Saturday, March 12, 2016

Kids & Information Security - Fun Introduction

Teaching kids about information security is very important today because the social network websites and applications are blurring the line between what should be shared securely and what not.

Everybody is busy over-sharing the good, bad and ugly over the internet and in the process of doing that forgetting the basics of information security or never taking the time to learn it. Or is it that nobody is introducing these concepts in school? It is something that needs to be introduced in our education systems from early days.

Do you remember the days when we used to send those short messages on a piece of paper in our classrooms? Some encoded those messages because you did not want another person in the middle to open it and understand what it says. How were those messages encoded?

The simplest example is: You create a simple mapping for each letter and number in the alphabet. Then you encode your message and write it on a piece of paper. Then the person on the other end decodes this message knowing the mapping because you shared it with them secretly.

Here is an example of mapping:

Separator between characters is ;;;
A is 0
B is 1
C is 2
D is 3
E is 4
....etc
a is 100
b is 101
...etc

Then if you want to encode "Do you want to play tennis tonight?", you would write the following:

3;;;114;;;___;;;124;;;114;;;120;;;___;;;122;;;100;;;113;;;119;;;___;;;119;;;114;;;___;;;115;;;111;;;100;;;124;;;___;;;119;;;104;;;113;;;113;;;108;;;118;;;___;;;119;;;114;;;113;;;108;;;106;;;107;;;119;;;?;;; 

The person on the other side would be able to translate this message into English as long as you previously shared the mapping with him/her. Obviously with the technology these days you would not be using paper and translating this; you would be using a software tool. I quickly put together an example in a simple web page using Javascript where you can plug in some sentences and it will use the exact same mapping as I explained above.

Try it out: HTML page where you can try this


The example above is a very simple mapping. If you want to use a slightly more complicated mapping, here is another example:

Try it out: Encoding/Decoding example in Javascript


The above algorithms for encoding/decoding are simple and can be figured out by experts very easily but they are relatively complex for novice and average computer users. These examples are just a way of introducing these concepts and encouraging you to teach your kids the importance of security.

These examples are easy to try and have some fun with them. You can save those examples as HTML files on your local computer, then edit the file and change the mapping at the top of file to what you want. Then in some secure way share that HTML file with your friend. From that point, you can send encoded messages to your friend in an email. The receiver can decode the message by copying and pasting the message into this simple HTML page and decoding it :)

Let's use this opportunity to do a quick security gauge of your security habits and if you have kids/nieces/nephews, teach them. Here are few comments/questions for you:

  • If you are using the same password across multiple accounts, you should change this.
  • If your passwords have names of cities, countries, or any word that you can find in a dictionary, you need to change this habit very soon.
  • If your passwords are not long enough and complex enough, then you need to do something about this. Details on what "long enough" and "complex enough" can be found on internet and the best way to deal with this is to use well respected tools for this. 
  • Are you using two-factor authentication for any accounts that support this?


Almir M.

#InfoSec #encoding #decoding #programming #programmer #code #coding #software #softwaredevelopment #InformationSecurity #SecureCommunication 

No comments:

Post a Comment