Group items tagged

summary march 29 nat

Summarise: Facebook is one of the biggest social network that is used by millions of users worldwide, but recently it has been getting complaints about its security and privacy. Therefore, Facebook is clarifying their policy on User Identification Data, because third party companies are not allowed to share the UIDs it collects to ad networks. Facebook modified its policy to forbid UIDs from leaving third-party applications and for such information to remain confidential. Ad networks had to sign a policy deal to make sure that they delete any information they obtain. Any who break this policy get placed on moratoriums, and will be observed, so that they don't do it again. Not only were the small developers effected, but also big companies such as Zynga were also caught transmitting some information.

Azman - Is this any good?

I don't think so. The site looks very unprofessional and it doesn't look legitimate at all. A company that is not well known rates most of the awards that they won. It could be pretty good software but since it's free, there will be downsides and restrictions to it; and users need to be careful when installing freeware.

brief march 29 kuninari

1. Identify the area of impact the scenario relates to. The area of impact the scenario relates to the company who are selling product on security to the other company that need a security, and they got suffered. Business 2. Identify the main stakeholders to the IT system. The main stakeholders to the IT system are company and government who uses secuID 3. Describe one ITGS social/ethical concern in the article. The Data Breach in this article refers to their security system data being violated by an outside offender, such as it being stolen or copied when it's not supposed to be. The advanced cryptographic system is the security system that has an extra layer of security by an electronic token authenticator that generates a time-based number for the users to input while logging in with their password. It is suspected that the master key for the encryption algorithm was stolen, which is the huge secret number that is part of the system. 4. Describe ITGS terminology and systems. SecurID- a mechanism developed by RSA Security for performing two-factor authentication for a user to a network resource 5. If possible, describe a solution to the concern (issue). The solution for this issue is to update the security system often and try to get against from hackers. Having SecurID make up a new algorithm to be used for the system could reinforce the system's security again, if it's possible to make up a new algorithm. Other than that, SecurID would probably have to make up a whole new security system since their current stolen algorithm is probably going to be published and recopied, and the system not secure anymore.

What evidence does Google present for Chinese government censorship? How does this impact the Jasmine revolution? Describe LinkedIn. Why was LinkedIn disrupted? What are the 7 International Safe Harbor Privacy Principles? Explain the major criticism of this system (International...)? Explain "self-censorship is a non-negotiable legal requirement". Explain "China's political elite have a love hate relationship with the internet". march 25 woo

1. What evidence does Google present for Chinese government censorship? Google says that Chinese customers and advertisers have increasingly been complaining about their Gmail service in the past month. Attempts by users to send messages, mark messages as unread and use other services have generated problems for Gmail customers. Google shows potential signs that the Chinese government is increasing their censorship by revealing that Gmail's e-mailing system features have been disrupted for Gmail users as well as other Gmail interfaces such as sending e-mails. Google also reveals that the users who filed in these complaints are mostly potential threats to the Chinese government such as the activist accounts also with financial, technology, media and chemical companies users' accounts. Thus, even though there is no concrete evidence, there are signs that are most likely to be linked to the Chinese government. 2. How does this impact the Jasmine revolution? The move follows extensive attempts by the Chinese authorities to crack down on the Jasmine revolution, an online dissident movement inspired by events in the Middle East. The censorship was supposed to prevent people from getting too much information but instead, this can provoke people to go against the government since people are aware that they have been treated unfairly. 3. Describe LinkedIn. LinkedIn is a business-oriented social networking site. LinkedIn operates the world's largest professional network on the Internet with more than 100 million members in over 200 countries and territories. The purpose of the site is to allow registered users to maintain a list of contact details of people they know and trust in business. The people in the list are called Connections. Users can invite anyone to become a connection. 4. Why was LinkedIn disrupted? LinkedIn is business-social networking and Chinese can use this site as the means of evoking opposition against the government. China's president Hu Jint

Describe talktalk. What is new about talktalk's way of blocking sites? Explain 3 possible problems with the system. may 17 nat

Brief Aug 24 Az

1. Identify the area of impact the scenario relates to. Business, Government 2. Identify the main stakeholders to the IT system. Apple, Google, iOS device users 3. Identify one ITGS social/ethical concern in the article. Privacy, Anonymity 4. Describe ITGS terminology and systems. iPhone smartphone - Apple's iPhone smartphone that includes various smart features such as receiving e-mail, and application, more than just the average phone. Location recognition - the feature on the iPhone that allows the users to be recognized by their location near wifi hubs. Apple was ordered to encrypt location data of people using iPhones to address privacy concerns but the users claim that the device secretly collected information of the users' whereabouts. 5. If possible, describe a solution to the concern (issue). A solution to the privacy issue would be for users to turn off the location-recognition features on their iPhones so that Apple doesn't have access to your phone. Apple needs to be more careful with their data collection process, as well as encrypting the data so there is no breach of privacy of its users, or completely get rid of the whole system itself.

dangerous info

M12 analysis M13 brief sept 12-13 jen max

1. Identify the scenario. Business 2. Describe a social/ethical concern and the relationship of one primary stakeholder to the IT system in the article. Security is a social/ethical concern because it regards the security of the Database Servers that are used to store the Domain Names and IP addresses. With insufficient security, the database security can be breached by outsiders and be altered. The primary stakeholder is Group NBT, and is the domain name management firm of NetNames and Ascio whose DNS Databases were compromised in this attack. Their SQL commands were infiltrated by the hackers, so that the information stored on their DNS Database was altered, that made website visitors be re-directed to spam websites. 3. Describe the IT concepts and processes. Domain Name System (DNS) - The address book for the website that links the URL of websites to IP address numbers that computers use to visit a website. IP Address - The numbers that are separated by period dots that make up a website's numerical address of its location. (DNS) Database - A database is a massive spreadsheet with numerous data types and forms used to store large amounts of data (in this case, websites' domain names URL and their respective IP addresses.) SQL Injection - SQL stands for Structured Query Language, used for database manipulation. This is a hacking method by using the various layers present in SQL commands, by 'injecting' a hidden command that enables to create a loop hole for access and change the database information. This includes changing strings of commands in the original SQL command into malicious commands, that are executed when the altered SQL command is executed. http://msdn.microsoft.com/en-us/library/ms161953.aspx

4. Explain the relationship between the IT system referred to in the article and the concern presented above. The security of the DNS Databases run by NetNames and Ascio (two subsidiaries of domain name management firm Group NBT) is a concern. Their SQL commands were being altered and compromised, which resulted in the altered domain names and IP address links. Their relationship is that the concern is the IT system's (in this case the Database's) security. The IT system, Group NBT's Database, has a concern over it's security. The DNS Database system has a security concern because the hackers were able to alter the paths of redirecting certain websites to scam websites instead through a SQL Injection attack that manipulates the SQL command used to manipulate the domain name database. 5. Describe and evaluate the impact of a social/ethical issue on the stakeholders The social/ethical issue is security. The stakeholders are Vodafone, the Daily Telegraph, UPS, and four other websites, Turkish hackers (Turkguvenligi), and internet users who visited those seven websites within the hacking duration. This has an impact on their security issue because their database has already been compromised once, and unless they create a new system of security to prevent SQL injections, they will never be able to know when someone is changing their SQL command strings. They need to have someone constantly monitoring their SQL to see if there are any changes. The security issue impacts Group NBT because it makes their customers that use their services doubt the secure service because hackers were able to alter the redirection of customers to scam websites instead of their respective website. Therefore security, to a large extent, has an impact on Group NBT. 6. Explain and evaluate one solution to the issue identified. A solution to the issue identified by NBT was to further review their Database system to ensure customers of a more secure service, since it is impossible for a

azman presentation help: http://www.bangkokpost.com/tech/computer/257426/it-has-the-blues

Explain the issues and possible solutions. april 4 kuni

The issue is that the increasing integration of medical devices in hospital networks can increases the risk of being attacked easily, which they hack into the network and steals information. They need to strengthen the security to get against with the possibility of virus attacks which could have a huge damage on delivering data for medication. The Public Health Ministry can play an important role as a regulator in healthcare security, as a same system with the security in the network banking.

Why are iphones tracking people? april 28' cream

Why are iphones tracking people? This is the issue of storing user's location data in unencrypted file. The file, named "consolidated.db," is an unencrypted SQLite database that can be found in the devices' file systems and in the iOS backup files created and updated by iTunes every time an iPhone or 3G iPad is synced. Since, we know that Apple is actually collecting location and some information on iphone that's why iphone is not safe at all. Although the file isn't immediately accessible on the device itself, it can be accessed on a jailbroken device via the iTunes-generated backup file. It also could potentially be accessed using other tools that allow you to explore an iOS device's file system while it's attached to a computer.

Explain what the following means: Miriam Wugmeister, chair of the global privacy practice at law firm Morrison & Foerster, echoes that assessment and stresses than employers should make it clear to employees that they can't expect privacy using corporate devices. While she observes that allowing employees to backup personal devices containing corporate data on a home computer could pose an e-discovery problem in the event of litigation, she also says there are good technical solutions that allow corporate IT administrators to create sandboxes that segregate personal and corporate communications. april 28 woo

incomplete

How can iphone be hijacked? How can a user tell if she is being SMS attacked? April 26 woo

was i supposed to do this? it wasnt on the list so i didnt know...

1. How can iphone be hijacked? The experts say that what you would know when your iphone is being hijacked is when one giveaway is if you receive a text message containing a single square character. If that happens, he suggests you immediately turn off your iPhone. The iPhone can be hijacked through a series of invisible SMS message bursts that hijacks the iPhone. The attacker would then be able to control all the functions on the iPhone, as well as continue to send messages to hijack more phones. 2. How can a user tell if she is being SMS attacked? The researchers said the hack involves sending a series of mostly invisible SMS bursts that effectively hijack an iPhone. From thereon, a hacker could control all the functions on the iPhone, such as e-mailing, dialing contacts - and, most alarmingly, sending more text messages to hijack even more iPhones. A user can tell if she is being SMS attacked if they receive a message containing a square character. Prevention measures include immediately turning off your iPhone.

Why were the customers spooked? Why is this a problem? Describe consolidated.db. Check this link: tracking and recording your location data. How is apple collecting geodata? Why is apple collecting geodata? Explain the problems with collecting geodata. Could law enforcement in America be able to subpoena these types of records from people's iPhones or iPads? april 26 cream

How can iphone be hijacked? The experts say that what you would know when your iphone is being hijacked is when one giveaway is if you receive a text message containing a single square character. If that happens, he suggests you immediately turn off your iPhone. How can a user tell if she is being SMS attacked? The researchers said the hack involves sending a series of mostly invisible SMS bursts that effectively hijack an iPhone. From thereon, a hacker could control all the functions on the iPhone, such as e-mailing, dialing contacts - and, most alarmingly, sending more text messages to hijack even more iPhones. Just turn off your iphone right away!

Cream: Wrong Comment for this article. Comment again with the right answers. incomplete

Describe the IT terms. april 28 kuni

Authentication- Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else), using an assigned or self-declared password. Tokens- A Hardware Token is an Authenticator in the form of a physical object, where the user's interaction with a login system proves that the user physically possesses the object. Hardware Tokens authenticate users on the basis that only the Token assigned to the user could have generated the pseudo-random number or code response keyed in by the user. Successful entry of this code implies that the user is in physical possession of the Token. This implies that the user does not allow users to use his Token, and has not lost it. It is use to prove one's identity electronically, and it is small enough to put it in the pocket or attach to keychain. Smart Card-A card with an embedded computer chip on which information can be stored and processed. It is a plastic card about the size of a credit card, with an embedded microchip that can be loaded with data, used for telephone calling, electronic cash payments, and other applications, and then periodically refreshed for additional use. Biometric- Biometrics is the science and technology of measuring and analyzing biological data. In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for authentication purposes.

List and explain each of the ways suggested to provide protection from this type of security breach. May 9 nat

List and explain each of the ways suggested to provide protection from this type of security breach. Change the password. This is very crucial, if you've used the same password for every other accounts, because it means that anyone can open any account that belongs to you. An easy way to make a complicated password that's fairly easy to remember, is to create a meaningful sentence and take the initials. 'I was born on July 30th 1994' = Iwboj3094 Check your credit reports. This allows you to check and activities that is carried out with your credit card. You can also set your fraud alert. Don't get deceived by e-mails that looks official, because it may be a phishing site.

Select and list 5 guidelines you think are reasonable. May 9 az

* Provide cross-cut paper shredders at each workstation or cash register area or uses a locked wastebasket and shredding company for the disposal of credit card slips, unwanted applications or documents, sensitive data or prescription forms. * Use an alternate number instead of Social Security Numbers (SSN) for employee, client and customer ID numbers. * Encrypt or password protect all sensitive data stored on computers and allow access only on a "need-to-know" basis. * Notify consumers and employees in advance as to the purposes of the data collection, to whom it will be distributed and the subsequent use after the fulfillment of the original purpose. * Keep sensitive information of consumers or employees on any item (timecards, badges, work schedules, licenses) out of view in public areas. That may include home addresses or phone numbers, SSN and driver's license numbers.

Explain the issues that are in common with both Amazon and Sony? Explain the reasons that cloud computing will continue to grow? What could have prevented Sony from getting hacked? Describe: Rambo architecture Chaos monkey Explain the reason that data centers for cloud computing need backups? may 9 woo

1. Explain the issues that are in common with both Amazon and Sony? Issues that are in common with both Amazon and Sony are their reliability and integrity as well as its security. Amazon has just revealed that its Availability Zone in northern Virginia has failed to accommodate customers that were using their services. Sony's hack incident includes its network protection system to be unreliable. Also the security of Amazon's customer's data along with Sony's online users' data is at risk, as well as sensitive information linked to bank accounts. Both Sony and Amazon suffer a setback on their online reputation. Both companies have their servers down which affect a lot of their customers using their services. They both revived worries about the safety of storing and processing data over the Internet. The two crises have also raised questions about the speed and quality of information provided by tech companies when confronted with systems failures. This further links to the data integrity. Amazon users have said that some data may be corrupted or loss resulting from their sites crashing. Sony's users' accounts data may have been altered by unauthorized people. 2. Explain the reasons that cloud computing will continue to grow? Cloud computing will still continue to grow despite its recent incidents because the benefits users receive outweigh the risks that come with cloud computing. The outage suffered by Amazon has been rare. Also, managing one's own network is hardly a guarantee of reliability; it costs a lot of money and is high maintenance. Cloud computing provides another alternative that can save costs for businesses. Also, the recent incidents have proven that managing one's own network is not as reliable as some think considering protection issues and failure/crashes in the network itself. 3. What could have prevented Sony from getting hacked? Sony could have increased its protection system, as well as create random simulations in orde

Tags: 1.1 Reliability and integrity 1.2 Security 3.3 Network

Explain the type of attack and possible security measures to prevent it. m12 nov 8 jenny

The type of attack was a phishing attack that involved sending e-mails that had attachments, that when opened, will install a Trojan horse code into the person's computer. From there, the Trojan horse will be able to locate and copy files to another part of the computer system where they will be extracted back to the hacker who performed the attack. Possible Security Measures to Prevent it: Don't open e-mail attachments unless you know they are from a trusted source, especially attachments containing extensions .exe, .ink, and .vbs. Always have your security software up to date. http://sync.sympatico.ca/how-to/computing/how_to_prevent_a_trojan_horse_infection/a1487f14 Customize your firewall settings for your browser to filter out content. (Default is usually all, but choose to "limit" your connection so that it limits the connection to possible attackers).

Explain possible security problems with this plan and possible solutions. all nov 8 woo