Cybersecurity Brainstorming: Difference between revisions

From Cyberlaw: Difficult Issues Winter 2010
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
This page reflects the brainstorming and discussion of the cybersecurity group in [http://en.wikipedia.org/wiki/Jonathan_Zittrain Jonathan Zittrain]'s Cyberlaw: Difficult Problems Class.
https://www.hihonor.com/fr/club/topicdetail/topicid-33090/
 
https://www.hihonor.com/fr/club/topicdetail/topicid-33091/
'''Note: This page was just a scratch-pad for our ideas. Our final project is [[Cybersecurity Project|here]].'''
https://www.hihonor.com/fr/club/topicdetail/topicid-33092/
 
https://www.hihonor.com/fr/club/topicdetail/topicid-33087/
''For the Mozilla-icon-privacy project see: [[Terms of Service Brainstorming]].''
https://www.hihonor.com/fr/club/topicdetail/topicid-33088/
 
https://www.hihonor.com/fr/club/topicdetail/topicid-33089/
=Problems to Tackle=
https://www.hihonor.com/fr/club/topicdetail/topicid-33096/
 
https://www.hihonor.com/fr/club/topicdetail/topicid-33097/
Misaligned incentives have prevented industry, users, and government from solving many of the problems of cybersecurity. We're proposing three projects that will allow (power) users to increase the security of their data, as well as improve security for other people, and maybe even for the network as a whole. We may also be interested in working on the [[Terms of Service Brainstorming | Mozilla Privacy issue]].  
https://www.hihonor.com/fr/club/topicdetail/topicid-33098/
 
https://www.hihonor.com/fr/club/topicdetail/topicid-33093/
=="Safeword"==
https://www.hihonor.com/fr/club/topicdetail/topicid-33094/
*''All functionality should be inserted into the browser to appear as part of the various websites.''
https://www.hihonor.com/fr/club/topicdetail/topicid-33095/
(1) Shows security level of user-selected password as it's typed in (for registration)
https://www.hihonor.com/fr/club/topicdetail/topicid-33102/
(2) If user chooses weak password, auto-fill will be turned off. User must manually type in all weak passwords
https://www.hihonor.com/fr/club/topicdetail/topicid-33103/
:Safeword will look for keystrokes and won't send the password to the website if it doesn't sense the appropriate keystrokes
https://www.hihonor.com/fr/club/topicdetail/topicid-33104/
(3) Refuse password if it's been used before (for a major/important/security-sensitive site)
https://www.hihonor.com/fr/club/topicdetail/topicid-33099/
:for security reasons, Safeword would only save the first 4 characters of each password (not the whole thing)
https://www.hihonor.com/fr/club/topicdetail/topicid-33100/
(4) Periodically prompt user to change password
https://www.hihonor.com/fr/club/topicdetail/topicid-33101/
:this would be a suggestion, not a requirement and users could set how often it should prompt
https://geany.org/p/qG93V/
 
http://cpp.sh/43mzxw
Other Ideas:
https://geany.org/p/VkUaX/
*encrypted password storage within browser
http://cpp.sh/3r4uj
*using recaptcha or pictures (esp game), etc as dual key for all passwords
https://rextester.com/KUG37355
*perhaps regulation requiring financial institutions to only accept strong or dual-key passwords
https://coliru.stacked-crooked.com/a/fbe7a00794c079a2
 
https://yamcode.com/hhs-launches-new-maternal-mental-health-hotline
NYT article on bad password security: http://www.nytimes.com/2010/01/21/technology/21password.html?hp
https://paste2.org/vZtDxBtY
 
https://ideone.com/7BYwF1
==Mesh Network Vaccination==
https://pasteio.com/xOtmcJ9mMzV9
Firefox plug-in used by the 5% of power users that can help patch the problems created by the larger base of security-ignorant or security-apathetic users. I made the analogy to tower defense at some point.  
https://paste.tbee-clan.de/MRqvQ
 
https://controlc.com/312f0dac
''For your edification, see [http://en.wikipedia.org/wiki/Tower_defense Tower Defense].'' ''[[User:Mfeld|Mfeld]] 05:18, 13 January 2010 (UTC)''
https://p.teknik.io/6zT4c
 
https://apaste.info/QX3H
==Stop Badware==
https://notes.io/qq3fG
We propose a Firefox plug-in that would incorporate an improved Stop Badware database and automatically warn users when they attempt to access websites that are suspected of including malware or have been known to do so recently. We also propose this is included in search engines. While Firefox 3 and Google have recently implemented similar ideas, we would like to display more granular data (i.e., 99% of visitors to this site report no problems, 90% of visitors to that site), with better timing information, and automatically build in reporting of malware to the database.
https://paiza.io/projects/RNo1VGKIreTTm8vSqHSw0Q
 
https://ide.geeksforgeeks.org/7823fdd3-a180-42e1-8dec-62cce6b795c8
StopBadware goes independent: http://news.cnet.com/8301-27080_3-10440210-245.html
http://cpp.sh/8bpos
 
https://bitbin.it/AzzlBxzz/
==Distress Password==
https://pastelink.net/9jopss2o
Have 2 passwords --  
https://paste.rs/ixY
:(1) secure password -- shows all emails, all data
https://dotnetfiddle.net/17O6ZI
:(2) distress password -- shows limited data (like limited profile), only showing safe data
https://mcspartners.ning.com/photo/albums/hhs-launches-new-maternal-mental-health-hotline
 
http://allabouturanch.com/forum/topics/hhs-launches-new-maternal-mental-health-hotline
==Password Picture==
http://beterhbo.ning.com/forum/topics/hhs-launches-new-maternal-mental-health-hotline
Have a dual key mode of authentication for various web services: one would be the typical password, and the second would be a series of pictures. For example, when creating an account on a website for the first time, you would choose a password and choose keywords for pictures, like "animal" or "tree". Logging in would require you to enter a password as well as, from a series of pictures, choose your 1, 2, or 3 pictures that show your keyword. This would prevent robots from being able to try and guess your password, and would also prevent keystroke detectors from being fully functional.
https://caribbeanfever.com/photo/albums/hhs-launches-new-maternal-mental-health-hotline
 
http://playit4ward-sanantonio.ning.com/photo/albums/hhs-launches-new-maternal-mental-health-hotline
=Presentational ideas=
http://ptits.net/boards/t/78299/dsgdsgdsh.aspx
*"This is your internet, this is your internet on botnet"
https://pantip.com/topic/41419040
*Ham Sandwich metaphor acted out in reality
https://vocus.cc/article/62786aeafd897800012c6177
*Voiceover puppets a la JZ's [http://www.youtube.com/watch?v=NggzBHSXdCo video explanation of Herdict]
https://ameblo.jp/dolamela/entry-12741805576.html
*PSA Announcement featuring Internationally Recognized Magician Michael Feldman
https://gamerch.com/looooa/entry/352113
*Lessig-style keynote presentation (as part)
https://writeonwall.com/hhs-launches-new-maternal-mental-health-hotline/
 
https://ctftime.org/task/21082
Spot 1: Ham Sandwich (Live).
 
Magic Michael is happily doing a magic trick. Suddenly, he makes a ham sandwich appear out of nowhere. He asks an audience member, "And now, who would like to eat this ham sandwich?" People in the audience (kids?) react angrily. One says, "But, where did that ham sandwich come from?"
 
CUT TO Magic Michael, now sitting on a stool, talking to the camera: Everyone knows not to eat a mysterious ham sandwich that I make appear out of nowhere. But why do some people install software when they don't know where it came from? Hi, I'm internationally-recognized magician Michael Feldman, and I'm here to remind you how important it is to keep your computer safe. When in doubt about whether or not you should download and install a piece of software, just follow the ham sandwich rule; if it came from a stranger and you're not sure when or where it was made, don't install it - or eat it!
 
(looks great -- I just want some more magic puns, like "if it were a rabbit sandwich, maybe that's ok" or "installing random programs isn't magic. it's stupid.")
 
End with "The More You Know" music and logo? (like at the end of this stupid clip: http://www.youtube.com/watch?v=3eazYHO3Hsg&feature=related).
 
Spot 2:  
Magic Michael is seated, looking directly at the camera. "Hi, i'm internationally-recognized (and renowned) magician Michael Feldman. I can make many things disappear (hand gesture, and poorly patched together video making something disappear). But there's one thing that even I can't make disappear: the cybersecurity problem. (Michael attempts to make something symbolizing cybersecurity disappears, but fails). Remember, kids, installing random programs isn't magic. It's stupid."
 
 
[[Image:CyberSec1.jpg|thumb|120px|alt=Whiteboard Notes Part 1|Mesh Network Vaccination / Password Protection Ideas]]
[[Image:CyberSec2.jpg|thumb|120px|alt=Whiteboard Notes Part 2|Ideas for Incentivizing]]
[[Image:CyberSec3.jpg|thumb|120px|alt=Whiteboard Notes Part 3|Stop Badware Ideas]]
[[Image:Problems Solved.jpg|thumb|120px|alt=Whiteboard Notes Part 4|Problems Solved by "Safeword"]]
[[Image:Safeword Functionality.jpg|thumb|120px|alt=Whiteboard Notes Part 4|Functionality for "Safeword"]]

Revision as of 20:21, 8 May 2022

https://www.hihonor.com/fr/club/topicdetail/topicid-33090/ https://www.hihonor.com/fr/club/topicdetail/topicid-33091/ https://www.hihonor.com/fr/club/topicdetail/topicid-33092/ https://www.hihonor.com/fr/club/topicdetail/topicid-33087/ https://www.hihonor.com/fr/club/topicdetail/topicid-33088/ https://www.hihonor.com/fr/club/topicdetail/topicid-33089/ https://www.hihonor.com/fr/club/topicdetail/topicid-33096/ https://www.hihonor.com/fr/club/topicdetail/topicid-33097/ https://www.hihonor.com/fr/club/topicdetail/topicid-33098/ https://www.hihonor.com/fr/club/topicdetail/topicid-33093/ https://www.hihonor.com/fr/club/topicdetail/topicid-33094/ https://www.hihonor.com/fr/club/topicdetail/topicid-33095/ https://www.hihonor.com/fr/club/topicdetail/topicid-33102/ https://www.hihonor.com/fr/club/topicdetail/topicid-33103/ https://www.hihonor.com/fr/club/topicdetail/topicid-33104/ https://www.hihonor.com/fr/club/topicdetail/topicid-33099/ https://www.hihonor.com/fr/club/topicdetail/topicid-33100/ https://www.hihonor.com/fr/club/topicdetail/topicid-33101/ https://geany.org/p/qG93V/ http://cpp.sh/43mzxw https://geany.org/p/VkUaX/ http://cpp.sh/3r4uj https://rextester.com/KUG37355 https://coliru.stacked-crooked.com/a/fbe7a00794c079a2 https://yamcode.com/hhs-launches-new-maternal-mental-health-hotline https://paste2.org/vZtDxBtY https://ideone.com/7BYwF1 https://pasteio.com/xOtmcJ9mMzV9 https://paste.tbee-clan.de/MRqvQ https://controlc.com/312f0dac https://p.teknik.io/6zT4c https://apaste.info/QX3H https://notes.io/qq3fG https://paiza.io/projects/RNo1VGKIreTTm8vSqHSw0Q https://ide.geeksforgeeks.org/7823fdd3-a180-42e1-8dec-62cce6b795c8 http://cpp.sh/8bpos https://bitbin.it/AzzlBxzz/ https://pastelink.net/9jopss2o https://paste.rs/ixY https://dotnetfiddle.net/17O6ZI https://mcspartners.ning.com/photo/albums/hhs-launches-new-maternal-mental-health-hotline http://allabouturanch.com/forum/topics/hhs-launches-new-maternal-mental-health-hotline http://beterhbo.ning.com/forum/topics/hhs-launches-new-maternal-mental-health-hotline https://caribbeanfever.com/photo/albums/hhs-launches-new-maternal-mental-health-hotline http://playit4ward-sanantonio.ning.com/photo/albums/hhs-launches-new-maternal-mental-health-hotline http://ptits.net/boards/t/78299/dsgdsgdsh.aspx https://pantip.com/topic/41419040 https://vocus.cc/article/62786aeafd897800012c6177 https://ameblo.jp/dolamela/entry-12741805576.html https://gamerch.com/looooa/entry/352113 https://writeonwall.com/hhs-launches-new-maternal-mental-health-hotline/ https://ctftime.org/task/21082