As always, news seems to filter in a little more slowly on the weekends when it comes to sites like Digg and Reddit. The majority of the news stories are from the major classic news sites like CNN and MSNBC. It makes sense right? People are enjoying time with their families, working out, watching a sporting event, reading a book, anything. They are simply decompressing from the previous week and re-energizing for the upcoming week that seems to move in too fast!
Well one of the major news site stories yesterday caught my eye. The reason it did so was the due to the way it was written and what it was written about. The story came from CNN.com and it was about a small group of hackers from China (also known as "crackers" for their ability to crack programming languages and code) who were making a bold statement by supposedly infiltrating several very secure mainframes and databases in the U.S., Germany, Britain and France.
Reports keep filing in that the a surprising amount of information has been lost or corrupt since several hits on the Pentagon last year. Now we come find that these hits aren't coming from one single hacker or a massive group of hackers, but rather a couple of young guys sitting in their apartment in China or any number of smaller hacking "units."
But the real question is: IS THIS A BAD THING?
This group of hackers has found "backdoors" and "loopholes" in government and private company firewalls and have been able to access this with little to no formal training. They simply know how a website works, how to do some simple coding for a vast number of program languages and that's it.
This should be the number one indicator for Fortune 500 companies and governments alike; YOUR SECURITY ISN'T GOOD ENOUGH!
So why not use this information and start working with the issue. If these guys can break what you spend millions of dollars on to sleep at night, you better start losing some sleep because they will keep breaking it until you fix. They are handing you opportunities left and right and you better be grabbing them now.
My suggestions:
#1. Take sensitive data offline. The last time I checked, I can't say that I've ever heard of anyone walking about the "TOP SECRET" basement at Langley or the White House with a cart full of files and never returning. (This is similar to the Windows notice this week about not putting a password on your machine to ensure no one hacks you.)
#2. You thought you had the "best" working for you; well you just found out you DON'T! These guys are doing this from their apartment for enjoyment and to make a name for themselves. Why not? I'm pretty if anyone could do it and get away with like they are, everyone would do it! I would!
#3. Take advantage and use common sense. These guys are doing that. They are thinking and behaving like anyone with some basic logical thinking capabilities would do.
I didn't view this article as something to be scared off, but rather as a great warning to the governments of the world, Fortune 500 companies and anyone with a website or blog.
Secure yourself online. Take the appropriate measures to make sure you aren't embarrassed. Be smart. Use common sense. No one is completely anonymous.
Think about it!
Have a great day!
Showing posts with label hacker. Show all posts
Showing posts with label hacker. Show all posts
Sunday, March 9, 2008
Thursday, March 6, 2008
The Idiot IT Guy in Everyone
Everyone that has been reading my blog for the past year already knows that I have a passion for IT, technology and life in general. I work for the university that I will be graduating from in May and love my IT position.
Knowing that my position needs a replacement in the upcoming months, my supervisor has asked that if I know of anyone that has some potential as a social IT person that I mention that the position is opening up. Well today, I thought I found someone! And then I realized I was COMPLETELY WRONG!
I was working with some corrupt files for a professor and one of the professor's students was sitting in the office working out some test questions. I began my work and came to realize that only a small percentage of the files were corrupt and that it would be nearly impossible to undo the corruption farther than I had already done. The kid in the room chimes in asking if I've tried this procedure and that procedure and I've informed him that I have. I was impressed that he knew the correct procedure and began to inquire into if he was interested in the position that would be opening up. He seemed interested and then he hit me with a load of information that told me he was either way "overqualified" or a complete dumb @ss!!! (I'm going with option 2. Alex)
He mentioned that he was kicked out of two other schools for hacking (I'm going to call B.S. on this one). He also made the offer to "provide" several expensive applications at the cost of...wait for it...free! Hmm...I wonder where and how he was going to do that? Anyone?
This brings me to my point: This kid has learned nothing while in college. If he had been kicked out of school TWICE for hacking, then he shouldn't be at my university in the first place. He should be sitting on a black hat list. Just because you know how to run a BitTorrent to download programs files does not qualify you as a hacker or even a great computer user.
It seems as though there are individuals who know what they are doing and then there are individuals who think they know what they are doing. You either are or are not someone that truly has a passion for IT.
It's not for everyone.
I have a passion the runs deep and I truly want to be able to fix, learn and teach/translate everything to do with computers to everyone that is willing to learn and adapt.
Everyone functions on different skill levels. It's the people, like this kid, that think they know everything there is to know, in a field where the knowledge base grows at an exponential rate, that basically screw up how the IT world works.
Learn and keep learning! Don't brag! The majority of people simply use the computer and expect it to work. Then there is the small percentage of IT people, like me, who work IT and try to make sure that we can understand and fix Anything and Everything that becomes a problem on a computer.
True wisdom comes from the person that can admit that they do not know EVERYTHING!
To the moron I met today: I work as an internal computer consultant and ensure that all network and computer systems are functioning at the level that my clients need. Don't play devil's advocate and bad/dumb @ss to make yourself look good!
You turned into a fool in my book.
Have a great day and let me know what you think.
Knowing that my position needs a replacement in the upcoming months, my supervisor has asked that if I know of anyone that has some potential as a social IT person that I mention that the position is opening up. Well today, I thought I found someone! And then I realized I was COMPLETELY WRONG!
I was working with some corrupt files for a professor and one of the professor's students was sitting in the office working out some test questions. I began my work and came to realize that only a small percentage of the files were corrupt and that it would be nearly impossible to undo the corruption farther than I had already done. The kid in the room chimes in asking if I've tried this procedure and that procedure and I've informed him that I have. I was impressed that he knew the correct procedure and began to inquire into if he was interested in the position that would be opening up. He seemed interested and then he hit me with a load of information that told me he was either way "overqualified" or a complete dumb @ss!!! (I'm going with option 2. Alex)
He mentioned that he was kicked out of two other schools for hacking (I'm going to call B.S. on this one). He also made the offer to "provide" several expensive applications at the cost of...wait for it...free! Hmm...I wonder where and how he was going to do that? Anyone?
This brings me to my point: This kid has learned nothing while in college. If he had been kicked out of school TWICE for hacking, then he shouldn't be at my university in the first place. He should be sitting on a black hat list. Just because you know how to run a BitTorrent to download programs files does not qualify you as a hacker or even a great computer user.
It seems as though there are individuals who know what they are doing and then there are individuals who think they know what they are doing. You either are or are not someone that truly has a passion for IT.
It's not for everyone.
I have a passion the runs deep and I truly want to be able to fix, learn and teach/translate everything to do with computers to everyone that is willing to learn and adapt.
Everyone functions on different skill levels. It's the people, like this kid, that think they know everything there is to know, in a field where the knowledge base grows at an exponential rate, that basically screw up how the IT world works.
Learn and keep learning! Don't brag! The majority of people simply use the computer and expect it to work. Then there is the small percentage of IT people, like me, who work IT and try to make sure that we can understand and fix Anything and Everything that becomes a problem on a computer.
True wisdom comes from the person that can admit that they do not know EVERYTHING!
To the moron I met today: I work as an internal computer consultant and ensure that all network and computer systems are functioning at the level that my clients need. Don't play devil's advocate and bad/dumb @ss to make yourself look good!
You turned into a fool in my book.
Have a great day and let me know what you think.
Thursday, August 9, 2007
Spock It!
With a little help from Wired, TechCrunch and Lifehacker, I've been trying out a new online social network of sorts called Spock.
Spock is an online application that is meant to create a solid image and collection of all of your online identities on most of the websites that require registration. This concept is great and makes it easy for an individual or company to get a grasp of what you are interested in, what kind of voice or political stance or education or any of wide variety of interests that you might display throughout the web!
There are some downsides to this particular concept considering the simple fact that ambiguity among sites is no longer possible if people begin to register. This would prevent events such as the recent fake "Job's Blog" that caused a small uproar of laughter throughout the online community of bloggers.
Granted, this system can be manipulated and what not but this idea is great and makes for quite an interesting idea that you can have a very centrally located page that has extensions and links to all of your online identities!
I am finding this utility to be quite interesting and fun to play with, but there are risks on my mind that do concern me. If a black hatter (a bad hacker) were to access one of my accounts, I am unsure as to whether or not they would have access to my Spock account and in turn have access to all of my accounts. This is something to be addressed in the near future I hope and I plan to do more research in regards to this site.
If anyone has any experience with this application or the new WikiYou site, please let me know of any perks or concerns you might have! I'd greatly appreciate it!
Have a great day!
Spock is an online application that is meant to create a solid image and collection of all of your online identities on most of the websites that require registration. This concept is great and makes it easy for an individual or company to get a grasp of what you are interested in, what kind of voice or political stance or education or any of wide variety of interests that you might display throughout the web!
There are some downsides to this particular concept considering the simple fact that ambiguity among sites is no longer possible if people begin to register. This would prevent events such as the recent fake "Job's Blog" that caused a small uproar of laughter throughout the online community of bloggers.
Granted, this system can be manipulated and what not but this idea is great and makes for quite an interesting idea that you can have a very centrally located page that has extensions and links to all of your online identities!
I am finding this utility to be quite interesting and fun to play with, but there are risks on my mind that do concern me. If a black hatter (a bad hacker) were to access one of my accounts, I am unsure as to whether or not they would have access to my Spock account and in turn have access to all of my accounts. This is something to be addressed in the near future I hope and I plan to do more research in regards to this site.
If anyone has any experience with this application or the new WikiYou site, please let me know of any perks or concerns you might have! I'd greatly appreciate it!
Have a great day!
Blogged with Flock
Subscribe to:
Posts (Atom)