This page will be regularly updated with weekly top 10 lists and my very own personal log. Stay tuned!
Security and Protection in an OS
Security is a measure of confidence that the integrity of a system and its data will be preserved. Meanwhile protection is the set of mechanisms that control the access of processes and users to the resources defined by a computer system.
Threats to an OS
There are many different types of threats that an OS is vulnerable to.
Security Violation Methods
There are a variety of methods to violate a computers security
Script Kiddies
Script kiddie is a slang commonly used in the hacker community for people with minimal knowledge of computers or hacking who use use pre built hacking software and establish themselves as hackers. They often will use these programs without even knowing how they work or what they do. This hacker etymology was pretty funny and interesting to me as a video about the origins of this word popped up in my youtube reccomendations which I then watched and tada!, it turns out this topic appeared in the week 2 OS course slide.
Cryptography
Cryptography in its definition means secret writing, in practice we can define cryptography as the act of concealing or protecting data so it can only be read by certain people. In computer science and operating systems its usually associated with encryption. Encryption is the process of taking plain text, like a text message or email, and scrambling it into an unreadable format called “cipher text”.
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, which may be disseminated widely, and private keys, which are known only to the owner. The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions
User Authentication
User authentication is the verification of an active human-to-machine transfer of credentials required for confirmation of a user’s authenticity. Traditionally, user authentication has typically consisted of a simple ID and password combination. Increasingly, however, more authentication factors are added to improve the security of communications. Fingerprint and iris scanning, facial recognition, and other types of verification through biological characteristics are such methods that are starting to become common in this age.
Linux Access Control List
The Linux filesystem gives us 3 types of permissions: user, group, or other. With these permissions we can grant 3 types of access that is, read, write, and execute. To configure these accesses we can first use the getfacl <directory/file>
command. Then to set its ACL we use setfacl [option] [action/specification] file
. This is an interesting feature as I’ve experienced this feature first hand when I was denied access to writing files in another persons directory in Kawung!
Principle of Least Privilege
The principle of least privilege is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function. For example, a user account created for pulling records from a database doesn’t need admin rights, while a programmer whose main function is updating lines of legacy code doesn’t need access to financial records. The principle of least privilege can also be referred to as the principle of minimal privilege (POMP) or the principle of least authority (POLA). Following the principle of least privilege is considered a best practice in information security.
GNUPG and SHA1SUM
GNUPG is a program that allows us to encrypt and sign our data and communications. It features a versatile key management system. A fun fact is that GNUPG was one of the tools Edward Snowden used to uncover the secrets of NSA. SHA-1 is a cryptographic hash function which takes input and produces a 160-bit hash value known as a message digest. Meanwhile SHA1SUM is a computer program that calculates and verifies SHA-1 hashes, It’s commonly used to verify the integrity of files.
Privacy?
Surveillance is the business model of the internet. Everyone is under constant surveillance by many companies, ranging from social networks like Facebook to cellphone providers. This data is collected, compiled, analyzed, and used to try to sell us stuff. Personalized advertising is how these companies make money, and is why so much of the internet is free to users. We’re the product, not the customer. This is why in this day and age we should be concerned and aware of our rights of privacy when breaches of privacy are happening everywhere.
“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different from saying you don’t care about free speech because you have nothing to say.” – Edward Snowden