Human Insecurity
In this tutorial you will explore multiple scenarios that illustrate human insecurity. Your task is to identify and discuss any lapses in Alice’s or Bob’s judgement. Discuss if any, in what way Alice/Bob may have been manipulated
HI - Scenario 1
Alice has just received an email notification from her bank about multiple logon attempts from Ecuador. She was there last summer. The email instructs her to follow a link to reset her password if she does not recognize the login attempt. She hastly clicks the link and after authenticating, she is redirected to a page to change her password which she does. Anyways, Alice feels safe now but should she? Discuss
HI - Scenario 2
Alice is the only child of a single parent. She’s also an international student in the States, working hard to support her parent back home. Today has been a crazy day for her but it’s about to get worse. She gets a call from the emergency department of a clinic in her home country. The callee claims her parent has been admitted to the hospital in critical and life threatening condition. Apparently, an accident on the highway. The callee claims an urgent payment is required to begin treatment. She’s given instructions for the payment. She receives a text confirming the receipt of her payment. Anyways, Alice completes the payment now. She’s panicking but at least she has footed the medical bill or did she? Discuss
HI - Scenario 3
The pandemic has been an incredibly lonely period for Bob. There’s been no opportunities to network and meet new friends. One day, while casually surfing the web, Bob sees as an add for “Hot new singles in your area”. Curious, he clicks through and creates a profile on a dating site. Not many days after, Bob’s registration seems fruitful. He’s matching and interacting with hot new singles in his area. One of his matches suggest they exchange some explicit content. Bob obliges, “what could go wrong” he thinks, “afterall, I will receive too”. Bob feels safe or should he? Discuss
HI - Scenario 4
Bob works for a major tax and accounting firm. All employees are required to access the office with their keycard. One morning, he meets another employee in the elevator. He thinks to himself “I have never seen this individual before, maybe a new hire? an executive? she’s very corporately dressed”. When they both exit the elevator, the lady appears to be looking for her keycard. Bob swipes his keycard and holds the door. “After you” he says, as he kindly gestures while holding the door open. She responds “Oh thank you!” with a beaming smile. Anyways, Bob feels like a gentleman or should he? Discuss
HI - Scenario 5
Alice is a seasoned hackathon contestant. She has attended the Major League Hackathon twice and her team has consecutively placed 1st position. This year she’s at it again. She has decided to implement her team’s idea in Javascript this year. She’s set up node.js and starts installing required packages via npm. npm install ... ; she’s typed this command so many times she simply hits the up arrow key and modifies the target package name. On one occurence, she attempts to install
@azure/core-tracing but in haste, she types npm install core-tracing and smashes the ENTER key. The fast typing and ASMR from her mechanical RGB backlit keyboard adds to the dramatic effect. The package installs. She realizes, and simply installs the correct package. “Whoops!” she exclaims, “It’s probably nothing” she says as she hacks away at her project but is it really nothing? Discuss
HI - Scenario 6
Alice is aware of password strengths. Passwords must be long enough, simple to remember but difficult to guess, contain letters, numbers and symbols, blah blah.. One of her password reads C@n't be hackt1. Well this week, hacker’s breached an online store and stole credentials. Alice learns of the breach on infosec Twitter. Quickly, she checks https://haveibeenpwned.com/. The results confirm she was impacted. That is, her C@n't be hackt1 password has been disclosed online. Anyways, her passwords are unique; by a character, but unique nonetheless. She feels safe. Should she? Discuss
Human Security (TA led)
Your TA will choose three scenarios and explain and discuss with you what secure practices Alice or Bob can have in place to mitigate threats to their personal security