7/30/13

How to seed Pseudorandom Number Generators.

I seed them with time, increased to first valid value.

Generate seed away from microphones, of any kind, including telephones.

Or some next... it should not be guessable.

7/28/13

ROT Mnemonic.

Stands for ROTate.

It shifts Unicode character by n positions. Characters are numbered in Unicode. Shift can be either positive (toward higher numbers) or negative (toward lower numbers). It's wrapped at ends.

It can be used for cryptography, to make Computer System more secure.

See also: Basics of Cryptography (for everyone).

Consequences of Insecurity in IT Sector.

IT Sector stands for Information Technology Sector.

Worst case is Cyberterrorism.

If someone hacks computer that maitains Nuclear Plant, it can cause explosion.

You can imagine consequences of hacking Medical Systems, or Traffic Street Lights, or deficiences in Military Systems.

But there are also subtler issues. With not enough of programmers, there are no one to maitain and modify business. As world changes, software needs to be rewritten to reflect reality. So system won't collapse under it's own clumsiness.

Or hackers suggest with subliminal messages to eat more. Or to commit suicides.

Hardware, Operating System and Computer System (for everyone).

Definition.

Computer System = Hardware (Physical machine) + Operating System (Software).

Operating Systems.

They serve as abstraction over hardware, letting users to control computer systems without too much technical knowledge. They should be easy to use.

Abstraction over hardware.

It can be explained as generalization of hardware (and hiding unneccessary details from user to make their lives simpler). It does not matter what exact hardware (graphic card, soundcard etc..) You have, operating system abstracts over it.

You have the same user interface, it does not depend on which model of hardware you have. From user perspective it's only better or worse sound or graphics or computation speed (or other things). Users do not need to know how it works, how software handles hardware, how drivers work and so on... All that matters is performance gained.

Hacking software and understanding how machine works is for hackers. Anyone can train to be hacker, but it's paid with precious years of life.

Summary:

Operating Systems should make Hardware secure, fast, and easy to use. Users should not waste years of their lives connecting cables and solving problems to print simple document or whatever they need to do.

7/24/13

Automated, Strategic Internet Defenses and Computer Games.

Hacking tools (programs) should act in coordinated, strategic way, and allow for human intervention, there should be Graphic User Interface (GUI) for them, but not without people maitaining and patching it, or making maneuvers from console.

GUI can be used to play scenarios that can be saved for analysis, or in some cases for direct action (carefully).

Hackers should learn strategy. Even if internet combat scenarios are often abstract, real, historic warfare is important part of such.

This does not mean one should rely only on computer games for strategy, they offer very narrow sight.

Computer games are a way of practicing some ideas, but hackers should NOT overdo it.

Personally, i do not want to buy computer games forever, i have other expenses. I hate ads for this reason. I think players should be rewarded for playing games, instead of paying for them. But microtrasactions are nice, they allow to fund prizes and give support.

While computer game as hacking network GUI might sound like great idea, let's not forget about all these people who suicided because of computer games. It's worst if real money is involved in games, bets and dirty tricks.

(coordinated hacking scenarios are riddles to solve. they are so abstract that only in scifi/fantasy games they might make sense, and it's doable)

7/23/13

Improper Art as part of system hacking.

Art is often used as means of compromising systems, to scare or manipulate victim to comply. Some 'hackers' say: 'i broke people not passwords'. It's part of 'social engineering'.

Example:

 photo lp_zpsbdc6f02f.jpg

Click on image to see it on deviantART.


i consider this as black trick, nonethical, especially when combined with subliminal message (any way, any sense).

Internet users should be wary of popup widows, advertisements, and content they subscribe for. It's too easy for hacker to hack popup window or other part of internet browser or operating system to display subtle message, and also soundcard to mix subliminal message in sound.

Ethical Hacking.

Ethical hacker can find work by looking for holes in system's security, be it application big or small.

Then she or he reports to employer and if neccessary fixes this bug.

It's application's administrator work, and it requires knowledge of hacking, and coding, perhaps more (including overall security theory). Most efficient are teams, for many purposes, transfer of knowledge and work in shifts.

System is never secure forever.

To be secure, computer system needs to be cared for (patched, maitained) constantly. And more.

But sometimes it is too expensive, and new, simpler and better system needs to emerge.

Bugfixing and patching is hard, demanding work and should be compensated properly.

Cheap www pages and Internet applications.

There's demand for cheap www pages, but from experienced programmer's perspective it's not worth unless there's technology for mass production.

www page is static, nearly noninteractive.

Internet application is more expensive, but it can do anything that computer program can do. That is, it is application with web interface.

Both www pages and internet applications need Art, so it's best to pair Programmer(s) who knows a little of Art with Digital Artist(s) who know little about page design.

7/19/13

Why designers/programmers should learn hacking?

To design secure systems. And to automate defenses using computer programs.

Hacking tools can be controlled by programs, and defend internet infrastructure.

Important part is design and realization of Hacking Tools, then using scripts to execute complex Maneuvers in The Internet.

It is both Art & Science to experiment in this way, to learn by trying (and to suffer consequences of mistakes).

Mathematics is also part of this, for it's basic for Cryptography.

During peacetime, more resources (computing power and more) can be allocated to solving Mathematical problems (Computing Time and other resources can be sold for commercial purpose. Solving of common problems can be automated by writing programs, so Mathematicians can work on more ambitious tasks, including adding more requirements to computing system. Then for example economists can pay for quick solution of their problems. It's cheap to use automated tools).

7/18/13

Groups & Bodies.

Group is nonempty set with inner 2-argument operation 'o' with following conditions (axioms):

1.

For each a,b,c in G: (a o b) o c = a o (b o c)

2.

Exists e in G that for each a in G: a o e = a = e o a

3.

For each a in G exists a' in G that: a o a' = e = a' o a

if also:

For each a,b in G: a o b = b o a then we call it, abelian group.

----

Body (or more strictly Commutative Body) is set K with at least 2 elements, with 2 2-argument inner operations, addition (+), and multiplication ('*'), when following conditions (axioms):

1.

{K, +} is abelian group (with neutral element is denoted as 1, and opposite element to a as -a.

2.

{ K - {0}, * } is abelian group (with neutral element is denoted as 1, and opposite element to a as a^-1),

3.

For each a,b,c in K: a * (b+c) = a*b + a*c.


Source: [1].