As always, news seems to filter in a little more slowly on the weekends when it comes to sites like Digg and Reddit. The majority of the news stories are from the major classic news sites like CNN and MSNBC. It makes sense right? People are enjoying time with their families, working out, watching a sporting event, reading a book, anything. They are simply decompressing from the previous week and re-energizing for the upcoming week that seems to move in too fast!
Well one of the major news site stories yesterday caught my eye. The reason it did so was the due to the way it was written and what it was written about. The story came from CNN.com and it was about a small group of hackers from China (also known as "crackers" for their ability to crack programming languages and code) who were making a bold statement by supposedly infiltrating several very secure mainframes and databases in the U.S., Germany, Britain and France.
Reports keep filing in that the a surprising amount of information has been lost or corrupt since several hits on the Pentagon last year. Now we come find that these hits aren't coming from one single hacker or a massive group of hackers, but rather a couple of young guys sitting in their apartment in China or any number of smaller hacking "units."
But the real question is: IS THIS A BAD THING?
This group of hackers has found "backdoors" and "loopholes" in government and private company firewalls and have been able to access this with little to no formal training. They simply know how a website works, how to do some simple coding for a vast number of program languages and that's it.
This should be the number one indicator for Fortune 500 companies and governments alike; YOUR SECURITY ISN'T GOOD ENOUGH!
So why not use this information and start working with the issue. If these guys can break what you spend millions of dollars on to sleep at night, you better start losing some sleep because they will keep breaking it until you fix. They are handing you opportunities left and right and you better be grabbing them now.
My suggestions:
#1. Take sensitive data offline. The last time I checked, I can't say that I've ever heard of anyone walking about the "TOP SECRET" basement at Langley or the White House with a cart full of files and never returning. (This is similar to the Windows notice this week about not putting a password on your machine to ensure no one hacks you.)
#2. You thought you had the "best" working for you; well you just found out you DON'T! These guys are doing this from their apartment for enjoyment and to make a name for themselves. Why not? I'm pretty if anyone could do it and get away with like they are, everyone would do it! I would!
#3. Take advantage and use common sense. These guys are doing that. They are thinking and behaving like anyone with some basic logical thinking capabilities would do.
I didn't view this article as something to be scared off, but rather as a great warning to the governments of the world, Fortune 500 companies and anyone with a website or blog.
Secure yourself online. Take the appropriate measures to make sure you aren't embarrassed. Be smart. Use common sense. No one is completely anonymous.
Think about it!
Have a great day!
Showing posts with label hacking. Show all posts
Showing posts with label hacking. Show all posts
Sunday, March 9, 2008
Thursday, March 6, 2008
The Idiot IT Guy in Everyone
Everyone that has been reading my blog for the past year already knows that I have a passion for IT, technology and life in general. I work for the university that I will be graduating from in May and love my IT position.
Knowing that my position needs a replacement in the upcoming months, my supervisor has asked that if I know of anyone that has some potential as a social IT person that I mention that the position is opening up. Well today, I thought I found someone! And then I realized I was COMPLETELY WRONG!
I was working with some corrupt files for a professor and one of the professor's students was sitting in the office working out some test questions. I began my work and came to realize that only a small percentage of the files were corrupt and that it would be nearly impossible to undo the corruption farther than I had already done. The kid in the room chimes in asking if I've tried this procedure and that procedure and I've informed him that I have. I was impressed that he knew the correct procedure and began to inquire into if he was interested in the position that would be opening up. He seemed interested and then he hit me with a load of information that told me he was either way "overqualified" or a complete dumb @ss!!! (I'm going with option 2. Alex)
He mentioned that he was kicked out of two other schools for hacking (I'm going to call B.S. on this one). He also made the offer to "provide" several expensive applications at the cost of...wait for it...free! Hmm...I wonder where and how he was going to do that? Anyone?
This brings me to my point: This kid has learned nothing while in college. If he had been kicked out of school TWICE for hacking, then he shouldn't be at my university in the first place. He should be sitting on a black hat list. Just because you know how to run a BitTorrent to download programs files does not qualify you as a hacker or even a great computer user.
It seems as though there are individuals who know what they are doing and then there are individuals who think they know what they are doing. You either are or are not someone that truly has a passion for IT.
It's not for everyone.
I have a passion the runs deep and I truly want to be able to fix, learn and teach/translate everything to do with computers to everyone that is willing to learn and adapt.
Everyone functions on different skill levels. It's the people, like this kid, that think they know everything there is to know, in a field where the knowledge base grows at an exponential rate, that basically screw up how the IT world works.
Learn and keep learning! Don't brag! The majority of people simply use the computer and expect it to work. Then there is the small percentage of IT people, like me, who work IT and try to make sure that we can understand and fix Anything and Everything that becomes a problem on a computer.
True wisdom comes from the person that can admit that they do not know EVERYTHING!
To the moron I met today: I work as an internal computer consultant and ensure that all network and computer systems are functioning at the level that my clients need. Don't play devil's advocate and bad/dumb @ss to make yourself look good!
You turned into a fool in my book.
Have a great day and let me know what you think.
Knowing that my position needs a replacement in the upcoming months, my supervisor has asked that if I know of anyone that has some potential as a social IT person that I mention that the position is opening up. Well today, I thought I found someone! And then I realized I was COMPLETELY WRONG!
I was working with some corrupt files for a professor and one of the professor's students was sitting in the office working out some test questions. I began my work and came to realize that only a small percentage of the files were corrupt and that it would be nearly impossible to undo the corruption farther than I had already done. The kid in the room chimes in asking if I've tried this procedure and that procedure and I've informed him that I have. I was impressed that he knew the correct procedure and began to inquire into if he was interested in the position that would be opening up. He seemed interested and then he hit me with a load of information that told me he was either way "overqualified" or a complete dumb @ss!!! (I'm going with option 2. Alex)
He mentioned that he was kicked out of two other schools for hacking (I'm going to call B.S. on this one). He also made the offer to "provide" several expensive applications at the cost of...wait for it...free! Hmm...I wonder where and how he was going to do that? Anyone?
This brings me to my point: This kid has learned nothing while in college. If he had been kicked out of school TWICE for hacking, then he shouldn't be at my university in the first place. He should be sitting on a black hat list. Just because you know how to run a BitTorrent to download programs files does not qualify you as a hacker or even a great computer user.
It seems as though there are individuals who know what they are doing and then there are individuals who think they know what they are doing. You either are or are not someone that truly has a passion for IT.
It's not for everyone.
I have a passion the runs deep and I truly want to be able to fix, learn and teach/translate everything to do with computers to everyone that is willing to learn and adapt.
Everyone functions on different skill levels. It's the people, like this kid, that think they know everything there is to know, in a field where the knowledge base grows at an exponential rate, that basically screw up how the IT world works.
Learn and keep learning! Don't brag! The majority of people simply use the computer and expect it to work. Then there is the small percentage of IT people, like me, who work IT and try to make sure that we can understand and fix Anything and Everything that becomes a problem on a computer.
True wisdom comes from the person that can admit that they do not know EVERYTHING!
To the moron I met today: I work as an internal computer consultant and ensure that all network and computer systems are functioning at the level that my clients need. Don't play devil's advocate and bad/dumb @ss to make yourself look good!
You turned into a fool in my book.
Have a great day and let me know what you think.
Subscribe to:
Posts (Atom)