ฝัง
- เผยแพร่เมื่อ 31 พ.ค. 2024
- Cybersecurity expert Eva Galperin helps debunk (and confirm!) some common myths about cybersecurity. Is the government watching you through your computer camera? Does Google read all your Gmail? Does a strong password protect you from hackers? Will encryption keep my data safe? Eva answers all these questions and much more.
Updated 8/20/2020: A previous version of this video incorrectly stated that Google scans Gmail data to target ads. Google stopped this practice in 2017.
Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation.
Still haven’t subscribed to WIRED on TH-cam? ►► wrd.cm/15fP7B7
Listen to the Get WIRED podcast ►► link.chtbl.com/wired-ytc-desc
Get more incredible stories on science and tech with our daily newsletter: wrd.cm/DailyYT
Also, check out the free WIRED channel on Roku, Apple TV, Amazon Fire TV, and Android TV. Here you can find your favorite WIRED shows and new episodes of our latest hit series Tradecraft.
ABOUT WIRED
WIRED is where tomorrow is realized. Through thought-provoking stories and videos, WIRED explores the future of business, innovation, and culture.
Internet Expert Debunks Cybersecurity Myths | WIRED - วิทยาศาสตร์และเทคโนโลยี
"They would need a warrant."
*Laughs in Patriot Act abuse*
Yeah. Guess she just forgot that thing with Snowden.
I think what is good since Snowden the whole industry put in a lot of effort to get to a point where the effectiveness of the bulk collection the government was doing has been greatly reduced. So much so that some of the newest stuff being worked on (encrypted SNI) is currently being blocked by China, basically because it's to good.
"innocent until proven guilty"
LAUGHS IN COP
The war on terror is just the modern red scare.
I have 40 years IT/Cybersecurity. This video is spot on. Especially about changing passwords too many times. Future viewers should realise that the world will change, and what is considered safe in this video may change.
Me having my password as "spanish inquisition"
cause nobody expects the spanish inquisition
Now I know your password 😎
@@michaelmathis2599 but our chief weapon is surprise
I see your a man of culture as well
Actually it's the Portuguese inquisition no-one expects
well..... now we know your password
@@aperson2730 Its really the spanish one in the sketch of Monty Python check it out😉
"How many cuts du you want in the video?" - "All of them!"
You: How many jump cuts do you want?
Them: Yes
Could be that she went of trail with her train of thought often or took a long time. You have to break the answers down. i guess it had to do with the interviewee not wired.
@@kingJT1000 you should check out their other videos, their editor is almost definitely high
Thankfully the content is worth it because the Wired videos are always inhumanely edited
I wonder how much the editor was paid for this... cause...
Her: They need a warrant.
NSA Prism - I'm gonna do what's called a pro gamer move.
Exactly.
I was looking for this comment, lol. It's almost like everyone is purposely dancing around Vault7 and The Patriot Act.
The NSA does not have enough people or time to watch everyone. They have lives too! (lunch breaks, families etc).
@@cheezenip2737 it's called automated processes and procedures
@@cheezenip2737 No, but they have automated tools that scan and store data, which was part of the Vault7 release. Who needs time when you have AI and bots?
What a cool person this is, she is like a movie character .
L
You are the kind of people that not only get easily controlled, like the rest of us, by charismatic politicians, but a kind that has the satisfaction to share to others how nice the leash is. Have a great day and wash your hands.
I love her.
I think she's hot. Any problem with that? good.
I think that it means that she is legit.
0:00 6 jumpcuts in 12 seconds. Impressive
I have a feeling she doesn't feel comfortable in front of a camera
like the taken 3 fence scene
@@glikcat Oh yeah that reminds me of that too. Just looked it up, its 15 camera cuts in 6 seconds. Come on WIRED step up your game.
@@Ezudane no, with all these lights in her eyes she doesn't, lol
“Privacy is like sleep - something you don't appreciate until you have to go without it.”
--Helen McCloy
Although you can accept the lack of privacy, which for some may even be liberating. The lack of sleep though...
yeah, and passwords are like underwear; change them regularly and don't share them
I appreciate sleep very much. Too much in fact 😁
@@nullpwn 😂
My password after this video:
- 3 Uppercase Letters
- 5 Lowercase Letters
- 2 Greek Letters
- a code that a random guy in a black van gave me
then u forgot it 🤪 and had to reset all of data 😂 jk
@@snowkooo8461 lol
@@snowkooo8461 turns out it happened to me last month
This is just an observation but does anyone else think this lady looks both really old and really young at the same time? It’s kinda cool tbh
visible confusion😂
Yeah I can’t tell lol
Its the grey hair.
It's the voice that sounds like an old lady.
Sounds old looks young = Mind confused. :P
Aye I thought this too. Wasn't the hardest to nut to.
Government needs a permission? Laughs in Edward Snowden's NSA revelations. :D
This, is she just completely ignoring exploits through imei and the AMD equivalent.
For real.
Finally someone here is informed.
My password:
Person Woman Man Camera TV
Please select a password that has a mixture of uppercase and lowercase letters, at least one number and at least one symbol.
Hahahah, Trump's "IQ" test.
Need a number? Billions and billions (look for trevor noah making a song out of that lol)
Oh but that’s SO hard to remember! Only a really smart person could ever remember that
@@StreetComp yes. You need to be cognitively there.
"They need a warrant" Right, I think that Snowden guy mentioned something about how they need warrants. I remember a AT&T and Apple gag order regarding use of warrants also.
That is indeed true today. Back in Snowden's years of NSA though (10 years ago and earlier), the NSA was doing it without warrants, even though *technically* it was still required. Thankfully the warrant requirement is much stricter today, especially after what Snowden unveiled. The encryptions also help a lot.
They can easily get warrants and subpoenas ISPs and google comply without putting up a fight. Not to mention we have seen governments ignore laws including the US
@@TeusTudor Those would be unrelated to the encryption being legislated in the EARNIT bill right?
@@TeusTudor for Americans they need a warrant, but for the rest of the world...
@@EdwinvanKoppen Very true, indeed...
It's like a living Tim Burton character is telling me about cyber security.
She's incredible! Explains so many things better than I've ever read/heard them explained before
People commenting that the expert looks old and young at the same time.
Tom Scott:
Amateur
**laughs in James Hoffmann**
My rule of thumb is to be weary of anything online and have multiple panic attacks every time I have to enter my credit card information or my passwords 😂
Same. And now I've let ebay store my card details because, you know... convenience. sigh.
@@snowstrobe Yeah, I know that feeling haha
SurrealDynamics wary
@@snowstrobe Depending on your own security that could actually be safer. Stored passwords/information can't be recorded by keyloggers so every time you check out you have a smaller risk of having your info stolen. Now in case eBay gets breached to the point payment information is outed they got encryptions on the data and the hackers won't have the hash to crack it immediately. In meantime, eBay is obliged to warn you about the extent of the breach so you can block the card before they manage to brute force it. Otherwise, 1 wrong website and you literally type your info unhashed into their logs, your credit card would be maxed before you even notice.
Great video. I'm in Cyber, and it all sounds legit. However, I kept getting a little distracted by the stock videos it kept going to of computers at least 20 years old. If anyone is on any computer that looks like anything you see in this video, I have news for you: The 90's called, and they want their computers back! Seriously, though, great video!
Also how they mention an antivirus and play a stock video of a basic code. It’s crazy how little the general population knows about computers and programming and how they think it’s this mysterious world...
Im sure it is just for aesthetics, and of you are a cybersecurity professional it wouldn't be in layman's terms
I haven't seen a comment pointing out that she has heterochromia (two different colored eyes) which is so cool. Or it might be anisocoria (different sized pupils). I can't tell with the lighting, but I have the second one when I get migraines.
Cool.
I realise that camera jumping around thing is very fashionable now, but it doesn't make for pleasant viewing.
Especially at 2x
It's only really this channel doing jerky cuts. To can jump cut nicely.
0:46
**Laughs in Edward Snowden**
I really liked her method of conveying information. Very informative and memorable. Cool stuff! Thanks ^_^
Yup.
Changed all my passwords to ‘incorrect’. That way whenever I make a mistake it tells me my password is incorrect. Pretty good reminder right there.
Very well informed. Thanks for the overview!
Very nice, thanks for this video, she looks like a nice person to be friends with, someone always ready to talk about nice stuff and full of knowledge.
She just hacked my heart.
@math XD
x2
@math That's called meth.
Couldn't have explained the stuff better. Hats off..!
good lord please stop jump-cutting literally every 3 seconds
There's encrypted data within the timestamps of these cuts.
It is nice to know that although Google reads all my Gmail, they promise, scouts honor, not to disclose it to any bad persons or organizations. That is why I avoid Google and Gmail.
Google personal don't read emails. It's the code that analyse emails.. Just a piece of software.
@@Mohammedijas619 How do you know that?
Because everything is automated.... And why do they need to read you emails.... They read them to classify them and to do spam filtering... If you are so worried about that, you can just encrypt emails..
@@Mohammedijas619 How do you know "everything is automated"? Because they say so? I don't believe everything they say. Do you?
It's not like people with self-made authority (e.g. NSA) could secretly coerce the spilling of the beans.
* *Edward Snowden* has entered the chat. *
"All'right, I am just going to stop you there."
Exactly, half of what she said can be debunked using the Snowden leaks
Thanks very much for explaining these areas!
Me after knowing one myth which is false :you know I'm a kind of security expert myself
It is fair that a cybersecurity expert has a cybernetic eye.
Now srsly, really informative video.
Ok now I can’t unsee it lol
?
Lol best comment so far!
Ive been putting silly answers in for security questions for years, it used to amuse me no end when i called the bank and they asked "what street did you grow up on?" And i answered "Sesame Street". Its a great bit of security advice but you do then also have to essentially remember more passwords.
I don't like these type of questions because if someone had time they could research the real answer. So sometimes I put a different answer that I can remember.
Great stuff! Practical advice for everyone. The gmail part was a good chuckle.
Eva needs some diffusion for those harsh lights, though. Wax paper is good in a pinch.
Very good information for basic users to have. Thank you for putting it out. Oh and the speaker is smokin hot. That needed to be said.
Google: “Extremely strict privacy rules internally” Also google: *sells data to advertisers*, *uses your data for targeted advertisements*
the one reading it is bot looking for keyword in a sense its the same as google translate and then they store those keyword not the entire massage and sell them then its erased it and go back to searching keyword. for example even if you email about the killing someone the bot will just focus on word not the massage so its go (0 not stored, 1 stored) 0 0 0 0 0 1 0 0 0 0 that how the bot see your massage because the bot cant read it only match alpabet order that become word
google does not sell data. it sells its service of using its data internally by your parameters.
Everybody here is talking about Snowden like they are some kind of know-it-all but nobody knows what happened after the leaks.
Um, what happened? They changed all the acronyms and beefed the vetting process for hiring... and continued doing exactly the same thing? And probably more...
Fantastic info! 👍🏿 Makes me feel better about all the security measures I already take. 💻🔐
Thank you for this!
Me who has his password as "incorrect" so I could remember it if I forgot it :0
Thank you for your password.
>government needs permission to spy on someone
NSA: LMAOOOOO
the lighting in front of her makes her right eye look like a prosthetic its trippy to look at and cool at the same time
Finally someone willing to tell the truth about changing passwords every three months. I have been trying to get corporations to stop this for 20 years!
It wouldn't be a problem to do change passwords relatively often, if
a) employees were allocated the necessary time for it and not just forced on top of their usual workload;
b) they were already using proper password management, like they should, and correct credential hygiene.
Some solid answers by someone with a real background!
9:00 good choice of stock footage
There is something about her.. the way she moves while she speaks, it makes me wanna learn more about her and her mindset. Its weird but i just like to hear and learn what she says
I came here to ease my anxiety but instead it skyrocketed
just cover all your webcam, include ur phone, and get VPN. Then you're good to go for a while as they endures.
Having Linux mint pretty much made me feel secure as a simple gamer user with sensitive aura, thro i'm pretty sure it's not 100% hackproof but better than microsoft or apple that would likey to sell ur user info because captalism are addicts to businessmen
Sorry Eva, suggesting the IT manager in an organisation can't see your HTTPS traffic is only half the story. If you're using a corporate-provided laptop and you have either a corporate proxy or certain corporate security products installed, the chain of trust is less trustworthy.
Many organisations will commonly install a trusted corporate certificate authority which the user's computer will not flag as untrusted when using HTTPS.
I once gained admin access to an "institution". Told in-house PCs and connecting clients to trust my own fake Certificate Authority by changing their base configuration. Then, I routed network traffic through my own software. I was the man-in-the-middle with perfect legitimacy: just forward back-and-forth the traffic, with the difference that I could read/write/modify any part of the conversation "secured" by PKI/TLS.
Thank you Eva!
super intresting
Wired, I love the stock footage with computers circa 1990.
she looks like she's fighting a lot of anxiety to record this.
Government agents probably standing on the other side of the camera with an Armalites and big reading cards
3:38 Google still reads your email but not for targeted ads anymore.
Policy Change since 2018.
thank you, I thought that what she said was not 100% correct and just spent 10 minutes refreshing my memory about it.
"policy change" just means they aren't gonna admit they are doing it anymore.
Google reads it to scan for spam and malware, etc. Standard practice.
@jocaguz18 Go send yourself thousands of emails about milk and see if you get ads about milk. Spoiler alert: you won't.
@jocaguz18 Point stands - Google doesn't use gmail for ad targeting. They are transparent about the data they keep on an account, and which subset of that data is used for ad targeting.
u know someone is extremely smart when they could explain a tricky topics with simple words like Eva
Anyone know where I can find more videos to learn about the internet like this one?
Always provide bogus answers for your security questions. Be sure to record them somewhere offline.
As for changing passwords - So Long, And Thanks For All the Externalities.
I’m an expert on putting my password as ‘password’
Now we all know your password.🤦♀️
@@carolinacruz3114
We also know it was a joke. 😢
@@Wistraine That's what he wants you to believe
@@hkr667 All jokes aside, if any website allowed to put my password as simply "password" I guarantee I would never use that site.
Very informative, thank you :)
I use the name of a friend, family member or favorite character with a number that is significant to that person / character as a BASIS for my passwords (no examples for obvious reasons)
15 seconds in and I dig this person.
Great video, some slight inaccuracies. Even though HTTPS are secure website. Many companies and organizations have ssl inspection so you can see everything the user is browsing.
SSL is certificate-based. If the private key associated with the certificate is cracked, then any website relying on that certificate is no longer secure.
@@deidara_8598yes but that has nothing to do with what the guy said
What wasn't covered was in regards to smart tv tech. (ie)If you put your phone sim into your friend's tv to teach how to set it up with there phone but don't dump the trash file of your sim card, AND the limits involving cloning sims also in regards to smart tv.
The newest technology (smart tvs) has more tracking and personal viewing capabilities, as well as remote accessibilities.
So, yes. I'd like to see what you would bring up on these new techs
Eva, you're much more sanguine than I am about the rate of bulk exploits of cameras and mics by state actors. :)
i mentioned coding bootcamps to my sister yesterday in a phone call and this morning my facebook newsfeed is full of coder bootcamps ads
Stroooong disagree on the anti-virus software at 1:17. This software has full rights for deep access in system functions. Guess which software is a preferred target for hacks and exploits.
There are so many new individual new viruses each day that it's impossible to effectively scan for them.
Avoid these Antivir solutions as the snake oil they are! Stick to Windows defender and on-board solutions, keep your stuff up to date. Learn how to use script and adblock, maybe firewalls effectively. Watch what you download. That's the strongest defense you have. Once infected a backup and reinstall is better than any "desinfect" out there.
This video is giving boomer-tier advice, sadly.
Windows Defender is still an antivirus. Antivirus can't stop everything, but it can reduce the time a virus is effective in the wild
@@sundhaug92 Haha yeah that made me laugh. What does he think Defender is?! Also, no solution is perfect but any barrier you add makes it less likely to become a victim and at least any security expert knows that.
@@hkr667 His advice is correct. If you're on Windows you're already entrusting Microsoft with your data because they wrote the operating system. Better use their antivirus than add another third party bit of software, especially one that needs ring-0 access. Besides, the other solutions are mostly totally shoddy, often opening up their own security holes, or causing unacceptable performance hits.
@@fiddley right
Time to have 250 word password.
That does not help you
Quantum Computers: Hold my Qubits
lol the ad i got is " DO YOU WANNA HACK COMPUTERS....."
xD
I like this lady! Thanks for the info 👌
8:08 That map still has the Soviet Union xD
Hey, nice observation. Looks like South America and Africa have some outdated borders, too.
She pretty much tries to assure us that there is no prism program, and the government isn't spying on everyone
It's the same old argument of the government can't do that cuz it's illegal lolz.
it's also dangerous if the public panics. ape together strong. people mob stupid
The excessive jump cuts were necessary to hide her blinking SoS. They forced her to make this video.
the sec q tip is gold
Very enlightening
What if a password manager program gets hacked and someone has access to all our passwords?
That would be tragic indeed, but these softwares are in your local system. They are much harder to hack if they are not directly connected to the web. Also, you may want to have a very strong password for this one (as you can forget about all the others)
Basically it’s a very calculated risk :)
Her voice is so awkward I love it.
Aren't LEDs on the cameras hardwired to trigger once the camera is activated? It should use the same gnd and v+ as the camera itself
I worked for hosting company and yes they can see all your emails and yes they do not need no passwords.
“Government needs a warrant” 😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂
Government is not above judiciary
“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.”
― Edward Snowden
They don't necessarily need to get a warrant. For those of you who read Permanent Record by E.Snowden you already now that the Gov is breaking rules left and right.
Can you still read those ?
@@harshivpatel6238 Yes
Great video! More people should see this for sure. Maybe I can show this to my Mom and she’ll finally FaceTime with me. lol
Do you have your mother on Facebook? Do you also have your Uncle (Mother's Brother) on Facebook? Do you like to get birthday greetings on Facebook? If you answered yes to all of these, a hacker somewhere has your name, date of birth and your mother's maiden name.
The King of the Potato People 😧😐😑
My password is just swearing lmfao
Curse words are among the most common passwords and the easiest to crack. Don't do that.
A dictionary attack could easily get you
@Barney @@alizahir3802 it also has special characters ;) and it is more than 10 characters long ;) good luck cracking that
@@axion986 it also has special characters ;) and it is more than 10 characters long ;) good luck cracking that
@@axion986 English curse words* odds of some random Chinese hacker even knowing he's looking at real words in my own language rather than a random string of characters aren't that great :') Especially if you use symbols/numbers and random capitalization as to not even give them a clue where the words start and end.
Wow! Great video! I love her!!!
Very good video. Most webcams don't have lights independent to the camera though, so can't be activated without it coming on.
@jocaguz18 But many can't
TH-cam :which is your favourite entertaining channel
Me: Always weird😀😀
They no longer need a warrant...
That legislation just passed
Wait what? Where can i find it?
that only applies to browsing history nothing else just what sites you are accessing
@@AngryVikingPkR Thats incriminating enough!
@@beachboardfan9544 and if you dont want that just use vpn
@@AngryVikingPkR Actually, VPN provider's are not safe and may store your data without your concern; google NordVPN leak
Good content plain and simple
The fact that she mentioned WhatsApp as an example for data protection and not Telegram...
@@victorv7356 that's funny, yet WhatsApp is the app that is constantly mentioned in stories about hijacking - especially in pseudo democratic (i.e. authoritarian) countries: we've seen it with Brazil, we've just seen it with Belarus - when the government is trying to block the internet access, Telegram is the only messenger that manages to keep working. Russia was trying to block Telegram for 2 years or so because they wanted its encryption keys. Wonder why WhatsApp wasn't an issue for them, huh? If it's a standard to have strong passwords for different websites, it should be a standard to set up a safe messenger.
This lady is so committed to being a white hat that she just dyed her hair white.
“Government needs warrants! Government needs warrants!” Fascinating how you just completely ignore the NSA Prism program (or whatever they’re calling it now). Kinda hard to take you seriously.
Right. Don't worry we can always trust our government
White-Haired Violet Parr is right, a password manager is a great, I'd say Critical even, tool everyone should use.
Interesting about the camera led because some laptops it's impossible since the power for the video feed is directly linked to the led. Not refering to apple
If you didn’t know:
Fact: McDonald’s once made bubblegum-flavored broccoli
Wow!
"to watch you the government needs a warrant" Sure they do. Just like they needed a warrant for MK Ultra. Oh wait... nvm :D
This is why I used to subscribe to Wired.
Make more useful content like this.
The fact that she looks like have a lack of sleep but also have enough of sleep prove that she's a real "IT expert"
She looks like female pyrocynical. Actually, she IS female pyro.
that was my immediate reaction when i saw the thumbnail lmao
What are you talking about? this is pyrocynical.
She looks more like the male version of Pyro lmao
She looks more like the male version of Pyro lmao
I like her
1:00 Well according to Edward Snowden they did it without a warrant or anything
People who would believe this video are Bommers or just idiots...
@@gravityfallscanada Not all of it. The fact remains that there are too many emails to sift through if they wanted to read everything. You have to make a blip on their radar first before you become a concern
@@YAAMW yes, but when Snowden was at the NSA, the group was savinga good part of EVERYTHING on the internet. Once you are a target, whether by truly committing crimes or being accused falsely or accidentally, or possibly political reasons, they could then look though everything you had done online for years. "Too many" emails to sift through in real time, but if they saved everyone's email for years... and remember they aren't really liable for non-Americans, who can't really use American laws for protection, which is why there was more outrage internationally, and less accusations of him being a "traitor". It's possible that while the Snowden affair helped stop surveillance on American citizens, but who knows what's going on as far as "foreign intelligence". Which may be partly why "Gravity Falls Canada" says what he says.
Google actually stopped using contents of user emails on Gmail to personalize its ads back in 2017.
X to doubt
1:44 Or you can use onion.pet. open proxy site or you can use Omega Switch and Tor Console to use it with Chrome.
7:21 With eSNI they will not be able to tell whether you visit gmail or youtube, for example, as they have the same ips.
Why does her left eye have a mini telescope?
Seems to just be bad lighting or every other photo of her is photo-shopped.