[OPLIN 4cast] OPLIN 4cast #448: Pro-am cybersecurity
OPLIN Support
support at oplin.ohio.gov
Wed Jul 29 10:30:23 EDT 2015
Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/> [image: OPLIN 4Cast]
OPLIN 4cast #448: Pro-am cybersecurity
July 29th, 2015
[image: cybersecurity]Last week, while this blog was scaring you with tales
of hackers-for-hire, the Google folks were presenting some interesting security
practices research
<https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ion.pdf>
[pdf] at the Symposium on Usable Privacy and Security (SOUPS) in Ottawa,
Canada. The researchers conducted a survey of 231 security "experts,"
defined as someone who had at least five years experience working in or
studying computer security, and 294 non-experts recruited through Amazon's
Mechanical Turk. There were some very clear differences between the
responses of the experts and the non-experts.
- What amateurs can learn from security pros about staying safe online
<http://arstechnica.com/security/2015/07/what-amateurs-can-learn-from-security-pros-about-staying-safe-online/>
(Ars Technica | Dan Goodin) "A survey found stark discrepancies in the ways
the two groups reported keeping themselves secure. Non security experts
listed the top security practice as using antivirus software, followed by
using strong passwords, changing passwords frequently, visiting only known
websites, and not sharing personal information. Security experts, by
contrast, listed the top practice as installing software updates, followed
by using unique passwords, using two-factor authentication, choosing strong
passwords, and using a password manager."
- New research: Comparing how security experts and non-experts stay safe
online
<http://googleonlinesecurity.blogspot.com/2015/07/new-research-comparing-how-security.html>
(Google Online Security Blog | Iulia Ion, Rob Reeder, and Sunny Consolvo)
"More broadly, our findings highlight fundamental misunderstandings about
basic online security practices. Software updates, for example, are the
seatbelts of online security; they make you safer, period. And yet, many
non-experts not only overlook these as a best practice, but also mistakenly
worry that software updates are a security *risk*."
- Trying to keep your data safe? You're probably doing it wrong
<http://www.npr.org/sections/alltechconsidered/2015/07/23/425502893/trying-to-keep-your-data-safe-youre-probably-doing-it-wrong>
(NPR All Tech Considered | Aarti Shahani) "There's a similarly stark gap
when it comes to antivirus - the software that has long been hailed as the
all-purpose cleaner, the rubbing alcohol of the Internet. Forty-two percent
of the non-experts surveyed say products like McAfee and Norton are key.
But among the experts like [Gerhard] Eschelbeck [Google Vice President for
Security Engineering], just 7 percent agree. 'Antivirus has absolutely its
place. But it's not like the only one solution that people can and should
rely upon,' Eschelbeck says."
- Online security: How the experts keep safe
<http://www.informationweek.com/it-life/online-security-how-the-experts-keep-safe/d/d-id/1321465>
(InformationWeek | Thomas Claburn) "A third point of differentiation
between security experts and non-experts is the use of two-factor
authentication. Eighty-nine percent of security experts polled said they
used two-factor authentication, compared to 69% of non-experts. Some 12% of
non-experts said they didn't know whether they use two-factor
authentication - which probably means they don't."
*Articles from Ohio Web Library <http://ohioweblibrary.org>:*
- Multi-factor authentication-It's not just buying another lock.
<http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=cmh&AN=99233743&site=chc-live>
(*Computers in Libraries*, Nov. 2014, p.26-27 | Jessamyn West)
- Personal online security.
<http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=cmh&AN=103232988&site=chc-live>
(*Online Searcher*, May/June 2015, p.38-43 | Edward Vawter)
- Passwords and the evolution of imperfect authentication.
<http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=buh&AN=103441792&site=ehost-live>
(*Communications of the ACM*, July 2015, p.78-87 | Joseph Bonneau,
Cormac Herley, Paul C. Van Oorschot, and Frank Stajano)
------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:
- *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
subscribing to the following URL:
http://www.oplin.org/4cast/index.php/?feed=rss2.
- *Live Bookmark.* If you're using the Firefox web browser, you can go
to the 4cast website (http://www.oplin.org/4cast/) and click on the
orange "radio wave" icon on the right side of the address bar. In Internet
Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
feed.
- *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
http://mail.oplin.org/mailman/listinfo/OPLIN4cast.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20150729/811a316c/attachment.html>
More information about the OPLIN4cast
mailing list