Security for Dummies
Safe and simple
Sunday 29 June 2008, 6:52 PM
Virology Part 1, Introduction
Long ago and far away, in my young years, when I was working as pathologist, dealing with corps, viruses were rather frequent nidus. I left my medical practice, but viruses continue chasing me. Now, dealing with security threats I have to beware of the same old virus hazard. This makes me believe in reincarnation and spiral evolution, karma and fate. But if back in dissecting room the respiratory mask and gloves were the only possible protection, nowadays there are much more prevention means .
Why “virus”?
I never asked this question, but some ask, why these pieces of code are called “virus”. I do not know who first suggested this term, but he definitely is a smart guy with medical background. Viruses in a real world cannot replicate themselves. They need a cell; they integrate themselves into the cell’s DNA, change it and use the resources of the cell for replication, till the moment the cell dies. The same way computer viruses need some environment to live and duplicate. They spread over computer and available files, delete or modify their code and duplicate themselves till the end of computer. Some of computer viruses are not mortal, others are very aggressive. Some are very similar to AIDS. The HID virus attacks lymphocytes, the cells responsible for immune response of the body, computer viruses destroy the anti-virus program.
Who need it?
Actually, I still cannot answer this question. IMHO this is more psychological than pathological issue. People that write viruses have programming knowledge and experience. They could earn much more by creating applications than by destroying. Sometimes I feel that Anti-Virus monsters are responsible. After the attack of Chernobyl virus in 1996, when thousands of motherboards were destroyed in one day by the system overclocking, I suspected hardware manufacturers. These conspiracy ideas are too obvious to be true or too true to be proved. Anyway, virus creation, development or distribution is a crime. So, please behave yourself and stop doing bad things.
Dear Dummies, I will write much more about viruses, worms, malware, spyware, whatsoever in later posts. Please be patient. It will be more interesting later.
Keep reading or subscribe to RSS feed
Why “virus”?
I never asked this question, but some ask, why these pieces of code are called “virus”. I do not know who first suggested this term, but he definitely is a smart guy with medical background. Viruses in a real world cannot replicate themselves. They need a cell; they integrate themselves into the cell’s DNA, change it and use the resources of the cell for replication, till the moment the cell dies. The same way computer viruses need some environment to live and duplicate. They spread over computer and available files, delete or modify their code and duplicate themselves till the end of computer. Some of computer viruses are not mortal, others are very aggressive. Some are very similar to AIDS. The HID virus attacks lymphocytes, the cells responsible for immune response of the body, computer viruses destroy the anti-virus program.
Who need it?
Actually, I still cannot answer this question. IMHO this is more psychological than pathological issue. People that write viruses have programming knowledge and experience. They could earn much more by creating applications than by destroying. Sometimes I feel that Anti-Virus monsters are responsible. After the attack of Chernobyl virus in 1996, when thousands of motherboards were destroyed in one day by the system overclocking, I suspected hardware manufacturers. These conspiracy ideas are too obvious to be true or too true to be proved. Anyway, virus creation, development or distribution is a crime. So, please behave yourself and stop doing bad things.
Dear Dummies, I will write much more about viruses, worms, malware, spyware, whatsoever in later posts. Please be patient. It will be more interesting later.
Keep reading or subscribe to RSS feed
Saturday 28 June 2008, 11:00 AM
Faking a fingerprint (part 2)
In my previous post I have described the simple way of faking a finger for an optical fingerprint sensor.
The second experiment demonstrated the high identification capabilities of optical fingerprint capturing devices together with their absolute lack of discrimination of fake "fingers". During the study we managed to get the fingerprint image that was accepted by an optical sensor. The "victim" was unaware and the fingerprint was captured during his absence.
Needless to say that optical fingerprint sensors offer not just a hole in security , but a wide open door for any intrudor. We have to admit that capasitive and RF matrix type sensors are not much safer.
I will show you how to trick solid state fingerprint sensor in my later posts. Keep reading
The second experiment demonstrated the high identification capabilities of optical fingerprint capturing devices together with their absolute lack of discrimination of fake "fingers". During the study we managed to get the fingerprint image that was accepted by an optical sensor. The "victim" was unaware and the fingerprint was captured during his absence.
Needless to say that optical fingerprint sensors offer not just a hole in security , but a wide open door for any intrudor. We have to admit that capasitive and RF matrix type sensors are not much safer.
I will show you how to trick solid state fingerprint sensor in my later posts. Keep reading
Friday 27 June 2008, 11:37 PM
Faking a fingerprint (part 1)
Back in nineties I was working with TeKey Research group, supplying them raw materials for their tests. The task was to study if fingerprint sensors accept dead fingers. Yes, I was pathologist these years and got plenty of them :). After few experiments we realized that optical sensors cannot distinguish dead fingers from alive. Even worse, they accepted fingerprint images.
See how we did it. You will like the idea and simplicity
See how we did it. You will like the idea and simplicity
Friday 27 June 2008, 11:27 PM
Pathologist confession
My name is Pathologist. Guess why. Right you are, because my first occupation was pathologist. It was long ago and far away, in the country that even does not exist any more.
Now I am dealing with security. This is my occupation and proficiency, knowledge and hobby. I want to share with you some ideas here.
I am going to post some tips and tricks for you. Tips for making your life safer and tricks for hacking through other’s security means. I will not teach you to break the law, but I am going to show the weak links in protections.
If you have questions or suggestions – leave your comments here
Some posts cannot be shown here, due to the ZDNET policy. You are welcom to visit my security4dummies.wordpress.com blog for complete version
If you like the info – dig it
If you do not like it – you are free to leave
Now I am dealing with security. This is my occupation and proficiency, knowledge and hobby. I want to share with you some ideas here.
I am going to post some tips and tricks for you. Tips for making your life safer and tricks for hacking through other’s security means. I will not teach you to break the law, but I am going to show the weak links in protections.
If you have questions or suggestions – leave your comments here
Some posts cannot be shown here, due to the ZDNET policy. You are welcom to visit my security4dummies.wordpress.com blog for complete version
If you like the info – dig it
If you do not like it – you are free to leave
