BlackBerry Q5: A youthful new Blackberry

BlackBerry is trying hard to get back to where it once belonged in the smartphone market.

Ten Things You Might Not Know About

Bill Gates, Co-founder and Chairman, Microsoft

SONY XPERIA TABLET Z

A SUPER-THIN TABLET, BUT TOO EXPENSIVE TO REPLACE THE NEXUS 10 IN OUR AFFECTIONS

Use your Mac more effectively with 10 top tips

Owning and using a Mac is, perhaps, one of the most gratifying experiences for any lover of technology.

Which cloud can you trust?

Sydney recently played host to CEBIT - Australia's largest annual business technology conference.

>

Sunday, 18 August 2013

Hacking Today

Hacking Today


Recent media coverage of hacker incidents against well-known Internet companies has started to promote a better understanding of the growing threat hackers pose to computer security. Despite this new publicity, many users and senior managers still do not fully understand the magnitude of the threat. Without the support of the end users, system administrators constantly have to defend against security holes inadvertently opened by the users. Additionally, without the support of management, security and system administrators cannot obtain the resources they need to protect the company. This puts the technical staff in a difficult position when trying to obtain the full support of the organization to defend against the threat. Sometimes numbers speak louder than words to show an organization's exposure to risk and to gain the support of management.
Frequently we have to convince clients that information systems security is necessary and that the threat from hackers is substantial enough to invest in proactive security measures. Since there is no quantifiable measurement of successful security tactics (other than not being hacked), it is difficult to gain support for a security project. Also, unrealistic expectations of the cost of effective security or overreliance on one or two security systems can be a fatal flaw in the network.
There are two large problems security and system administrators need to overcome. First, management often believes that the computer security threat is not a great enough risk to justify funds for protective measures. Second, there is a general misunderstanding of how complex the problem of computer security really is and how many resources are required to adequately defend against attacks. For example, firewalls are necessary components of a security architecture, but firewalls alone do not protect networks. An improperly configured firewall or a firewall without other security measures in place can be worse than an open system if it provides the company with a false sense of security.

For the last six years the Computer Security Institute (CSI) has performed a survey in cooperation with the Federal Bureau of Investigation's (FBI) Computer Intrusion Squad to help determine the extent of computer crime in the United States. In March 2001, CSI published its “2001 Computer Crime and Security Survey,” which is based on responses from 538 computer security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions, and universities. Of those organizations surveyed, 91 percent reported detecting computer security breaches in the last 12 months and 97 percent of those polled had Web sites. Of those with Web sites, 23 percent reported suffering an attack within the last 12 months and 27 percent did not know if they had experienced an attack. Of those reporting attacks, 21 percent reported two to five incidents and 58 percent reported ten or more.
These statistics may be alarming, but the actual state of computer security may be worse than the statistics suggest. Many organizations are still not equipped to detect security breaches. Only 61 percent (up from 50 percent in 2000) of those polled in the CSI survey reported using intrusion detection. Thus, it is likely the actual number of attacks and losses are greater than those reported. While it appears that organizations are starting to implement more security controls, security incidents and losses continue to grow. This could be due to the fact that the security products are not implemented correctly or that the proper policies and procedures are not built around them. In the 2001 CSI survey Patrice Rapalus, CSI director, provided this insight on why incidents and loss continue to grow:
The survey results over the years offer compelling evidence that neither technology nor policies alone really offer an effective defense for your organization… . Organizations that want to survive need to develop a comprehensive approach to information security embracing both the human and technical dimensions.



What to do with an 18in tablet?

18in tablet


There really isn't much to get excited about with laptops and tablets any more It seems most laptops and Ultrabooks are cut from the same cloth, with small changes differentiating a rather large set of choices. Whether it's touchscreen or not seems to be the "made for 2013" tickbox, In the tablet space, you have the market-dominating iPad family, with Android devices going along for the ride. Then there are Windows 8 tablets from a variety of manufacturers, with the Microsoft Surface being the elephant in the room.

So, you can imagine my delight at hearing the news that some vendors are launching larger devices: some 12in, a few even bigger, When I saw Dell had launched the 18in XPS 18, I went straight to the website and placed an order for next-day delivery.

This thing is huge. An 18in tablet screen is, in some ways, a thing of beauty. If you sit it in the supplied desktop stand, you can see it from the other side of the kitchen, which I guess is where it will primarily be used. Do you want to keep an eye on Twitter while kneading bread? Not a problem. Want to watch the football while cleaning the oven? Again, that isn't an issue.

It sits reasonably well on your lap, too, and doesn't suffer from the falling-down-the-gap-in-the-middle effect that plagues smaller tablets; it will rest just fine across both your knees. It would be a joy to use on a plane, assuming you have enough distance between you and the seat in front, and an adequately sized tray - think more business class than economy. Bear in mind that it's only slightly smaller than the 20in Sony Trinitron TV my parents bought in the 1970s, which was deemed suitable for family viewing (in colour, no less).

So, apart from watching TV and keeping an eye on Twitter across the room, to what other uses can you put an 18in tablet? Well, to be honest, I had hoped there would be a real revolution of thinking. For example, wouldn't it be great if you could pick up a streaming video feed and drop it onto your tablet, then change rooms and push it back to the big TV? Or if you could run lots of applets at the same time, keeping an eye on everything from Twitter to the baby cam?

Yes, all that would be nice. But it's here that cold, hard reality hits. Lest we forget, the XPS 18 employs Windows 8, so it suffers from all the problems relating to that OS. Yes, I can snap two Metro apps onto the screen - but only two. On a screen of this size, I want eight. Even if I could run that number of apps, I'd soon run into the resolution limit of the screen: at only 1920 x 1080, the display looks pixellated even from a few feet away. I'm not convinced it would work well with eight information windows open at once.

Next, there's the weight, It's made from concrete, or at least that's what it feels like. You can forget holding the XPS 18 in one hand - that simply isn't going to work. Also, the width makes it awkward to thumb-type on the keyboard. My hands aren't small, but there's a huge gap in the middle, even with both hands outstretched. Sitting the device on your lap or on a table are the only options. So, we're back to kitchen mode, since it really doesn't offer anything useful outside this space,

It's all a little disappointing. You can't simply scale up a product without giving it specific capabilities that take advantage of the increased size. Otherwise, you end up with something as pig-ugly as the oversized Mini Countryman, for example, which looks like a Mini that's been over-inflated by an air line at a garage.
And then it dawned on me. I was carrying the XPS 18 across the room by holding it on either side, as I would a medium-sized tray topped with a dinner plate and a glass, Dinner would obscure some of the screen, of course, but would that really matter? Clearly, this is an area Dell needs to investigate further for the XPS 18 Mark 2.

 It already has decent rubberised feet, which prevent it from sliding around; with a little more research in this direction, its transformation into a useful device would be complete.
Except for one thing, something so blindingly obvious when you think about it that I can't believe Dell missed it: the XPS 18 needs cute little handles on each side to make it easier to carry. Then you could have advertising beneath your beef stroganoff as well as on the television screen. Perfect.





A Look At Session Hijacking

Session Hijacking

Session hijacking involves the theft of another's internet session, thereby allowing the attacker to impersonate the original user. Falling victim to a session hijacking attack could prove catastrophic because it may enable the attacker to perform any task that you, the victim, would be able to perform.
In this article I explain what session hijacking entails, and detail some of the more favoured methods for compromising a session token. I also discuss three of the tools most commonly used to perform such attacks and outline some prevention measures that you might implement, in either your home or place of business, in order to avoid becoming a victim of such an attack.

WHAT SESSION HIJACKING INVOLVES

At its most basic level, session hijacking involves the taking over of a victim's active internet session by covertly obtaining the victim's session token. Once the victim's session token has been accessed, the attacker can masquerade as the victim, and perform any tasks that the victim is authorized to perform.
The session token required to perform a hijack is normally stored within an internet cookie or URL. For most communications, authentication procedures are carried out at start up. The process of session hijacking takes advantage of this practice by intruding into the web session in real time. The ability to detect such an intrusion is dependent on both the technical knowledge of the victim and the specific nature of the attack.

ACTIVE AND PASSIVE ATTACKS

There are two broad forms of session hijack attacks which are known respectively as an active and a passive attack. An active attack involves the identification, attack, and successful takeover of an active internet session. It is regarded as the more advanced form one of attack, due to the higher level of skill which it entails.
A passive attack involves the attacker monitoring the traffic being sent across the victim's network and, as such, is nothing more than an advanced form of network sniffing. The attacker gathers information, such as login information, and then uses that information to authenticate in a separate session.

COMPROMISING SESSION TOKENS

Common methods employed in stealing a valid session token are: session sniffing; client-side attacks; man-in-the-middle attacks; and session prediction. Each of these is discussed below.
Session sniffing is the easiest approach to capturing a valid session token. It involves the monitoring of network traffic being sent between the victim's terminal and the server that the victim is connecting to, Monitoring this traffic allows the attacker to easily gather a wide range of sensitive data, including information regarding the session token as well as login details to various websites and services.
Another common means of gaining access to a session token, and other personal data, is for the attacker to use a client-side attack. One of the most common client-side-attacks involves infecting the intended victim's terminal with a malware application, such as a Trojan or Virus. This application then gives the attacker access to the target's data and allows the copying, editing and deletion of any file on the target's computer, The cross-site script (XSS) attack is another example of a client
side attack. An XSS attack occurs when an attacker sends a URL containing malicious javascript code to a potential victim. If the target navigates to the link, the malicious javascript code will be executed, resulting in a copy of the target's session token being sent to the attacker.
A man-in-the-middle attack (MITM) occurs when the attacker intercepts communications between two systems, and then assumes the role of a proxy between both parties. The attacker does this by splitting the connection into two new links: one between the server and the attacker, and the other between the attacker and the victim. By acting as a proxy for all communications between the two parties, the attacker is able to read and modify the data that is sent between the victim and the server, including the session token.
A session prediction attack, which is, in my opinion, the most amateurish of attack methods, involves the attacker trying to guess the active session's token. The attacker does this by analysing both the means by which the session token is generated and the algorithms that are used to protect it. Once an attacker understands this process, they are able to predict a valid session token value and gain access to that session, Some simple, highly vulnerable session tokens may comprise predictable information such as timestamps and usernames. Employing such basic session token assignment schemes is extremely dangerous and should be avoided!

TOOLS EMPLOYED BY ATTACKERS

There are a variety of applications that can be used to sniff networks and hijack active sessions, Three of the most commonly employed applications are as follows.
Juggernaut is a network sniffer that was developed for Linux operating systems. Juggernaut allows the user to monitor all network traffic, or alternatively, to scan network traffic for specific keywords, such as usernames, website addresses or passwords. juggernaut also allows the user to view information regarding all active network sessions, and provides the user with the option of hijacking any of these sessions. Juggernaut is a free-to¬use application and installation guides are available on a variety of websites; a basic Google search should be sufficient to find one of these guides.
A second application is T-Sight, which is a network scanning and session hijacking tool designed for use within the Microsoft Windows environment. T-Sight allows the user to monitor all data being passed over a network. When a session id has been captured, a single button click allows the attacker to hijack the session. In an attempt to prevent T-Sight being used for illegal purposes, Engarde, the company that produces and distributes T-Sight, only licenses the software to pre-determined IP addresses.
Finally, Ettercap is a free and open source network security tool that allows the user to perform man-in¬the middle attacks over Local Area Networks (LANs). Ettercap is compatible with a range of operating systems, including Linux, Mac OS X, Solaris and Microsoft Windows. It was ranked number 11 on the Top 100 Network Security Tools list of 2006. Ettercap is one of the most advanced sniffing tools available. It allows the attacker to analyse traffic using a variety of different methods, and enables the efficient location of information in the shortest possible timeframe. While Ettercap is arguably the most advanced of the three applications I have outlined, there are some known issues with its stability when operating within a Windows environment. However, it operates perfectly in Kali, a Linux distribution designed for penetration testers.

PREVENTING AN ATTACK

The following preventative measures can be taken to minimise the risk of being subjected to a session hijacking attack.

ENCRYPTION
The encryption of data, including the session token, passing between both parties can significantly reduce the chances of a successful session hijack attack. Encryption can be employed using a cryptographic protocol such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL). Encryption is heavily relied upon by most web-based banking applications and e-commerce services, including eBay and Freelancer. A relatively effortless means of employing encryption is to download and install the browser add-on, HTTPS Everywhere. This is the same software that is used by the Tor Project to enforce browser encryption within the Tor network. It should be noted that while encryption will dramatically reduce the effectiveness of sniffing-style attacks, there is still the potential for a session hijack to occur if the attacker uses a different method to gain access to the session token.

CONNECTIONS
Another way to mitigate the risk of having your session hijacked is to limit the number of remote connections to your network, This can be done by using a Virtual Private Network (VPN) server. This enable authorised users to connect to your network from an offsite location. Employing a VPN server adds an extra layer of protection between users and your network. When combined with SSL encryption, a VPN server, acting as a middleman between your users personal terminals and your network, should offer sufficient protection against session hijacks in the majority of cases.

ANTI-VIRUS SOFTWARE
Making sure that up-to-date anti-virus software is installed an networked computers will help prevent the network being infected by malware. As discussed, malware can be used by an attacker to steal a session token.

EMPLOYEE EDUCATION
Educating employees as to procedures for safe internet use can be boring but nonetheless highly effective in preventing a range of attacks. Educating your employees about the different types of malware, how malware is spread (seam email, infected files etc.) and proper browsing habits, will assist in preventing infections that could spread across your network and reap havoc.

CONCLUSION

Whether you are operating on your personal, home, or business network, the threat of session hijacking attacks is very real. While a successful attack can be devastating to you and your business, the measures outlined in this article can assist in reducing the likelihood of an attack being effective.