Cybersecurity: Crash Course Computer Science #31

Подписаться 16 млн

Просмотров 951 тыс.

50% 1

Cybersecurity is a set of techniques to protect the secrecy, integrity, and availability of computer systems and data against threats. In today’s episode, we’re going to unpack these three goals and talk through some strategies we use like passwords, biometrics, and access privileges to keep our information as secure, but also as accessible as possible. From massive Denial of Service, or DDos attacks, to malware and brute force password cracking there are a lot of ways for hackers to gain access to your data, so we’ll also discuss some strategies like creating strong passwords, and using 2-factor authentication, to keep your information safe.
Check out Computerphile’s wonderful video on how to choose a password!
• How to Choose a Passwo...
Pre-order our limited edition Crash Course: Computer Science Floppy Disk Coasters here!
store.dftba.com/products/comp...
Produced in collaboration with PBS Digital Studios: / pbsdigitalstudios
Want to know more about Carrie Anne?
about.me/carrieannephilbin
The Latest from PBS Digital Studios: • All PBS Digital Studio...
Want to find Crash Course elsewhere on the internet?
Facebook - / youtubecrash. .
Twitter - / thecrashcourse
Tumblr - / thecrashcourse
Support Crash Course on Patreon: / crashcourse
CC Kids: / crashcoursekids

Опубликовано:

1 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 465

@RaymondHng 6 лет назад

Please enter your new password: "cabbage" Sorry, the password must be more than 8 characters. "boiled cabbage" Sorry, the password must contain 1 numerical character. "1 boiled cabbage" Sorry, the password cannot have blank spaces. "50bloodyboiledcabbages" Sorry, the password must contain at least one upper case character. "50BLOODYboiledcabbages" Sorry, the password cannot use more than one upper case character consecutively. "50BloodyBoiledCabbagesShovedUpYourArse,IfYouDon'tGiveMeAccessnow” Sorry, the password cannot contain punctuation. “ReallyPissedOff50BloodyBoiledCabbagesShovedUpYourArseIfYouDontGiveMeAccessnow” Sorry, that password is already in use.

@the80386 6 лет назад

thanks. been a while since I had a belly cramp laughing.

@angeljesus9674 6 лет назад

Thanks for making me read all that 😂

@metanumia 6 лет назад

That was hilarious!

@enriquemartinez8915 6 лет назад

LMAO 🤣 crying😂😂😂😂😂😂🤣😅

@destinyfoley8827 6 лет назад

RaymondHng that is everything

@photophone5574 5 лет назад

1:50 “that shows who your enemy is.” *shows a little girl on her computer* A formidable foe.

@sudocatsda1guy390 4 года назад

She stole a bunch of info about me I'm not proud of and some disgusting info I am proud of.

@amur_ 6 лет назад

I learned the same things in a 8 hour online course. Truly a Crash Course

@JCorvinusVR 6 лет назад

Remember to change your face every 90 days to prevent hackers from getting into your account.

@oldcowbb 6 лет назад

my face already include at least one symbol, at least one upper case letter and at least one number

@khizerjamal6484 6 лет назад

Meanwhile in a plastic surgeon...

@KelNg130 4 года назад

That's only if you used facial recognition (which is biometric) as the authentication mechanism. Just simply use long passwords.

@marcbellucci2469 4 года назад

You're killing me with the "I'd take it ALL" ATM comment. I'm sitting here dying!

@davemonkey26 6 лет назад

This video is bologna, if people don't click on random links in their emails, how will I ever give away my millions?

@Riktamorty 6 лет назад

Lololol

@merlinthelemurian3197 6 лет назад

I laughed way more than I should have

@gabrielagbese1945 6 лет назад

dude thats racist

@davemonkey26 6 лет назад

Seeing as this account is a satirical parody of the Nigerian prince email spams, it is not racist as it is just a reference to an actual occurrence. Even so, if there was no such thing as the Nigerian Prince email spam (which there still very much is lmao) the only adjective this account title uses is Nigerian, which describes ones place of origin or citizenship. If anything this account is nationalist, not racist. In conclusion, you have incorrectly analyzed the process and purpose I use to deliver humor in my comments and will not be receiving my horded millions of dollars.

@kyledolor5257 6 лет назад

Gabriel Agbese you got rekt dude

@stevieinselby 6 лет назад

One thing I would like to see stressed is that two-factor authentication has to ask for two *different types* of authentication. Asking for a password _and_ a PIN is still only one-factor, because they are both things that you have remembered (or written down), so if someone has got hold of your password file they can enter one, two or twenty passwords correctly - asking for more than one doesn't stop them. This was something that online banking got very wrong for quite some time, although most banks seem to have got it sorted out now.

@scooter3387 Год назад

Using this to prep myself for a Master's in Cybersecurity. This broke down everything way better than most of the material I have read.

@AnonymousFreakYT 6 лет назад

As a "cybersecurity"† professional, this is an excellent episode. Well written, well delivered. Just the right amount of detail for a "class," while not being so over-simplified to be actually wrong. (I see that too often, newspaper articles, TV news segments that oversimplify to the point that what they say is wrong, not just "simplified.") †I freaking *HATE* the word/prefix "cyber".

@seededsoul 6 лет назад

Anonymous Freak Yes, it sounds cheesy, and used to refer to something else...

@wachirarisky4284 4 года назад

How did you get your first job and what do you recommend learning for Cyber security

@TheSYLOH 6 лет назад

Fun fact: At 55,000 views there's a 99.59% chance she guessed someone's pin. Assuming that people PINs are evenly and randomly distributed. 1 - (9999/10000)^55000

@Elizabethbaileysigmar 5 лет назад

I love math.

@juanaseok6537 5 лет назад

Nice one XD

@randomperson3195 4 года назад

And assuming everyone has viewed it only once.

@frankding7584 4 года назад

The thing is though, 2580 is a straight line down the keypad and we all know everyone hates straight lines

@RichIrving 6 лет назад

This is a great video. Explains the topic enough so that non-technical people understand the threats and how to mitigate them. Great job!

@MuhammadAhmed-wh5kv 5 лет назад

Just love going back from time to time to watch some of this amazing course episodes!

@toxicslushpuppy 4 года назад

It is a guilty pleasure every time Carrieanne says "doobalidoo".

@KeithMakank3 5 лет назад

I work in security and I approve this message. Excellent video!

@justin213 Год назад

Going into Cybersecurity and this is so cool

@Uejji 6 лет назад

That's amazing! I've got the same combination on my luggage!

@microbuilder 6 лет назад

May the Schwartz be with you.

@zacharyedmond8223 Месяц назад

i work as a senior cybersec engineer in incident response and threat intelligence. love it!

@marielleforgotmylastname8282 6 лет назад

Spot on with everything. I really enjoy the series! I have a pretty decent amount of experience with IT stuff, but I still manage to learn at least one new bit of info with every video. :D

@WoWDart 6 лет назад

I love this series. Thank you for all your hard work.

@rswhite 5 лет назад

1, 2, 3, 4, 5? That's amazing! I've got the same combination on my luggage!

@id01_01 6 лет назад

Password requirements aren't more secure in practice - consider the two following passwords: "Passw0rd!" or "da-ba-dee-ba-doo". The second is much more secure, as the only feasible way to guess the password is brute force with letters and symbols, and most likely numbers too, but doesn't have digits nor capital letters. The first can be cracked using a dictionary attack with mutation.

@ismailkucuk1684 6 лет назад

Hi, I appreciate you. I needed the information you gave as a seo and digital marketing specialist. I did not come across a channel or person who described terms like Internet, TCIP as simple as you. Thanks again...

@jess_tech 6 лет назад

This video is incredible! Thank you so much!

@rpsloss 4 года назад

This was really well done. Thanks!

@jonnygiantrobot 10 месяцев назад

A 12 minute long course this really is a crash course!

@bradyryden1841 6 лет назад

FINALLY!!!! The reason why I watch this!

@peterschubert3429 6 лет назад

I wonder why nobody in these videos ever mentions the possibility to use words from different laguages. It increases the possible combinations even more! :D

@amandal.1422 5 лет назад

I do that all the time, I really stopped using English anymore lmao

@Elizabethbaileysigmar 5 лет назад

I was going to make a comment about password length vs diversity of characters. Rainbow tables let me crack anything less than 14 characters really easy but anything more gets weird. One method I used to use was take a Chinese word, change the diphthongs to produce many different words and then string them all together in English. Easy for me to remember but really hard for a computer to guess. Like house horse mother. You go over the rainbow tables. Yep go look it up. It does not require a bunch of hard to remember special characters and numbers. One of my fun games at work is just repeating the same thing in as many languages as I can think of at the time. But sequential translations get weird. My favorite pattern is English, Spanish, German. Add slang and it gets weird really fast Long list, English, Spanish, (Taino if Puerto Rican), Portuguese, French, Romanian [short story later], German, Swedish, Dutch, Arabic (Burbur if they are Moroccan, like Ara means give me in Arabic but write or sign your name in Burbur), Uzbeki, Turkish, then Russian and then Polish. It makes sense in my head, don't judge me. I was telling a joke to a Puerto Rican woman last year and she stopped me in the intro telling me she knew Taino and knew what the word meant. It was a play on words. The only time that joke has failed me. Two points on Romanian. The first was a woman on her phone who just could not be bothered to get of her phone. So I said something to her in Russian. She was like why are you talking to me in Russian, and I was like because you are not paying attention to me in English and my Romanian is poor. The second was a Romanian women who would not get off her phone. So I got annoyed and started talking to her mother who was born in Romania. The mother then spent the next two minutes berating her daughter for not knowing how to pronounce words correctly in Romanian. Jewish mothers...

@freshprinceofnightcity 4 года назад

I will try that method.

@AmyJayOnTheWay 6 лет назад

I appreciate these videos so much! I've learned enough to know that I want to learn more -- and I'm hoping to get Security+ certified next year!

@ravik694 6 лет назад

Amy Jay good luck, Amy! Security+ was my first certification and it's a great starting point.

@arobiteme 6 лет назад

Some military jobs make us get the very in only 9 days of education with no experience. Often we have to test a couple times, but it's doable. The 501 version is gunna be killer though, so study up!

@musashi939 6 лет назад

Briana Pierce haha. That sounds like learn to code in one weekend. Why even bother to study software engineering if you can learn that in one weekend or becoming a security consultant in 9 days. You gotta be kidding me.

@XoXitsSaruhh 6 лет назад

I'm doin dat! I'm also getting Net+ and I already have my A+

@arobiteme 6 лет назад

Well, we manage to successfully do our jobs. Don't get me wrong, some people never make it through. But if you find the time we get amusing, you should realize that we take the exact same test as you, getthe exact same cert, and do our jobs effectively.

@victor.ruto.7919 6 лет назад

This gonna help a lot... Thanks a lot

@ill6ixx538 5 лет назад

Carrie Anne keep it real. No access to ATMs or she'll take all of it xD

@watchit387 4 года назад

that ceramic cat collection doesn't buy itself XD

@xyz-hx5dh 6 лет назад

Learned a lot thanks .

@frencheneesz 6 лет назад

Good episode! Would be nice to hear an indictment of modern operating systems (especially windows) that were designed in pretty much the least secure way possible.

@cefalves 6 лет назад

I AM brazillian and I love yours vídeos. Thank you.

@kofiacquah6972 4 года назад

I love her enthusiasm

@geetbhardwaj3879 4 года назад

thanks. Very useful

@_productivity__nill_1131 6 лет назад

Confidentiality - data that only authorised people can read Integrity - data that only authorised people can modify Availability - data which authorised people should have access to

@KelNg130 4 года назад

Almost. The last one is simply Authorization. Availability refers to the "ability to access data when we need it". The Parkerian hexad, although considered to be a more complete model, is not widely known as the CIA triad. It consists of: Confidentiality, Integrity, Availability, Possession, Authenticity, and Utility. Possession - physical dispostion of media on which data is stored in. Authenticity - data that can be properly attributed to the owner/creator. Utility - data that is useful depending on content and format.

@ProWhitaker 6 лет назад

Thanks for the video

@yassineelmalki4223 10 месяцев назад

Fantastic 🎉

@leogomez4u 6 лет назад

Thanks for making these videos.I'm on my way to becoming a+ certified and cross reference a lot of the things you illustrate

@Shackleford_Rusty 6 лет назад

leogomez4u skip it, read the books get hands on, grab your network+, ccna, security +, even an MCSA. A + knowledge is great but the cert isn’t worth the money.

@21guitarworld 6 лет назад

Don't listen to them, A+ is your concrete to your house, network+, and Sec+, and etc are the walls and the roofs.

@YoungDen 5 лет назад

Actually Net+ is your concrete, walls and roof with Windows and doors while Security+ is your fence. The more experience with Security+ the higher the fence. A+ would be more like building the shed in the back. Nice to have but not important enough to live in or off (the cert).

@gailaltschwager7377 Год назад

Thank you!

@abdulrahmanalqarni8662 4 года назад

Good topic explanation

@mitwhitgaming7722 6 лет назад

Is that a Spy Kids _and_ a Ben 10 reference in the thubnail!? Respect.

@jepersprepur2809 6 лет назад

_Mit_Whit _Gaming_ though it’s a really weird one because ones from the most disliked 3rd film Spy Kids 3d and the other is from Omniverse

@mitwhitgaming7722 6 лет назад

Jepersprepur IKR?! 😂

@jepersprepur2809 6 лет назад

_Mit_Whit _Gaming_ mmmhmmm

@JM-us3fr 6 лет назад

Now I'm sad I didn't get the Ben 10 reference

@FireBugRBLX 6 лет назад

_Mit_Whit _Gaming_ The actual name of the black and red humanoid in 9:18 is actually "Malware", a villain from Ben 10: Omniverse, they might have used the character since Malware is a best symbol for the error

@lab9337 6 лет назад

Great vid. Thanks :)

@michaeldzema4272 5 лет назад

Awesome video !

@activecypher6589 4 года назад

Great intro course.

@joeholszter2633 5 лет назад

I love this video and I love that lady teaching it everything about this is good

@mariniikk 6 лет назад

I'm interested in psychology, tech, and bio. Y not combine the three and go into comp systems to research the "brain" and artificial intelligence of computers?! That's how I got here :). I've recently discovered the (huge and overwhelming) world of cyber tech but as a Russian speaking blond 5' girl, I think it would be cool to get a job in this field. I'm 14 and new to this but it's super interesting and these vids help

@cuddy90210 5 лет назад

Thank you.

@JosephSantoro 6 лет назад

I was wondering how you would do this in one short video... Not bad!

@danialraza3021 4 года назад

Thank you

@PavanPhaneendra423 6 лет назад

Good video

@Beryllahawk 6 лет назад

Correct horse battery staple! Yay!

@chicksssyht 5 лет назад

BIBA!! I appreciated that

@PavanPhaneendra423 6 лет назад

Wow what a video

@sparksparkboom 6 лет назад

I'm majoring in this starting next year!!!

@sparksparkboom 6 лет назад

tcbobb16 tcb Illinois State

@Magnacardia 5 лет назад

How’s it going so far

@pieadapter3615 4 года назад

Updates, please don't drop out

@eloyruiz2855 5 лет назад

I love your video thank you

@pocketll 4 года назад

0:18 Legendary bike Favorit.

@minghowlogic6223 6 лет назад

great!

@Slayer_Jesse 6 лет назад

Correct Horse Battery Staple

@remuladgryta 6 лет назад

Hunter2

@burnedexperiment7397 6 лет назад

"Lil' Bobby tables we call him...i hope you learned to sanitize your database inputs."

@wolvenmoonstone8138 6 лет назад

funny, go change your password now

@Orinslayer 6 лет назад

That's actually a bad password.

@leogomez4u 6 лет назад

Thanks

@mincewatisimatupang2471 4 года назад

nice program

@DuluthTW 6 лет назад

My new password is Ceramic_cat_figurines. Ooops, maybe not. Another great episode. Thanks!

@une6fille6attriste6 5 лет назад

Brilliant and easy to understand! Thank you! Even the jokes are funny. XD

@galyefet7095 6 лет назад

thanks

@peterstiles1 6 лет назад

This series is so great I can even forgive Carrie-Anne's, 'tongue down the back of Green Bros. trousers' comment at 5:19.

@mohamedali-wz7cq 4 года назад

nice video

@Memorable_VND 5 лет назад

I am biggest fan of u .Can u make more videos on cyber security cryptography etc

@TGC40401 6 лет назад

2:24 Oh, that's what _safe mode_ means

@user-nj1qc7uc9c 5 лет назад

4:08 you have to remember, it doesn't just have to generate those numbers, it also has to enter them in, for example even python, a really freaking slow language, can count from 0 to 10000 in 0.0009965896606445312 seconds, pretty freaking fast! But if you want python to print each individual number, it will take about 4.403296709060669 seconds, although entering the numbers might not take as long as printing each one, it would still take at least a second

@Submanca 6 лет назад

Hi Love the videos and was wondering if I should get a VPN or not. Do I need one really? I keep getting ads that try and scare me into getting one but they are not cheap.

@TGC40401 6 лет назад

I updated everything I have access to, after this video.

@beyond12021 4 года назад

"Cyber Security is like the Jedi Order trying to bring Peace and Justice to the Cyberverse" *Decides to go back to school and study Cyber Security*

@pureroute1551 4 года назад

Interesting

@user-be4yc2vr5c 5 лет назад

Lol I just mentioned brute force hacking in a earlier video were you were describing brute coding XD

@Theorak 6 лет назад

Open source for security is a topic that came up for our (Germany) election software, because the old one was hidden and faulty, could be a right step imo.

@armorsmith43 6 лет назад

Alternately (though I don't know how well this works in a federal system with different layers of elections), just use pencil and paper for voting like the Brits do.

@tuele4302 6 лет назад

Pen is better in this case since pencil writing can be erased.

@Cryssball 6 лет назад

if the topic is security... how is pen and paper more secure than Open source?

@tuele4302 6 лет назад

I was comparing pen to pencil.

@Cryssball 6 лет назад

my bad. I should had clarified I was refering to Andrew Farrell

@mincewatisimatupang2471 4 года назад

interesting you explain with direct with pictures ... i need lesson computer science

@artofthehak5508 5 лет назад

This is a great video, it's more difficult to do these animated vids than to just have a talking head spitting a script. Nice job guys

@teddysherman4337 5 лет назад

good vid

@wolvenmoonstone8138 6 лет назад

I would like to make a subtle yet important distinction ALLOWING the option to use 9 or more capital and lowercase adding symbols spaces and numbers makes the number of possible passwords increase and is therefore more sucure REQUIRING a password to contain those things to be valid lowers the number making passwords less sucure harder to remember and more annoying to create and encourages users to have the same password for multiple accounts (don't do that)

@dannyj391 6 лет назад

Love theese videos puts me right to sleep

@DragonRamer 6 лет назад

Thanks so much, im only 13 and this interests me so much! I went to a cyber security competition a few weeks back and it was amazing! I placed 2nd place w/ only a little background knowledge that I learned from coding in various languages/reverse engineering a lot over the years! 🙂😀😀

@thijsvandaele4339 6 лет назад

Congrats! Follow your dream Dargon, Remember, The only thing you need is passion and curiosity!!!

@DragonRamer 6 лет назад

Thijs Vandaele True!! Thank you.

@grantg117 6 лет назад

You should post this kind of stuff on your RU-vid channel

@Wolf-sd8fr 6 лет назад

Learn Kali Linux

@mikuhatsunegoshujin 6 лет назад

Install gentoo hardened.

@skroot7975 6 лет назад

I'd love an episode on neural networks.

@ailtonbiji5024 4 года назад

cool...

@miguellima737 6 месяцев назад

very noice video

@tueemsyhu4846 5 лет назад

NOTHING IS TOTALLY SAFE!!GOOD VIDEO!!😀😊

@phatzdomino5343 6 лет назад

For someone who is complete new to the field of I.T/cybersecurity is it a bad idea to start off with a Cyber security proficiency 1 class?

@evenana4399 6 лет назад

I JUST LEARNED HOW THIS CYBERSECURITY WORKS

@gardenhead92 6 лет назад

Would have been nice to go over capability-based security as an alternative to ACLs.

@richardoder9171 5 лет назад

I receive so many call indicating "I'm with your computer security and your computer has been compromised, I am looking at your computer security systems and we need to fix it right away" I call BS and almost always the line goes dead. Can even the companies that are legitimate see into your computer without your knowledge?

@mincewatisimatupang2471 4 года назад

i like your video because it is my lesson , please explain more with use pictures exemples direct ...it is my lesson

@MrKajithecat 5 лет назад

Enrolling into school for this next year.

@blacksatoshi6486 4 года назад

i LOVE CARRIE ANN HER REFERENCES ARE SO COOL FROM GAMING TO PETS TO MOVIES EVERYTHING!!!!!!!!!!!!!!

@tendies 6 лет назад

Please do a video about Block-chain!

@midnightharvest3065 4 года назад

As an IT major with a focus on Cybersecurity, this video is very informative and provides a good understanding of my career future

@kaifae 6 лет назад

Why didn't you use the CISSP standard definitions for confidentiality, integrity, and availability? Integrity is less about the authorized person accessing the data, and more about the data itself being complete or whole.

@mathabahassan3471 4 года назад

Hello I've benefited alot from your video but I'm asking if you could give me some useful information about administration of security??

@armorsmith43 6 лет назад

If you ever see a system either show you your password or say you can't have a password longer than 16 characters, you know that site isn't storing your password securely. If you are implementing a system to check a user's password it is important not to store the password itself but instead when the user sets their password: 1) Generate a random string and stick it at the end of the password (called a 'salt') 2) Run the password+salt through a 1-way hash function like bcrypt 3) Store both the salt and the hashed+salted password in your database. Then, when your user goes to log in, read the salt from the database, add it to the login, run it through bcrypt and check if it matches the hashed+salted password.

@remuladgryta 6 лет назад

Even better, rely on someone else who knows what they are doing to do it for you. Even the experts get this stuff wrong from time to time and you're not an expert. Use a well known, heavily tested and actively updated library for anything security related. If you're doing anything other than something like library.storepassword(username, password) and library.startsession(username, password), you're probably doing something wrong.

@armorsmith43 6 лет назад

Exactly right, though you'll need to know how things work at the layer of abstraction I described to know what to look for in a library. Don't roll crypto yourself except for fun & practice.

@JimCullen 6 лет назад

>or say you can't have a password longer than 16 characters Some companies do this for customer support reasons. They do a check on the string they're sent _prior_ to running the hash on it, so it can still be done securely. But longer passwords are more likely to be forgotten, so some large organisations might choose to restrict password length to reduce the burden on their customer support lines. If they can send you your password upon request though. Yeah, that's completely indefensible. They _might_ be able to email you your password immediately after you first set it (although that is a terrible idea because email is a terribly insecure protocol) without compromising database security, but at any other point they should not have access to your plaintext password.

@armorsmith43 6 лет назад

@Jim Cullen you're right. Its a signal that they're storing the password, but not actually a guaruntee. But really what they should do to accomplish their goal is actively suggest passphrases. But people are often silly.

@JimCullen 6 лет назад

I wish more companies would encourage using password managers. Passphrases are okay, but they're no where near as good as an equally long pseudo-random password. And if they form sensible sentence structures (as opposed to being completely randomly chosen words), passphrases are even worse. Using good 2FA (*not* SMS-based 2FA) on more sites would also be nice.

@KiddsockTV 6 лет назад

awww man.. now I have to change my pin.

@Mostlyharmless1985 6 лет назад

I’m seriously hoping we go over airgaps and compartmentalization, because they are the true implementation of write up, read down. You gave a very dangerous idea that privileged information can be held on a system that processes unprivileged information. What you should do is keep them all in different systems that are physically separate from each other. The only way you can send information from a less privileged system to a higher level is to cross a physical air gap between machines. Compartmentalization is just a fancy way to say keeping information available to those that need to know it. A CFO would certainly need access to a businesses finance information, but even if he has a high level of access, there is no reason that he should have access to the R and D information. Still an admirable job for something so broad as “security” you boiled down several months of training into less than 15 minutes. You get my “eh close enough” seal of approval!