Mail Drop - The Social engineer's term a rental mailbox, typically rented under an assumed name which is used to deliver documents or packages the victim has been duped into sending.
Data Classification Policy - the differentiation of securing public and private information
Innocuous - not harmful or injurious, harmless
Information Security Department - ISD
Conducts:
-awareness training
-detail methods
Explanation: Social Engineer Employees
-Lingo| "Use None Sensitive things" [Poker Chip]
Friday, June 27, 2008
Types of Security Violations
Here are some basic component violation in security, in the perspective of the malicious code,
Virus :Typical piece of code copies itself into a program, and executes when the program runs
-modifys other programs
-loss or contamination of data, or program
Worm: Reproduces itself until slowd down or shuts down a comptuer system or network, does not notify other programs
Clogging or Flodding : Form of a worm
- sending large amounts of bogus traffic too a node until clogged and unable to serve a legitamate user. AKA DoS Attack (Denial of Service)
Trojan Horse : piece of code, hides itself in another piece of a program
"Think" a simple login screen
Login Code
Hidden Code <--------interlopes exits with no trace (steals info)
Login Code
BOMB: Same as a Trojan
signature" time or logic trigger
Trigger software routine, upon detecting the absence of the rogue program records, initiats actions to damage the system
Trap Door: Allows penetration into the system can be programmed in code by programmer. Usually used in case you must get back into the program to fix something. Usually guarded by authentication process.
Salami: Small alteration of numbers in files having of numbers and distorting the system.
Replay violation: Active attack on a resource.
entails: capturing data, perhaps modifying and resending it.
Virus :Typical piece of code copies itself into a program, and executes when the program runs
-modifys other programs
-loss or contamination of data, or program
Worm: Reproduces itself until slowd down or shuts down a comptuer system or network, does not notify other programs
Clogging or Flodding : Form of a worm
- sending large amounts of bogus traffic too a node until clogged and unable to serve a legitamate user. AKA DoS Attack (Denial of Service)
Trojan Horse : piece of code, hides itself in another piece of a program
"Think" a simple login screen
Login Code
Hidden Code <--------interlopes exits with no trace (steals info)
Login Code
BOMB: Same as a Trojan
signature" time or logic trigger
Trigger software routine, upon detecting the absence of the rogue program records, initiats actions to damage the system
Trap Door: Allows penetration into the system can be programmed in code by programmer. Usually used in case you must get back into the program to fix something. Usually guarded by authentication process.
Salami: Small alteration of numbers in files having of numbers and distorting the system.
Replay violation: Active attack on a resource.
entails: capturing data, perhaps modifying and resending it.
Monday, June 23, 2008
John Searle, The Chinese Room
Philosophy professor at Berkeley, On Intelligence
The Chinese Room:
Suppose you have a room with a slot in one wall, and inside is an English-speaking person sitting at a desk, He has a big book of instructions and all the pencils and scratch paper he could ever need. Flipping through the book, he sees that the instructions, written in English, dictate ways to manipulate, sort and compare Chinese characters. Mind you, the directions say nothing about the meanings of the Chinese characters; they only deal with how the characters are to be copied, erased reordered, transcribed and so forth.
Someone outside the room slips a piece of paper through the slot. On it is written a story and questions about the story, all in Chinese. The man inside doesn't speak or read a word of Chinese, but he picks up the paper and goes to work with the rulebook. He toils and toils, rotely following instructions in the book. At the times the instructions tell him tow rite characters on scrap paper, and at the other times to move and erase characters. Applying rule after rule, writing and erasing characters, the man works until the book's instructions tell him he is done. When he is finished at last he has written a new page of characters, which unbeknownst to him are the answers to the questions. The book tells him to pass his paper back through the slot. He does it, and wonders what this whole tedious exercise has been about.
Outside, a Chinese speaker reads the page. The answers are all correct, she notes--even insightful. If she is asked whether those answers came from an intelligent mind that had understood the story, she will definitely say yes. But can she be right? Who understood the story? It wasn't the fellow inside, certainly; he is ignorant of Chinese and has no idea what the story was about. It wasn't the book, which is just, well, a book, sitting inertly on the writing desk amid piles of paper. So where did the understanding occur? Searle's answer is that no understanding did occur; it was just an bunch of mindless page flipping and pencil scratching. And now the bait-and-switch: the Chinese Room is exactly analogous to a digital computer. The person is the CPU, mindlessly executing instructions, the book is the software program feeding instructions to the CPU, and the scratch paper is the memory. Thus, no matter how cleverly a computer is designed to simulate intelligence by producing the same behavior as a human, it has no understanding and it is not intelligent. (Searle made it clear he didn't know what intelligence is; he was only saying that whatever it is, computers don't have it)
--Jeff Hawkins, On Intelligence
The Chinese Room:
Suppose you have a room with a slot in one wall, and inside is an English-speaking person sitting at a desk, He has a big book of instructions and all the pencils and scratch paper he could ever need. Flipping through the book, he sees that the instructions, written in English, dictate ways to manipulate, sort and compare Chinese characters. Mind you, the directions say nothing about the meanings of the Chinese characters; they only deal with how the characters are to be copied, erased reordered, transcribed and so forth.
Someone outside the room slips a piece of paper through the slot. On it is written a story and questions about the story, all in Chinese. The man inside doesn't speak or read a word of Chinese, but he picks up the paper and goes to work with the rulebook. He toils and toils, rotely following instructions in the book. At the times the instructions tell him tow rite characters on scrap paper, and at the other times to move and erase characters. Applying rule after rule, writing and erasing characters, the man works until the book's instructions tell him he is done. When he is finished at last he has written a new page of characters, which unbeknownst to him are the answers to the questions. The book tells him to pass his paper back through the slot. He does it, and wonders what this whole tedious exercise has been about.
Outside, a Chinese speaker reads the page. The answers are all correct, she notes--even insightful. If she is asked whether those answers came from an intelligent mind that had understood the story, she will definitely say yes. But can she be right? Who understood the story? It wasn't the fellow inside, certainly; he is ignorant of Chinese and has no idea what the story was about. It wasn't the book, which is just, well, a book, sitting inertly on the writing desk amid piles of paper. So where did the understanding occur? Searle's answer is that no understanding did occur; it was just an bunch of mindless page flipping and pencil scratching. And now the bait-and-switch: the Chinese Room is exactly analogous to a digital computer. The person is the CPU, mindlessly executing instructions, the book is the software program feeding instructions to the CPU, and the scratch paper is the memory. Thus, no matter how cleverly a computer is designed to simulate intelligence by producing the same behavior as a human, it has no understanding and it is not intelligent. (Searle made it clear he didn't know what intelligence is; he was only saying that whatever it is, computers don't have it)
--Jeff Hawkins, On Intelligence
Subscribe to:
Posts (Atom)