
Introduction to Cyber Security - nygrenh
https://cybersecuritybase.github.io/
======
secfirstmd
___Total plug on similar topic_ __

In a similar vein, we recently built Umbrella App - which has has tons of
simple, easily accessible lessons on digital and physical security issues
(from sending a secure email to dealing with a kidnap). It 's designed to help
make security easier for travellers, journalists, activists on the move. It's
open source and available here:

-[https://play.google.com/store/apps/details?id=org.secfirst.u...](https://play.google.com/store/apps/details?id=org.secfirst.umbrella)

-[https://www.amazon.com/Security-First-Umbrella-made-easy/dp/...](https://www.amazon.com/Security-First-Umbrella-made-easy/dp/B01AKN9M1Y)

-[https://secfirst.org/fdroid/repo](https://secfirst.org/fdroid/repo)

The raw content is CC and available here for reuse:
[https://github.com/securityfirst](https://github.com/securityfirst)

More info: [https://www.secfirst.org](https://www.secfirst.org)

 __ _Ends total plug on similar topic_ __:)

~~~
616c
I loved your app when I last checked it on FDroid. What is the angle of the
Security First group? Is this a startup? I think the idea is interesting and
deal tangetially with digital literacy and thought apps like yours are great
for such things, but I fail to see how you can convert this into a business
beyond funnelling people into your training and consulting stuff, like your
website suggests.

~~~
secfirstmd
Thanks for your nice comment! :)

There's lots of elements at work here but essentially the business model is:

a) Always be ethical, open source and build using grants etc to expand
Umbrella's feature set, languages, content etc etc.

b) Diversify by building customisations and white-label versions of the app
for large NGO's, various international organisations and commercial
businesses. We've already had a lot of interest in this. In that context we
are a bit less about the app as a learning tool and more about the security
management features which don't exist anywhere else (commercially or open
source).

c) Expand on the training and consulting stuff, which at present is going
quite well but is pretty hard to scale extensively as it's very person
intensive.

~~~
616c
Your model is interesting and I find your idea inspiring. I am sure it is a
tough market.

Would love to read more as an amateur coder and budding infosec guy.

~~~
secfirstmd
Thanks, always happy to answer questions!

 __ _Note to self, really need to update our documentation and FAQ stuff_ __

~~~
616c
Perhaps people like me ought to help you with that. Will check you on GH this
weekend.

~~~
secfirstmd
Cool, if you need any more info please drop me a mail to the address in my
profile! :)

------
lol768
Interesting set of materials, and it's great to see these being more readily
published and made available to anyone.

I was a bit disappointed with the depth of the introduction course's
materials, though. Perhaps the other courses that are scheduled to be
available soon will do a better job, but there doesn't appear to be a lot of
substance within the available materials and the assignments don't require
much thought (or even appear relevant - the question about mnemonic lists
doesn't really address anything security related).

It could perhaps simply be because it's an introduction course, but I expected
the introduction to cover basics such as password security, the
confidentiality/integrity/availability model of aspects of a system that can
be compromised, approaches for authenticating users (lattice access control,
roles, differences between MAC and DAC etc) and other similar theory. Further
courses can delve into the details of cryptography, common security
vulnerabilities and such. Some of the linked materials are a bit more useful
but I don't think I'd have personally taken this course if I only had the
introduction to make a decision from.

~~~
jlgaddis
They have to start somewhere.

Obviously, you and I and other HN'ers are almost certainly not the target
audience for this course.

> _This material contains the introduction part of the course series ..._

I took this to mean that there will be much, much more to come -- both in
_this_ course as well as _additional_ courses in the future.

------
laddng
If you're looking for a more CS intensive cyber security introduction, I would
recommend OpenSecurityTraining at
[http://opensecuritytraining.info/](http://opensecuritytraining.info/)

They dive deep into reverse engineering, assembly, and other CS intensive
topics.

~~~
orly_bookz
Interesting, thank you.

------
jugbee
When I enter my email and press subscribe I get - "The information you have
entered on this page will be sent over an insecure connection and could be
read by a third party.

Are you sure you want to send this information?"
[http://prntscr.com/cyvlhc](http://prntscr.com/cyvlhc)

really guys? really?

~~~
avihavai
Thanks, fixed. :|

------
pcr0
This seems like it's more on the IS/business side of things. Any particular
recommendations on why I should take this as a CS senior?

~~~
avihavai
Hi! I'm Arto, one of the individuals responsible for the course. The first
part of the course series is more on the IS side. The latter parts, including
the one starting next week are more hands on, and include security and
software development -related content as well as more advanced theory things
such as cryptography and machine learning methods for log mining. As a CS
senior, I would likely take the course as it (depending on my institution)
combines topics from multiple CS courses and looks at them through a specific
phenomenon -- it might, in the end, be even fun.

~~~
pcr0
Thanks for clarifying! I'll give it a try.

------
m1972
The kickoff event of the course
[https://www.helsinki.fi/fi/unitube/video/20543](https://www.helsinki.fi/fi/unitube/video/20543)

------
3pt14159
Personally I just bought a mid-year textbook on cyber security from the
University of Waterloo and I'm making my way through it. It's surprising how
bad cyber security is, but so much of it is right there in the pages of this
book. It's like finding out you can buy a Patriot missile for $250 and some
spare time in the evenings.

edit: And of course this book would be unapproachable had it not been for the
work I've done in engineering, software development, and machine learning.

~~~
learningram
What about machine learning is relevant to this textbook ?

~~~
3pt14159
Well the current state of the art in security is using techniques from ML
towards intelligent vulnerability detection and intrusion (if you're team
red), as well as intelligent detection of intrusion (if you're team blue).
These are much easier to understand if you've written a classifier before.

------
616c
I would love to see OpenBadges integration and push university students and
naughty employees when they keep doing dumb stuff on the network to take more
useful courses like this instead of the watered down corporate crap I see for
punishment, instead of educating people away from hacking attempts.

~~~
avihavai
Thanks! This is a good idea, we'll look into it.

------
mitchpron
I've seen lots of courses like this.
[https://www.securityjourney.com/](https://www.securityjourney.com/)
[https://new-www.securecodewarrior.com/](https://new-
www.securecodewarrior.com/) Coursera and Udacity have a bunch too.

Can anyone explain what's special about this University of Helsinki one that
it made it to the front page of HN?

~~~
pen2l
Not sure, but it might be the celebratory factor. (Given that both UoH and
F-secure are involved, it's a good bet that Mikko Hyppönen is involved in this
somehow, who is a pretty famous security expert).

~~~
zengid
Looks like Mikko is involved
[https://twitter.com/mikko/status/790814411468472320](https://twitter.com/mikko/status/790814411468472320)

------
JoeDaDude
Nice. However, my employer is happy to reimburse me some $4k per class at a
traditional university, but will not pony up one dime for an online MOOC
course.

~~~
mtgx
Good thing it's free then.

------
MistahKoala
It look like formal credits can be collected with this course (each module is
worth 1 ECTS), but it doesn't mention how to do so. Does anybody know?

~~~
avihavai
Hello! (I'm one of the instructors) -- If you're currently residing in
Finland, you can get them through the University of Helsinki Open University
(I know...). We'll post more details on this shortly.

If you're residing elsewhere, contact your local institution and ask if they'd
be willing to accept the course as a part of your studies.

