Alifyandra's OS202 GitHub Page 🤓

Logo

This page will be regularly updated with weekly top 10 lists and my very own personal log. Stay tuned!

View the Project on GitHub alifyandra/os202

cd ../

Top 10 List of Week 02

  1. Security and Protection in an OS

    Security is a measure of confidence that the integrity of a system and its data will be preserved. Meanwhile protection is the set of mechanisms that control the access of processes and users to the resources defined by a computer system.

  2. Threats to an OS

    There are many different types of threats that an OS is vulnerable to.

    • Malware: Any software intentionally designed to cause damage to a computer, server, client, or computer network.
    • Trojan: A type of malware that is often disguised as legitimate software.
    • Logic Bomb: A piece of codeintentionally inserted into a softwaresystem that will set off a malicious function when specified conditions are met.
    • Worm: A standalone malwarecomputer program that replicates itself in order to spread to other computers.

  3. Security Violation Methods

    There are a variety of methods to violate a computers security

    • Masquerading: An attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification.
    • Replay Attack: A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed.
    • Man-in-the-middle: An attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other

  4. Script Kiddies

    Script kiddie is a slang commonly used in the hacker community for people with minimal knowledge of computers or hacking who use use pre built hacking software and establish themselves as hackers. They often will use these programs without even knowing how they work or what they do. This hacker etymology was pretty funny and interesting to me as a video about the origins of this word popped up in my youtube reccomendations which I then watched and tada!, it turns out this topic appeared in the week 2 OS course slide.

  5. Cryptography

    Cryptography in its definition means secret writing, in practice we can define cryptography as the act of concealing or protecting data so it can only be read by certain people. In computer science and operating systems its usually associated with encryption. Encryption is the process of taking plain text, like a text message or email, and scrambling it into an unreadable format called “cipher text”.

    Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, which may be disseminated widely, and private keys, which are known only to the owner. The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions

  6. User Authentication

    User authentication is the verification of an active human-to-machine transfer of credentials required for confirmation of a user’s authenticity. Traditionally, user authentication has typically consisted of a simple ID and password combination. Increasingly, however, more authentication factors are added to improve the security of communications. Fingerprint and iris scanning, facial recognition, and other types of verification through biological characteristics are such methods that are starting to become common in this age.

  7. Linux Access Control List

    The Linux filesystem gives us 3 types of permissions: user, group, or other. With these permissions we can grant 3 types of access that is, read, write, and execute. To configure these accesses we can first use the getfacl <directory/file> command. Then to set its ACL we use setfacl [option] [action/specification] file . This is an interesting feature as I’ve experienced this feature first hand when I was denied access to writing files in another persons directory in Kawung!

  8. Principle of Least Privilege

    The principle of least privilege is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function. For example, a user account created for pulling records from a database doesn’t need admin rights, while a programmer whose main function is updating lines of legacy code doesn’t need access to financial records. The principle of least privilege can also be referred to as the principle of minimal privilege (POMP) or the principle of least authority (POLA). Following the principle of least privilege is considered a best practice in information security.

  9. GNUPG and SHA1SUM

    GNUPG is a program that allows us to encrypt and sign our data and communications. It features a versatile key management system. A fun fact is that GNUPG was one of the tools Edward Snowden used to uncover the secrets of NSA. SHA-1 is a cryptographic hash function which takes input and produces a 160-bit hash value known as a message digest. Meanwhile SHA1SUM is a computer program that calculates and verifies SHA-1 hashes, It’s commonly used to verify the integrity of files.

  10. Privacy?

    Surveillance is the business model of the internet. Everyone is under constant surveillance by many companies, ranging from social networks like Facebook to cellphone providers. This data is collected, compiled, analyzed, and used to try to sell us stuff. Personalized advertising is how these companies make money, and is why so much of the internet is free to users. We’re the product, not the customer. This is why in this day and age we should be concerned and aware of our rights of privacy when breaches of privacy are happening everywhere.

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different from saying you don’t care about free speech because you have nothing to say.” – Edward Snowden

cd ../