Colloquy Downeast Blue Hill Maine

Colloquy Downeast

Spirited Conversations in Great Company

FacilitatorsScott Miller and Mike Wolf
Date & TimeMarch 17, 24, 31, April 7 (Thursdays)
1:30 - 3:30pm
LocationHoward Room, Blue Hill Public Library

This colloquy will explore the privacy and security implications of our increasingly “networked” lives. The risk is not just with use of computers: Use a “smartphone?” Have a car with OnStar? Considered a home security/monitoring system? Shop online? Shop at physical stores (think “Target”)? All of these provide information about you to “the cloud”. . . with attendant security and privacy implications.

This will be a practical colloquy for non‐technical participants, with hands-on demonstration of some of the tips, traps, and best practices for accessing the Internet.

Scott Miller and Mike Wolf are Blue Hill “techno‐weenies.”

  ▼ Syllabus


Each week’s session will be organized to anticipate about an hour of lecture/discussion, including “live” computer demonstration, followed by an hour of Q&A, discussion and group troubleshooting on that week’s subject.

The specifics of each week’s discussion will be revisited shortly before the colloquy begins, but the following is a working draft of the four sessions:

Week 1: Navigating the Internet safely

  • Surfing the web
    • Secure vs. insecure web sites
    • Virtual private networks
  • Password protection
    • What makes a strong password?
    • How to enhance protection
    • How do passwords get stolen/cracked?
  • Internet downloads and viruses
    • Software downloads
    • Other virus “vectors”
      • Email
      • Documents

Week 2: How your personal information gets shared

  • Techniques
    • High-tech
      • Viruses
      • Network “sniffing” and “spoofing”
      • Vendor hacks
    • Low-tech
      • Social engineering
      • Google
      • “Asking”
  • Protecting yourself
    • Awareness
    • Monitoring services

Week 3: Do you really know when you’re connected?

  • Laptops, tablets and smartphones
    • When are they connected?
    • What’s being downloaded? Who’s controlling the software?
    • What’s being uploaded (e.g., why does the “Flashlight” app need to know my geographic location)?
  • The “Internet of Things”
    • “Smart” appliances
    • OnStar
  • Who is in control of the data being uploaded?

Week 4: Review of best practices

  • Online activities
  • Offline activities

▲ Hide...

  ▼ Reading Materials

Reading Materials

As with almost all things Internet, the “state of the art” in computer security and privacy protections is moving faster than most print publications can keep up. Therefore, most of the preparatory reading materials will be hyperlinks to online articles of interest.

If you do have the interest and time to read (or listen to) a book covering a broad swath of Internet security issues…from a layman’s perspective…you might consider the following:

Other Articles of Interest

Over the weeks before the colloquy begins, we will post links to a series of articles on the subjects to be addressed. They’re not required, but might be of interest to colloquy participants.

March 17


How I became a password cracker describes some of the basics of cracking passwords–note, in particular, the chart about halfway down that shows how long it takes to crack passwords of varying lengths using brute force.

Anatomy of a hack illustrates how even longer and seemingly complex passwords are “crackable”

Why passwords have never been weaker discusses the hardware and software (including enormous lists of passwords) and how they can now consider 6.2 billion possible passwords per second

Lessons learned from cracking 4,000 Ashley Madison passwords shows how sophisticated web sites can improve security by encrypting the password “hashes,” but Once seen as bulletproof… illustrates how a simple (but egregious) error elsewhere in the site design can unravel the security blanket

Password complexity rules more annoying, less effective than lengthy ones‘ title says it all

Why your password can’t have symbols–or be longer than 16 characters draws attention to sites, including financial institutions, that limit password complexity and length

Other sites we expect to visit during the meeting

March 24

How Target’s Point of Sale System May Have Been Hacked describes in some detail a likely scenario

Hospitals and Ransomware describes recent “ransomware” attacks in California

Data Brokers and Your Privacy

The EU-U.S. Privacy Shield discusses both the shield and implications for US businesses

Private Browsing Myths

March 31

Last week, we discussed social engineering to get access to account information. Here’s an article from Wired magazine about how one of their journalists was hacked (thanks to AppleCare):

How Apple and Amazon Security Flaws Led to My Epic Hacking

How do we feel about this web site?

This week’s focus is on the “Internet of Things.” Here are the videos shown at the meeting:

60 Minutes: Car Hacked in 60 Minutes

CBS: Hackers disable brakes on Jeep from miles away

Hackers aren’t just focused on the Internet–other signals (such as radio) are targeted

Schoolboy hacks into city’s tram system

We showed WireShark “sniffing” last week–the same can be done for BlueTooth. Implications:

Science: Could a wireless pacemaker let hackers take control of your heart?

April 7

Google “BeyondCorp”

LiFi YouTube Video

Proliferation: Data vs. Nuclear

▲ Hide...

  ▼ Registration


Bookings are now closed (or the colloquy has been cancelled)

We aren't currently accepting bookings for Security and Privacy in the Digital Age.

If you are trying to pay for a colloquy that you've already attended or have questions about refunds, please contact our Treasurer to work out the details.

▲ Hide...