The latest campaign underscore the success hackers have at hosting dangerous code on poorly secured web sites Once a user has been directed to the bogus Google analytics site, it redirects again to another malicious domain. That site tests to see if the PC has software vulnerabilities in either Microsoft’s' Internet Explorer browser or Firefox that can be exploited in order to deliver malware.

If it doesn't find a problem there, it will launch a fake warning saying the computer is infected with malware and tries to get the user to willingly download a program that purports to be security software but is actually a Trojan downloader. Those fake security programs are often called "scareware" and don't work as advertised.

As of last Friday, only four of 39 security software programs could detect that Trojan, although that's now likely changed as vendors such as Websense swap malware samples with other companies in order to improve overall Internet Security. Its not clear what the hackers are doing with the newly compromised PC's although it's possible they can be configured to send spam, become part of a botnet or have data stolen from them.

The malicious domain serving up the malware is hosted in the Ukraine, the same region where notorious Russian Business Network (RBN) operated. RBN is a gang of cyber criminals involved in phishing campaigns and other malicious activity. That web site appeared to be down as of Tuesday afternoon. The RBN is thought to be inactive now.

Knowledge Is Power...

...Don't Have It Used Against You!

http://OpSec.spaces.live.com

A typical hacker attack is not a simple, one-step procedure. It is rare that a hacker can get online or dial up on a remote computer and use only one method to gain full access. It is more likely that the attacker will need several techniques used in combination to bypass the many layers of protection standing between them and root administrative access. Therefore, as a security consultant or network administrator, you should be well versed in these occult techniques in order to thwart them.

The following techniques are not specific to wireless networks. Each of these attacks can take multiple forms, and many can be targeted against both wired and wireless networks. When viewed holistically, your wireless network is just another potential hole for a hacker.

The stereotyped image conjured up by most people when they hear the term "hacker" is that of a pallid, atrophied recluse cloistered in a dank bedroom, whose spotted complexion is revealed only by the unearthly glare of a Linux box used for port scanning with Perl. This mirage might be set off by other imagined features, such as dusty stacks f Dungeons and Dragons lore from the 1980s, empty Jolt Cola cans, and Japanese techno music streaming from the Net.

However, although computer skill is central to a hacker's profession, there are many additional facets that he must master. In fact, if all you can do is point and click, you are a script kiddie, not a hacker. A real hacker must also rely on physical and interpersonal skills such as social engineering and other "wet work" that involves human interaction. However, because most people have a false stereotype of hackers, they fail to realize that the person they are chatting with or talking to on the phone might in fact be a hacker in disguise. In fact, this common misunderstanding is one of the hackers' greatest assets.

Social Engineering

Social engineering is not unique to hacking. In fact, many people use this type of trickery every day, both criminally and professionally. Whether it be haggling for a lower price on a lawn mower at a garage sale, or convincing your spouse you really need that new toy or outfit, you are manipulating the "target." Although your motives might be benign, you are guilty of socially engineering the other party.

The Virtual Probe

One example of social engineering that information technology managers face on a weekly basis is solicitation from vendors. An inimical form of sales takes the form of thinly disguised telemarketing. Straying far from ethical standards or sales technique, such vendors will attempt to trick you into giving them information so they can put your company's name on the mailing list.

Now, this sounds innocent enough, and there are probably many that fall for this tactic. However, they are simply trying to trick you into providing sensitive information-information that they really have no business knowing.

Like the scam artist, a hacker often uses similar techniques. A popular method that hackers use is pretending to be a survey company. A hacker can call and ask all kinds of questions about the network operating systems, intrusion detection systems (IDS's), firewalls, and more in the guise of a researcher. If the hacker was really malicious, he could even offer a cash reward for the time it took for the network administrator to answer the questions. Unfortunately, most people fall for the bait and reveal sensitive network information. 

Just recently David Kernell, 20, of Knoxville, faces up to 5 years in prison for hacking into Republican vice presidential candidate Sarah Palin's personal e-mail account gov.palin@yahoo.com, on September 16 after correctly answering a series of personal questions, hence The Virtual Probe.

Lost Password

One of the most common goals of a hacker is to obtain a valid user account and password. In fact, sometimes this is the only way a hacker can bypass security measures. If a company uses firewalls, intrusion detection systems, and more, a hacker will need to borrow a real account until he can obtain a root access and set up a new account for himself. However, how can a hacker get this information? One of th easiest ways is to trick someone into giving it to them.

For example, many organizations use a virtual private network (VPN) that enables remote employees to connect to the network from home and essentially become a part of the local network. This is a very popular method of enabling people to work from home, but it is also a potential weak spot in any security perimeter. As VPN's are set up and maintained by the IT department, hackers will often impersonate an actual employee and ask one of the IT staff for the password by pretending to have lost the settings. If the IT employee believes the person, he willingly and often gladly hands over the keys. Presto! The hacker now can connect from anywhere on the Internet and use an authorizes account to work his way deeper into the network. Imagine if you were the lowly IT staff person on call and the CEO rang you up at 10:30p.m. Irate about a lost password. Would you want to deny him /her access, risking the loss of your job? Probably not, which makes this type of fear a hackers best friend.

Chatty Techniques

If you are a home user and think you have nothing to fear from this type of impersonation, think again-you are actually targeted more often by scammers and hackers alike: This is because many Internet newcomers (newbies) will believe anything someone appearing to be their ISP's tech support personnel tells him. For example, hackers will often send out mass messages to people, or sit in chat rooms and wait for a newbie to come along. They will then set up a fake account or use simple tricks to make it appear as if an AOL employee is chatting with them. What the newbies do not realize is that they are actually talking with the hacker. In disguise. So, they willingly hand over anything from credit cards to user names and passwords.

Social Spying

Social spying is the process of “using observation to acquire information.” Although social engineering can provide a hacker with crucial information, small businesses are better protected against social engineering because many people in very small companies know each other. For example, if one of the IT staff received a call from a hacker pretending to be a distressed CEO, he would probably recognize the voice as not belonging to the real CEO. In this case, social spying becomes more important.

To illustrate one of the nontechnical ways social spying can be used, consider how many people handle ATM cards. For example, do you hide your PIN when you take money out at the ATM? Take note of how people protect their PIN the next time you are in line at the ATM. You will probably note most people do not care. Most people will whip out their card and punch the numbers without a care for how could be watching. If the wrong person memorized the PIN, he would have all the information needed to access the funds in the account, provided he could first the his hands on the ATM card. Thus, a purse snatcher would not only get the money just withdrawn from an ATM, but could easily go back and withdraw the entire day's limit.

Similarly, hackers socially spy on users as they enter passwords. A “flower delivery” at 8:00a.m. In the morning would give a hacker the necessary excuse to casually stroll through an office building. Although she appears to be looking for the recipient of the flowers, she could be watching for people entering passwords or other sensitive information.

In addition to snooping on people as they actively type their user information, most offices have at least several people who are guilty of posting their password on or near their computer monitor. This type of blatant disregard for security is every network administrator's worst nightmare. Regardless of repeated memos, personal visits, and warnings, some people seem to always find an excuse to post their network password right in plain view. Even if some people are at least security-conscious enough to hide their Post-it notes in a discreet place, it still only takes a few seconds to lift up a keyboard or pull open a desk drawer.

If you do not believe this, take a quick walk around and see just how many potential security violations are in your office area. You might be very surprised to see just what type of information is there for the taking!

Garbage Collecting

Have you ever thrown away a credit card statement without shredding it? If so, you are a potential target. Although you might consider your trash to be sacred territory that no one enters because it is dirty, your trash, and the trash of your company, is often a gold mine. Fishing through garbage to find passwords, also know as dumpster diving, can provide a hacker with the crucial information needed to take over your network.

Let's consider a scenario. If you are a network administrator and you receive an anonymous tip that people are posting passwords all around the office, what would you do? Most administrators would immediately investigate and send out a memo to everyone in the company stating that this activity is not allowed, and that violations will be dealt with harshly. Although this might get everyone to temporarily take down their Post-it passwords, the problem has only been exacerbated, for all those passwords are now headed right to the anonymous caller who is waiting at the dumpster.

In addition to passwords, hackers can find memos, sensitive reports, diskettes, old hard drives, and more in the trash. Imagine the value of an old cash register hard drive could have to a hacker looking for a way to gain access to the company's credit card database. In many cases, a hard drive an simply be installed on another computer and searched using inexpensive (or free) forensic tools.

Sniffing

A sniffer is a program and/or device that monitors all information passing through a computer network. It sniffs the data passing through the network off the wire and determines where the data is going, where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features that enable them to filter a certain type of data, capture passwords, and more. Some sniffers (for example, the FBI's controversial mass-monitoring tool Carnivore) can even rebuild files sent across a network, such as an email or Web page.

A sniffer is one of the most important information gathering tools in a hacker's arsenal. The sniffer gives the hacker a complete picture (network topology, IP address) of the data sent and received by the computer or network it is monitoring. This data includes, but is not limited to, all email messages, passwords, user names, and documents. With this information, a hacker can form a complete picture of the data traveling on a network, a well as capture important tidbits of data that can help him/her gain complete control over a network.

How Does a Sniffer Work?

For a computer to have the capability to sniff a network, it must have a network card running in a special mode. This is called promiscuous mode, which means it can receive all the traffic sent across the network. A network card will normally only accept information that has been sent to its specific network address. This network address is probably known as the Media Access Control (MAC) address. You can find your own MAC address by going to the Windows Taskbar and clicking Start, then Run and type winipcfg (for Windows 95/98/ME) or ipconfig/all (for Windows NT/2000/.net Server). The MAC address is also called the physical address.

The only exception to this is what is called monitor mode. This type of network card status only applies to wireless network interface cards (NICs). Because of the unique properties of a wireless network, any data traveling through the airwaves is open to any device that is configured to listen. Although a card in promiscuous mode will work in wireless environments, there is no need for it to actually be part of the network. Instead, a WNIC can simply enter a listing status in which it is restricted from sending data out to the network. As some of you already know, a network card in promiscuous mode can be detected because of how it interacts with the network. Monitor mode stops all interaction.

There are different layers involved in network communications. Normally, the Network layer is responsible for searching the packets of information for their destination addresses. This destination address is the MAC address of a computer. There is a unique MAC address for every network card in the world. Although you can change the address, the MAC address ensures that the data is delivered to the right computer. If a computer's address doe not match the address in the packet, the data is normally ignored.

The reason a network card has this option to run in promiscuous mode is for troubleshooting purposes, Normally, a computer does not want or need information to be sent to their computers on the network. However, in the event that something goes wrong with the network wiring or hardware, it is important for a network technician to look inside the data traveling on the network to see what is causing the problem. For example, one common indication of a bad network card is when computers start to have a difficult time transferring data. This could be the result of information overload on the network wires. The flood of data would jam the network and stop any productive communication. After a technician plugs in a computer with the capability to examine the network, he/she would quickly pinpoint the origin of the corrupt data, and thus the location of the broken network card. He/she could then simply replace the bad card and everything would be back to normal.

Another way to visualize a sniffer is to consider two different personality types at a cocktail party. One type is the person who listens and replies to conversations in which he/she is actively involved. This is how a network card is supposed to work on your local machine. It is supposed to listen and reply to information sent directly to it.

On the other hand, there are those people at the party who stand quietly and listen to everyone's conversation. This person could be compared to a network card running in promiscuous mode. Furthermore, if this eavesdropper listened for a specific subject only, he/she could be compared to a sniffer that captures all data related to passwords only.

How Hackers Use Sniffers

As mentioned, sniffers like this are used everyday to troubleshoot faulty equipment and monitor network traffic. Hackers can use this or similar tools to peer inside a network. However, they are not out to troubleshoot. Instead, they are out to glean passwords and other gems.

Depending on the program a hacker is using, he will get something that looks like the above picture. As you can see from the screenshot, some data is easily readable, while some data is not. The difference is in the type of data that is sent. Computers can send information either in plain text or in an encrypted form. The same capture shows just how easy it is to read captured pain text data.

Pain text communication is any information that is sent just as it appears to the human eye. For most applications, this is the standard means of data transfer. For example, the Internet uses plain text for most of its communications. This is the fastest way to send data. Chat programs, email, Web pages and a multitude of other programs send their information in plain text. This is acceptable for most situations; however, it becomes a problem when transmitting sensitive information, such as a bank account number or a password.

For example, look at the sniffer screen shot. If you look closely at the plain text selection, you can see just how dangerous a sniffer can be to sensitive information. In the plain text, you can see the following: Our company will be merging with another company. This will make our stock $$. Don't tell anyone. If this were a real merger, a hacker could make millions overnight.

In addition, email clients and FTP clients do not normally encrypt their passwords; this makes them two of the most commonly sniffed programs on a network. Other commonly used programs such as Telnet, Web browsers, and news programs also send their passwords as plain text. So, if a hacker successfully installs a sniffer on your network, he would soon have a list of passwords and user names that he could exploit.

Even some encrypted passwords used in a Windows NT network can be sniffed. Thanks to the rather well-known encryption scheme of an NT password, it does not take long to capture and decrypt more than enough NT passwords to break a network wide open. In fact, there are even sniffing programs that have an NT password cracker built right into them. The programs are designed to be very user friendly so that network administrators can test their networks for weak passwords. Unfortunately, these programs often end up in the hands of script kiddies who can just as easily use them to cause problems.

Although sniffers most commonly show up within closed business networks, they can also be used throughout the Internet. As mentioned previously, the FBI has a program that will capture all the information both coming from and going to computers on line. This tool, previously known as Carnivore, simply has to be plugged in and turned on. Although it is purported to filter out any information that is not the target's, this tool actually captures everything traveling through whatever wire to which it is connected and then filters it according to the rules set up in the program. Thus, Carnivore can potentially capture all those passwords, email messages, and chat sessions passing through its connection.

In addition to wired networks, sniffers can also be used in wireless networks. In effect, a wireless network on a corporate LAN is like putting an Ethernet jack in your parking lot. What makes this unique from a hacker's perspective is that sniffing a wireless network is probably not illegal, although it has yet to be tested in court. In many ways, it is no different than a police scanner used by reporters and hobbyists worldwide. If the information is sent in plain text to the public domain, how can it be wrong to simply listen?

How to Detect a Sniffer

There are a few ways a network technician can detect a NIC running in promiscuous mode. One way is to physically check all the local computers for any sniffer devices or programs. There are also software detection programs that can scan networks for devices that are running sniffer programs (for example, AntiSniff). These scanner programs use different aspects of the Domain Name Service and TCP/IP components of a network system to detect any malicious programs or devices that are capturing packets (running in promiscuous mode). However, for the average home user, there is really no way to detect whether a computer out on the Internet is sniffing your information. This is why encryption is strongly recommended.

How Can I Block Sniffers?

There is really only one way to protect your information from being sniffed: Use encryption! Using Secure Sockets Layer (SSL) protected Web sites and other protection tools, you can encrypt your passwords, email messages and chat sessions. There are many programs available for free that are easy to use. Although you do not always need to protect the information passed during a chat session with your friends, you should at least have the option available when needed.

Because of the very nature of a WLAN, encryption is a must in any situation. Fortunately, wireless networks come with the option of encryption built right into their software.  However, few take advantage of this capability, as few are even aware that this option exists.

 Maximum Wireless Security is available HERE!!!

Status in the Hacker Culture

Like most cultures without a money economy, hackerdom runs on reputation. You're trying to solve interesting problems, but how interesting they are, and whether your solutions are really good, is something that only your technical peers or superiors are normally equipped to judge.

Accordingly, when you play the hacker game, you learn to keep score primarily by what other hackers think of your skill (this is why you aren't really a hacker until other hackers consistently call you one). This fact is obscured by the image of hacking as solitary work; also by a hacker-cultural taboo (gradually decaying since the late 1990s but still potent) against admitting that ego or external validation are involved in one's motivation at all.

Specifically, hackerdom is what anthropologists call a gift culture. You gain status and reputation in it not by dominating other people, nor by being beautiful, nor by having things other people want, but rather by giving things away. Specifically, by giving away your time, your creativity, and the results of your skill.

There are basically five kinds of things you can do to be respected by hackers:

1. Write open-source software

The first (the most central and most traditional) is to write programs that other hackers think are fun or useful, and give the program sources away to the whole hacker culture to use.

(We used to call these works “free software”, but this confused too many people who weren't sure exactly what “free” was supposed to mean. Most of us now prefer the term “open-source” software).

Hackerdom's most revered demigods are people who have written large, capable programs that met a widespread need and given them away, so that now everyone uses them.

But there's a bit of a fine historical point here. While hackers have always looked up to the open-source developers among them as our community's hardest core, before the mid-1990s most hackers most of the time worked on closed source. This was still true when I wrote the first version of this HOWTO in 1996; it took the mainstreaming of open-source software after 1997 to change things. Today, "the hacker community" and "open-source developers" are two descriptions for what is essentially the same culture and population — but it is worth remembering that this was not always so.

2. Help test and debug open-source software

They also serve who stand and debug open-source software. In this imperfect world, we will inevitably spend most of our software development time in the debugging phase. That's why any open-source author who's thinking will tell you that good beta-testers (who know how to describe symptoms clearly, localize problems well, can tolerate bugs in a quickie release, and are willing to apply a few simple diagnostic routines) are worth their weight in rubies. Even one of these can make the difference between a debugging phase that's a protracted, exhausting nightmare and one that's merely a salutary nuisance.

If you're a newbie, try to find a program under development that you're interested in and be a good beta-tester. There's a natural progression from helping test programs to helping debug them to helping modify them. You'll learn a lot this way, and generate good karma with people who will help you later on.

3. Publish useful information

Another good thing is to collect and filter useful and interesting information into web pages or documents like Frequently Asked Questions (FAQ) lists, and make those generally available.

Maintainers of major technical FAQs get almost as much respect as open-source authors.

4. Help keep the infrastructure working

The hacker culture (and the engineering development of the Internet, for that matter) is run by volunteers. There's a lot of necessary but unglamorous work that needs done to keep it going — administering mailing lists, moderating newsgroups, maintaining large software archive sites, developing RFCs and other technical standards.

People who do this sort of thing well get a lot of respect, because everybody knows these jobs are huge time sinks and not as much fun as playing with code. Doing them shows dedication.

5. Serve the hacker culture itself

Finally, you can serve and propagate the culture itself (by, for example, writing an accurate primer on how to become a hacker :-)). This is not something you'll be positioned to do until you've been around for while and become well-known for one of the first four things.

The hacker culture doesn't have leaders, exactly, but it does have culture heroes and tribal elders and historians and spokespeople. When you've been in the trenches long enough, you may grow into one of these. Beware: hackers distrust blatant ego in their tribal elders, so visibly reaching for this kind of fame is dangerous. Rather than striving for it, you have to sort of position yourself so it drops in your lap, and then be modest and gracious about your status.

The Hacker/Nerd Connection

Contrary to popular myth, you don't have to be a nerd to be a hacker. It does help, however, and many hackers are in fact nerds. Being something of a social outcast helps you stay concentrated on the really important things, like thinking and hacking.

For this reason, many hackers have adopted the label ‘geek’ as a badge of pride — it's a way of declaring their independence from normal social expectations (as well as a fondness for other things like science fiction and strategy games that often go with being a hacker). The term 'nerd' used to be used this way back in the 1990s, back when 'nerd' was a mild pejorative and 'geek' a rather harsher one; sometime after 2000 they switched places, at least in U.S. popular culture, and there is now even a significant geek-pride culture among people who aren't techies.

If you can manage to concentrate enough on hacking to be good at it and still have a life, that's fine. This is a lot easier today than it was when I was a newbie in the 1970s; mainstream culture is much friendlier to techno-nerds now. There are even growing numbers of people who realize that hackers are often high-quality lover and spouse material.

If you're attracted to hacking because you don't have a life, that's OK too — at least you won't have trouble concentrating. Maybe you'll get a life later on.

Points For Style

Again, to be a hacker, you have to enter the hacker mindset. There are some things you can do when you're not at a computer that seem to help. They're not substitutes for hacking (nothing is) but many hackers do them, and feel that they connect in some basic way with the essence of hacking.

·         Learn to write your native language well. Though it's a common stereotype that programmers can't write, a surprising number of hackers (including all the most accomplished ones I know of) are very able writers.

·         Read science fiction. Go to science fiction conventions (a good way to meet hackers and proto-hackers).

·         Train in a martial-arts form. The kind of mental discipline required for martial arts seems to be similar in important ways to what hackers do. The most popular forms among hackers are definitely Asian empty-hand arts such as Tae Kwon Do, various forms of Karate, Kung Fu, Aikido, or Ju Jitsu. Western fencing and Asian sword arts also have visible followings. In places where it's legal, pistol shooting has been rising in popularity since the late 1990s. The most hackerly martial arts are those which emphasize mental discipline, relaxed awareness, and control, rather than raw strength, athleticism, or physical toughness.

·         Study an actual meditation discipline. The perennial favorite among hackers is Zen (importantly, it is possible to benefit from Zen without acquiring a religion or discarding one you already have). Other styles may work as well, but be careful to choose one that doesn't require you to believe crazy things.

·         Develop an analytical ear for music. Learn to appreciate peculiar kinds of music. Learn to play some musical instrument well, or how to sing.

·         Develop your appreciation of puns and wordplay.

The more of these things you already do, the more likely it is that you are natural hacker material. Why these things in particular is not completely clear, but they're connected with a mix of left- and right-brain skills that seems to be important; hackers need to be able to both reason logically and step outside the apparent logic of a problem at a moment's notice.

Work as intensely as you play and play as intensely as you work. For true hackers, the boundaries between "play", "work", "science" and "art" all tend to disappear, or to merge into a high-level creative playfulness. Also, don't be content with a narrow range of skills. Though most hackers self-describe as programmers, they are very likely to be more than competent in several related skills — system administration, web design, and PC hardware troubleshooting are common ones. A hacker who's a system administrator, on the other hand, is likely to be quite skilled at script programming and web design. Hackers don't do things by halves; if they invest in a skill at all, they tend to get very good at it.

Finally, a few things not to do.

·         Don't use a silly, grandiose user ID or screen name.

·         Don't get in flame wars on Usenet (or anywhere else).

·         Don't call yourself a ‘cyberpunk’, and don't waste your time on anybody who does.

·         Don't post or email writing that's full of spelling errors and bad grammar.

The only reputation you'll make doing any of these things is as a twit. Hackers have long memories — it could take you years to live your early blunders down enough to be accepted.

The problem with screen names or handles deserves some amplification. Concealing your identity behind a handle is a juvenile and silly behavior characteristic of crackers, warez d00dz, and other lower life forms. Hackers don't do this; they're proud of what they do and want it associated with their real names. So if you have a handle, drop it. In the hacker culture it will only mark you as a loser.

source:  Eric Steven Raymond

What Is a Hacker?

The Jargon File contains a bunch of definitions of the term ‘hacker’, most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant.

There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers run Usenet. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you're a hacker.

The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually; you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in. But in the rest of this document we will focus on the skills and attitudes of software hackers, and the traditions of the shared culture that originated the term ‘hacker’.

There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.

The basic difference is this: hackers build things, crackers break them.

If you want to be a hacker, keep reading. If you want to be a cracker, go read the alt.2600 newsgroup and get ready to do five to ten in the slammer after finding out you aren't as smart as you think you are. And that's all I'm going to say about crackers.

The Hacker Attitude

1. The World is full of fascinating problems waiting to be solved.

2. No problem should ever have to be solved twice.

3. Boredom and drudgery are evil.

4. Freedom is good.

5. Attitude is no substitute for competence.

ENCRYPTION FOR DUMMIES

Any person who uses PC and Internet must have heard about logins and passwords. The carefree time of early PCs is never coming back. There are passwords for everything - websites, forums, chats, e-mail, newspaper subscriptions - the list goes on and on. Plus, there are credit card numbers, PIN codes, SSN, bank account numbers and other information. To remember all that, you have to have an exceptional memory. Otherwise, this all has to be written down somewhere. But where? A napkin? A piece of paper? On the back page of last month's report? But what if you have more numbers, like other people's Social Security or bank account numbers. You've got to protect this data, otherwise, it can be easily stolen. Clearly, you need to be able to create encrypted records that can not be deciphered by a hacker or a thief even if they somehow get their hands of these documents.

OK, so obviously you need encryption protection. But, simple encryption means nothing to modern computer thieves who know more about PC security then an average IT-specialist. In order for encryption to be effective, the password has to be "strong" (containing a long combination of letters, symbols and numbers) and the encryption algorithm hack-proof (hack-proof algorithms take hundreds of years to "pick").

This is what cryptography is about - helping the good guys protect their secrets from the bad guys. The list of hack-proof encryption algorithms is not that long - Blowfish, Rijndael (new AES), Twofish, Serpent and a few others. If you encrypt your data with these algorithms, you are using the same protection as the US Department of Defense. And these guys know how to guard their secrets.

These are the password requirements (originally devised by military security specialists):

the password has to be at least 8 characters long;

it absolutely MUST NOT contain any meaningful words, like names, locations and so on;

it must be composed of numbers, letters and symbols, lower and upper case, whenever possible.

Why is that? Code breakers have two tools used in 99% of attacks - Dictionary attack and BruteForce attack. Since there are only about 500000 words, picking a password that contains a word will take less then a day. BruteForce is an attack method when a program randomly generates password from symbols and numbers. If your password contains 8 characters, letters AND numbers, this method will take up to hundreds of years to pick your password.

To help you generate a hack-proof password, there a programs called strong password generators.

Cryptology is a science that studies everything that has to do with codes and passwords. Cryptology is divided into cryptography and cryptoanalysis. The first produces methods to protect data, the second to "hack" them. Whose job is more difficult is hard to say. Most professionals say that a good cryptoanalytic who is good at hacking and cracking codes is capable of coming up with a new stable (meaning hack-proof) algorithm.

So, since cryptography's primary objective is data protection, it provides solutions for four different security areas - confidentiality, authentication, integrity and control of interaction between different parties involved in data exchange. Encryption, in simple terms, is simply converting data into "unreadable" form. This is the primary confidentiality engine - keeping secrets away from people who are not supposed to know them.

Cryptography is by far the most powerful method of information protection. It first appeared thousands of years, but was significantly "fortified" by mathematics within the last fifty years.

Starting from 1950's, cryptography becomes "electronic". It means using electronic machines (computers) to generate and analyze encryption algorithms and protective systems. The use of "electronic memory" lead to the invention of block codes, when information is encrypted or decrypted by blocks. Starting with 1970, cryptography made it to corporate headquarters and stopped being an exclusively military science. As a result, in 1978 the first 64-bit standard called DES appeared. The process cascaded on and now all developed countries have own encryption standards.

Basically, there are two encryption methods that use keys - symmetrical (with a secret key) and asymmetrical (with an open key). Each method employs own procedures, key distribution modes, key types and encryption/decryption algorithms.

Symmetrical method uses a single key for encrypting and decrypting data. These keys are widely used for storing and protecting confidential information, since the keys are not very long and large amount of data can be encrypted very quickly. Many people "compress" data by one of many applications that do that before encryption, since this step significantly complicates cryptoanalysis that is bases solely on the cryptic text. Most advanced programs do that automatically and this parameter is included in encryption options.

Asymmetrical method is not going to be discussed here, because it's primary objective safe information transfer, not storage.

Terminology and encryption algorithms

Encryption algorithm (code) - a math function that encrypts and decrypts data. To encrypt data, one has to provide a key that is made of symbols.

Block codes - the most widespread algorithms, they encrypt data by blocks of certain sizes and transform that data with keys into blocks of the same size.

Blowfish - one of the most powerful block encryption algorithms, developed by cryptography guru Bruce Schneier. Block size is 64 bits, key size - up to 448 bits.

CAST - a rather dependable algorithm with key length up to 64 bits. Developed by C.M. Adams and S.E. Tavares, who offered it at AES competition.

DES - outdated encryption standard used in the USA. Due to security compromises (cracked by any modern computer within 2 days) it was replaced by AES. Developed by National Institute of Standards and Technology (NIST).

GOST - soviet algorithm created by KGB at the end of 1970s. Works with 64-bit blocks. Key length - up to 256 bits. Despite several security holes found, still considered to be rather dependable. Official encryption standard of the Russian Federation.

Rijndael - algorithm, developed by Joan Daemen and Vincent Rijmen. Meets AES standards (Advanced Encryption Standard). Uses blocks of different sizes (128, 192 and 256 bits) and equal-size keys.

Twofish - algorithm that replaced Blowfish, authored by Bruce Schneier as its predecessor. Considered to be hack-proof (no known incidents of code-cracking).

3DES - uses DES algorithm, by is applied three times with different keys, which increases dependability when compared to DES but does not change the situation radically (still vulnerable).

RC4 - a stream encryption algorithm used in many network security systems (for example SSL protocol used in Netscape and Windows NT password encryption). The major advantages of this code is very fast speed and adjustable key size. This algorithm was developed in RSA by Ronald Rivest. RC stands for "Ron's Code" or "Rivest Cipher". Used to be the intellectual property of RSA up to 1995.

Serpent - developed by Lars Ramkilde Knudsen, a famous cryptographer and cryptoanalyst, known for successful cryptoattacks of several popular codes, who worked and lectured in Norwegian, Swedish, and Belgian universities. Currently, Lars is a professor of math at Denmark's Technical University.

Tea - strong algorithm (Tiny Encryption Algorithm). Its most prominent feature is a very small size. Tea is very simple, does not use table values and is optimized for 32-bit processor architecture, which makes it possible to use it with ASSEMBLER, even when the code size is extremely small. The drawbacks include slow work and the need for "data scrambling" since no tables are used.

Dictionary attack - a method of cryptoattack that uses a regular dictionary that contains popular words. This attack method is worthless when "meaningless" passwords are used.

BruteForce - a method of cryptoattack used most often. It was coined "brute force" because an attacker tries to pick the key by randomly combining different symbols, numbers and letters (naturally, this is done by computer). To pick 128-bit key with BruteForce attack, it will take several years on average. The more characters used in the password and/or key the longer it will take to crack the code (up to hundreds of years).

SAN FRANCISCO—In an ISSCC session this morning, Intel disclosed the first microarchitectural details of its forthcoming "Silverthorne" processor for ultramobile devices. The new chip, which I'll describe in this post, is Intel's first in-order x86 processor since the original Pentium and the architecture on which the semi giant will pin its ultramobile hopes.

Packaging, process, and power

As we've seen in photos comparing Silverthorne to a penny, Intel's new chip is a tiny 25mm^{2. At only 47 million transistors (about 40 percent of that is a 512K, 8-way set associative L2 cache), it's also quite lean. By way of comparison, the 65nm Core 2 Duo (2MB cache) has around 290 million transistors. The Intel processor that comes closest to Silverthorne in transistor count is the Pentium 4, which had 42 million transistors in its 0.18 micron, 2001 launch incarnation.}

Silverthorne's package is a miniscule 14x13mm2, and Intel claims that the device has a TDP of 2 watts at 2GHz on 1.0V. At lower speeds, the device gets down to 0.5 watts, but it's not clear how far down Intel will have to ratchet the clockspeed to get there.

Architecture overview

Silverthorne is a 64-bit, multithreaded processor with a 16-stage, in-order pipeline. As you can see from the diagram below, instructions flow from the 32KB L1 I-cache into a set of fetch buffers, and from there into the decode unit. The processor's decode unit features two hardware decoders and one microcode decoder, and can decode up to two instructions per cycle.

Silverthorne block diagram. Source: Intel

The processor's front end can dispatch up to two instructions per cycle—from the same thread or from two different threads—into a set of per-thread instruction queues that can presumably collapse any decode- and branch prediction-related instruction bubbles.

On the instruction flow side, the back end of Silverthorne consists of two main clusters (I'd call them "blocks," but "clusters" is what Intel's diagrams use): a floating-point/vector cluster and an integer/address cluster. The floating-point cluster contains two floating-point/SIMD pipes (FP ADD and FP + SIMD MUL/DIV/PERM), and the integer cluster contains two integer/address/branch pipes (AGU/ALU/shift and AGU/ALU/jump). On the data flow side, the memory execution cluster contains two AGU pipes and the bus cluster contains the bus interface unit and the on-die, 512KB unified L2 cache.

Silverthorne's back end

All told, Silverthorne's back end has six pipelines to which the front-end's instruction queue can dispatch instructions at a rate of two per cycle. In this section, I'll zoom in on those pipelines and discuss them one at a time.

Silverthorne's integer cluster is pretty straightforward: two basic 64-bit ALU pipes, one of which also includes a shifter, and the other of which includes the jump execution unit. Neither of these pipes, however, handles multiply or divide operations; integer MUL and DIV operations are sent to the FP/SIMD cluster.

The FP/SIMD cluster consists of two pipes, both of which are fed by a 64-bit data path. One cluster is just a basic, 64-bit scalar floating-point ALU. The second pipe is the largest, most function-heavy pipe on the entire chip—it handles scalar multiplies and divides, both 32-bit and 64-bit, and it combines with the other FP pipe to handle all 128-bit vector operations.

The end result is that Silverthorne's FP/SIMD cluster can start two 64-bit operations or one 128-bit operation per cycle. Note that it's not clear to me whether 64-bit multiplies and divides are fully pipelined, so I don't know if it's possible to issue a 64-bit MUL/DIV (either integer or floating-point) and a 64-bit floating-point add in the same cycle.

Silverthorne micrograph. Source: Intel

On the data side, the memory unit's two AGUs can do two address calculations per cycle; the 24KB L1 data cache is implemented as a register file with two read and two write ports. The bus cluster contains a frontside bus interface that can do 400 MT/s or 533 MT/s, and the 512KB on-die L2 cache with in-line error correction.

Conclusions

When Silverthorne debuts later this year, Intel will offer multiple SKUs at TDP points that range from 0.5W to 2W and speeds that range from 1GHz to 2GHz. The different SKUs will also support the same platform-level technologies as the mainstream desktop parts; in other words, just as is the case with Intel's desktop and mobile lines, some Silverthorne products will support all of Intel's remote management and virtualization extensions, while others will have a more stripped-down feature set.

Silverthorne will need all of the x86-specific feature-oriented help that it can get, because the competition is tough. It's also the same type of RISC-based competition that Intel already faced and vanquished in the commodity desktop, workstation, and server markets. Specifically, Silverthorne will face off against in-order and out-of-order cores from ARM, specifically the company’s Cortex A8 (in-order) and A9 (out-of-order, multicore) parts. ARM has made some pretty remarkable claims for the A9 in particular, suggesting that the processors will reach speeds north of 1GHz in the same 250mw power envelope as ARM11.

In order to alleviate some of the power difference between its chips and ARM's, Intel has equipped Silverthorne with a new low-power state, called C6. When Silverthorne is in C6, the only components that it leaves turned on are the SRAM that saves the existing processor state and some circuitry that can wake up the processor again when it's needed. (Getting out of C6 takes about 100 microseconds.) Intel claims that their testing indicates that Silverthorne can spend as much as 90 percent of its time in C6; if that's true, then that will bring the chip's average power dissipation far below its stated TDP.

So Intel is counting on a combination of sleep-enabled lower average power and support for the full, awesome expanse of the extended x86 instruction set architecture to make Silverthorne a compelling basis on which to build a generation of mobile internet devices.

Having tried a few of Intel's Silverthorne-based prototypes, I must say that I wasn't particularly impressed. I own a Nokia N800 and an iPhone, both of which are ARM-based and both of which give a nearly complete Internet experience in a smaller form factor than Silverthorne will ever fit into. Indeed, at one point during a sit-down with Intel the rep told me that the warm, bulky prototype I was holding would give me the "full Internet in your pocket." I started chuckling, pulled out my iPhone, and said, "I already have that." He gamely responded that the iPhone's browser doesn't support Flash (in my opinion that's a feature, not a bug), but my point was made.

So Silverthorne is really a transitional product; it's Intel's first, slightly awkward foray into a market that it intends to eventually dominate by doing what it always does, and that's produce ever smaller, cheaper, and faster chips that support the world's most popular ISA. This recipe may ultimately work for Intel in the embedded market the way that it has worked elsewhere, but that day won't come just yet.

Ultimately, Silverthorne could be compelling for the Asus Eee PC form factor, and at 2GHz there's an outside possibility that it might find a home in a MacBook Air that's relatively underpowered, but has great battery life. But the MID form factor, at least in its Silverthorne combination, is dead on arrival. So Silverthorne is just the start of something, and to ARM, MIPS, and the other established chipmakers who currently own the embedded space, it's Intel's way of saying "game on."

Want to network your home office or business? Your first thought is wireless, and it's definitely an option. On the other hand, if you have the courage, you can crawl under the floorboards and drag wires from room to room, or pull the cable through the ceiling.

There's a third alternative: Use your electrical wiring. The idea, known as HomePlug AV, is that you use power lines to move anything you'd normally transfer through a network -- data files, movies, TV and HDTV, music -- whatever. (You can learn about networks over power lines at the HomePlug Powerline Alliance.)

Actiontec's MegaPlug AV 200 Ethernet

What's Cool About HomePlug AV
The advantage over traditional Ethernet cabling is, of course, that HomePlug AV is easier to install (well, duh), and with a throughput speed of the 200 Mega bits per second, faster than Ethernet's 100 Mbps. The other problems you can avoid are the inherent WiFi hassles of range and dead spots.

I tried Actiontec's recently released MegaPlug AV 200 Mbps Ethernet Adapter Kit. Each PC, notebook, or other device you're planning to network needs a single adapter. The adapter is 2.25 inches wide, 3.25 inches tall, and about 2 inches thick. You can add up to 16 devices, way more than I'd ever need at Bass World headquarters. The kit comes with two MegaPlug Ethernet adapters, two Ethernet cables, and CDs with drivers. It costs a little over $130 on PC World's Product Finder.

The adapters plug right into an electric outlet

I Have a Concern
The first thing I worried about was if it'd work with my existing network. The answer is yes -- you can add an adapter to any wired or wireless broadband router on a system using Windows 2000, XP, or Vista. By the way, the HomePlug standard has a 128-bit AES security to prevent neighbors (not you, Harry) from plugging into your bandwidth.

The other concern I had was how the MegaPlug gear would work in my office that's loaded with uninterruptible power supplies and filtered power strips. I worried that these devices -- or any device emitting an RF signal -- would have an impact on the MegaPlug units. It turns out that nothing seemed to bother the MegaPlug device. However, according to the Actiontec engineers, it's best if the MegaPlug devices are connected to wall outlets. Nonetheless, they can be plugged into a heavy-duty extension cord that's connected to the wall outlet; essentially, they'll work everywhere except in isolated, filtered, or suppressed outlets.

Overall, I was able to add two MegaPlug adapters to my existing wired network in about 20 minutes and it worked as expected. Talkback
I'm curious -- if you don't already have a network, would you consider a HomePlug device -- or add one to a wired or wireless setup?

We live in a wonderfully complex universe, and we are curious about it by nature. Time and again we have wondered--- why are we here? Where did we and the world come from? What is the world made of? It is our privilege to live in a time when enormous progress has been made towards finding some of the answers. String theory is our most recent attempt to answer the last (and part of the second) question.

So, what is the world made of? Ordinary matter is made of atoms, which are in turn made of just three basic components: electrons whirling around a nucleus composed of neutrons and protons. The electron is a truly fundamental particle (it is one of a family of particles known as leptons), but neutrons and protons are made of smaller particles, known as quarks. Quarks are, as far as we know, truly elementary.

Our current knowledge about the subatomic composition of the universe is summarized in what is known as the Standard Model of particle physics. It describes both the fundamental building blocks out of which the world is made, and the forces through which these blocks interact. There are twelve basic building blocks. Six of these are quarks--- they go by the interesting names of up, down, charm, strange, bottom and top. (A proton, for instance, is made of two up quarks and one down quark.) The other six are leptons--- these include the electron and its two heavier siblings, the muon and the tauon, as well as three neutrinos.

There are four fundamental forces in the universe: gravity, electromagnetism, and the weak and strong nuclear forces. Each of these is produced by fundamental particles that act as carriers of the force. The most familiar of these is the photon, a particle of light, which is the mediator of electromagnetic forces. (This means that, for instance, a magnet attracts a nail because both objects exchange photons.) The graviton is the particle associated with gravity. The strong force is carried by eight particles known as gluons. Finally, the weak force is transmitted by three particles, the W+, the W- , and the Z.

The behavior of all of these particles and forces is described with impeccable precision by the Standard Model, with one notable exception: gravity. For technical reasons, the gravitational force, the most familiar in our every day lives, has proven very difficult to describe microscopically. This has been for many years one of the most important problems in theoretical physics-- to formulate a quantum theory of gravity.

In the last few decades, string theory has emerged as the most promising candidate for a microscopic theory of gravity. And it is infinitely more ambitious than that: it attempts to provide a complete, unified, and consistent description of the fundamental structure of our universe. (For this reason it is sometimes, quite arrogantly, called a 'Theory of Everything').

The essential idea behind string theory is this: all of the different 'fundamental ' particles of the Standard Model are really just different manifestations of one basic object: a string. How can that be? Well, we would ordinarily picture an electron, for instance, as a point with no internal structure. A point cannot do anything but move. But, if string theory is correct, then under an extremely powerful 'microscope' we would realize that the electron is not really a point, but a tiny loop of string. A string can do something aside from moving--- it can oscillate in different ways. If it oscillates a certain way, then from a distance, unable to tell it is really a string, we see an electron. But if it oscillates some other way, well, then we call it a photon, or a quark, or a ... you get the idea. So, if string theory is correct, the entire world is made of strings!

Perhaps the most remarkable thing about string theory is that such a simple idea works--- it is possible to derive (an extension of) the Standard Model (which has been verified experimentally with incredible precision) from a theory of strings. But it should also be said that, to date, there is no direct experimental evidence that string theory itself is the correct description of Nature. This is mostly due to the fact that string theory is still under development. We know bits and pieces of it, but we do not yet see the whole picture, and we are therefore unable to make definite predictions. In recent years many exciting developments have taken place, radically improving our understanding of what the theory is.

If you want to learn more, visit the sites listed below. I also highly recommend the popular science book "The Elegant Universe: Superstrings, Hidden Dimensions, and the Quest for The Ultimate Theory" (W. W. Norton & Company, 1999), written by Prof. Brian Greene, a well-established string theorist.