Posts

Showing posts from November, 2014

Cyber security by the rest of us ...

Image
As part of the Introduction to Cyber Security MOOC, we asked learners to review their computer security practices at the start of their learning by completing a simple online survey / self-audit.  Over 9100 learners completed the survey in Week 1 of the course, highlighting some interesting findings.

For example, although 84% of respondents had configured their computers to require a password on startup, 30% did not 'lock' their computer so that it required the password to be re-entered if they left it unattended.

With regard to password management, 55% of respondents depended on their memory for storing passwords, whereas 26% used software (password manager / web browser) to manage their passwords.  It is noteworthy that 18% reported that they write their passwords down and 59% reuse the same username / password across multiple websites.

It was reassuring to note that 90% of learners who completed the survey reported that they use anti-virus software on their computer, and 9…

Stuff people encrypt ....

Image
This week on the Introduction to Cyber Security MOOC (hosted on Futurelearn), the topic is cryptography.  Learners are having fun figuring out how Alice and Bob communicate while keeping their messages secure from Eve - and sharing some funny xkcd.com cartoons in the process.  One of the exercises we set was to use a PGP mail tool (Mailvelope) to sign and encrypt an email sent to a mailbox we set up specifically for the MOOC.  I have a mail rule that invokes a simple script to strip out the PGP message text, decrypt it and send it back to the learner in an email.

Although many people have successfully completed the task, there is a general consensus that routinely encrypting emails is unlikely to be adopted by most people.  The hurdles identified by people range from the impracticality of getting other people to use crypto in their communications, to the challenge of configuring the crypto tools and their general (lack of) usability.  It seems that Whitten and Tygar's findings o…