"A Walk to Secure Future"- Part 1
Greetings Readers, Here is the first article in my series "A Walk to Secure future"
"Let us discuss about the basic concept of hacking and general notions and knowledge of people about the current usability of internet and security level. My target is the general audience, normal non- CS/IT background people who make casual use of the internet for normal surfing, some videos, Facebook, occasional mails etc.
People surfing on the internet focus on accomplishment of their requirement. If they need to send an email, they log on to their service provider, enter credentials, use their mail services and generally FORGET to "log out". Mistake number one! They feel free to log in from any device/system that comes in handy when they need. What they feel is, "nothing as such classified information is stored in my mail account, why bother so much into securing it". But they fail to understand that their id, can always be used to HACK into other account by a smart hacker. So taking steps to secure your account means taking equal steps to helping others secure their account. Their emails can be used to spoof other ids and send mass spam messages over the internet by SCAMMERS, Black-hat Marketing personnel. This is a violation of the cyber law. On websites like Facebook, fake profiles, stalking on others ids, sexual material exploit are done if you fail to secure your account. General audience or users never bother about security, they think WHY will someone try and Hack them. The answer to this is: They do not want to hack you/ they want to harm some other guy and you just gave him one of the many keys used to bother him. Blackmailing, Cyber Sexual-Abuse, Unlawful Pornography, Crimes, thefts are the combinations of a Smart Hacker, Excellent knowledge of the field, Harmful Intentions, dumb victims.
Let us talk about app log in. For e.g. whenever a new user tries to register with our forum, he sees an easy profiling method, "Facebook/twitter" log in. 80% of them 'do not know' how does that work. Simply they login. Luckily our host is much secure, but same does not apply to other websites or forums. This App-Verification method of various internet giants can become cause of hefty crimes. This doesn't mean this method should be stopped but it poses a great threat for cyber security. Maybe as I said in earlier post, "the user is not yet ready for this".
Basic concept of hacking does not start with learning smart languages, scripts, codes, infrastructure etc. but it starts with the need, the intention, the application and the personality of the hacker. This is the Live ware background which is the cradle of every cyber operation taking place every day at least a million times.
Security over the internet has become a very important issue to tackle with. The program to train more and more security personnel through ethical hacking programs are in turn giving fruits of ASPIRING RED HAT HACKERS who think hacking into some one's Facebook and posting ugly pictures is Funny! This has made the job of security consultants more difficult. The objective was to train the users on securing themselves from known threats on the internet but guess what, 70% of such missiles backfire. The people who train them in such workshops provide basic knowledge which is exactly necessary to protect yourself but also they leave a curiosity among the students to learn more and more and guess what!! Google finishes the task. There is virtually nothing you cannot find on Google! You just need to look for the correct things.
You have always read do not click on unknown links and Blah! Blah! Blah! But hackers are also smart. They know their victim and they know how to target him. Dumb Victims fall for clicking absurd links and smart ones don't even need to. They get hacked by their over smartness. Applying 2-step verification in Google is smart way of securing, but Back-linking every website he surfs on back to his Google or Facebook account is over smartness and guess what "BUSTED!”
The audience needs to be answer the question WHY?? Before asking HOW??
General audience today does not bother about all these things, but if they want to enjoy the marvellous perks the future-Tech is going to present them, they have to be ready for it. What we call as Coming Future is already on the street. Touch Screen which was considered extremely royal born is now in hands of a Rickshaw-wala in just a time span of five years.
In the next part I will write about "Hacking Approach- the Recon". On where the hacker starts his job. Thanks for reading. Stay tuned for more!
Regards,
Nayan Goenka
"Let us discuss about the basic concept of hacking and general notions and knowledge of people about the current usability of internet and security level. My target is the general audience, normal non- CS/IT background people who make casual use of the internet for normal surfing, some videos, Facebook, occasional mails etc.
People surfing on the internet focus on accomplishment of their requirement. If they need to send an email, they log on to their service provider, enter credentials, use their mail services and generally FORGET to "log out". Mistake number one! They feel free to log in from any device/system that comes in handy when they need. What they feel is, "nothing as such classified information is stored in my mail account, why bother so much into securing it". But they fail to understand that their id, can always be used to HACK into other account by a smart hacker. So taking steps to secure your account means taking equal steps to helping others secure their account. Their emails can be used to spoof other ids and send mass spam messages over the internet by SCAMMERS, Black-hat Marketing personnel. This is a violation of the cyber law. On websites like Facebook, fake profiles, stalking on others ids, sexual material exploit are done if you fail to secure your account. General audience or users never bother about security, they think WHY will someone try and Hack them. The answer to this is: They do not want to hack you/ they want to harm some other guy and you just gave him one of the many keys used to bother him. Blackmailing, Cyber Sexual-Abuse, Unlawful Pornography, Crimes, thefts are the combinations of a Smart Hacker, Excellent knowledge of the field, Harmful Intentions, dumb victims.
Let us talk about app log in. For e.g. whenever a new user tries to register with our forum, he sees an easy profiling method, "Facebook/twitter" log in. 80% of them 'do not know' how does that work. Simply they login. Luckily our host is much secure, but same does not apply to other websites or forums. This App-Verification method of various internet giants can become cause of hefty crimes. This doesn't mean this method should be stopped but it poses a great threat for cyber security. Maybe as I said in earlier post, "the user is not yet ready for this".
Basic concept of hacking does not start with learning smart languages, scripts, codes, infrastructure etc. but it starts with the need, the intention, the application and the personality of the hacker. This is the Live ware background which is the cradle of every cyber operation taking place every day at least a million times.
Security over the internet has become a very important issue to tackle with. The program to train more and more security personnel through ethical hacking programs are in turn giving fruits of ASPIRING RED HAT HACKERS who think hacking into some one's Facebook and posting ugly pictures is Funny! This has made the job of security consultants more difficult. The objective was to train the users on securing themselves from known threats on the internet but guess what, 70% of such missiles backfire. The people who train them in such workshops provide basic knowledge which is exactly necessary to protect yourself but also they leave a curiosity among the students to learn more and more and guess what!! Google finishes the task. There is virtually nothing you cannot find on Google! You just need to look for the correct things.
You have always read do not click on unknown links and Blah! Blah! Blah! But hackers are also smart. They know their victim and they know how to target him. Dumb Victims fall for clicking absurd links and smart ones don't even need to. They get hacked by their over smartness. Applying 2-step verification in Google is smart way of securing, but Back-linking every website he surfs on back to his Google or Facebook account is over smartness and guess what "BUSTED!”
The audience needs to be answer the question WHY?? Before asking HOW??
General audience today does not bother about all these things, but if they want to enjoy the marvellous perks the future-Tech is going to present them, they have to be ready for it. What we call as Coming Future is already on the street. Touch Screen which was considered extremely royal born is now in hands of a Rickshaw-wala in just a time span of five years.
In the next part I will write about "Hacking Approach- the Recon". On where the hacker starts his job. Thanks for reading. Stay tuned for more!
Regards,
Nayan Goenka
Replies
-
Abhishek Rawal
Can you elaborate these sentences ? I am keen to know what you really mean by these sentences.Nayan GoenkaThe program to train more and more security personnel through ethical hacking programs are in turn giving fruits of ASPIRING RED HAT HACKERS who think hacking into some one's Facebook and posting ugly pictures is Funny! This has made the job of security consultants more difficult. -
Nayan GoenkaSure. The motive of ethical hacking programs is to educate people about cyber security and encourage them to take it on as a career option. The side effect of this is the audience there is partially enlightened and they occasionally start thinking that invading others' privacy is fun, take on to Part time Red Hat hacking, sometimes they don't even know what they are getting into. This has started creating troubles for security analysts as to how to distinguish "Extremely potential threats" or some "Script Kiddie" experimenting his junk off.
-
Sanyam KhuranaNice One #-Link-Snipped-#
-
Nayan GoenkaThanks for appreciating. future posts will be more interesting 😀
-
Abhishek RawalOkay, got it!
One more question :
Do you think that these people who took crash course in Red Hat are really capable of breaching the servers ?
Do you, someway or another blame Kali Linux project for increase in number of Neophytes or Script-kiddies ?
Okay, that was two. pardon me. -
Nayan Goenkathe people who took take such crash courses are definitely not capable of breaching servers but they gain the basic knowledge of how a simple facebook or google account or any other account can be hacked. with some research in php, some simple coding and reading on security forum thread, he can start his way up from something. Believe me, nothing works faster than a super-curious potential student interested in such a vast topic of ethical hacking. He can surely find his way up.
Let me give you in on a little secret, it was 5 years ago i attended a rare workshop on ethical hacking ( rare according to that time), that made me started here. After a lot of reading in a number of places and, of course, advanced training, guidelines from experienced people I have managed to do some accountable work. So yes, "script kiddies" can be harmful. 😛
For your Kali Linux Project, it surely helps but its still intended for educational purposes. People can make any type of use they want from a resource. We don't blame any project for helping potential security personnel into generating Skids. -
Sanyam KhuranaWhat's this Kali Linux Project ?😕
-
Nayan GoenkaKali linux is a Linux distribution which is good for information security training, in other words, which is cool for scripting offensive stuff. It is powered by Offensive Security- its a security consultant agency
Offensive Security | Cybersecurity Training, Courses & Certifications
Kali Linux | Penetration Testing and Ethical Hacking Linux Distribution -
Abhijit DeyThere are basically three professional type of hackers:
White Hat - Totally on the defensive side, trying to protect the system from breach.
Black Hat - Full on offensive, always on the lookout for vulnerabilities.
Grey Hat - Somewhere in between who is passive and reacts to vulnerabilities on interest.
Nowadays new terms have cropped up thanks to the frenzy in the hacker community.
Red Hat - Someone who defends his own system from attack and also tries to destroy the other systems he wants to attack or is being attacked from.
Blue Hat - The ones who believe that hacking is pure for fun and for those who believe that it's the best way to take revenge.
Green Hat - The ones who use software made by other hackers and are always interested in learning more by practise and reading, generally called a Script Kiddie.
The terms may confuse you but take extreme caution when communicating to hackers. Not all of them have a heart. They may be watching you right now!
You are reading an archived discussion.
Related Posts
So What I understood is that-
Classname object=new Classname();
Here an object will be created in heap and the reference to it will be stored in stack.After we close the...
In Indian smartphone market we have Nokia Lumia 520 (~10-11K), 620 (14-15K), 720 (18-19K), 820 (23-24 K) and 920 (35-38 K).
Feature wise, except Lumia 520 all have front and...
I have know some details. I need an more details about inverter. what are the procedure to do inverter business and how investments and how is markets for inverter. please...
Google IO's keynote revealed all the amazing improvements and modifications that Google Now had undergone. With the mind blowing responses to everyday questions, now there are speculations rising on how...
At Integrated Ideas, we work constantly at different productivity and entertainment products. Research is of various kind. Recently we decided to take a ride of mathematics, especially complex maths with...