<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>4. Understanding basic multi-factor authentication and why a
wider ID footprint is good</p>
<p> a. OS vs browser vs site vs non-browser app authentication--
who's guarding what</p>
<p> b. What passwordless really means</p>
<p> c. Why unique passwords are important, since your identity and
at least a few of your passwords are ALREADY OWNED & NOW
published no matter who you think you are.<br>
</p>
<p> d. Password keepers and how they work</p>
<p> e. Why syncrhonization can kill your work across all of your
platforms.</p>
<p>5. Packet Radio and why there's no encryption</p>
<p> a. Basic APRS, state of the art X.25 networking and it still
works, but can be impersonated so simply <br>
</p>
<p> b. Digital modes from RTTY to FT4 and they DON'T USE
authentication and why (Part 95)</p>
<p> c. Spectrum theft by organizations that aren't hams, yet use
opaque protocols that can't be identified (see eHam's treatments
of the topic)</p>
<p> d. Bruce Perens' work on non-proprietery digital protocols and
why</p>
<p>6. Infection vectors and how</p>
<p> a. Your firewall/router, smartphones, computers, digital
appliances, IoT devices</p>
<p> b. Email phishing (as below)</p>
<p> c. Portable media</p>
<p> d. browsing maladies</p>
<p>7. Backup, backup, then backup your friends and civilians, based
on the 3-2-1 plan</p>
<p> a. Three backups, two local, one offsite</p>
<p> b. Backup all devices (after updating them) and send one to a
trusted place, regularly</p>
<p> c. Never put network storage devices directly on the open
internet, ever, for any reason, at any time (they're bot lunch)</p>
<p> d. In the event of theft/fire/destruction, the offsite backup
saves your bacon (or beans, if you're vegetarian)</p>
<p>73 W9YW<br>
</p>
<div class="moz-cite-prefix">On 8/5/19 5:57 PM, Wayne Rash via
Ipg-smz wrote:<br>
</div>
<blockquote type="cite"
cite="mid:000001d54bd8$ca26feb0$5e74fc10$@mindspring.com">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<div class="WordSection1">
<p class="MsoNormal">I’m putting together a presentation on
computer security for ham radio operators. The club has a high
proportion of very smart engineers and a bunch of nuclear
physicists, but as you’d expect, they know little about
security. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">So I’m putting together a list of topics.</p>
<p class="MsoNormal"> </p>
<ol start="1" type="1">
<li class="MsoListParagraph">Why hams are at risk (they use
free software from unverified sites and they believe that
Macs are invulnerable)</li>
<li class="MsoListParagraph">What the risks are:</li>
<ol start="1" type="a">
<li class="MsoListParagraph">Phishing</li>
<li class="MsoListParagraph">Credential theft through social
engineering</li>
<li class="MsoListParagraph">Ransomware and how to limit the
damage</li>
<li class="MsoListParagraph">Failure to patch</li>
</ol>
<li class="MsoListParagraph">How to limit the risks</li>
<ol start="1" type="a">
<li class="MsoListParagraph">Know how to identify a phishing
email (I have examples of actual emails)</li>
<li class="MsoListParagraph">How to identify social
engineering</li>
<li class="MsoListParagraph">How to patch</li>
<li class="MsoListParagraph">How and why to back up your
data and why a network share isn’t secure, and neither is
an air gap.</li>
</ol>
</ol>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Any thoughts on what else I should include?</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Wayne Rash</p>
<p class="MsoNormal">703-425-9231</p>
<p class="MsoNormal">703-200-4915 cell</p>
<p class="MsoNormal"> </p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
</blockquote>
<pre class="moz-signature" cols="72">--
Tom Henderson
ExtremeLabs, Inc.
+1 317 250 4646
Twitter: @extremelabs
Skype: extremelabsinc</pre>
</body>
</html>