DOCSLIB.ORG

Cyberwomen © 2017– Institute for War and Peace Reporting

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyberwomen © 2017– Institute for War and Peace Reporting Cyberwomen © 2017– Institute For War And Peace Reporting https://iwpr.net/ Esta obra se encuentra licenciada bajo Atribución-CompartirIgual 4.0 Internacional (CC BY-SA 4.0). https://creativecommons.org/licenses/by-sa/4.0/deed.es Contents I Introduction 13 1 Introduction to Cyberwomen 15 Using the Cyberwomen Curriculum . 16 2 Planning resources 21 Pre-Training Assessments ................... 21 Example training agendas ...................23 3 Acknowledgments 25 II Trust-building exercises 27 4 The rules of the game 29 Leading the Exercise .........................30 Part 1 – The Rules of the Game . 30 Part 2 – “Traffic light” ...................... 31 5 Defenders bingo 33 Leading the Exercise .........................34 6 Tricky candy 37 Leading the Exercise ......................... 37 7 Who do you trust? 39 Leading the exercise .........................40 3 Contents III Rethinking our relationship with technology 41 8 Personal perceptions of security 43 Leading the session ..........................44 Part 1 - What is Safety for You? What is Security for You? . 44 Part 2 - What Does Digital Security Mean to You? . 46 Part 3 - Identifying Motivations, Resistances and Barriers . 46 Part 4 – Digital Security, Gender and Technology Myths . 47 Part 5 – Closing Affirmations . 50 References ...............................50 9 Your rights, your technology 51 Leading the Session .......................... 52 Part 1 – Connecting Rights with Technology . 52 Part 2 – Digital Security and Digital Rights Concepts . 53 References ............................... 55 10 Her-story of technology 57 Leading the Session .......................... 58 References ...............................59 IV Digital security basics 1 61 11 How does the internet work? 63 Leading the session ..........................64 Part 1 - How the Internet Works – Flow of Information and Points of Vulnerability. 64 Part 2 - Vulnerabilities .....................65 Part 3 - Good Practices for Digital Security . 66 References ...............................66 12 Building stronger passwords 67 Leading the Session ..........................68 Part 1 - Introduction .......................68 Part 2 - Why are Passwords Important? . 68 Part 3 - What Can Happen If Your Password is Compromised? 69 Part 4 - How are Passwords Commonly Compromised? . 69 Part 5 - How Can We Make our Passwords Stronger? . 70 References ............................... 71 4 13 Malware and viruses 73 Leading the Session ..........................74 Part 1 - Introduction to Malware . 74 Part 2 - How Can You Get Infected? . 74 Part 3 - Share Examples Involving Women & Women Human Rights Defenders ..................... 75 14 Safe browsing 77 Leading the Session ..........................78 Part 1 - Choosing a Browser ...................78 Part 2 – Safer Browsing Practices . 78 Part 3 – Tools and Extensions for Safer Browsing . 79 Referencia ............................... 81 15 How to secure your computer 83 Leading the Session ..........................84 Part 1 - Introduction .......................84 Part 2 – Physical Environments and Maintenance . 84 Part 3 – Software Safety .....................85 Part 4 – Data Protection and Backups . 87 Part 5 - Deleting Files and Recovering Them . 88 References ...............................88 V Privacy 91 16 Ask me anything! 93 Leading the Exercise .........................94 17 Privacy 97 Leading the Session ..........................98 Part 1 – Do We Truly Have Privacy? . 98 Part 2 – “Self-Doxxing” .....................98 Part 3 – What Do We Do Now? . 100 References ...............................101 18 Networked publics 103 Leading the session . 104 References ...............................105 5 Contents 19 Apps and online platforms 107 Leading the session . 108 Part 1 – Our Devices, Our Data . 108 Part 2 - Who Else is Tracking Us? . 109 Part 3 – Promoting Women’s Rights Using Social Networks . 110 Part 4 – Reclaiming Privacy . 111 References ...............................111 VI Safe online advocacy 113 20 Safer websites 115 Leading the session . 116 Part 1 – What Does an Online Attack Look Like? . 116 Part 2 – Protecting and Securing Websites . 117 References ...............................119 21 Safe online campaigning 121 Leading the session . 122 Part 1 – Introduction and Preventative Planning . 122 Part 2 – Protecting Devices . 123 Part 3 – Managing Account Access . 124 Part 4 – Choosing Apps for Campaigns . 125 Part 5 – Community Building through Facebook . 126 Part 6 – Informed Consent . 127 References ............................127 22 What does your metadata say about you? 129 Leading the session . 130 Part 1 - What is Metadata? . 130 Part 2 - Implications of Metadata in a Human Rights Context . 130 References ...............................131 VII Safer mobiles 133 23 Marco Polo 135 Leading the exercise . 136 24 Mobile phones 1 137 6 Leading the session . 138 Part 1 - What’s a Phone Made Of? . 138 Part 2 – Hands-On Practice . 139 References ...............................140 25 Mobile phones 2 141 Leading the session . 142 Part 1 – Encryption for Mobile Devices . 142 Part 2 – Using GPG on a Mobile Device . 142 Part 3 - Is Your Phone Tracking You? . 143 References ...............................143 VIII Anonymity 145 26 Secret friend 147 Leading the exercise . 148 Part 1 - Introduction . 148 Part 2 - Time to Play! . 148 Part 3 – Closing Circle . 150 27 Anonymity 151 Leading the session . 152 Part 1 – Introduction to Online Anonymity . 152 Part 2 – Identifying Data and Preserving Anonymity . 152 Part 3 – Some Hands-On Practice . 153 28 More online identities! 155 Leading the exercise . 156 Part 1 – Connected Online Identities . 156 Part 2 – Separating and Managing Online Identities . 157 Part 3 – Hands-On Practice and Recommendations . 158 References ...............................160 IX Encryption 161 29 Introduction to encryption 163 Leading the session . 164 Part 1 - Have You Used Encryption Before? . 164 7 Contents Part 2 - Explaining Encryption . 166 References ...............................166 30 Encrypted communication 167 Leading the session . 168 References ...............................168 X Digital security basics 2 169 31 Storage and encryption 171 Leading the session . 172 Part 1 – Data Backups and Planning . 172 Part 2 – Storage and Backup Encryption . 173 References ...............................173 32 Let’s reset! 175 Leading the session . 176 Part 1 – Dispelling the Myth . 176 Part 2 – So What Do We Mean by Resetting? . 176 Part 3 – Check-In: Do You Need to Backup? . 178 Part 4 – Resetting & Rebooting . 178 Part 5 – Live Operating Systems . 179 Part 6 – Hands-On Practice . 180 References ...............................181 XI Online violence against women 183 33 Spectogram 185 Leading the session . 186 34 A feminist internet 189 Leading the session . 190 Part 1 – Raising Awareness . 190 Part 2 - Feminist Principles of the Internet . 191 References ...............................191 35 Symbolic violence 193 Leading the exercise . 194 8 Part 1 - What is Symbolic Violence? . 194 Part 2 - Identifying Symbolic Violence for Ourselves . 195 References ...............................196 36 Reporting abuse on social media platforms 197 Leading the session . 198 References ...............................199 37 Let’s start a documentation journal! 201 Leading the session . 202 Part 1 - Why is Documentation Important? . 202 Part 2 – How Can We Document Incidents? . 203 Part 3 – Starting Our Documentation Journals . 206 Part 4 - Practices and Tips for Maintaining Documentation Journals . 206 38 Doxxing the troll 209 Leading the exercise . 210 Part 1 – What is Doxxing? . 210 Part 2 – Identifying Harassers . 211 Part 3 - Different Profiles, Different Motives . 211 Part 4 - Documenting Incidents & Threats . 212 Part 5 – Getting Ready . 215 Part 7 – Useful Tools . 216 References ...............................218 XII Sexting 219 39 Time to watch! 221 Leading the exercise . 221 40 Sexting 223 Leading the session . 224 Part 1 - Unpacking Social Stigma! . 224 Part 2 - What is Sexting? . 224 Part 3 – Safer Sexting? . 225 References ...............................227 9 Contents XIII Determining the best solution 229 41 Gender-based risk model 231 Leading the exercise . 232 Part 1 – Identifying Risks & Probabilities . 232 Part 2 – Determining Impacts . 234 Part 3 – Strategizing Solutions . 236 References ...............................237 42 Digital security decisions 239 Leading the session . 240 Part 1 - Introduction . 240 Part 2 – How Was Your Software Built? . 240 Part 3 – Thinking About Users . 241 Part 4 – Thinking About Tools . 242 Part 5 – Practice Thinking of Solutions . 243 Part 6 – Resources for Staying Up to Date . 244 43 I decide 245 Leading the exercise . 246 XIV 249 44 Privacy Policy 251 XV Planning ahead 253 45 Organizational security plans and protocols 255 Leading the session . 256 Part 1 – Return of the Risk Model . 256 Part 2 – Plans vs. Protocols . 257 Part 3 – Creating an Organizational Plan and Protocol . 258 Part 4 – What’s Next? . 259 46 Digital security plans and protocols 261 Leading the session . 262 Part 1 – Mapping Organizational Structures and Barriers . 262 Part 2 – Facilitating Organizational Implementation . 262 10 Part 3 – Starting the Conversation . 264 XVI Self-care 267 47 Building feminist self-care 269 Leading the exercise . 270 48 The loving touch 273 Leading the exercise . 274 49 Look 277 Leading the exercise . 278 50 Our reflection 279 Leading the eExercise . 280 51 The act of NO 283 Leading the exercise . 284 52 Love letter to myself 285 Leading the exercise . 286 XVII Closing and review exercises 287 53 Witch coven 289 Leading the exercise . ..
Load more

Recommended publications
  • How to Reform Counterintelligence Outreach to Industry
    Protecting Partners or Preserving Fiefdoms? How to Reform Counterintelligence Outreach to Industry BY DARREN E. TROMBLAY | OCTOBER 2017 U.S. industry is increasingly independent of federal government direction It’s time for a new in its creation of new knowledge and capabilities. Nonetheless, the approach to counterintelligence outputs of industry support the United States’ ability to maintain outreach to the elements of its national power. Consequently, industry is in the crosshairs commercial sector— of not only foreign competitors, but also of foreign intelligence services one that focuses more that seek to surreptitiously obtain valuable knowledge and other on recognizing and responding to intellectual property. This is an unfair fight. It is further complicated by indicators of the the fact that both adversaries and allies alike have directed their threat, less on turning intelligence resources against U.S. industry. to investigators once the damage has Although the U.S. government has attempted to partner with the private sector on already been done. counterintelligence (CI) awareness and response, these efforts have been plagued by a limited concept of which industry sectors are at risk, inconsistency in programs, and redundancies across agencies. Moreover, the U.S. intelligence community is already being asked to do more with less. It is time for a new approach to the important function of counterintelligence outreach to the commercial sector. Such an approach must focus more on recognizing and responding to indicators of the threat, less on turning to investigators once the damage has already been done. Counterintelligence—in the theoretical sense—means preventing an adversary’s intelligence services from acquiring an information advantage.
    [Show full text]
  • NETS1028 06 Backup and Change Mgmt
    Security Design Backup and Change Management System Examination System Configuration Firewalls and Filters Hardening Software Backups and Change Management Access Control and Authentication Virtual Private Networking Logging and Monitoring Security Policy and Management Support SELinux Linux Systems Security NETS1028 LINUX SYSTEMS SECURITY - DENNIS SIMPSON ©2015-2021 Backup • Security breaches can cast doubt on entire installations or render them corrupt • Files or entire systems may have to be recovered from backup • Many tools are available to help with this task in Linux • Two of the more commonly used ones are rsync and duplicity https://en.wikipedia.org/wiki/Rsync http://duplicity.nongnu.org/features.html NETS1028 LINUX SYSTEMS SECURITY - DENNIS SIMPSON ©2015-2021 Legacy Tools • cp is the original way to make a copy of files, but assumptions people make cause problems in using it • GUI-based drag and drop tools make the assumptions problem worse • cpio, tar are archival tools created to copy files to backup media (tape by default) - satisfactory for years but they make it cumbersome to manage backup media https://en.wikipedia.org/wiki/Manuscript_culture • Various software packages provide frontends to these tools in order to make backup/restore easier to manage and more robust NETS1028 LINUX SYSTEMS SECURITY - DENNIS SIMPSON ©2015-2021 Rsync • Rsync has a command line interface which resembles a smart cp, and provides a base for many backup software packages with GUIs • Can preserve special files such as links and devices • Can copy
    [Show full text]
  • Jelszókezelök Pclinuxos Magazine – 2017
    Repo mustra: jelszókezelök PClinuxOS Magazine – 2017. április Írta CgBoy Jelszavak. Mindnyájan használunk. Néhányan egyet használunk mindenre. Másoknak sok, összetett jelszava van, amit nehéz észben tartani. Mielőtt a cikket írtam volna, a számítógépemen volt egy fájl az összes jelszavammal. Nagyon biztonságos, igaz? Minden esetre, ebben a hónapban rövid pillantást vetünk a tárolóban található jelszó kezelőkre. Abba a sorba raktam őket, ahogy átnéztem. KDE Wallet (tárca) Manager. Kezdjük a KDE Wallet Manager-rel. Elég könnyű tárcát készíteni. Használhat Blowfish-t, vagy GPG titkosítást. Mivel nincs GPG-kulcsom, Blowfish titkosítási eljárást használtam. A KDE Wallet Manager képes XML Nos, a KDE Wallet Manager olyan jó? Azt wallet-fájlokat importálni és exportálni. A KDE Wallet mondanám, igen. Könnyen használható, jo a felülete Manager felhasználói felülete jó és egyszerű. Van és van néhány jó tulajdonsága, vagyis mondhatnám, még rendszertálca alkalmazása is, ahonnan a tárcák jó. megnyithatóak. KeePassX, (Megjegyzés: a 2.0.3-as verzió ez és nem a régi 0.4.4-es) a KeePassX-t gyakran ajánlják mint jó, nyílt forráskódú jelszókezelőt. Azok számára, akik nem ismerik, a KeePassX a KeePass Password Safe leágazása. Amikor a KeePassX-ben új jelszó adatbázist készítesz, választhatsz, hogy csak mester jelszót, csak kulcs fájlt, vagy mindkettőt használj. A KeePassX AES, vagy Twofish titkosítást használ az adatbázisánál. A KeePassX felhasználói felülete jó, a jelszavakat Androidra és iOS-re is van applikáció, ami képes könyvtárakba rendezi. Amikor új jelszó elemet viszel KeePass adatbázis használatára, ami azt jelenti, be, a KeePass készít hozzá egy véletlenszerű hogy a jelszavaid mindig veled lehetnek! Nos, mit jelszót. Az elemhez ikon is rendelhető. A KeePassX gondolsz a KeePass-ról? Szerintem kiváló képes böngésző kiegészítő nélkül a bejelentkező jelszókezelő.
    [Show full text]
  • Announcement
    Announcement 100 articles, 2016-02-25 12:01 1 Microsoft introduces Windows 10 for PCs build 14271 and Mobile build 14267.1004 to Fast ring (4) Microsoft released two new Insider builds to the Fast ring today. Windows 10 Mobile build 14267.1004 fixes an issue with Lumia 550 and Windows 10 for PCs build 14271 has other fixes. 2016-02-24 18:16:01+00:00 1KB www.neowin.net 2 Apple plans Siri for Mac as tentpole feature for this fall's OS X 10.12 launch (2) Apple has reportedly been testing Siri for Mac since at least 2012, but even though the digital assistant has already made its way from the iPhone to the Apple Watch and Apple TV, it’s been notably absent from OS X.… 2016-02-25 08:32:48 1KB www.techspot.com 3 MasterCard wants to replace passwords and PINs with selfies In the ongoing search for the successor to unsecure passwords and PINs, financial (2) services giant MasterCard is taking a modern approach to authenticating transactions called MasterCard Identity Check. 2016-02-25 11:17:44 2KB www.techspot.com 4 Docker: Build Use-case-appropriate Containers - Developer.com Docker hits a sweet spot with the default container construction. It provides reasonable (2) defaults without hindering productivity of users. 2016-02-25 00:00:00 5KB www.developer.com 5 Alcatel OneTouch Fierce XL now supported by Windows 10 Insider Preview (2) After releasing Windows 10 for PCs build 14271 and Windows 10 Mobile build 14267.1004 today, Microsoft also announced that the Alcatel OneTouch Fierce XL can now enroll in the Insider Program.
    [Show full text]
  • Keepass Password Safe Help
    KeePass Password Safe KeePass: Copyright © 2003-2011 Dominik Reichl. The program is OSI Certified Open Source Software. OSI Certified is a certification mark of the Open Source Initiative. For more information see the License page. Introduction Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. He would have access to your e-mail account, website, etc. Unimaginable. But who can remember all those passwords? Nobody, but KeePass can. KeePass is a free, open source, light-weight and easy-to-use password manager for Windows. The program stores your passwords in a highly encrypted database. This database consists of only one file, so it can be easily transferred from one computer to another. KeePass supports password groups, you can sort your passwords (for example into Windows, Internet, My Website, etc.). You can drag&drop passwords into other windows. The powerful auto-type feature will type user names and passwords for you into other windows. The program can export the database to various formats. It can also import data from various other formats (more than 20 different formats of other password managers, a generic CSV importer, ...). Of course, you can also print the password list or current view. Using the context menu of the password list you can quickly copy password or user name to the Windows clipboard.
    [Show full text]
  • Session Presentation
    #CLUS Internet of Things The Mirai Story Dr. Yatish Joshi – Software Engineer @yatishkjoshi DEVNET-1524 #CLUS Agenda • Introduction • Mirai Design & Development • Victims & Aftermath • Demo • Conclusion #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Cisco Webex Teams Questions? Use Cisco Webex Teams to chat with the speaker after the session How 1 Find this session in the Cisco Live Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space Webex Teams will be moderated cs.co/ciscolivebot#DEVNET-1524 by the speaker until June 16, 2019. #CLUS © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 It all started with Minecraft • Second best selling game of all time. • Bought by Microsoft for $2.5 billion • Has sold over 154 million copies by 2018. • 91 million active players/month. • Hosting servers can make $100-$200k/month. #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 The American Dream The team: Paras Jha, Josiah White Dalton Norman Business 1: • Starts own Minecraft Server. • Gets DDoS attacks on his server. Business 2: • Protraf, a DDoS Mitigation company. • Recruits his friends to launch a new product called Mirai.. #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Business Plan • DDoS Attack on competing Minecraft servers • Extortion • DDoS as a Service • Click Fraud #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Mirai Design • Named after Mirai Nikki, a 2011 anime series.
    [Show full text]
  • ERDA User Guide
    User Guide 22. July 2021 1 / 116 Table of Contents Introduction..........................................................................................................................................3 Requirements and Terms of Use...........................................................................................................3 How to Access UCPH ERDA...............................................................................................................3 Sign-up.............................................................................................................................................4 Login................................................................................................................................................7 Overview..........................................................................................................................................7 Home................................................................................................................................................8 Files..................................................................................................................................................9 File Sharing and Data Exchange....................................................................................................15 Share Links...............................................................................................................................15 Workgroup Shared Folders.......................................................................................................19
    [Show full text]
  • Win Big with [Insert Open Source App Here] Win Big with Open Source
    Win Big with [Insert Open Source App Here] Win Big With Open Source Introductions Dave Nevala – Lukins & Annis Jerry Askew – Askew Network Solutions Win Big With Open Source No Licensing Headaches High Quality – peer reviewed Paid Support Available If you want a feature, add it! OSS can’t be discontinued or sold Win Big With Open Source KeePass – Password Manager Zotero – Web Research Manager 7-Zip – Fast Archiver Truecrypt – Disk Encryption PDF Creator Ntop – Network Analyzer Prey – Loss Prevention Win Big With KeePass What is KeePass? Password Management Database Strong Password Generator Hot-key login Obfuscation techniques Multi-platform Download for free http://keepass.info/ Win Big With KeePass Password Database Strong Encryption Can be opened with single password Win Big With KeePass Why KeePass? No need for PostIt notes, slips of paper, etc. Easy to have unique strong passwords Turn off auto form fill Win Big With KeePass Ports KeePassPPC & KeePassSD – PassDrop - iPhone/iPad PocketPC KeePassDroid – Android 7Pass - Windows Phone KeePassMobile - J2ME MiniKeePass - iPhone/iPad KeePassJ2ME - J2ME SyncPass - iPhone/iPad KeePassBB – BlackBerry iKeePass - iPhone/iPad KeePassBB2 – BlackBerry MyKeePass - iPhone/iPad Export to Keyring - Palm OS KyPass - iPhone/iPad KeePassX - Linux / Mac OS X Win Big With KeePass Share with multiple devices Portable version (run from folder) Keep database on flash drive or dropbox Win Big With KeePass Alternatives Last pass (requires to be online) KeePassX (requires to be online) 1Password (Mac and Linux)
    [Show full text]
  • News Tech Tools Tech Tools
    NEWS Tech Tools Tech Tools NVidia Announces Project Shield Gaming Device Large-Scale Elastic NVidia announces Project Shield, a game and imagined a new way to Architecture new portable gaming device for open play,” said Jen-Hsun Huang, co- Data-as-a-Service platforms. The Project Shield device, founder and chief executive officer at Red Hat Inc. recently announced its which features a 5-inch screen and a NVidia. Project Shield features NVidia’s participation in a European Union ini- full-size ergonomic controller, lets new Tegra 4 processor, which delivers tiative to create a Large-scale Elastic users play both Android and PC titles. powerful gaming capacity from its cus- Architecture for Data-as-a-Service As an Android device, Project Shield tom 72-core GeForce GPU and quad- (LEADS) for mining and analyzing data provides access to any game on core Cortex-A15 CPU. According to the published on the entire public web. Google Play, and, as a wireless receiver announcement, the Project Shield de- The LEADS consortium is composed and controller, it can stream games vice combines the NVidia Tegra 4, of universities and research centers, and access titles on its Steam game li- high-bandwidth, ultra- as well as IT corporations with an in- brary from a PC powered by NVidia fast wireless tech- terest in data mining and analysis GeForce GTX GPUs. Project Shield nology, and HD techniques. The objective of LEADS is comes with the latest Android video and audio “to build a decentralized Data-as-a- Jelly Bean operating sys- with a full-size, con- Service (DaaS) framework that runs tem from Google.
    [Show full text]
  • The Cybersecurity Campaign Playbook: European Edition
    The Cybersecurity Campaign Playbook European Edition DEFENDING DIGITAL DEMOCRACY MAY 2018 Adapted in partnership with International Republican Institute Defending Digital Democracy Project Belfer Center for Science and International Affairs Harvard Kennedy School 79 JFK Street Cambridge, MA 02138 www.belfercenter.org/D3P European Version partners: The National Democratic Institute www.ndi.org The International Republican Institute www.iri.org Statements and views expressed in this document are solely those of the authors and do not imply endorsement by Harvard University, the Harvard Kennedy School, or the Belfer Center for Science and International Affairs. Design & Layout by Andrew Facini Cover photo: A Slovenian casts his ballot in a box bearing a European Union crest at a polling station in Grosuplje near Ljubljana, Sunday, Oct. 3, 2004. Nationwide general elections are taking place in Slovenia on Sunday. Slovenia joined the EU and NATO earlier this yea. (AP Photo/Darko Bandic) Copyright 2018, President and Fellows of Harvard College DEFENDING DIGITAL DEMOCRACY MAY 2018 The Cybersecurity Campaign Playbook European Edition Contents Welcome ........................................................................................................3 Authors and Contributors ................................................................................................................... 5 The Playbook Approach ...................................................................................................................... 6 Introduction
    [Show full text]
  • Winzip Download Free Windows 10 Winzip App for Windows
    winzip download free windows 10 WinZip App for Windows. WinZip is a useful application for those who need to compress, extract, and archive files on a regular basis. It allows you to compress documents to save space on your computer and to make it easier to share files with other people. This software also allows you to extract any documents from archives and unpack compressed files. WinZip for PC is one of the most popular and well-known programs for compression. Interface. The interface is very straightforward and easy to use. WinZip for Windows has a basic layout with a toolbar and menu bar at the top. The toolbar has 5 buttons: New, Open, Extract, Send, and Exit. The left side of the screen is where the documents are displayed in a list. To view a file, just click on it in the list. The right-hand side of the screen is where the tools are displayed. The list of documents in the left-hand menu and the tools in the right-hand menu are an easy way to navigate through the interface. Usability. It is very easy to use. The interface is straightforward and the user interface is really simple. Free Windows WinZip is very easy to drag and drop files into the program and to select the desired compression level. The usability is very good and it is really easy to navigate through the interface. Functionality. It is perfect for compressing, extracting, and archiving documents. It allows users to select the compression level and the output format. Files can be compressed in any formats such as .zip, .rar, and .tar.
    [Show full text]
  • Drupal Security Best Practices
    Drupal Security Best Practices A General Guide to Making your Drupal Site More Secure By: OpenConcept Consulting Inc., originally written for Public Safety Canada Main Author: Mike Gifford Contributors Mike Mallett (OpenConcept) David Norman Xavier Landreville (OpenConcept) Lee Rowlands Matt Parker David Timothy Strauss Michael Richardson Ben Hosmer Colan Schwartz Ursula Pieper Mack Hardy Jonathan Marcil Peter Cruickshank Peter Wolanin Editors Lee Hunter Xavier Landreville Mike Mallett Version 1.3.0 (December 08, 2015) This is a living document, sign up for updates. Like this guide? There are lots of ways to contribute to its further development. This is a community effort, but even if you aren’t a security guru there are plenty of ways to help. If you have editing skills, know that this guide could use your help. We need people to spread the word about what you’ve found in this guide. It’s available under an open Creative Commons license so please share it with people who you think would benefit. If this guide has been useful to you, please spread the word on your favourite social media platform. Contents: Foreword Copyright About the Author Mike Gifford, Principal Author A) Introduction B) Principles of Security C) Security Concerns for Managers D) Server Security 1) Server Procurement 2) Immediately After Receiving Root Access 3) Create a baseline 4) Limit Access from Outside 5) Initial Installs 6) Server Maintenance 7) Managing Server Logs 8) Rough Server Ecosystem Image E) Web Servers 1) Restricting Access 2) Removing Code 3) HTTP
    [Show full text]