CS50 Lecture on Cybersecurity: How to Keep Your Computer and Phone Secure (pre-release)
All right this is cs50. And this is not a typical week of cs50, indeed we're midweek, here, uh in the fall, of 2020. Here on campus, which would normally be, first year family weekend an opportunity, for the parents and family members of the undergraduates, here at harvard to actually come to campus sit in on classes. Attend, talks, and get to know, their students, in situ here right on campus, of course, this uh this particular, year all of us are staying afar. Digitally, except those of us who are actually. Here living in cambridge itself already, and so what we thought we would do this year is hold a virtual, talk of sorts a virtual discussion. Focused on one topic that doesn't require, any prior familiarity, with computer, science does not require that you be in or have taken, cs50, itself, because it's about a topic that's at least in part familiar. To all of us even if it's a little bit. Less familiar, technically. It's certainly familiar to all of us as users of technology, and that topic is security. Or cyber security, and what we propose today is that we have a discussion. About how you might go about keeping your own computer, be it a laptop or desktop, or your own phone which is also a form of computer. Secure. And i dare say that this topic, even though we'll get into some of the technicalities. Of what it means to be secure, is familiar, in the sense that all of us think about or encounter. Good security, and bad security, in the real world every day think about the home that you live in be it a house or an apartment, or a dormitory, or somewhere else, typically you'll have things like locks on the doors, and you might even depending on where you live have bars, on the windows, and the like, but typically. There are manifestations. Of security, at different levels, and i mean that literally, for instance in a typical city there might be bars, on the first floor windows, but not on the second floor or the third floor, and that is to say that someone could technically. Make their way into your home by way of the second floor or the third floor but it's going to be more difficult, of course because they need a ladder they need some other form of physical access to a height like that at which point they're probably going to attract more attention. And so the probability. That an adversary. Is going to break into your home, given that they have to actually, rise to that level and get above the first floor, is probably, relatively, low it's not zero, there's nothing stopping someone technically, from pulling up a ladder and going into that open window or the like that has no bars. But it's less likely, and that's actually a good way to think about security. In the digital world, as well, that there's really no such thing as, secure. Like your phone is not secure, fundamentally. Your, your laptop your desktop is not secure. Fundamentally. It's secure to some extent. It might be secure against certain, attacks. Or certain types, of adversaries, or adversaries, with certain amounts, of resources. And those resources, might be time, might be money might be technical, savvy, but it really is going to be a trade-off, and so while a bit unfortunate. One way of thinking about security, is that you don't want to be a secure, in an absolute, sense, in the real world you want to be more secure. Than your neighbor's, house for instance, you want to somehow, raise, the bar either physically, or metaphorically. To the adversary, so that it's going to take that adversary, just too much time too much money too much effort, to break into your home, that they might as well just go next door, instead, and the same is going to be true, in the world of computers. But we're going to measure, the security. Of systems, more computationally. Not so much physically. So with that said. Let me invite you to open up this url, here on your screen if you're using a laptop, or desktop, go ahead and just open it up in a separate tab in another browser. If you're on your phone you can go back and forth between two windows most likely depending on your operating, system, but go ahead when you have a moment and open up this url, and we'll use this url, to ask a few interactive, questions, that you can respond to. Digitally, and will also take questions and comments. Throughout, today, as well, so with that said. What does it mean to be secure then let's take a couple of thoughts on this.
What Do, you think of the word secure, as meaning, in the context, of your phone. Of your computer, of your home. Interpret, as you will, what does it mean. To be secure. Would you say. Any. Digital, hands, in zoom. Feel free to if you're feeling shy feel free to chime in via the chat and brian can proxy. But otherwise do feel free to raise your hand virtually. If you would like to. Offer your definition. Yeah how about over to pranav. If i'm pronouncing it right, how what does it mean to be secure. Yeah i think. It means. By security, you mean. To. Protect. All the data, that's stored. On a particular. System if we're talking about technology. And, at least make it hard. And. Buy yourself, enough, time. That. A certain. Person. May not hack into your system, at, the current moment. Because. Yeah let's face it you may not be able to, protect your system, for. Uh. Your entire, lifetime, but, i would say at least buy yourself. Uh. You know continue, continuously, buy yourself, time. Okay i like that so, security. Is all about keeping someone, out of your resources, but as i myself have claimed thus far that's hard to argue in the absolute. Really you want to. Your system to just take, too much time, to compromise. For your phone or your laptop to take too much time to compromise, at which point, you're sort of probabilistically. Statistically. Safe against adversaries. Because again they're not going to want to waste that much time or effort or money hacking into your particular, system versus someone else, now there are different ways that you and i in the real world, try to keep our laptops. And our phones secure. And one of those most popular web mechanisms, is of course passwords, passwords, being, some kind of phrase some kind of number that you actually, uh configure, your device with so that ideally, only you, know that password, and only you therefore, can get into the device, by using that password, and so by a show of physical, hands, how many of you have passwords, on your laptops. Or desktops. If you use one of those devices. So almost, all of the hands are going up those of you who don't have your hand going up you've probably made i presume a conscious, choice to not use a password maybe it's annoying to type in maybe you don't really worry about anyone around you getting into the device but you should concede, or recognize, that there is therefore, a threat, it's much easier for someone to get into your, laptop, or desktop. Than into that of anyone else who raised their hand just a moment ago, now those of you who, have a phone. A mobile device. Those, of you with that device, how many of you have a password, or passcode, on that device. On your phone so somewhat fewer hands i'm seeing so it's good that so many hands are going up but there too it seems that some of you don't have and hopefully you've thought about the implications, of that, which means that your parents, your siblings. A stranger. If they just physically, pick up your phone whether it's in your home or in a cafe, or an airport, has immediate, access to all of your data so arguably, much less secure certainly than someone, that requires, a password. But let's consider. How we can measure, the security, of your phone, the measure the security of your computer, just by using this simple familiar, mechanism. Like a password, so it turns out that you and i frankly as humans aren't very good at picking these passwords, in the first place as of 2019. Just some months ago at year's end, this was determined, by security, researchers, to be, sadly. The most common password, in the world literally, one two three four five six, that was the most common password, according to many measures this past year, uh among those, uh passwords, that were known, number two on the list was slightly better one two three four five six seven eight nine, after that was qwerty.
If That one looks a little weird if you have a u.s english keyboard, and you look at the top left row of your keys. Q-w-e-r-t-y. Is what they would spell on a u.s keyboard, people are really not trying very hard to come up with their password. Even though it's not technically, an english word per se. Password, was the number four most popular, password. P-a-s-s-w-o-r-d. Which is a little too tongue-in-cheek. To be at all secure. After that was slightly, worse one two three four five six seven, after that, one two three four five six seven eight, after that one two three four five you can perhaps see the pattern here, after that was adorably. I love you, but if you think you're being clever, by having i love you as your password. Well there's a lot of other humans in the world that think they're being cute too. One one one one one one was also popular. And then lastly, one two three. One two three so now why these passwords, you can perhaps infer, from this list, why some of these passwords, are the way that they are, odds are these people, were using these passwords. On phones, or on websites, or on other systems, that probably had like a minimum password, length. These people probably, needed a password that was six. Characters, long, these people probably, needed one that was nine characters, long and so forth so you can perhaps see some manifestations. Of policies, that companies and universities. And and uh, software manufacturers. Might have in place, but suffice it to say if your password, is on this list, your first takeaway, from today's, discussion. Should be change that password. At least, if you care about the account, and i would argue tune will come back to this, it really probably should figure into your decision making what type of account it is if it's for some, silly website, or game that you're never going to use again maybe it's not a big deal, if it's your bank account your student record something medical related.
Probably You really don't want your password, on this list so there too, consider, the context, in which we make, all of today's decisions. Now why are these passwords, bad, and why are passwords, themselves, potentially. At risk, so a term of art in computer, science is that of brute, force attacks. And this kind, of is what it says, this refers to an adversary. Someone who's out to get you or get someone. Has, uh, a. Device. Or writes, uh software. That tries to just guess, your password, brute force attack means that, if they don't know your password. They're not just gonna try random numbers, necessarily, they're gonna try, one one one one one one, and then they're gonna try one one one one one two, then they're gonna try one one one one one. Either manually, by typing it into the phone that they might have stolen off of you or maybe by writing software. And then connecting, that software. Via a laptop or desktop, to your phone, via usb, cable or lightning connector, or the like a brute force attack pretty much just means that the adversary. Doesn't necessarily, know anything about you your name your birthday, your children's, names nothing like that, but, they do have a lot of time, or a lot of skill and so they're just going to try all possible, passwords. And what's, eye-opening, i think about this type of attack. Is that it already gives us an opportunity, to start thinking about, how can we protect, ourselves, against an attack and just right now, how secure, are your accounts. On your phones and computers. Against, brute force attacks, well let's consider how an adversary, might do this this is kind of a silly youtube video here but let me go ahead and play. This animation, really which shows a small robot, of sorts. That is typing. Using this little, robotic, arm, onto an android, phone down there there's a zoomed in version of it and pretty much this is a brute force attack by a robot. A physical device that an adversary, has designed to just type in all possible, passcodes, and even though the video itself is short, you could imagine the adversary. Going about their day going to sleep and this thing just keeps brute forcing its way through your password. So eventually, it might get lucky and stumble upon whatever, code, you were indeed, using. But of course, there's probably, other. Threats, too. There's other threats in fact anyone who's taken cs50. Or cs50x. Or even just the first few weeks of it learning a little bit of c, or python, both of which are common programming, languages. Anyone who knows a little bit about programming, can certainly write software. That simulates, what that robot, was physically doing and the thing about, software. Is as soon as you don't have any moving parts you can do things, much much faster because it's all electronic. It's not at all mechanical. And so in this case, what if i were to, steal your phone off of you for instance. Write some software, on my mac or pc, and then plug, my mac or pc, into your phone with again a usb, cable or a lightning connector. Such that i could write code that tries all possible, passcodes, again and again, for instance suppose that your phone. Is using, and this is not an uncommon, default. On, on iphones, or on android phones at least in the past. Four digits. Suppose, that you're required to choose minimally, a passcode, or password, synonymous, here. That are four digits long and we're talking decimal, digits so zero through nine so zero one two three four five six seven eight nine you need to choose four of those digits, in some pattern. Well how many, possible. Passcodes. Are there. That are four digits, long. If your passcode, is four digits long, you can begin to think about the security, of your passcode. In terms of well, how long would it take an adversary, to brute force their way. To my actual password, starting at 0 0 0, going all the way up to for instance, 9999. Well let me go ahead and open up the screen if you pull up that same url, from before. You'll see in just a moment. A poll. That'll, ask you this very same question. That being how many four-digit. Passcodes. Are possible, in just a moment you'll see this on your screen let me go ahead and full screen it on my end as well, go again to the url, that's atop my screen here, if you missed, the url, earlier, or happened to close the tab, how many four digit passcodes. Are possible. How many four digit passcodes, are possible. Among the answers here are 4. Or 40, or. 9999. Or maybe 10 000, or, quite fine too you're unsure. Go ahead and buzz in with. One of those, responses.
If You could. All right looks like we've got a few hundred responses, thus far we'll give you a few more seconds to buzz in. A few more seconds to buzz in. And let me go ahead and begin to reveal the results, here so it looks, like. Uh, quite a few of you 60 plus percent, think it's 10 000 possibilities. 27. Of you think it's, 999. Possibilities, and then a few others think it's 40 or 4 and a bunch of you are unsure. So let's consider then how we would answer this question so that we have a mental model for answering this, on our own, let me go ahead and propose, that, to answer this question we just do some very simple arithmetic, it doesn't need to get very complicated. But the math could be thought of, in the following. Way if we've got a four digit passcode. That's four digits. Each of which can be zero through nine, and there's ten total digits there for zero through nine zero one two three four five six seven eight nine so, ten possible, values. For each of those four digits. So if that's the case i think it's fair to say that there's 10 possibilities, for the first digit, times 10 possibilities, for the second, times 10, times, 10. And of course if you multiply this all out the answer was indeed. 10 000 possibilities. So if you have an iphone or an android phone right now and you've got a four digit passcode. That you think no one knows that may very well be the case, but you should worry about or consider. Well what happens if a friend with a fancy robot, connects your phone to that and just tries, all possible, values from zero zero zero, to zero, to nine nine, nine nine or, smarter, still. Connects your phone via a cable to their laptop. Writes software. To generate, all of those possibilities. Well a little worrisomely. It's not all that hard to do the latter and to actually write code so in fact let me go ahead here and on my own mac. Let me go ahead and open up a program. That's going to let me write some code in a file called crack, dot pi, so crack is a term of art and programming, which means to brute force your way, into a password, somehow, so to figure out what it is algorithmically. Those of you particularly, parents and family members who have never seen any of this before, totally fine that's new to you. Your sons and daughters and others here have in the room, have seen a little bit of this code but we'll keep it short, which is to say that it actually doesn't take all that much effort, to write code, that brute force is an attack, on your own phone, and the code i'm going to write here is in a language called python, which is quite popular, these days, and i'm going to say a command like this, from string, import, digits. Which is just a clever way in python, this programming, language just give me access to all the possible digits in decimal, zero through nine, and then i'm going to import, so to speak, from a library. Some software that some other smart people wrote, something called, product. So it turns out in a programming, language you have lots of functions. Or functionality. Much like in the world of math you have functions, like addition, subtraction, multiplication. And division, in the world of programming, you have all of those, capabilities. But many more, and so one of the functions i'm importing here is this notion of a product, which really just means a permutation. Of all possible. Uh, digits. And now i'm going to use what's called a loop in programming, a loop in a program is just something that does something again and again, and i'm going to go ahead and say this, for passcode. In. The product, of, all of those digits.
And Repeat the digits, four times total. Go ahead. And print out each passcode. Let me go ahead and print it out using somewhat cryptic syntax. But that's only because i'm going to print out a list as an actual string. Parents and family members don't worry for now what that means, um cs50, and cs50x, students, this is just a clever way with a couple of lines of code, to iterate, over all of the digits 0 through 9, combine, them, four at a time. And print out all, possible, permutations. Of those four digits, so if i didn't screw up here i'm gonna go ahead and save my file, and run a command called python, on crack.pi. And hit enter. Boom. That was so fast in fact let me do it again let me clear my screen and rerun this crack.pi. Program, boom. That's how fast, a computer, my little mac here, can try, all possible, codes between, 0 zero zero, and nine nine nine nine and it's so fast because it did them all in the blink of an eye, so if you're thinking that your four digit passcode, is keeping you somewhat secure, it probably, really isn't. Because it wouldn't take that much effort for maybe someone in your household. To write code like this connect your phone secretly, at night when you're not paying attention, and figure out potentially. What your code actually, is, so what would be better than, than using just digits, what would be better well why don't we use letters of the alphabet, english alphabet for today's purposes. And in the english alphabet, we have more letters. Than we have numbers. So how might we think about this let's go ahead and ask a question here, if you change your phone after today, to use four letters, of the english alphabet. Instead. Of, using. Numbers, alone, how many possibilities. Are there then well let me go ahead and open up a different poll question here, which asks this time. How many. Four-letter. Passcodes. Are possible. And in just a moment you'll see in that same window as before. This question, being asked how many four letter passcodes. Are possible. And we'll see what folks think in answer to this as the answers begin to come in. To be fair i have not qualified, one thing so you might have to be making certain assumptions, there are indeed 26, letters, of the english alphabet, however. There's uppercase, and lowercase. So if you allow the user to type in something case sensitively. So to speak where case matters, it's not 26, possibilities, for each of those four. Characters, it's instead. 52. Possibilities, so it looks like an overwhelming, number of you 78, percent, think there's some seven million, possibilities. When using four letter passcodes.
About 11, of you think that 52. 000. Are all of the passcodes, so let's go ahead and do the quick math, again it doesn't need to be particularly, sophisticated. The math let me go ahead and open up this time, a similar, approach, to this problem, whereby, if we have four letters of the alphabet and let's assume case sensitivity, which to be fair you might not have assumed. Well then i think we have 52, possibilities. Times 52, times 52, times 52. For each, of the four letters, in your passcode. And if you multiply, that out boom, you indeed get seven, million. Plus, possibilities. So consider, the takeaway, here, if you are currently, using, a passcode, that's four digits, purely numeric. You have only ten thousand, digits between you and some adversary. Hacking into your phone potentially. If you change your four-digit, passcode, to be a four-letter, passcode. Then you've got seven, million. Possible passcodes, between you and the adversary, now why is this better, well again whether they're using a robot, or using code. It's just going to take them more time to hack into your device, and again at that point if it's going to take them that much time that much effort maybe even that much money, to hack into your phone, you relative, to other people, might indeed be more secure. Because it's probably going to be easier for that adversary, to go steal someone else's phone, and try to get into that one instead, well let's consider what this does in actual, code, let me go back to my. Mac here, and let me go ahead and open up that same file as before. And let me go ahead and change something as follows, instead of using, digits. Let me use what i'm going to call, ascii, letters. Families, who are not familiar with cs, ascii, just refers to essentially. All of the printable, letters of the alphabet, that you would typically, see, in english so a through z capital, and lowercase, here, and i'm going to go ahead and change my mention of digits here, to be ascii, letters as well so again the program is almost identical. But it's going to use all 52. Uppercase, and lowercase, english letters, instead, of, all 10 digits. Let me save this file, let me rerun, python of crack.hi.
And This time i actually have a moment, to walk over to the screen. And point out now, that we're just now through the lowercase. Z's. Now we're going through all the possible, passcodes, that start with capital, letters, it's still pretty fast, this is maybe what 10 seconds, later done. We went from aaa. A to z. Zzz. So we've raised the bar and again the security, of our, phone in this case is arguably. More it's higher. Because now it's going to take the adversary, more time, or more effort, to actually hack into, our device, well let's consider perhaps another question then what if we generalize, it further. To be characters. And those of you among families perhaps might not know the distinction between characters, and letters so let me open this up to the floor here, when you register for a website, these days, it's somewhat annoying, because those websites, typically, force you to choose, a good password. And what do they typically, mean by good password. What does your password, these days often have to contain, before the website, even lets you proceed. Any thoughts. Yeah feel free to raise your your virtual, hands. And let's see brian who do we have how about uh dax, what are your thoughts. Eight characters, at the very least, number. And capital. So at least a number and character so combine the two i like that so instead of 26. Or 52. Or 10, we instead have maybe, 62. If we combine, letters and numbers, other thoughts, on what websites, typically. Force you to do. Special. Okay so special characters or punctuation. Characters so maybe it's a hash symbol, maybe it's an exclamation, point a parenthesis. A comma, period something else yeah so these symbols, and frankly, i get as annoyed as you probably do when these, websites sort of annoy, you and say no that you can't use that password, no you can't use that password, you need to choose something that's much harder to guess, but indeed if we add punctuation. To the mix. I think we can do even better in fact a character, therefore. Is any type of character. Maybe it's punctuation, maybe it's a letter maybe it's a digit, unlike just letters alone so if we have four characters. It turns out that typically, at least in ascii, the system that cs50, students will know computers, typically, use, there's 94. Possibilities. For each symbol, because you've got, 10 letter, 10 digits 0 through 9, you've got 26, lowercase, letters, 26, uppercase, letters and then if you count them up on an english keyboard. 32, characters. More, that, represent, punctuation. Like hashes and exclamation, points and commas and periods, so if you have 94. Possibilities, for each of those symbols, it turns out, that you then have a total of 78. Million. Possible, passcodes. And that's pretty good, now we're really, raising the bar to the adversary, because now they have to waste even more time, trying to hack into. Your passcode. And in fact let me go ahead and simulate, that with some actual, code let me go ahead and open up my same program as before. And this time let me go ahead and import not just ascii letters, but also digits, and also literally, punctuation. The code i'm writing in this language called python, literally gives me access to all printable, punctuation. By just importing, it with this first line of code, and i just need to change one line of code down here. I need to actually say ascii, letters. Plus. Digits.
Plus. Punctuation. So this is python, shorthand notation. For joining, multiple, lists, those cs50, students among you will know that you can join two lists perhaps in this way using what looks like concatenation. But with lists it combines, them all together, but i'm still going to do of length four here now let me go ahead and save this program, and rerun it as python, of crack.pi. And now. I can frankly take my time. Walking over to the screen. Because now what you're seeing on the screen is four possible, symbols. But it's including. 32, possible, punctuation. Symbols which means this list, is much longer, right at this point in the story, we were already through, all of the lowercase, letters up through z a moment ago, now we're only at the m's. N's. O's. P's, which is to say, that if my mac, weren't just printing this on the screen but were instead connected, to your phone that i stole. And somehow, sending, all of these possible, passcodes, into your phone, it would be taking, this much time, to actually solve now to be fair we're almost at the lowercase, z's, so you know if we kind of stall for like a minute or two longer. This program, two will finish, so even 78. Million, possibilities. Is not all that impressive. And so i dare say that we should do even better than this so what might be better than four characters. For a password. Any thoughts or volunteers, what would be a better password, than four. Characters. Where again each character, is a letter a number. Or, a punctuation. Symbol. The list is pretty good but i think we can do better because even this will be done. In under a minute. Yeah thoughts. Leo. I'm still muted. I think we need to unmute leo. There we go oh, try again. Hello, yes okay success. Right, um. Uh have a longer password, to use like at least eight characters. Perfect so have a longer password use at least eight and notice here we're even now going through the numbers, but we're almost done it seems with the numbers but now we're going through punctuation.
But Again if i give this a little more time and i think i was a little over, zealous. Under a minute probably isn't going to fly but certainly by the end of class, that will have been done but what if we do a little better, and use eight characters. Well eight characters, is gonna take even longer but let's go ahead and ask you all. How much longer this might take let me go ahead and open up a somewhat different question but similar in spirit. In just a moment that will appear on your screen. And the question here is going to be how many eight character, passcodes. Are possible. Give me just a moment to open up that screen you should see it momentarily. And indeed, on your screens, now. You should see this question. How many eight character, passcodes. Are possible. And this time i'm kind of waving my hand at it i didn't even bother doing the math, precisely. Yet, but i'm proposing, that it's roughly a million. A billion. A trillion, a quadrillion. A quintillion. Some of you are perhaps, noticing, a pattern here and you went straight for quintillion, that bar jumped up really fast. So maybe you're right, good instincts, perhaps. Looks like we're getting, equilibrium, about 60 percent of you think it's one quintillion. 25, percent of you think it's a quadrillion. And then fewer and fewer, for the others, well let's take a look at what the actual answer is give me just a moment to actually do out the math here on my screen, and if we do out the math on my screen here. We'll see of course that we need to do some more math, we need to do 94. Times itself, eight times. Instead of just four to leo's suggestion, of using eight possible, symbols, and if you do this out, i had to think about this this in fact is let's see we've got. Millions. Billions. Trillions. Quadrillion. So gotcha, so it wasn't the biggest, option on the list, the answer is indeed, quadrillion. So six quadrillion. If you will. But. But but those of you who are fans of having quintillion. Possibilities. Which is pretty pretty. Secure, because it's just going to take the adversary, way longer to hack into your password. Well all it takes to go from, six. Quadrillion. To some number, of quintillion. Is just two more characters, so in fact if leo had proposed. Not an eight character passcode. But a 10 character, passcode. We actually would have hit quintillions. So life gets interesting, life gets more secure. The longer, and longer and more complicated, these passcodes. Get. All right so by logic then you should all probably have passcodes, that are not eight not ten maybe they're 20, characters, long maybe they're a hundred characters, long, but here we see another theme in security. That of trade-offs. Like the end-all, is probably not to be as secure, as possible. But to be as secure as possible, conditional. On some other goals you might have, so let me ask this, what's the trade-off, here in making your password, longer and longer.
And More and more complicated. What price do you pay, as the human. What's the downside. In computer science as in life there's always a catch, there's always a cost. So what's the cost, when you make your passcode, more and more secure, any thoughts. Let's see who do we have brian over to uh, ginny. What do you think. Yeah. I feel that it is very difficult for a human being to remember such a long password, and due to that we even store those long passwords, somewhere in the system itself, so that we can use that whenever we have to log into the system. Yeah there's this trade-off of just remembering, the darn things and you make a perfect point, if uh if i can get on my soapbox, again if you are the among those people who have pretty good passwords, and by good passwords, i mean some numbers some letters some punctuation. But, it's written on a post-it, note on your monitor, at work, or maybe it's slightly more cleverly, written, in a microsoft, word file, in your hard drive or maybe it's in a google doc or maybe it's even on a piece of paper in your drawer. You're just exposing, yourself to other threats, of course but here too, is sort of a sociological, consideration, or just a policy consideration, whether you're running a business or a university. Or just a household, with multiple family members, what should your own policies, be because arguably, it's not jenny's fault it's not our fault, if we are resorting, to writing things down on paper, if our passwords. Are so darn hard to remember, and moreover, i haven't even made the suggestion, yet, but if you are one of those people in life, who is using the same password, on multiple, devices. Or on multiple, websites, or on multiple, apps. You are bad like you are also, doing something, bad why, because if any one of those apps or websites, is compromised. And your password, gets out whether it's i love you quote unquote, or something much more complicated. All an adversary, has to do now is try that same password. On your other accounts, and so you're just exposing, yourself to more risk by reusing, passwords, but to jenny's point here my god where does it end now i need a really long, random, password, on this website this one and this one and this app, all over the place i mean honestly i as a human, certainly, can't, remember, all of those passwords, and even if i could i feel like there's better things in life to be remembering. Than, passwords, for accounts, like this, so there's surely a trade-off, here but, again, the goal is to keep the adversary. Out with some probability. Not necessarily. Out, in the absolute. So. What else can we do to prevent. The adversary, from hacking into our system so that i can have in somewhat, easier, more memorable, passcode. But at least keep them out well here's a screenshot, of something you might have done by accident. Uh perhaps, late at night when a little groggy. Or a little blurry eye trying to type in your password, incorrectly. Too many times in fact by a show of physical hands, how many people have locked yourself, out of your phone. Before, by typing in the wrong password, too many times i did it like literally just the other day, and so on iphone for instance it looks a little something like this and if we zoom in notice that it's saying, try again in one minute, so you don't have to get rid of the phone, and start over, but the iphone is telling you to come back in a minute and if we look at for instance, android. Something similar, your android, wallpaper, will differ certainly, but down here here for instance it says too many attempts. Try again later, i mean that's a little infuriating, because if i pick up my phone now i want to get in now. When the heck is later, so. Putting that aside. What's the takeaway, here why are apple and why are google, doing, this. Because i bet all of you if you've ever locked yourself out of your phone are super annoyed, at that moment in time and probably don't appreciate, apple or google. But what's the upside of what they've just done. When they lock you. Out of your phone for having guessed your password, incorrectly. Why is this arguably, a feature, and not a bug a mistake.
Sam. Uh yeah it's used to uh decrease the chances of like a successful, brute force to suck. And how does it decrease the chance of that would you say. Uh, because. It makes the attacker. Um. I have to commit more tries before they can, successfully, get into the phone so it decreases, the chances. Exactly. So this is a very common principle, in security. And it was pointed out earlier too just slow the adversary, down like we don't have to rethink, the problem of security we don't have to redesign, passwords, necessarily. But we should make it harder, for the adversary, to log in ideally without making it harder for you and i, to log into our own devices, so consider. The, simplest, passcode, that had four digits. A four digit passcode, there were ten thousand possibilities. A computer, a robot could guess all of those pretty quickly, but, what if after typing in the wrong passcode. Three times or maybe ten times, some small number of times, what if the iphone or android phone, locks you out for a minute just like iphone did a moment ago, well that might mean even though there's only ten thousand possibilities. Maybe it will take the adversary, ten thousand, minutes. To crack, in, track your password. Because they keep getting slowed down every time they type in an incorrect one and maybe it's not quite ten thousand it's some uh factor of that, but you can slow them down in that way maybe you have a 10 character, passcode, with 78. Quadrillion. Possibilities. And imagine the uh the phone just slows you down, one second maybe you can only type in one passcode, per second, that sounds pretty fast, but 78. Quadrillion. Seconds, is crazy, long. And so even that kind of slow down, might very well be enough, to keep the adversary. Out and so if you don't have features like this enabled. On really any device you should look for them nowadays, thankfully they tend to come, pre-configured. For this, but there is a downside. There is a downside, you shouldn't just turn on these kinds of defenses, blindly because what's the downside. Of keeping, this feature enabled, or leaving it. Enabled. Those are the same things or enabling, it if it's not already enabled. What's the downside, here to be, clear. Because none of our advice today will be, 100. A win david. Uh well uh, if you forget your password that means it's going to take longer for you to access your phone again. Yeah it's going to take you the user the owner of the device even longer to log in and i'll admit too, i have on multiple occasions not locked myself out once i then got stubborn, and i think my anger level just rose so i started typing in more angrily, and therefore making more mistakes, and what apple and google do, is they have what you might describe as exponential. Back off which is a fancy way of saying, the first time you get penalized. You know one minute now you have to wait one minute if you screw up again. Then you have to wait two minutes if you screw up again maybe it's five minutes maybe it's 10 minutes maybe it's an hour and i swear at that point i wanted to throw my phone across the room because i couldn't get into my own device.
And There you start to. Sacrifice, of course, usability. Right if my device is so secure that even i can't get into it. Then is it really worth having it all and so finding that inflection, point, is part, of engineering. Good secure, systems, because you have to find that inflection, point so that your users are using good passwords, and passcodes. But they're not just taping them, onto. The, monitor on a post-it note or disabling, them, all together. All right let me pause here to see are there any questions. About, passwords. Passcodes. Brute forcing. Or these kinds of defenses. Given that passwords, are perhaps our most common defense. Against adversaries. Accessing, hardware and software that we don't want them to. Yeah dax, question. Now so there is a definite, number, which we can calculate, that for four digit numbers this is the. Most, possible number of outcomes but uh what from our matrix. Fingerprints. Space scanning. Yeah, really good question so what about biometrics. Using face scanning, like, apple has, face id these days. Which also annoys me sometimes if it doesn't quite get my face right or these days if we're wearing, masks, it's infuriating, to use that kind of feature but. Maybe probabilistically. There are fewer people with exactly, your facial features than someone else and so that would be more secure, than picking some passcode, sometimes you use fingerprints. Or retinal scans or like the distance between your fingers, all of these different measures that, statistically. Tend to ident. Not so much uniquely, identify, us, but uniquely identify, us all enough, and there's threats there too a former colleague of ours for instance had a twin brother, who because of apple's face id was now able to get into his phone by just picking it up off of the table, because as twins they both looked all too similar, so there's downsides. And upsides there too but biometrics. Can also help things so that it's a factor you have on you always, and not something for instance, that you just, only have to remember, and in fact that's a perfect segue to what uh computer scientists, call. Two-factor. Authentication. In the security world security, people would call. The passwords, we're using, one factor, and something like biometrics. A second, factor, and indeed two-factor, authentication, means a defense mechanism against adversaries. That doesn't rely just on something you know like a password. It also relies, on something typically. That you have, like a hand, or fingers, or eyes or face or the like, so that even if someone. Compromises, your password, and downloads, it somewhere from a database, where you've used it before, they don't necessarily, have access to your eyes and your hands and your face and the like, unless they have physical access to you so it just narrows the scope of the threats, but there's other forms of two-factor, authentication.
For Instance if if this sounds familiar, now, and maybe you don't even call it two-factor, authentication. It's often called two-step. Authentication. Uh by a show of physical hands. Who has one or more accounts that uses two factors. Instead of just one. Yeah so here too it's good to see so many hands going up, but if you do not, use, two-factor, authentication. For things like your email, account. Or your bank accounts, or your brokerage, accounts, or your. Health, medical, accounts. You really should start considering, doing so and what form does this typically, take well let me show a screenshot, here for instance even if you just have a simple gmail account, that you use for work or for personal, use you can enable what google calls two-step, verification. Which is two-factor. Authentication. And what you'll be prompted for when logging into your gmail account if you uh if you enable this is not only your username and your password. But also a six digit code, and six digits doesn't sound terribly, long, but in this case the way these technologies, typically work, is that you are sent that six digit code, once. Via email, or via text message, or via special app that you install, on your phone or some other device, so that only you, have that code only you have that device, and therefore only you know that code and better yet, these codes expire. So even if some adversary, intercepts, it or sees you typing it in over your shoulder, you can only use these codes once which makes them even better than passwords, alone. Because, they expire. After single time use, and so consider, now again. And i can't emphasize, this enough if you are of the age where you have your own bank accounts, again brokerage, accounts anything medically related anything that you find especially, important or personal, like your own email. Or chat account, if you're only using a password. You now as of today already have, the mathematical. Tools and the mental model, i dare say, to figure out just how easily, someone could, compromise. Your account, and get into your information, and take your money or read your emails, or the like, so you can improve that situation, by just coming up with a better longer more random password, that you remember. Or memorize, in some way. Or, additionally. By enabling, the second factor, so that you narrow, the number of threats. That are. Dangerous. To you as a result. So, with that said too with two-factor, authentication. There's another thing you can bring into play when it comes to, managing, all your passwords, i alluded to using microsoft, word before or post-it note, there are software, solutions, to this too, so another defense, we would like to offer up for your consideration, today is what's generally called a password, manager, this is a piece of software, either for free or that you pay for, for your phone your laptop or desktop. That literally, manages your passwords. In its simplest form, think of it like a spreadsheet. But that's secure. Quote-unquote. On your own computer, that is, these password managers, and here's two popular, ones, onepassword.com. Is one popular tool, lastpass.com. Is another one, and there's others if you google around but i would as always read up on reviews, or get second opinions, don't just take at face value what we propose, but these password managers are programs. That you type your usernames, and passwords, into.
And Then you save, them all, behind, one master, password. One. Password, that's really long, hopefully, really random with lots of numbers and letters and symbols, but all you have to remember, is that one. Main. Password. And by entering that password, into your mac or pc or phone you then unlock, all of your other accounts, and you can then just copy and paste. Your actual accounts usernames, and passwords. Or these programs, also give you keyboard shortcuts so you hit a keyboard, command, and voila, you're automatically. Logged into websites, you don't have to copy paste or manually transcribe, them so to this day what does this mean. For me i use one of these password managers, and most of my colleagues do as well, many of us most of us don't even know. The passwords, we use for various websites. Or apps or the like why, because we now trust that the password, manager, can with a click of a button, generate, a really long, random password with lots of numbers digits and punctuation. And then it will remember it for me. And i just have to remember that one, main, password that's protecting. All of those others. So that's kind of good in that now i can practice, what i've been preaching. But. I'm, there is a downside. I'm exposing, myself to a new risk or vulnerability. That is to say what's the trade-off, here. Why should you not necessarily. Just run off after today's class. Download, and install a password, manager. And start using it without a little bit of thought first. What's the downside, perhaps. What's the downside, of this. Probably sounds pretty good, but is it all good. Yeah over to uh. Uh, like, lex lean, if i'm saying it right. Um, yeah, if someone, cracks like your, password. Manager, password. Then they have like access to all your passwords. Yeah, so you really depends on what the threat here is or what you're most worried about if someone compromises. Guesses figure out your main password. That protects all the others, now you've just handed them all of your accounts at once and that's a massive, trade-off. However, if you again consider, the alternative. Coming up with big random passwords, and then memorizing, them all or, somewhat foolishly, writing them down on a post-it note and putting it on your monitor, the question shouldn't be is this, uh. The. Uh, isn't is this the right way to do things but really relatively, speaking, is this a better way to do things you're always going to be vulnerable to some risk, which of those risks do you worry about and maybe you know what you can mitigate that concern. But maybe you could write down your main password, for your password, manager, and maybe put it in a physical, vault or a fire. A fire locker or the like, that with very low probability, someone else would get access to unless they physically attack that device or hide it somewhere in a book on your shelf or the like, so that yes it's vulnerable. But the odds that someone finds it might just be relatively. Low but again this is the theme, figuring, out, what the right balance is for your accounts and the type of security. That you want to aspire. To achieve. Well let's consider a few other defenses, and we'll leave time at the very end for questions about particular tools and techniques. What's another building block that we can bring to bear when it comes to protecting, ourselves, online. So encryption. Cs50, students will know that encryption, refers again to the, scrambling. Of information, looking making data look like it's random, data, but by encrypting, it with what's called the key typically, a key that only you and the recipient, somehow know. Encryption, tends to be the solution, to a lot of our problems, and indeed, these password managers. Typically, additionally, encrypt, your data, so that even someone who steals your mac and pc, can't just open up the program, and see it all of the data 2 is similarly, encrypted.
Many Of you have already been trained, or conditioned, by society, to at least look for or hope for, or recognize. Https. Colon slash slash the s means secure. That just tends to be a good thing because it means a website you're visiting, is secure it's encrypted. As opposed to just http. Which was much more common just a few years ago and is completely unencrypted. So that is to say if you visit a website that says just http, in the url. Anyone, between you and that website, theoretically, can be listening, in, so to speak on your your traffic, the zeros and ones going back and forth anyone can see what pages you're visiting, if you're in some foreign country visiting sensitive materials. The government, could know what websites, you're visiting and what content, for instance you're reading, https. Makes that much, harder, it's not a hundred percent there are attacks still that are possible, but again it just raises the bar. But there's a, another technique. That's increasingly. Being discussed, in the media, and with which you should be familiar known as end-to-end. Encryption. End-to-end, encryption, means, that when you're using a third-party. Service typically, whether it's a chat service, a video conferencing, service or the like, you're not just encrypting, your traffic, the zeros and ones, between, you, and google, you and microsoft. You and amazon. Or some other third party. You are encrypting, your data between you, and the person you're talking, to, so what's app for instance the popular messaging tool. Early on had this feature and many other chat programs, nowadays have it as well including, imessage. Uh and signal, and telegram, and the like, end-to-end, encryption, means that even though you're using a third-party. Service, a company, that you may or may not trust. Your. Communications. Are communicated, between you, and the person with whom you're seeing uh speaking. The company, in between. Their servers, even though your data is going through their servers. Cannot, decrypt. That information, they cannot see the information, in its raw form so that's a good thing. So whatsapp, does this too. Zoom. Kind of does this at least. Only recently, does this so zoom for instance the technology, that we are all using right now actually took some flack, rightly so some months back when in their marketing literature on their website as a recall, advertise. Zoom as offering end-to-end. Encryption. Which was, false, because what end-to-end, encryption, means is as i described it between, you, and the person with whom you're communicating. But the marketing, literature, at the time, was infer, was, referring, to, encryption, between, you and zoom, which is not what security, researchers, or computer scientists or technologists, in general, would define end-to-end, encryption. As and so they took some flack for that rightly so, they've begun, though in recent weeks rolling, out actual, end-to-end, encryption. We are not using it right now. It actually makes certain features, harder to use so there too there's a trade-off, but generally speaking if you're having the most intimate or private, or personal, or financial, or medical.
Of Communications. With people, this is another feature you should start to look for and listen for and expect. Of the tools, that you're using, and especially when it comes to. Censorship, in various countries, and communities. This is the kind of software, that's increasingly, under attack by governments, because they often want backdoors, so that the uh. Usa's, nsa. Or fbi, or some other entity, can get into these communications. That's made much more difficult, in a good way, by using end-to-end. Encryption. So that your communications. Are indeed secure. Well in our final moments together let's let's focus. Ultimately, on zoom the very technology, we're using because they've taken some flax certainly, beyond end-to-end, encryption which you might not have even heard of as just being insecure. And a lot of school systems, a lot of users, decided, some months ago to stop using zoom for this reason even though their business is still booming. So is zoom secure, let's ask one final, question of the group here. Keeping in mind that we've now just spent the past hour discussing. Topics, of security. Let me go ahead and ask this final, question, here. Which will appear on your screen in just a moment. It is quite simply. Is zoom, secure. And we'll offer you answers, of yes, no. Or unsure. All right let's see how the responses, are coming in, i'm seeing 55. Percent. No, 16. Yes 28, percent. Unsure. So a reasonable, spread there let's take a couple of comments here among those of you who think zoom. Is secure. Why do you think it's secure. Would anyone be comfortable. Raising a virtual hand so we can call on you, or maybe commenting, in the chat as to why you think zoom is secure. Any volunteers. Here. Let's see over to. How about, uh sam what do you think. I'm still muted. Uh two days ago zun, zoom offered a, end-to-end, encryption, to all the users. Yeah so it was in fact that timely. Zoom began rolling out on a trial basis essentially end-to-end, encryption with all users so, if you are using, that. And and this is key2. And zoom has implemented. That concept, correctly. Then yes maybe zoom is secure, in the sense, that your video conversation. With someone else, is in fact private between you and them with that said, if you're in a coffee shop or, in a library, at least in healthier, times and someone's, looking, over or listening in on your conversation, arguably, even that technology, is not secure, you can imagine there being other threats maybe you have. Accidentally. Been vulnerable, to a virus, some kind of threat on your own computer, and even though yes your data is encrypted, between you and that other person, that doesn't mean there's not malicious software running on your own personal, mac or pc or the other person's. Recording. Everything you say and uploading, it to some third-party, adversary, so there too whenever you ask, or answer questions about security. Take into account those kinds of qualifications. Those conditionals. Because, it's. Security, is never, uh, should never be discussed really in a vacuum so those of you who said no, i think we could come up with even more reasons, but at least let me dispel. Just a few because i do think some of the flak zoom took was overstated. Because those criticizing, didn't really understand. Some of the issues that were being touted in the media so for instance. All of you today, to, log into this meeting. For instance. Followed a url, most likely that you had been emailed or that you saw on your screen and that url, probably, looked, a little something like this, https. Which is good, zoom dot us or something like that, followed by a number the meeting id, for instance five five five one one one two two two two but you probably it was a different number, for today's meeting. So if you receive this url, after registering. Is it secure, well even though all of you here right now have presumably. Registered. Technically, there is nothing stopping. Any of you, from texting, or emailing. Or. Dming. This same url. To anyone else on the internet, and they could therefore join perhaps without registering, so maybe that's a threat though zoom typically, sends you not a url that's as simple as this when you register but a longer one indeed, and there's another detail that some urls, have too, which might look like this, a question mark at the end and pwd. For password. And then some kind of password, and indeed the urls you clicked today looked a little more like that still different. Because they were special registration, urls. But here if your url, has this password. Now, you need to know both the meeting id, and the password, in order to join, that particular, zoom meeting and if you're not running big classes like we are today with this meeting, but rather you're having one-on-one.
Or Smaller, scale meetings. Typically. You are receiving, or generating, a url that looks like this. Or better yet that looks like this, so that it doesn't suffice for an adversary, to just guess the meeting id and that's what was happening early on. Zoom. Typically did not require, that people choose passwords, for their meetings, which meant the only thing between you and some adversary. Zoom bombing you so to speak hacking into your meeting, was they just had to guess the meeting id and we've seen already it took me what like one minute 30 seconds, to write a python, program, that just generated. All possible, numbers of length 4 or 8 or whatever. So you know people with too much free time, are writing code, that just tries, all possible, urls, and so if you've ever been zoom bombed. Maybe, that's because someone shared the url with someone they shouldn't have, or maybe someone with a bit of programming, experience, or just luck. Guessed your meeting id. So. This was a feature, in the sense that honestly, having to type in a meeting id and a password, is just annoying, it starts to hurt the usability, of the system, and a lot of people in the corporate world, like they don't they're going to choose another product, if another product is easier to start the video conference, with so arguably it was a conscious decision on zoom's part now universities, and companies have started requiring, this or another feature called a waiting room which some of you might have experienced, today. But that just again, raises the bar, to someone, attacking, these systems so is zoom secure. Yes and no like it really should be considered, not in a vacuum, but in the context, of what kinds of threats are you worried about. And, what kinds of defenses. Are you willing, to put up, so just like in the real world, you might have, your own, uh, home or apartment, or the like. On which you might have locks. And bolts, and bars, on the window, you know at some point if it takes you five minutes to unlock, every lock on your door just to get into your home, it might be much more secure, but you're probably not going to enjoy going home because it takes that long to get in, and you might put bars on the window to keep that person physically, out but it's not going to look particularly. Nice and there's nothing stopping them from going one floor up so there too there's this sort of trade-off, and so among the takeaways, we hope from today. Are one just, better thought processes, when it comes to what does it mean for your phone. Or your computer, or your homes for that matter to be secure, and to recognize, that there's always going to be some trade-off, and we would encourage you ultimately to ask these kinds of questions, if any company, if any app if any website, just says on their website. We are secure. Like that's nonsense, like that means nothing in and of itself until you start asking questions like, what are you secure. Against. And how. Well thank you so much for joining us here let's officially, wrap here but folks are welcome to stick around for, uh, some more time if you'd like to, ask questions, in the group but if you have to take off, please feel free to head out. But questions. Brian if you'd like to call on anyone with their hands up or in the chat. Yeah over to uh, let's see. Uh. Josh. Oh yeah so i had a question. Uh remember how you said that for iphone. Uh you can only like. There can only be 10 or, some x number of, wrong tries. But when you write a code is that the same case. Because then even affordable. Passcode, is really saved because there's only one person probably. Of someone hacking, in yeah really good question it depends on the device, so, if you read, months. Years ago now like the fbi, has been in the u.s the federal bureau of investigation, has been in this constant legal battle with companies like apple, because they want it to be easier for them to get into.
Um. Suspects, devices, like their phones or their ipads, or the like, and they typically do this by connecting a computer, similar in spirit to what i was describing, to that device in order to hack in, but apple, um, to their credit has been making it more difficult, for people to automate. Attacks, on these devices, and so even those one minute lockouts, two minute lockouts. Typically, do apply. Even if you're using a physical, cable. That would be a good thing otherwise it's not really doing anything except, keeping the non-programmers. Out when the programmers, are really. The threat. So those same defenses, do tend to apply. Apple has also made it harder for instance to install. Different, software. On a phone, unless you have the passcode, already, there was an attack vector years ago whereby, you could actually install, special software onto the iphone. That did not require a passcode that therefore made it easier. To get at the data but that has been, fixed i believe, since. Other questions about security. Or passwords, or encryption. Or the like, maybe no questions on quantum computing though since. We sort of fielded all those, looks like we have a question from steve. Yeah, can we raise brian's volume. Yes this is this is steve. Can you hear me yes steve over to you. So here's my question what do you think about, the uh. Hardware. Two factor, authentication. This little, usb, looking, uh. Devices. Do you think they're. A good idea. A short answer yes and this was more common a few years ago especially in the corporate world companies like rsa, and others would literally have what are typically called key fobs that are tiny little devices, with a battery, and also a tiny little screen that displays, that. Six digit code for instance. Those are good in the sense that it is literally, something that you must physically, have so it's a good second factor. Downsides. Include, it's something you must physically, have and i've had those in the past and if i misplace, it or don't keep it on me, i might now be locked out of an account just because i don't have the stupid. Key fob with me. Increasingly, companies have started using software. Fobs instead which means you install special software, onto your iphone, or your android phone, which is a little better in the sense that i know i'm pretty uptight such that i will know pretty fast if i'm missing my phone, whereas i might not notice my keychain, or my key fob missing as quickly. So there tends to be downsides, wit
2020-11-08 16:56
