Technic Dynamic is a source of education focused in the following categories of technology: (Computer - Design - Gadgets - Networking - Security) Link : http://technicdynamic.com
Cyber crime is a fact often cited to scare IT managers, directors and other officers for the sole purpose of promoting the sale of services and the establishment of costly protection, this trend is about to be caught up by the reality. It is time to afford a short walk to the wonderful world of piracy policy.
Of course, this article reflects only a personal opinion and is based on facts or analysis that everyone can see on the net to get his own opinion: Recently, the press echoed many cases related directly or indirectly to cybercrime. On the other hand, targeted attacks on individuals (phishing, social or otherwise) are not considered here, the many blogs of antivirus vendors already provide good analysis.
It may be mentioned, very briefly, several relatively recent important cases:
Windows has always been maligned and criticized in terms of security it offers low or non-compliance with privacy. Free and true, these claims persist even today, this article is to describe some weaknesses inherent in this operating system, and only (mostly).
First of all, worth remembering that the main attractions of Windows are easy to use and user friendliness. These are actually the result of multiple abstraction layers that prevent and end-user to be a computer expert to perform many tasks. Successive layers of abstraction are responsible for interpreting user commands by asking a number of assumptions.
For example:
on a single-user station, it is possible to dispense with the login window (and thus the appeal of the gina - the key combination Ctrl + Alt + Delete which is not accessible by applications) to directly connect without a password.
Web browsers allow the user to dispense with the management of passwords and personal information.
By default, the wireless client will prefer Windows automatic reconnection to a network, even if it does not have the baseline characteristics (only the SSID or network name must be identical).
implementations of ARP in Windows are themselves also simplified, paving the way for various attacks on local networks.
automatic execution of certain media provides direct access to the application they contain (CDRom, USB, etc.)
support for multiple multimedia formats used to display a multitude of comfort graphics, video, animations or games.
and so on.
All these simplifying assumptions are sources for potential attacks. The ARP spoofing / poisoning is a known example of a long time. Similarly, native wireless client in Windows are not suitable for professional use.
But when is it the other features offered by Windows? What can be done with little skill and cost (your neighbors, your family)? This article, far from offering a manual for any hacking to everyone, is primarily intended to alert you and make you care when all your computer activities, to promote the value of anonymity on the Internet to advise the use of simple means of encryption and strong passwords ... ... Read more »
Since Linus Torvalds and his Linux system, open source has grown considerably.But what is Open Source?It is the act of making public the source code of software.Open source is governed by a set of licenses, the best known is theGNU Public License.This source code is no longer the Possession of a private person, a group of people, or society, as was the case since the birth of the computer in 60 years, until the 80/90 years.Larger companies followed suit currently no independent developers and in turn offer professional-quality software as open source.But behind this intellectual ferment, what are the consequences for safety, for open source projects?
The benefits
Multiple re-readings of the code
Whether student, professional, amateur or just whatever their level, methods, culture, nationality, the programmer has access to the code.He can read it to understand and anticipate debugging.Readings of these cross many bugs can be detected.Among these bugs, there are certainly directly affect the security of software, such asbuffer overflow.This is calledapplication security holes. ... Read more »
Hackers use several attack techniques. These attacks can be grouped into three different families:
Direct attack.
Collateral attack by bounce.
Attacks by indirect answers.
We will see in detail these three families.
Direct attacks
This is the simplest of attacks. The hacker attack directly from the victim's computer. Most of the "script kiddies" using this technique. Indeed, they are using hack programs are only loosely definable, and many of these programs send packets directly to the victim.
If you get attacked in this way, there are great chances for you to trace the origin of the attack, identifying the same time the identity of the attacker.
Cryptography is the science of converting information "in the clear" in coded information that is not understandable, then, from the coded information, to restore the original information.
Symmetric cryptography and asymmetric cryptography
Symmetric cryptography
We speak of symmetric cryptography where multiple people use the same key to encrypt and decrypt messages. The main disadvantage of this system is the sharing of this unique key between different people: How to send to everyone and securely this unique key that allows you to encrypt and decrypt?
Asymmetric cryptography
In this type of cryptography, each user has two keys:
A private key that must be kept secret.
A public key that is available to all other users.
These two keys are mathematically related. In practice, the public key used to encrypt messages, and the private key used to decrypt them.Once the encrypted message, only the recipient is able to decrypt it. The utility PGP (Prety Good Privacy) works this way. The integrity of information
Good cryptography is to offer a guarantee of the integrity of information.Indeed, it should not be possible to modify encrypted information seamlessly.A process of checking the integrity of the message (encrypted and unencrypted) must be established.This process is performed by a hash function.The result of a hash (hash in English) is a kind of digest of the original message. ... Read more »
