Category Archive Information Security

ByJayanthi

Black Widow

The Information security world is a deep one and sometimes it is quite shocking to know the things that can be done. Did you know that ‘Black widow’ is not just the name of a spider…but it is a actual software that is used for ‘reconnaissance’ too(Of course, InfoSec professionals will know :))

‘Reconnaissance’ is the ability to obtain freely available information about a website. Vocabulary.com defines “Reconnoitering as checking something out, but in a sneaky way!”

Once this information is obtained one can seal the extra unwanted information that is unintentionally creeping out(for example, maybe passwords and employee details are visible with the reconnaissance tools) One of the ways that a site can be ripped is by employing website downloaders like ‘Black Widow’, Website downloader  and Httrack.

Most of these tools will allow you to download the entire website and the directory structure, external links, bad links and email addresses. The picture below shows a screen shot of the ‘Black Widow’ software…

The details provided above are for informational purposes only! Please do not use it in any inappropriate way!

This is my fifth post for #MyFriendAlexa by @Blogchatter!

Liked this post? Please comment and share! 🙂

ByJayanthi

Pharming

The online world unfortunately is not a fun place as it seems. There are other types of people around too seeking to grab credit card numbers, bank account numbers, steal pictures of children and/or any personal data that is floating around. 

Let us assume that you would like to visit a website, www.abac.com (a fictitional website) What happens when you visit www.abac.com and do a bit shopping and submit your bank account details or any other personal details only to realize after a day – that the website that you visited was actually a fake one? 

This type of attack is known as ‘Pharming’. ‘Pharming’ is done by modifying the victim’s file or by a more complicated technique known as ‘DNS poisoning’. 

To protect oneself:

The best way to protect oneself from ‘Pharming’ attacks is to:

  1. install the latest version of anti-virus software
  2. Apply the patches as and when posted
  3. Associating one-self with a good ISP
  4. When making payments ensure that SSL(secure sockets layer) is enabled for the website
  5. Keeping with the latest in the security field(where are the breaches, what was stolen, what is the newest type of attack)
  6. And keeping ears and eyes open! 🙂

We have seen yet another concept of ‘Information security’ in this post.

This is the third post for ‘MyFriendAlexa’ by @Blogchatter!

ByJayanthi

Hacking

While ‘Information security’ always gives us images of breaches, hacks, stolen credit card numbers and bank account numbers, my blog has always been associated with the concepts of ‘Information security’ or the many defenses that are there to keep your information safe.

In this post, I will like to delve into the reality of letting off the ‘Information security’defenses down. Apart from the breaches and hacks, what are the other ugly things that are possible?  While this may be common knowledge to those in InfoSec domain – it may not be known to every one. It is always a common thought – “it will not happen to me” – it is a reality that it does happen quite frequently and everybody gets affected at some point or other!

  1. Remotely controlling  Android/Apple device 

                There are a variety of ways in which one can remotely control another person’s Android or Apple device.  There are plenty of apps that allow you to control an Android device from a PC, via an another Android device, via WiFi, via Bluetooth and really the possibilities are endless!  

I am sure most of you remember the time when Saket Modi, the co-founder and CEO of Lucideus hacked the phone of a person sitting in the audience. Through this hacking, he was able to procure the subject’s SMSes, contacts, call logs, GPS locations and more! (Source: https://www.youtube.com/watch?v=3fT6pUQrY6M)

2. Hacking cars?

Is this even possible? Yes – maybe in the future! Researchers have shown that hackers can remotely kill your engine, lock the doors to your car, put the car in reverse gear without your permission and many other frightening moves! 

Automotive hacking may be a distinct possibility as the years roll by!

hacker

3. ATM skimming

Many people are sure to have fallen to this type of hack. A small skimmer is attached to the ATM machine by means of which bank details are retrieved.  The numbers are then transferred to blank ATM cards and money and data are stolen! 

4. Keylogger

‘Keylogger’ is a type of surveillance software which when installed on your system, can monitor every key stroke, record passwords, captures screenshots and more. It can be run in invisible mode and thereby the user will have no clue of its presence. This is commonly used by employers to keep tabs on their employees. 

In addition to all this, the devious mind can find ways to see your private Facebook picture, Instagram pictures and any other private information. In short, the more you want to keep it private online, the more someone is eager to see it! 🙂

This is just the tip of the wild side of security hacks… anything is possible  for a determined mind! 

How do we protect ourselves from all this?

Maintain a minimal online presence.  And it is good to keep up with all security updates and install all patches and upgrades as and when posted.

This is my first post for #MyFriendAlexa. I am taking my Alexa rank to the next level with #Blogchatter

ByJayanthi

Young India!

As India celebrates her 72nd Independance day, I was mulling one important aspect of India that can easily stand out from other countries. This was the fundamental aspect that really stood out when we moved back 8 years ago…what was it? read on to find out more…

Youth:

The world all around me was/is very young (initially, I thought it was because I had returned from the US after 14 years  – that I had aged and the next generation had emerged! :))  But while that may have been one reason, India itself had gotten the title of being the “youngest country in the world”. According to Wikipedia, “50% of India is below the age of 25 and 65% of India is below the age of 35”!! Additionally, according to another report from ‘The Guardian’, India has 600 million people who are under the age of 25!! Cool, statistic don’t you think?! 🙂  It is hard to believe this statistic unless you live in a country with such a young population.

Every side and every corner you turn, you will only bump into teenagers, singles and young couples! 🙂 There hardly seem to be many with 2 kids tagging along like us! (ok, a bit of an exaggeration there – but you get the point,right – India is very “youthy”?! :))

How does it affect you?

It definitely rubs you the right way. You feel young and energized and can totally appreciate all the new and latest brain storms. In all my remote work experiences, I have always worked with people younger than me!  While I thought it was initially a one time thing or an occasional happening…it happens all the time – (while, what they think of me is for another blog post :)) –   and I am sure that is true for most of us from my generation…

Startups:

India and particularly Bangalore or Bengaluru is home to a number of ‘startups’. Makemytrip, Flipkart, Snapdeal, Ola cabs, Zomato, redBus and many more organizations are all shining examples of Indian startups. According to this report from Bangalore Mirror, the average age of startup founders is under 36! (Superb, don’t you think?) 

There are still a huge number of startups that are mushrooming at a rapid pace with extremely bright ideas. Now, how long these organizations last and whether all of them do well in the long run, is anybody’s guess – but the feeling of entrepreneurship and moving from the tag of “employee” to “employer” is strong in India! So much so, that many start their own companies after a few years of corporate experience!

Here is to a young India making a positive difference to life in the world…

Happy Independence day to all!! 🙂

ByJayanthi

What are Smart Contracts?

‘Smart Contracts’ is a term that is often used in the Blockchain world. ‘Smart Contracts are similar to legal contracts but are encoded in the ‘Blockchain’ . ‘Ethereum’, the public blockchain is the most popular way to create smart contracts.

We encounter physical ‘contracts’ throughout our life. Contracts are present when we start a new job(detailing the job details and the date of salary payments)  , when we buy a new house(detailing our mortgage payments and the corresponding dates , when we buy a new vehicle(detailing loan payments)

Home loans, car loans and most other critical dealings come with contracts. ‘Contracts’ enable the buyer and seller to keep their word. In a home buying scenario, once the buyer completes all his mortgage payments, the loaner company should release the title and deed and all appropriate paperwork to the buyer. There are lengthy clauses which cover every aspect of our business dealings.

An example of a legal statement might be as follows: ‘If the bill is not paid by a certain due date, then add a corresponding late fee or revoke the license’. 

What if this could be automated and enforced without any manual intervention? Is this possible? yes – by means of smart contracts. 

In a ‘smart contract’ the contract itself is coded and it is further stored and monitored by the Blockchain network.  Once a condition is met, the contract executes automatically. This ensures transparency along with elimination of middlemen.

‘Smart Contracts’ are mostly written in the ‘Solidity’ programming language.

This is just a short glimpse into the world of ‘smart contracts’. Join me as I uncover more technical topics about the ‘Blockchain’ world  in subsequent posts…

 

 

smart contracts
ByJayanthi

Wireshark

For those who would like to look deep into their networks and not just on the outside, “Wireshark – the network protocol analyzer,” is the way to go!  We will understand what is meant by “sniffing”, why it is used and how the Wireshark network protocol analyzer works in this post.

What are sniffers?

While social media rages on one side giving rise to new professions, there is another equally quiet but stealthy profession too – monitoring other people’s networks and activities by means of “sniffing”. Since a firewall cannot detect all malicious traffic we use “sniffers” to monitor the traffic across the network.  As with everything else in security, “sniffers” can be used in a positive and negative way either by employers monitoring their employees or by scrupulous individuals trying to hack systems.

Read More

ByJayanthi

Are you a ‘helicopter’ parent? :)

I am sure most of us are guilty of this in today’s world. And rightly so…I know, I  definitely am!! 🙂 Even as there different parenting styles and unique children, there are some parenting feelings that come by intuition. One of that may be “helicopter parenting”!! 🙂 

What is ‘helicopter parenting’?

We see so many atrocities committed all around us and more heinous crimes against children. This automatically makes us more protective of our children. We shield them more and more and we “hover” over every move of theirs which leads us to the term “helicopter parenting”. So, “helicopter” parenting is hovering over the kids too much and monitoring their activities and lives most of the time. This over protection is so much that sometimes they are not able to take many decisions on their own.

The problem partly arises, because they may grow but in our eyes, they are still the same “small child”! 🙂 and we worry wherever they go.  We may never have been brought up that way but in today’s world, “worry” comes with parenting. We cannot allow them to freely walk outside, cannot allow them to cross the road on their own(even if they are 15 years old!! :)), cannot allow them to travel by city buses, cannot allow them to do any house work and on and on. We smother them and shield and it sometimes continues all through their lives!! Parents remain as parents – “the all knowing ones!! :))” and children remain “children” – the “all unknowing ones”!! 🙂 (This continues even if you are 30 year old child and 60 year old parent!! ;))

Is it wrong?

I am sure there is no perfect right or prefect wrong in parenting. What might work for one might not work for another. However, I don’t think there is anything wrong with “helicopter parenting” at a young age when the child does not know right from wrong. But after they grow, too much of hovering might impede a child’s ability to be independent(all said and done, after a while they will be independent – just the path will be harder)

How do we solve this?

As I ponder “unhelicoptering” I have started to let them take decisions on their own and encouraging them to be free outside(at least one of my kids is eligible for that) It is a fine line to teach them to be independent as well not neglect them entirely either. I am still learning the ropes of dealing with “unhelicoptering”… Wish me luck!!  🙂

 

ByJayanthi

Blockchain lingo!

 Blockchain, AI and machine learning are the latest buzzwords in the IT industry. Building a blockchain is also becoming a need for various businesses. Recall, that a “Blockchain” is the distributed shared ledger for recording and storing transactions. Each of the participant in the business network has a copy of the ledger which is updated regularly.

Before building a blockchain, there are a few keywords that have to be mastered and we will discuss them today.

Read More

ByJayanthi

Myths about the US

As I start my writing again, I gravitate towards my pet topic of India and US again! 🙂

As I see the numbers swell outside the US Consulate to obtain a US visa, I recollect some of the myths that we dealt with when we were stepping into the US(many,many years ago!)

Shop from BigBasket!

  1. Rosy dream starts right away? Nope, the rosy dreamy takes time and patience… 🙂 I hear so much about people getting paid much better in US than in India – but that might not be true immediately. If you are in high demand states like California or New York in high demand professions like IT, it may be a possibility. But everybody goes through a settling phase of a new employer, new country, new prices , new car and so on. So, the magical six figure salary in US dollars might not arrive instantly for all.
  2. Cost of living in US is much higher than in India. Period. 🙂
  3. Even though we feel that “everybody” from India is in the US, the fact is that we cannot see “everybody” or “anybody” since everybody is in a different state and going from state to state to meet anybody/everybody is not feasible. So, in all possibilities you will see “everybody” in India, only! 🙂
  4. Will you earn better if you have a US degree? Nope, there too. It has always been the economics concept of ‘supply vs demand’ that has brought Indian professionals to the US. If you have the right skills that are in demand currently in the US, you don’t need a US degree to validate your experience(although pursuing higher education in the US is a delight 🙂 and a higher degree might prove beneficial later on in the career)
  5. Are jobs stable in the US? Nope, again! 🙂 Just as software professionals get paid astronomically they get laid off easily too. After all what is a company to do – when they themselves are sinking? And with immigration policies constantly changing, jobs are never a certainty. In addition, professionals ‘on the bench’ waiting for the next project is also a reality.
  6. “Can I start studying immediately?” might be another thought for those on dependent visas. Pursuing higher education in US is a wonderful experience but it does pinch the pockets. In order to pay for your graduate education, you may have to work as a research assistant or teaching assistant or do other eligible jobs(within visa conditions) Bottom line, US education is good but not cheap.
  7. Professionals get paid according to their location – it might not be so evident in India – but it is in the US. If you make $50K in Georgia, you need $81K in San Diego, California!!  For more information on cost of living calculators in the US, visit this link (Source: http://money.cnn.com/calculator/pf/cost-of-living/index.html)
  8. Health insurance is  an absolute necessity for all members of the family and for all visiting family members too. It can be quite tricky too. When living abroad, pray that you never fall seriously sick. Not only will you not have enough moral support, the physical support will be missing as well.
  9. Is driving hard in the US? Nope – on the other hand, it is quite a pleasure 🙂 One will definitely enjoy the perfectly regulated traffic and lane discipline. I know, I did! 🙂
  10. And lastly the spouses of those on H1 visas and F1 visas cannot work. This can be a real bummer particularly for women who were actively working in India.

Once you are done with all the ups and downs of finding the perfect employer and perfect place to live along with a good community, living in the US will be a dream come true! 🙂 (at least for a couple of years!)

ByJayanthi

Cryptography

After having done numerous posts on Information security, here is another basic and elementary concept in Information security – ‘Cryptography’. The concept of Cryptography also encloses encryption and decryption. 

Like any other subject, the field of Cryptography is another massive ocean of information. It is the technique of hiding information to bolster secure communication. Cryptographic techniques are an absolute necessity in this digital age where any information can be snooped on. These are a few basic concepts related to Cryptography:

Read More