<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d13691723\x26blogName\x3daryveron\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://tyazmanians.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://tyazmanians.blogspot.com/\x26vt\x3d8987670759279455026', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>
      

Saturday, July 22, 2006

7 On Your Side: Inside The Mind Of The Hacker

"Nothing, no matter how secure it looks, is really secure. There's always another way in," says described Paul Williams, President and CTO of Gray Hat Research. He first discovered his fascination with breaching security at a bank, finding a way to break into a secured vault. He was only 9 years old. "We took a piece of paper and drew the bank layout, drew out the camera angles through trial and error and found that there were spots you can stand and do anything you wanted. And we'd be in the bank vault an hour at a time with no one around," says Williams. He has turned his ability to hack computers into his own business, revealing his secrets to other companies and consumers about beating hackers at their own game. Some pop ups for example read: "Your current security settings prohibit running Active-X controls on this page, and it may not display correctly." While it looks legitimate, what it really means you likely have spyware or worse running on your computer that your anti-virus software cannot detect. Your inbox is not any better, as many as 83% of the emails is spam. "The director of the secret service stated a year ago that the rate the internet is going, in about 2 years the internet will be close to unusable," adds Williams. With that in mind, Williams says update your anti-virus and download automatic updates on a regular basis. Not doing these account for up to 80% of attacks and intrusions on homes computers. It could take on average 150 to 700 hours to resolve. "I would describe it more as a sense of contemptuousness that no one is going to be better than them," says Williams describing how hackers think. While there's no stopping the ruthless mind of a hacker, it's an indication that as the internet grows in convenience, it's sense of safety is decreasing more and more.

Another piece of advice from Williams: when you shop online, use a low limit credit card-- not a debit card that is attached to your bank account, in case your identity is stolen.

Dikutip dari: http://www.kltv.com

Hacker a hero?

In addition to prosecuting an FBI computer consultant who broke into the bureau's database, the government should be thanking him.

Joseph Thomas Colon, who was assigned to the agency's Springfield, Ill., office, was hired to help install the FBI's new computer system. The 28-year-old employee of BAE Systems says he and other FBI information technology employees had become frustrated with bureaucratic delays.
So he apparently obtained an agent's password to get into the secret database to speed installment of the new system. Before his odyssey was over he had cracked into the FBI's classified computer system, accessing the passwords of 38,000 employees, including Director Robert Mueller.
He was wrong to do so. And for intentionally exceeding his authorized computer access - gaining entree into any department in the United States - Mr. Colon pleaded guilty to four misdemeanor counts.
Prosecutors are recommending a year in prison. They don't believe the consultant acted maliciously or for any financial gain but say his "curiosity hacks" nonetheless exposed sensitive information.
Truth is they exposed a whole lot more.
To the everlasting chagrin of the FBI, which still struggles to update its computers to better share and collect information, it was relatively easy for Mr. Colon make his way into the network. In fact, he did it four times in 2004.
Mr. Colon, who also lost his job and security clearance after the admission, said he extracted the information with the help of a couple of free software programs easily downloaded from the Internet.
It wasn't even cutting edge technology, said Joe Stewart, a senior researcher with LURHQ Corp., a Chicago-based security company. "It was pretty run-of-the-mill stuff five years ago."
Anyone seriously concerned about homeland security has to be furious. After 9/11 the country was flabbergasted to learn how extensive computer problems were at the FBI - of all places.
The agency spent hundreds of millions to beef up its system and sharpen its focus on intelligence-gathering and terrorism investigations. Obviously, serious problems persist.
The FBI says it has recently implemented a "comprehensive and proactive security program" and, since last year, all agency employees and contractors must undergo yearly information-security awareness training.
Joseph Colon's hacking got him into trouble, but he did the country a favor by exposing the FBI's vulnerability.


Dikutip dari: http://toledoblade.com