bank unless it's insured, what happens if the money gets stolen or the bank comes up with some kind of new policy where you can't we throw more than a certain amount per day or something like that? You don't have the same kind of control anymore. Something refers to your files and cloud computing control. What happens if their service that you're using comes up with some sort of new law or some sort of new requirements? And in privacy, you don't really know who is gonna have access to those fans once you upload them to the Internet because again, this is the Internet. Who's your files out there? You really have no 100% privacy over those those files and then trust issues. Can you really trolls Google? Can you really trust Amazon to keep your files safe and secure and private? These are major issues with cloud computing and then, of course, outages and lack of access. What happens if you're using Google Drive and then Google drivers of service has a problem ? What happens? That simply means you're not gonna have access to your fells anymore. It actually happened if you years ago back in 2012. I think Amazon Web services had an issue, and it affected Netflix and some other services like that. So if the major service providing with the cloud storage has an issue, you will have an issue and, of course, lack of access. If you don't have Internet access, well, who's so you know, good excessive files on the line and then ownership. Who owns the data that you stole? End the cloud you might think to yourself, which it should be me. I'm the one who has to files. I'm the one who uploaded them, But it's not just it's not that clear. In seven countries, for example, there are certain laws that state that once your data goes online, you don't fully have ah, 100% on a ship anymore. And there's even a lot of discrepancies between different cloud services. Some would say that well, if you store the data, you have full access. You have full ownership. However, if you created data while using our cloud service, then we have ownership. So it's not really clear as to who owns the data that you stole on line. And this is a big, big, big, big, big issue, but without been said, one of the best practices for using cloud services. First things first, never store sensitive data in the cloud medical records, tax records, things like that. You don't know. Store them on line if you're going to store them in some sort of soft copy stardom in a physical hydrate that you have access to, that you have on the lock and key, never, ever store sensitive data on line. Now, if you're welcome to like, I do, then store the glove fires like music files, videos over glove files files that you don't have to worry about privacy issues and files that you can always get back if something happens to them while they're stored online and finally use more than one cloud computing service. Don't just rely on Google Drive or Dropbox. You can pay for one of the services like I pay for Google Drive. But then each one of this service is also have free versions like Dropbox provides you with one gigabyte for free. I believe so. I stole lots of energies on job box. There are files on working on currently. I started my job. It's because it's easier for me to retrieve them. I can Children faster than on Google Drive, but in Google Drive, I store my music files, my videos and heavier files. Basically, I store them on Google Drive, so those are the best practices for using the Cloud Computing service. Before concluding this video, a vote quickly wanted to talk about the four major cloud computing services out there. So we have Google drive, and this is the one that I actually use. I pay to use Google Drive, so pricing here is actually think is the cheapest off all of them. When I pay for is the one terabytes. It's roughly about 10 bucks a month, but then you have access to one terabyte. It's it's really, really amazing. So that's what I use, and I really, really like it. Are Dropbox. I think it's a little bit more expensive then Google Drive, but it's also a really good job. Books also provides you with a free are one gigabyte if you set up with them, so I'll definitely commanded Companion. Dropbox and Google Drive now Amazon Web services All the organist with you I have never used Amazon Web services before. I only do my shopping on Amazon. That's all I ever used Amazon four. But I've heard really good things about Amazon Web services if your son, who's already using Amazon Web services and find you can stick with them. But if you never used Amazon observers before, I honestly cannot personally vouch for this. It is because I have never used before. Finally, we have the iCloud, which is, of course, for Mac uses. I don't use them back, but if you use a Mac, then I believe I Cloud is probably the best for you. If you're using Windows, you can actually also use iCloud. There is an iCloud version for Windows, but I've never used it before. The major to ones I have used our Google drive and, of course, Joe Books, and they are really, really good so that I thank you very much for watching the video. If you have any questions about cloud computing, feel free to reach out to me thinking fortune. I will see you in the next class. 53. Encryption and Decryption: So let's talk about encryption and decryption. And, of course, these are two technologies applied mostly to hard drives, whether it's Ah ah CD, physical, hard drive, USB drive and so on and so forth. Now the whole idea behind encryption and decryption is very straightforward. Let's say, for example, you have some plain text to a plane file that say's I like tea, right? When you encrypt that information of plain text, it becomes a cipher text. So instead of I like to you now have some sort of gibberish, like 54 at 57 Z Cubes and Michael and stuff like that. That's basically what encryption does. It turns plain text into cipher text. Now, at this point, the cipher text can no longer be read the only way you can read the Cyber Texas if you decrypt its using the decryption key. So once you've decrypted the psychotics, it goes back to the plain text. This is basically the whole technologies of encryption and decryption presented to you right there. That's basically the whole idea behind it. Now, when it comes to encryption, you can encrypt three different parts off your hard drive. Your storage device you can either encrypt the entire device, the whole desk. You can encrypt a petition, which would be like a section off your hard disk. Or you could just encrypt a single folder. You don't necessarily have to encrypt the whole hard drive. You can choose to encrypt every specific folder sometimes if you want it to. All right, let's move on. Now is important to understand what encryption protects you against. And, of course, the very first thing here is going to be physical theft. If someone steals your heart life, if it's encrypted, they will not be able to read what you have in that harder because it is encrypted. So this is one the most powerful reasons why encryption is really, really, really great. It protects you against physical theft. Also, if your defiance is ceased for want of is not the other of the police, seize your hard life or at costumes at the airport wherever. If it seized, they still won't be able to lead your hard drive because it's encrypted. Also, if your computer had an issue and you have to send it, send it in for repairs, the one where you can ensure the privacy off your files and the days to encrypt your hard drive. So the technicians there, if they're trying to see what you have restored a new computer, buddy, you have some pawn supply that start in your file on your computer. You can simply encrypt your hard drive and, of course, data alteration. Extremely powerful reason why encryption is such a great thing to do. Once you encrypt your hard drive wants to encrypt your files. It becomes really, really difficult for anyone to go in there and temple with your data. But it's also very important to realize what in corruption will not protect you against. And Number one here is going to be mall way. And would kits just because you've encrypted your file or your data your hard drive does not mean that that how Dr cannot be affected by mall way and who kids is very, very important. To understand this, you also have something called the Cold Boot Attack, which will talk about it later. This is one of the most powerful ways of attacking against encrypted hard drives, and in also, once you have decrypted your hard drive, the key that decryption key can be gotten from your system's memory. This is fairly complicated, but it's still possible. It's worth doing that this is actually possible. And and finally, files that you've backed to an unencrypted location are vulnerable. All right, just because you've encrypted a particular file a folder on your hard life. If you transfer that fellow folder to another 100 that isn't encrypted, that file is going to become vulnerable. It is very important to understand this when your encrypted you aren't exactly encrypting the file itself, but you encrypting where that file a stored. It's very, very important to understand that concept. So that's it for encryption and decryption like fortune. I will see you next class. 54. Encryption with Veracrypt: Now that you've seen the advantages off running encryption on your hard drive, letting, I'll show you how you can increase to your computer. Now the soft I'm going to show you here is called Vera Equipped. We're going to use very crypt to encrypt our hard drive now, very captives free and there are editions available. Full Mac users for Lennox and for Windows 10. Home Edition. If you're running Windows 10 Professional or Enterprise Edition, there is a better software you can use. Called a bit local. Took up a bit loca in the next video, but if you're in one of those 10 Home Edition like I Am or you have a Lennix or Mac computer, let me show you how you can use fair crypt. So first things first. Let's download very equipped to go ahead to source forge dot net four slash projects for slash there equipped and then download the appropriate additional very equipped for your computer. All right, so once you run the executable file, this is the very first minute you're going to see. So just go ahead. Click. I accept Alliance and Sturm's Click Next click Next, and then just click install. And that's pretty much how to install. Very equipped on your computer has been installed. Now, please, if you can afford to make a small donation to the team, please do make the donation. They have developers who maintain very crypt to make it free and available force to use. So, please, if you can afford to donate $1.2 dollars, $10 whatever you can afford, please do consider making a donation. I'm gonna go ahead and click finish here. And then I would also recommend that you open the bigness tutorials quick. Yes, and you will have the pdf attribute pdf all in html document it opens up, and then you can save this so may for you to read later. But for me, right now, there's gonna go ahead and well, I'm gonna go ahead and click finish, and I'm gonna go ahead now and won the actual software itself. All right, So once you run very equipped, this is the very first window you're going to see. So we're going to do here is we're gonna click on create eight volume. That's the very, very first steps are gonna go ahead. Click create volume And then from here you have three different ways of encrypting your computer. You can decide to encrypt a single file container where you can store specific farther on to encrypt. Or you can equipped in nonsense and petition or drive. Or you can choose to encrypt the untaxed system Drive. Now, the last option here is obviously the most sophisticated. It offers the highest security because you will encrypt every single file on your computer . However, I typically don't recommend encrypting your entire hard life because again remember that the purpose of encryption is to protect specific files. You don't care if anyone knows that you have Windows 10 application files within on your committee because they should be running on your computer. But you don't want anyone to have access to your medical records. Order sensitive data like that. So typically, ever command just creating an encrypted file container. Okay, it's very, very simple, and it's also great if you are inexperienced when it comes to encryption, so click create and encrypted file container, then click next. You can also click next from here. Now what you're gonna do is you're going to select a location. We are your included file is going to be created in. So I'm gonna go ahead now and click on select file. All right? And what I'm gonna do is I'm gonna create a document, and I'm going to name it Teoh Meizhou. All right. To the zoo. Click safe. Don't worry. If you don't understand what's happening, it will soon become clear. I'm gonna go ahead now and click on next. Now, over here, you have the option of choosing different cancel algorithms for your encryption. My recommendation is to just stick with the default values A S and H R. 500 of these are extremely powerful. You don't have to change them. Okay, so click on next from here. Now, for the volume size, you have to indicate how much size of your hard disk you want to encrypt. All right. How much space do you want to quit in your hard drive for the encrypted files? So what I'm gonna do here is I'm gonna create 8 50 megabytes. That should be enough for text files, images and things like that. I'm gonna create 50 megabytes. All right, I'm gonna click next Now. This is extremely It's so important. It's easily the most important step in encrypting your hard life. Integrated password will be used to unlock the encryption. So if you forget this password, well, that's gonna be really, really bad. So please do not forget this password. No matter what it is that you do, I'm gonna go ahead now. And could it my password. Make sure it's complex and you can see the recommendations right here. You can use something called key files to further boost the security. What a key fell does is in addition to providing your password, you will have to also choose a specific file available on your computer. Xavi. Click. Use key files Over here. You have to click on key files, click at files and then for me you'll have to select a particular file that you would have to provide in addition to your password before you can unlock your encrypted hard drive. This is great. So that should in case someone still your hard drive and tries to decrypt the hard life even if they know the password. If they can provide the file, the key fall that you've added there would not be able to to keep the hard wife. The disadvantage of using key fouls is that if anything happens to that file, if you delete it, if you modify that file well, you're in trouble. So how would recommend not using key files for now? Maybe a little on as you become more explains with encryption, you can decide to start using key files or just click. Cancel. Uh, Pym, basically, is you creating different iterations of encryption. It helps but get enoughto way about that. I'm gonna go ahead now and click next, and you will see there's one insane short parcels adjacent to crack blah blah. You don't have to worry about this as long as your password is at least eight characters has capital letters, militares figures and special symbols. You should be fine. Click. Yes. Now, what's happening here is you're gonna have to move your mouse randomly as quickly as you can to boost you encryption. So just do this. Move the mouse. The mouse I of the mouth of the mouth of the mouse with now is Move, move, move, Move, move, Move! Quickly, Quickly, Randomly. Quickly, randomly and good. Okay, so it's over, So I'm gonna go ahead now and click format. All right, so right now. All right. So the very good film has been successfully create a Ted. Awesome. Awesome. Awesome. So I'm gonna head now and click next and well, that's been much it. You can click, cancel, actually conclude. Cancel. So what's happened now is that we have created a special petition in the hajj life that is encrypted, and it's almost ready to accept new files. So in order to work to access that petition now, if I go to my computer, you can see we don't see that petition. Always see is the sea position we don't see the include a person that we've created. So what I have to wait now is to mount. If that petition writes, I'm gonna go ahead and choose Z. All right? I'll choosy. And then I'm gonna go ahead and click on a Mount Mount. So I'm sorry you have to select the file cases to construct file an anti Romney zoo. Is that felt that we created a member? So click on to Miami Zoo, click open, and then from here, I'm gonna go ahead now and click on amount. You have to provide the password now. So I'm going to go ahead and provide my password that I used. All right, and then click. OK, but, uh, that, uh, this might take a while. Shouldn't take too long. And okay, I think it's mountain. Alright, it's mounted and you can see right now that's the size that's the encryption, and it's normal. So if I go back to my computer, you can now see the petition local disk Z, and we have for 9.5 megabytes off space available. So from here, right now, I can dump whatever files I want to keep encrypted and secure. So this has been much how you can encrypt set in files and documents on your computer. It's first rate forward, and it's very easy to use. Now, remember that wants your dawn Adan files to your encrypted petition. You want to go back to very equipped and then click on this mount very, very, very important. So you mount and then you dismount about. So that's been much how to encrypt your files and documents in your minus 10 home addition . Thank you so much for watching and remember, this is available for Lennox and for Mac users as well. So if you have a living next computer or a Mac computer, it's pretty much the same thing. So thank you for watching. I will see you in the next class. 55. Encryption with Bitlocker: If you look enough to be running Windows 10 professional or interprets additions, then you're gonna have an in built to called bit local, which you can use to encrypt your hard drive. Now, unfortunately for me, I am running Windows 10 Home Edition, so I don't have access to this. Are wonderful. Inbuilt too. But what I can do for you if you are one in professional or Enterprise Edition is I can assure you two really good articles that will explain to you how to install instead of bit locker to encrypt your hard drive. Actually, three articles, this one over here is directly filmed Windows website, which is an extensive ah description of how bit local walks what it does, the requirements and things like that. So I will attach this link in the resources, and then you can check out how to sort of been like encryption on windows from the vegetable website. How to geek. This is a really extensive article on how to set up a bit locker to encrypt your windows PC . And just in case you don't like this one, there's another one I found online, which is really good. This is from Middle Central. It also demonstrates how you can set up a bit. Look out on your computer. So again, I do apologize that I can't show you live on how to run. Ah, but look, a Because again, I'm only using me those 10 home edition. I don't have professional or Enterprise Edition if you don't feel very comfortable getting your guides online. You know, if you feel more comfortable, what an actual demonstrations. Please go to YouTube. Okay, Go to YouTube. Watch videos. If you have any friend or a relative who is more experienced than you in handling PCs, you can console them to help you install. But locker bottom line here is always make sure that you have a back up off your windows computer. As long as you have a backup, then you can afford to experiment and feel, and you can always restore your backups back. So again I will attach this thrilling Senate resources. Thank you for watching, and I'll see in the next class 56. MAC Encryption with Filevault: If you're a Mac user, you might wanna consider using file volts to encrypt your Mac computer. Now, unfortunately, I don't have a Mac, so I can't actually show you how you would run file vaulted, encrypted, hard drive. But what I'm gonna do is I'm going to attach this document to this particular video so you can weed how you can use file vault. It's supposed to be available with the X Line OS or later editions of your Mac open system . And from what I hear from most Mac users, it's actually pretty good. It's a fate, a very powerful tool for encrypting your Mac had Dr. So what I'm gonna do is again I'm going to attach these documents. You can weed on how you can use file fold to, but again, if you want to use fire bolts, I've shown you how to use very equipped. Very equipped is a great tool. It's a great soft, different groups in your heart rivers. Also, you have the option of either using fire faults or fair crypt. So I was seeing the next class 57. Self Encrypting Drives: there is a technology out there known as the self encrypting drive. So the way this works is the hard life is already pre encrypted right from the manufacturer . And every time you write data into that, how drive that they that becomes encrypted automatically now? I personally have never used this kind of hard drive before, and they're not quite as popular as regular Hydro's because they bit more expensive. That's why you don't get to hear of them that often. Now. I did some digging in and turns out see, Gates is actually one of the front line. As for these kinds of how jobs they do, manufacturer hard drives that are self encrypted. So, like I said, personally, I've never uses kind of Hydro's before. I can't really give an honest opinion about them, but it is nice to know that such Hodgins to exist out there 58. Encryption Attacks and Mitigations: celestic about the different kinds of attacks that hackers can deploy to decrypt you encrypted haunch wife. And the very first attack would be through the use of wood kits and boot kids. We've talked about this guys before. They have equal or more privileges than their penises. Them application of good kids can bypass encryption, so these would be the kinds of wood kids deployed specifically to fight against encryption . And as of the schools in the past, the secure but process is easily the best way to prevent this kind of attack from being successful. Next we have the brute force attacks, and it basically here the hack. It flies millions of different kinds of passwords until the white one is found. Now, this is probably the easiest kind of attack to fight against. All you have to do is to use complex passwords for the encryption and also introduced account. Look Houses is easily the best way to combat against this kind of attack. Next is the direct memory access attack, which is a bit more dangerous and a bit more complex. So what happens here is this OK D m. A direct memory access allows certain hardware devices to communicate directly with a system's memory when plopped to the system. So that's if example You have a laptop and you connect an external hodge life through your laptops at the airport. What happens here is that excellent. Hard. Jeff is going to have access to your systems member because it's connected to your system through the D M Airport. So they report to no use authentication. And this is a very real problem. Lies North Indication and the encryption keys importantly, are stored in the memory, and they can be accessed by they had the device. So that's where the real danger allies in the good news here, though, is that US reports do not allow memory access. So if you plug your external hard drive to the computer through the years, reports that external device will not have access to the computers memory Very important. But what kinds of ports are vulnerable to this kind of attack? Well, FireWire from the bold experts card, PCMCIA, PC, I, PC X and P C. I experts. These are the kinds of ports that are vulnerable that do grant memory access to Exxon devices. So if your laptop your PC has anyone of this ports, you need to be very, very careful. So how does this attack actually occurred? Well, a second PC running a Memories Can Intell is connected to the Taggart PC through the D M reports like Thunderbolt. So once connected, this soft oils can the memory and uncovered the encryption key for a straightforward and then the encryption key can then be used to decrypt the hard life. That's basically how this kind of attack, because and the best way to prevent his Attackers, were simply desirable. Such ports. If you have any Demi ports on your laptop PC, it's best to just disable them. There's easily the best way to fight against this kind of attack. Next is the Khyber filled out says Attack. Now the Khyber filled assist file is your windows have been Ishan file, which contains a snapshot off the system memory when this is them hibernates. Now there are tools that exist that can be used to scan to file for the encryption keys. The good news here, though, is that by default, Windows is designed to combat against this attack because the Khyber filled assist file is stored within the encrypted container off your encrypted hard life. So the only way how this kind of attack can be successfully is if you all the admin of a PC , decides for some reason to remove the location off the hobby, feel off the heavy filled or sys file and stood the location somewhere else outside of the encrypted containers doing away how in this kind of attack can be successful, So as long as you haven't tampered with your harbor field assist file, you should be fine. Last Manolas. We have the memory remnants attack otherwise known as the cold Boot attack. So one thing you should know here very, very interesting fact is that memory chips don't immediately lose the panel when a PC Eastern off. So while everyone in this region off your memory chips are still running for a few moments before they eventually get switched off, finally, so an attack out with physical access to the memory chips can lead the encryption key. So how would this work? Well, first of all, he will freeze the Peter's memory, for example, using the new asshole can he can spray the chips to maybe minus 50 C. He will. Then we stopped the PC. But instead of restarting Windows on the PC, he will boot to another open system. He could use a portable DVD and Exxon hard drive, irritable flash drive and so on. Then the portable media loads the memory of men's attack tools, which the attacker then uses to scan system memory and locate the encryption keys. And, of course, the attack. I uses encryption keys to access the drive's data. So in reality this is a bit more difficult to execute because, like I said earlier, the attacker has to have physical access to the memberships within a few minutes off that PC being turned off. So typically this kind of attack becomes successful if it's an inside job, maybe in a company, in an office, in a school where the attack and knows the victim. Veber. Well, he knows that. Okay, this person is going to turn off the laptop right now. He's gonna go out. I'll just quickly stand by and then, you know, try to get access to his memory chips because again the second needs physical access to the chip. So the only way to combat this is to take a good cave of your laptop on your PC, I guess. Don't allow ah, physical access to them from people you don't trust. Basically. So that's it for the attacks and have to combat against them. Thank you, Fortune. And I will see you in the next class. 59. How to Password Protect USB Drives and Folders: a question I got recently from a student is how we can password protect USB drives and also folders or files on a computer. And I thought this was a very interesting question, and I have decided to make a video demonstrating the different techniques you can apply to password. Protect your USB drives and as well as files and folders on your computer. Now let's start off first with the USB flash drive, all right, And there are two basic ways. How you can always protect your USB flash drives. You can use encryption all you can simply use passwords. Now, what I'm really interested in here is password protected. Your USB drives and all you really have to do is just go on Google and type in a password. Protect us be and you will. Still lots of articles showing you the different software you can use to password. Protect your USB drives. And here is one that Cesar eight Freeway To pass it. Put sexuality flash drives with encryption nine. And don't get me wrong. Protecting New Year's be dressed with encryption works. It's just that it's a longer process. It's a bit more complicated as well And really, if you're going to encrypt something, it's usually gonna be your hard drive, not your USB drive, a USB drive that you frequently used. By the way, if you have a very special USB drive that you really use but contains really extremely sensitive information, then yes, all the commend encryption for that one. But if it's a USB drive that you use frequently and you don't necessarily have sensitive data in it, then encryption is not the way to go. You want to go with the password protection about instead. So from this article, I found lots of options. And just to make this village short, the best option, in my opinion, will be the USB secure. It is not free. Unfortunately, it costs $50 but you do have a two week trial where you can actually test to see how it runs. And in my humble opinion, this is by far the best, especially if your windows the software is extremely lightweight. It's extremely simple to use, and best of all is you actually don't even need to install the software on your PC. You would install the software on your actual USB drive and It's just it's so easy to use. Right? So here's the thing. Here is the website. Now you go to, ah, new software start net four slash USB secure and basically didn't want the software itself is just be secure. Right. So you have the full version in hit that you can buy for $30 all you can simply go with the free download. I go to free download or click on the button right here. All right, So here, right now, I have the application inside my folder, My Donald's fold up. So what I'm gonna do here is very easy. I'm going to double click on it, and we're going to install it. All right, so you just go ahead and hit. Accept Now. I have already added my USB drive. You can see it's a trife e. This software will not walk until you insert your USB drive. Okay, So, please, you have to institute. Yes, we drive first and then run the program. Right? So is detective that my USB drive is in Dr E. So I'm gonna say Yeah, let's go ahead and install it. All right. Ah, get so right now it can say only have two trails left. It's fine. So right now you can see that this is my USB driver. Have three movies inside have Fight Club, Creditable and the hunt. All three excellent movies, by the way. So you can see right now that I can actually still see the funds because I haven't yet passive protected. That might. But here's the thing right in here right now. I can add my password for this, like this. I'm gonna go ahead now and say All right, my password is going to be that. Okay, I'm gonna go ahead now and hit. OK, so now you have the options. You want to lock your USB drive for doing to unlock the USB drive? In this case right now, I'm gonna go ahead and lock the USB drive, and that is it. Okay. So right now, I can go ahead now and close this. All right? And then from here, I'm gonna go ahead now and try to open up my drive again. The click. And there you go. We can no longer see the three movies anymore. All you can see right now is the USB secure software. So to unlock the drive and show the three files are having their I'll have to double click on it again. And then for me I'll have to add my password that I used to lock the files. Then he it's okay. So it says access denied you entered an incurred pastoral. Wow. Okay, let's try it again. Uh, my password was jam jam. By the way, if you're interested, gonna hit, okay. And now I can simply choose to unlock the USB drive and voila. Now I have access to the three movies inside my USB drive. So really, this is by far I think the best software you can go for it costs $30. But then, for a softer they can effectively passive, protect your USB drives. I think $30 is a no brainer. It is very simple to use. It doesn't require you to encrypt anything. It's straightforward, and it's extremely lightweight. This is definitely the soft out of comment for you. Two are password protected USB drives. This is for PC. By the way, if you're on the Mac, I think the closest when you can go for would be the Where is it now? After school down here. It's gonna be I believe, that the USB locker is very, very similar, but this one also walks on Mac and Linux as well. So if you have a Mac user using Lennix, you want to go with the USB locker software, so that's his full passage. Protect in your USB drives. Let's not talk about how you can pass it. Protect files or folders on your PC when it comes to pass, it protects in files a full dozen your PC. You do have a variety of options, and there's actually a way how you can pass it. Protect files a full does on understand without the need for any additional software. You will find articles online showing you how to do this, but basically is going to involve you using something called batch notes. And this is the code that you're gonna have to use at some point now. I have used us before, and it works. It works really, really well, but my assumption here is that you are not a tech savvy individual, and you'd rather just go with the easiest and safest route that was achieving your goals so I wouldn't recommend this particular method. If you know, take seven. If you're confident, then by all means, all you really have to do is just go on Google type and how to pass it. Protect folders or files on understand without Yusof sort and you will find the articles. I'll show you how to do this. I do have a sip, a method to show you and that's been making use of a software known as seven Zip seven Zip works just like winzip. Whenever you can archive, you can zip your files, folders and stuff. But you can also pass. Protect your files or folders, whichever one you want to protect. So all you will need to do is to go to the seven zip at the old website, go to the downloads and he near. Right now you can see the different visions that we have, right? So, for me right now, I'm gonna go with the letters vision, which is 18.5 a light and answer from here. I'm gonna go with the 64 bits because, well, you know, my computer is a 64 bit, so I'm gonna go with the dot txt file. I'm gonna download that. And OK, so now I have the application inside, my downloads fold up. I'm gonna double click on its Yes. Let's go ahead. Yes. Click, Install and hit Close. So that's it. Very, very straightforward. Right? So to run its I'm going to go now to my Windows program Right here. I'm gonna hit seven zip file manager. And so you can see right now that we have now, we now have access to my documents. You can see I have some big love files in here. So here's the thing like, eight. Let's imagine I wanted to password protect my WB games folder right here all. I'll have to just just select the folder, all right? And then should the add button right here. All right. And then from here, I'm gonna go ahead now on add my password on the encryptions. I'm gonna say my password is that I'm going to enter my password again. Make sure it matches. You only have one encryption method, which is the A s. 256 which is really good. So that's what I'm gonna go ahead now and hit, OK? And yet you go. So right now, you will see that inside my documents for the right now, I have the WB games at seven z file credit for me. This is exactly what will happen whenever you passive protective fellow folder You will see the 0.7 z version of the felafel that inside the same intellectual. So what I'm gonna do right now is I'm gonna go ahead and deletes my WB Games folder. I don't need this for the anymore. So right now all I have in my documents right now is DWP games at about 70 folder. And if you go to my documents, you can see that therefore, there is no longer there. But we have the WB games at about seven z file. Right now it's on lock. This all I would have to do just right click. And then I can go with the seven zip right here and simply say, extract here. And then I'll just have to add my password. Click OK, and that's it. Now I have access to my WB Games folder. And of course, it's for our Batman. Arkham Knight. I love playing video games, so this is one of my favorite games. So that's exactly how you can pass it protects your files Oil fall There's on your windows pc using the sevens eep softer Save every questions about this. Always feel free to reach out to me. Thank you, Fortune and I will see the next class. Bye bye. 60. Social Engineering Section Preview: welcome to what might be my favorite section in the entire course, and we're talking about social engineering, which is basically the exploitation of human psychology. Now, hackers to they are able to extract very sensitive information from innocent people. We vowed to crack any cold or do anything technical. That's basically what we referred to as social engineering, the ability to many people, it people psychologically so that they reveal sensitive information to us. So in this section, we're gonna take a look at how hackers are able to achieve this and we one of this section by taking a look at one of the greatest hackers of all time. Let's get started. 61. Introduction to Social Engineering: Okay. Welcome to the venue section. We were talking about social engineering. So what is social engineering? Well, it is the art off gaining unauthorized access to buildings and systems through the exploitation of human psychology. It targets the weakest link in a security model system, which is the human element. So imagine a company's security policy being being well designed. They have firewalls, intact passwords. Although strong, they have intrusion detection systems. They have anti malware. They haven't virus. Basically, they lived on everything light. Well, guess what if one of the employees ends up doing something very naive, like given the password to a hacker? Well, guess what? The entire security system goes crumbling down. The human element is always the weakest link in any companies are security. It's always the human element. And social engineering is designed to target humans through exploitation of human psychology. This is a very interesting topic. Now, the term social engineer was popularized by one of the greatest hackers of all time. And that is Kevin Mitnick. We will be meeting Kevin Mitnick little on in this section right now. Social engineering. There are six major types off social engineering attacks. We have fishing now The reason why I have hysterics in front officials because efficient involves primarily the use of e mails and because the very next section in this course is going to go over emails, animal security, I will be called in fishing then so stay tuned. But we also have vision. We have s mission. We have sextortion insider and phony record is these are the six major types of social injury in tax. So the very 1st 1 here is going to be vision. What is vision or vision? The attacker calls the targets and pretends to be from Microsoft or from the targets company in this case, the company that the victim of the target walks for now. In the very first scenario, ready attacker pretends to be for Microsoft. Well, guess what the attacker would claim that the victim's computer has Bean has been infected with malware and the cycle has the solution. And then the attacker with indirect victim to perform certain operations on the computer in order to gain. All right, I noted gland the attacker access to the computer. You may have experiences before If you haven't well, there is a possibility that you might experience it in the future. I have several times, and unfortunately, I have to say something here. And that is the fact that every single kind of coal have gotten like this. The color has always been Indian. For some reason, I don't know why this is the case, but in my opinion, in my very factual opinion, Indians on the two of us for these kinds of phone calls, we'll call you and they will say something like, Hey, this is Bob Smith from Microsoft were running a systems check and we notice that your system has various is Ah, we need you to do this, do that, do this, do that. And I just left them and I end up trolling them. I wished that time and end up hanging up because you know they get frustrated with me. But unfortunately, ah, lot of people fall victim to these kinds of attacks, and it's really, really scary. However, I need to mention one thing, and that is the fact that this particular scenario, where the attack up it tends to be from Microsoft, is just one tiny little example off the different kinds or vision attacks that exists. Take a look at this video. All right, so the video I'm about to play you is a video. It's a demonstration off a female hacker who tries to break into the cell phone account off a particular gentleman here. Now, this is This is the This is the target. This is the victim. Might. Okay, And this is the female. This is a female hacker right here. This is Hold on. Yeah. So this is the female hiker, mighty the blonde. Okay, so she is going to attempt to get this men's email address from his cell phone provider. So she goes on to pretend to be this mother who has a baby look at. She's playing baby sounds from YouTube. So she calls the customer service saying, Hey, I'm you know, I'm trying to look into my husband's account and he's around and my baby's crying. Please help me. Yeah, gotta Indiana. So basically, she's exploits in the psychology off the customer representative. And, of course, the weap feels very sorry for hard, because in which is a mom babies crying. So she the rap ends of given her his email address, but not just that. Actually, she's also able to reset the password that this man used to quit his account in the first place. Very, very scary, but also very impressive. So I will attach the video into the sources. You can watch it. It's very, very entertaining. But like I said, it's also very scary because listen, you can be the most security conscious present world. You can have firewalls you on tomorrow away everything old set up for you nice and tight. And unfortunately, you guys to get hacked because someone else who has access to your information can end up giving that information to someone else. In this case, right now, this poor gentleman right here can be very security conscious. But because he cell phone provider falls victim always duped by social engineer, he can get hacked as a result. So we really have to hope and pray that people who have access to our data like our passwords, email addresses We just have to hope that the l will trained and they don't get duped by social engineers. The next kind of social engineering attack is called Smith Mission, and this involves the use off text messages. So vision is all about phone calls. Smashing is all about text messages, so it's very straight for the text. Messages will continue. There were link over phone number that can be used to Leo the victim. And you can pretty much already guess what will happen when the victim clicks on the link in the text message shield down my hallway and get infected or something like that. So that's basically what s mission is next. We have sex torch on hahahaha light. So here the attacker poses as a potential sex Patner and lose the victim to share compromising videos or pictures. Okay, the video's off. Others have been used to blackmail the victim. And guess what senior officials are. Top executives are often targets, so you could have a lot of this. Executives who go to sex sites like I don't findable combo sites like that. And you could have one of the hackers pretend to be this very gorgeous female. And she's like, Oh, I love you wanna have sex with you? And, you know, I sent a picture of, you know, you know what I'm talking about. And you know, the man been all sexually aroused. he sends the pictures and then guess what? Hey, have your picture. I'm going to share this picture on the Internet unless you give us access to your company's data. You know, stuff like that. That's basically how sextortion works. Very, very effective. Unfortunately, right next we have inside are well over here. You have the attacker who infiltrates a company through a job offer or connects with a disgruntled employee off the target company. So many times, actually, half hackers who apply for jobs in companies that targets in. And because they're able to forge door commands and present a really awesome resume, they get hired. And once they're hired, well, they have access to systems, passwords and, well, that's pretty much the end of the story. However, if the attack or the hacker cann