In September 2010, Microsoft commissioned a study to see how effectively Web browsers protect users against socially engineered malware and malicious websites, which are websites that look benign, but aim to convince visitors to download and execute malicious software. NSS Labs conducted tests involving six browsers using real-world threats that showed the beta version of Microsoft’s Internet Explorer 9 (IE9) does a better job of defending against real-world malware than any other browser. Continue reading “Assessing Internet Explorer 9”
With hacking, music can take control of your car
Remote-controlled car hacking is a real possibility, researchers say
Researchers at the University of California, San Diego, and the University of Washington have spent the past two years combing through the myriad computer systems in late-model cars, looking for security flaws and developing ways to misuse them. In a new paper, they say they’ve identified a handful of ways a hacker could break into a car, including attacks over the car’s Bluetooth and cellular network systems, or through malicious software in the diagnostic tools used in automotive repair shops.
Continue reading “With hacking, music can take control of your car”
Tech Terminology Demystified – Identity Theft
Identity theft is a form of fraud or cheating of another person’s identity in which someone pretends to be someone else by assuming that person’s identity, typically in order to access resources or obtain credit and other benefits in that person’s name. The victim of identity theft (here meaning the person whose identity has been assumed by the identity thief) can suffer adverse consequences if he or she is held accountable for the perpetrator’s actions. Organizations and individuals who are duped or defrauded by the identity thief can also suffer adverse consequences and losses, and to that extent are also victims.
Continue reading “Tech Terminology Demystified – Identity Theft”
Advanced Persistent Threats(APT)?
In this blog post we understand what is an APT and how it is different from a traditional targetted human-hacker attack.
Most people will immediately point to the “persistent” part of the definition as the key differentiator. The normal targeted attackers break in, look around, and immediately target the most valuable found assets. They figure that the faster they get in and out with the treasure, the more money and the less risk they face.
By contrast, APT attackers are there to stay as long as they can. The attackers aren’t trying to steal everything at once. Instead, they exploit dozens to hundreds of computers, logon accounts, and email users, searching for new data and ideas over an extended period of months and years.
Even the treasure taken by APTs is different. The traditional attacker seeks immediate financial gain. They will try to steal identities, transfer money to foreign bank accounts, and more. APT attackers, on the other hand, almost always take only information and leave money untouched. Their targets are corporate and product secrets.
APT often steals large amounts of information each week, collecting it at a centralized computer within the compromised network, before sending it all home in a single archive file (often a tar ball). Many networks run APT bots that collect every new folder, file, and email, then send it home. The victims have an online backup system that rivals what they could otherwise pay for with a legitimate company.
Worse yet, APTs are usually so ingrained into an environment that even if you know where they are, they can be difficult or impossible to move.
Google,Dupont, Walt Disney and the latest addition to this list -RSA Inc have all been hit by APTs
The Nasdaq breach –
Earlier this month Nasdaq reported a IT breach where it found “suspicious files” on its U.S. computer servers and determined that hackers could have affected one of its Internet-based client applications Continue reading “The Nasdaq breach –”
Load Testing ASP.NET Web Applications using Jmeter
People do not like slow responses on web sites. It just drives them away. If you would like to know how fast/slow your web site is when 100 or 1000 users access it, what you are attempting to is labelled ‘load testing’. There are many commercial and free tools that do the job for web applications running on Java, ASP.NET, PHP etc. We will specifically look at testing ASP.NET applications using the open source tool called Jmeter.
Continue reading “Load Testing ASP.NET Web Applications using Jmeter”
Tech Terminology Demystified – Android
Android is an open-source software stack for mobile devices that include an Operating System, middleware and key applications. Android’s OS is based upon a modified version of the Linux kernel.
Google purchased the initial developer of the software, Android Inc, in 2005. Google and other members of the Open Handset Alliance collaborated on Android’s development and release. Currently, the Android OS is the world’s best-selling smartphone platform.
32-bit vs 64-bit Computing
The ‘data buss’ in any PC is used to move data around inside the computer. It connects memory to the rest of the system including the processor, which does all the thinking in your computer.
In a 32-bit computer, the width (or size) of the data buss is 32-bits wide. A 64-bit buss is twice as wide so the system can move twice as much data around. Being able to process more data means a faster system — but only for specific things. Normal office productivity and web surfing will show no advantages at all, whereas graphics processing and scientific calculations will go much faster.
So does it make sense to buy a 64-bit computer?
The most common problem with 64-bit is the general lack of stable software to run on these Ferrari of the computer world. The entire system has to be designed and built for the wider data buss, too, so the system will cost more. On the contrary, most 32-bit software will run on a 64-bit system, but that causes one to wonder why one spent the money in the first place. The prices of 32-bit computers are also a lot cheaper.
So why do we need 64-bit computers?
The answer: mostly businesses, universities, scientific groups, and government. If you produce videos, computer art, or develop programs, 64-bit systems will be helpful. But for the home user, 64-bit is currently a bit overkill.
Tech Terminology Demystified – HTML5
HTML5 is the latest version of HTML, currently under development. HTML5 has some really amazing features that we will explore in this article. The first draft of HTML5 was released in 2008 and major browsers are beginning to incorporate HTML5 features. The final version of the standard is not yet released (and not expected to be released any time soon).
Some Common Key Management Mistakes
In this article we look at some common cryptography pitfalls relating to the management of keys and other related issues. Some cryptography fundamentals have been listed below for purposes of clarity. Continue reading “Some Common Key Management Mistakes”