Group items tagged

How can iphone be hijacked? How can a user tell if she is being SMS attacked? April 26 woo

was i supposed to do this? it wasnt on the list so i didnt know...

1. How can iphone be hijacked? The experts say that what you would know when your iphone is being hijacked is when one giveaway is if you receive a text message containing a single square character. If that happens, he suggests you immediately turn off your iPhone. The iPhone can be hijacked through a series of invisible SMS message bursts that hijacks the iPhone. The attacker would then be able to control all the functions on the iPhone, as well as continue to send messages to hijack more phones. 2. How can a user tell if she is being SMS attacked? The researchers said the hack involves sending a series of mostly invisible SMS bursts that effectively hijack an iPhone. From thereon, a hacker could control all the functions on the iPhone, such as e-mailing, dialing contacts - and, most alarmingly, sending more text messages to hijack even more iPhones. A user can tell if she is being SMS attacked if they receive a message containing a square character. Prevention measures include immediately turning off your iPhone.

Why were the customers spooked? Why is this a problem? Describe consolidated.db. Check this link: tracking and recording your location data. How is apple collecting geodata? Why is apple collecting geodata? Explain the problems with collecting geodata. Could law enforcement in America be able to subpoena these types of records from people's iPhones or iPads? april 26 cream

How can iphone be hijacked? The experts say that what you would know when your iphone is being hijacked is when one giveaway is if you receive a text message containing a single square character. If that happens, he suggests you immediately turn off your iPhone. How can a user tell if she is being SMS attacked? The researchers said the hack involves sending a series of mostly invisible SMS bursts that effectively hijack an iPhone. From thereon, a hacker could control all the functions on the iPhone, such as e-mailing, dialing contacts - and, most alarmingly, sending more text messages to hijack even more iPhones. Just turn off your iphone right away!

Cream: Wrong Comment for this article. Comment again with the right answers. incomplete

M12 analysis M13 brief sept 12-13 jen max

1. Identify the scenario. Business 2. Describe a social/ethical concern and the relationship of one primary stakeholder to the IT system in the article. Security is a social/ethical concern because it regards the security of the Database Servers that are used to store the Domain Names and IP addresses. With insufficient security, the database security can be breached by outsiders and be altered. The primary stakeholder is Group NBT, and is the domain name management firm of NetNames and Ascio whose DNS Databases were compromised in this attack. Their SQL commands were infiltrated by the hackers, so that the information stored on their DNS Database was altered, that made website visitors be re-directed to spam websites. 3. Describe the IT concepts and processes. Domain Name System (DNS) - The address book for the website that links the URL of websites to IP address numbers that computers use to visit a website. IP Address - The numbers that are separated by period dots that make up a website's numerical address of its location. (DNS) Database - A database is a massive spreadsheet with numerous data types and forms used to store large amounts of data (in this case, websites' domain names URL and their respective IP addresses.) SQL Injection - SQL stands for Structured Query Language, used for database manipulation. This is a hacking method by using the various layers present in SQL commands, by 'injecting' a hidden command that enables to create a loop hole for access and change the database information. This includes changing strings of commands in the original SQL command into malicious commands, that are executed when the altered SQL command is executed. http://msdn.microsoft.com/en-us/library/ms161953.aspx

4. Explain the relationship between the IT system referred to in the article and the concern presented above. The security of the DNS Databases run by NetNames and Ascio (two subsidiaries of domain name management firm Group NBT) is a concern. Their SQL commands were being altered and compromised, which resulted in the altered domain names and IP address links. Their relationship is that the concern is the IT system's (in this case the Database's) security. The IT system, Group NBT's Database, has a concern over it's security. The DNS Database system has a security concern because the hackers were able to alter the paths of redirecting certain websites to scam websites instead through a SQL Injection attack that manipulates the SQL command used to manipulate the domain name database. 5. Describe and evaluate the impact of a social/ethical issue on the stakeholders The social/ethical issue is security. The stakeholders are Vodafone, the Daily Telegraph, UPS, and four other websites, Turkish hackers (Turkguvenligi), and internet users who visited those seven websites within the hacking duration. This has an impact on their security issue because their database has already been compromised once, and unless they create a new system of security to prevent SQL injections, they will never be able to know when someone is changing their SQL command strings. They need to have someone constantly monitoring their SQL to see if there are any changes. The security issue impacts Group NBT because it makes their customers that use their services doubt the secure service because hackers were able to alter the redirection of customers to scam websites instead of their respective website. Therefore security, to a large extent, has an impact on Group NBT. 6. Explain and evaluate one solution to the issue identified. A solution to the issue identified by NBT was to further review their Database system to ensure customers of a more secure service, since it is impossible for a

Analysis Read 2 pages March 25 Azman

1. Identify the area of impact the scenario relates to. Business 2. Identify all ITGS terminology and phrases (IT and social/ethical). Botnets, worm, malware, 3. Describe one ITGS social/ethical concern in the article. Security is the main issue in this article since it is dealing with worms, which infects and damage computer files. 4. Describe the relationship of the main stakeholders to the IT system. The main stakeholder, Facebook, is combating Koobface worm, which is, a malware (malicious software) to prevent it from infecting its users PC. 5. Explain the relationship between the IT system and the social/ethical issue identified in question 3. Koobface worm is a malware that could infect Facebook's users' computer, which is a security issue. It is estimated that the group earned more than $2 million from June 2009 to June 2010 by delivering the victims of its worm to unscrupulous marketers and makers of fake antivirus software. 6. Discuss at least one problem that relates to the impacts of the social/ethical issue. A Koobface attack starts with an invitation to watch a video and a message about updating the computer's Flash software. Clicking to get the update begins the download of Koobface, which gives criminals control of the computer, while the worm tries to spread itself further through the victim's social network contacts. This is a security breach to Facebook's users computer. When the criminals have control of the computer, they can do anything they want with it like, stealing personal information, etc. 7. Evaluate one solution that addresses the problem identified. Facebook need to step up their security for their users safety. To halt Koobface, Facebook uses algorithms that can detect suspicious posts and hijacked accounts, looking for unusual behavior like log-ins from odd places and a surge in messages sent. Facebook also keeps a blacklist of malicious Web links to prevent them from being shared on the site. When Koobface posts find a

Describe the following terms and explain possible solutions: drive-by downloads clickjacking targeted brand attacks on social networks MitB (Man-in-the-Browser) MitMo (Man-in-the-Mobile) advanced on-the-fly SSL hacking may 23 soo

drive-by downloads Drive-by downloads are downloads to the computer that are harmful, and are downloaded because the user doesn't know that the download took place, what was downloaded (virus, malware) or downloaded something, but didn't know it was malware. When a malicious website is visited, malware may be downloaded to the computer without users even knowing. Solutions to prevent drive-by downloads include having the internet security suite (like Norton Internet Security) installed and kept up to date. Also, using a proxy can filter the web content (like Vidalia). The user's antivirus firewall should always be turned on. http://www.softwarenewsdaily.com/2010/12/drive-by-downloads-malware-installed-without-your-knowledge http://www.associatedcontent.com/article/794101/how_to_prevent_driveby_downloads_.html Clickjacking Clickjacking, also known as user-interface (UI) redressing, is one of the most common attacks against users by creating malicious pages that tricking users to click on buttons and links which reveal sensitive information, or can allow the attacker to take over control of the user's computer. The true function of the button is hidden under an opaque layer that shows something different to trick the users. A possible solution to clickjacking is the "walled garden" that iPhone has. It has a closed or exclusive set of information services provided for users, instead of allowing open access to apps and content. https://www.owasp.org/index.php/Clickjacking Targeted brand attacks on social networks Targeted brand attacks on social networks is attacking the big brand names, and attacking its reputation, currently common through attacks on social networks and phishing. Scammers that hijacked a social networking account can add random people to their friends list, and link them to malicious sites. Or an attacker would disguise themselves as the "official" profile of the brand company, and make friends and trick them into revealing sen