Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Report on Hacking


Published on

In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment,[1] or to evaluate those weaknesses to assist in removing them. The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community. While other uses of the word hacker exist that are related to computer security, such as referring to someone with an advanced understanding of computers and computer networks, they are rarely used in mainstream context. They are subject to the longstanding hacker definition controversy about the term's true meaning. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats), is more appropriately called a cracker instead. Some white hat hackers, who claim that they also deserve the title hacker, and that only black hats should be called "crackers"

Published in: Internet
  • Login to see the comments

Report on Hacking

  1. 1. Preface I have made this report file on the topic Hacking; I have tried my best to elucidate all the relevant detail to the topic to be included in the report. While in the beginning I have tried to give a general view about this topic. My efforts and wholehearted co-corporation of each and every one has ended on a successful note. I express my sincere gratitude to SUBASH who assisting me throughout the preparation of this topic. I thank him for providing me the reinforcement, confidence and most importantly the track for the topic whenever I needed it.
  2. 2. INTRODUCTION In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment,[1] or to evaluate those weaknesses to assist in removing them. The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community. While other uses of the word hacker exist that are related to computer security, such as referring to someone with an advanced understanding of computers and computer networks, they are rarely used in mainstream context. They are subject to the longstanding hacker definition controversy about the term's true meaning. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats), is more appropriately called a cracker instead. Some white hat hackers, who claim that they also deserve the title hacker, and that only black hats should be called "crackers"
  3. 3. Contents  History of Hacking  What is Hacking?  Who is Hacker?  Famous Hackers in history  Why do Hackers hack?  Types of Hacker  How to give a password to account  What should do after Hacked  How to secure our data  Advantages of Hacking  Disadvantages of Hacking  Conclusion  References
  4. 4. A history of hacking Hacking has been around for more than a century. In the 1870s, several teenagers were flung off the country's brand new phone system by enraged authorities. Here's a peek at how busy hackers have been in the past 35 years. Early 1960s University facilities with huge mainframe computers, like MIT's artificial intelligence lab, become staging grounds for hackers. At first, "hacker" was a positive term for a person with a mastery of computers who could push programs beyond what they were designed to do. Early 1970s John Draper makes a long-distance call for free by blowing a precise tone into a telephone that tells the phone system to open a line. Draper discovered the whistle as a give-away in a box of children's cereal. Draper, who later earns the handle "Captain Crunch," is arrested repeatedly for phone tampering throughout the 1970s. Yippie social movement starts YIPL/TAP (Youth International Party Line/Technical Assistance Program) magazine to help phone hackers (called "phreaks") make free long- distance calls. Two members of California's Homebrew Computer Club begin making "blue boxes," devices used to hack into the phone system. The members, who adopt handles "Berkeley Blue" (Steve Jobs) and "Oak Toebark" (Steve Wozniak), later go on to found Apple Computer. Early 1980s Author William Gibson coins the term "cyberspace" in a science fiction novel called Necromancer. In one of the first arrests of hackers, the FBI busts the Milwaukee-based 414s (named after the local area code) after members are accused of 60 computer break-in sranging from Memorial Sloan-Kettering Cancer Centre to Los Alamos National Laboratory. John Draper
  5. 5. Comprehensive Crime Control Act gives Secret Service jurisdiction over credit card and computer fraud. Two hacker groups form, the Legion of Doom in the United States and the Chaos Computer Club in Germany. 2600: The Hacker Quarterly is founded to share tips on phone and computer hacking. Late 1980s The Computer Fraud and Abuse Act gives more clout to federal authorities. Computer Emergency Response Team is formed by U.S. defences agencies. Based at Carnegie Mellon University in Pittsburgh, its mission is to investigate the growing volume of attacks on computer networks. At 25, veteran hacker Kevin Mitnick secretly monitors the e-mail of MCI and Digital Equipment security officials. He is convicted of damaging computers and stealing software and is sentenced to one year in prison. First National Bank of Chicago is the victim of a $70-million computer heist. An Indiana hacker known as "Fry Guy" -- so named for hacking McDonald's -- is raided by law enforcement. A similar sweep occurs in Atlanta for Legion of Doom hackers known by the handles "Prophet," "Leftist" and "Urvile." Early 1990s After AT&T long-distance service crashes on Martin Luther King Jr. Day, law enforcement starts a national crackdown on hackers. The feds nab St. Louis' "Knight Lightning" and in New York grab Masters of Deception trio "Phiber Optik," " Acid Phreak" and "Scorpion." Fellow hacker "Eric Bloodaxe" is picked up in Austin, Texas. Operation Sun devil, a special team of Secret Service agents and members of Arizona's organized crime unit,conducts raids in 12 major cities, including Miami. A 17-month search ends in the capture of hacker Kevin Lee Poulsen ("Dark Dante"), who is indicted for stealing military documents. Hackers break into Griffith Air Force Base, then pewter computers at NASA and the Korean Atomic Research Institute. Scotland Yard nabs "Data Stream," a 16-year-old British teenager who curls up in the fetal position when seized. A Texas A&M professor receives death threats after a hacker logs on to his computer from off-campus and sends 20,000 racist e-mail messages using his Internet address.
  6. 6. In a highly publicized case, Kevin Mitnick is arrested (again), this time in Raleigh, N.C., after he is tracked down via computer by Tsutomu Shimomura at the San Diego Supercomputer Centre. Late 1990s Hackers break into and deface federal Web sites, including the U.S. Department of Justice, U.S. Air Force, CIA, NASA and others. Report by the General Accounting Office finds Defence Department computers sustained 250,000 attacks by hackers in 1995 alone. A Canadian hacker group called the Brotherhood, angry at hackers being falsely accused of electronically stalking a Canadian family, break into the Canadian Broadcasting Corp. Web site and leave message: "The media are liars." Family's own 15-year-old son eventually is identified as stalking culprit. Hackers pierce security in Microsoft's NT operating system to illustrate its weaknesses. Popular Internet search engine Yahoo! is hit by hackers claiming a "logic bomb" will go off in the PCs of Yahoo!'s users on Christmas Day 1997 unless Kevin Mitnick is released from prison. "There is no virus," Yahoo! spokeswoman Diane Hunt said. 1998 Anti-hacker ad runs during Super Bowl XXXII. The Network Associates ad, costing $1.3- million for 30 seconds, shows two Russian missile silo crewmen worrying that a computer order to launch missiles may have come from a hacker. They decide to blow up the world anyway. In January, the federal Bureau of Labor Statistics is inundated for days with hundreds of thousands of fake information requests, a hacker attack called "spamming." Hackers break into United Nation's Children Fund Web site, threatening a "holocaust" if Kevin Mitnick is not freed. Hackers claim to have broken into a Pentagon network and stolen software for a military satellite system. They threaten to sell the software to terrorists. The U.S. Justice Department unveils National Infrastructure Protection Centre, which is given a mission to protect the nation's telecommunications, technology and transportation systems from hackers. Kevin Mitnick [photo / AP ]
  7. 7. Hacker group L0pht, in testimony before Congress, warns it could shut down nationwide access to the Internet in less than 30 minutes. The group urges stronger security measures.  What is Hacking? During the 1990s, the term "hacker" originally denoted a skilled programmer proficient in machine code and computer operating systems. In particular, these individuals could always hack on an unsatisfactory system to solve problems and engage in a little software company espionage by interpreting a competitor's code. Unfortunately, some of these hackers also became experts at accessing password-protected computers, files, and networks and came to known as "crackers." Of course, an effective and dangerous "cracker" must be a good hacker and the terms became intertwined. Hacker won out in popular use and in the media and today refers to anyone who performs some form of computer sabotage.  Hacker Tools There now are more than 100,000 known viruses with more appearing virtually daily. The myriad of hackers and their nefarious deeds can affect any computer owner whether an occasional home user, e-mailer, student, blogger, or a network administrator on site or on the internet. No matter your level of computer use, you must protect your computer, business, or even your identity. The best way to know how to protect your computer is to understand the hacker's tools and recognize their damage.  Viruses, Exploits, Worms, and More The term computer "virus" originated to describe machine code command inserted into a computer's memory that, on execution, copies itself into other programs and files on the computer. Depending on the hacker's intent, the design of a virus can merely be an inconvenience or have very serious consequences up to a potential catastrophe. Generally, a virus is a piece of software, a series of data, or a command sequence that exploits a bug, glitch, or vulnerability. Each example is appropriately termed an "exploit." An exploit causes unintended or unanticipated behavior to occur in a computer's operating system or applications while propagating itself within the computer. An exploit and operates through a network security vulnerability or "hole" without previous access to the vulnerable system is a "remote" exploit. An exploit that needs prior
  8. 8. access to a system is termed a "local" exploit. These are usually intended to increase the hacker's access privileges beyond those granted by a system administrator. Worms are simply viruses that send copies over network connections. A bomb resides silently in a computer's memory until set off by a date or action. A Trojan horse is a malicious program that cannot reproduce itself, but is distributed by CD or e-mail.  Protect Your Computer: Avoid Computer Holes/Vulnerabilities Install only trusted software and delete unknown emails. If you have any doubt about a piece of software's function, do not install it. If you receive e-mails from random people's names, resist your curiosity and do not open it, just delete it. Under no conditions download or open attachments from anyone that you do not know and even then be cautious. Banks and most companies that create online personal accounts will not send you attachments. If they do, it is probably best to go to the company site and request the download or at least see if it is legitimate. Avoid adult web sites, a hacker's paradise. Whether in your e-mail or online, do not click on ads. If the ad is of interest, find the site. Be careful with what you physically put into your computer. This is especially true for shared R/W CDs, USB hard disks, or flash drives. This is an easy path for a virus to follow from computer to computer.  Protection: Install Anti-Virus Software Anti-virus software searches for evidence of the presence of viral programs, worm, bombs, and Trojan horses by checking for the characteristic appearances or behaviors that is typical of these programs. When found the program logs its discovery, its type, often its name or an identifier, and it potential for damage. The anti-virus software then eliminates or isolates/quarantines the infected files. For the individual, commercial software is relatively inexpensive; however, there are free anti-virus programs available. Since new viruses appear almost daily with new code it is imperative that you update you antivirus program often to keep up with these threats; therefore, make sure to set your program to update automatically. To avoid the annoyance of computer slowdown schedule full scale scans late at night.
  9. 9. The same is true for your Windows Operating System. Very often, your OS is where hackers discover the holes to exploit. Of course, in an ever-continuing battle, this software is continuously updated with security patches. Finally, secure your wireless network with a router that has a built in firewall. Almost all wireless routers are set to no security when first installed. Log into the router and at least set it to basic security with a strong password to replace the factory setting that any hacker knows. A firewall or router that is not configured properly or non-existent allows hackers to scan passwords, e-mails, or files that cross your network connection. Hacker is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems." 1) Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever programmer. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:  A person who enjoys learning details of a programming language or system  A person who enjoys actually doing the programming rather than just theorizing about it  A person capable of appreciating someone else's hacking  A person who picks up programming quickly  A person who is an expert at a particular programming language or system, as in "UNIX hacker" Raymond deprecates the use of this term for someone who attempts to crack someone else's system or otherwise uses programming or expert knowledge to act maliciously. He prefers the term cracker for this meaning. 2) The term hacker is used in popular media to describe someone who attempts to break into computer systems. Typically, this kind of hacker would be a proficient programmer or
  10. 10. engineer with sufficient technical knowledge to understand the weak points in a security system. For more on this usage, see cracker.  One Of The World’s Most Famous Hackers & What Happened To Them There are two types of hackers. First, you’ve got the kind that is so often portrayed by Hollywood as an anti-social nerd with a chip on his shoulder out to dominate the cyberworld by breaking into secure networks and messing things up. Second, you’ve got the kind of people who just enjoy fiddling around with software source code and hardware gigs. That’s right. The term “hacker” originally referred to the second type, which held absolutely no malevolent connotations. Only recently has the term been used to refer primarily to criminal masterminds. There are good hackers and bad hackers! Nowadays, benevolent hackers are often called “white hats” while the more sinister are called “black hats.” In this article, I’ll be talking specifically about famous hackers that don hats of black. Here are five of the most widely known black hatters and what happened to them for their recklessness. Jonathan James
  11. 11. Jonathan James was known as “c0mrade” on the Internet. What is his ticket to fame? He was convicted and sent to prison for hacking in the United States–all while he was still a minor. At only fifteen years of age, he managed to hack into a number of networks, including those belonging to Bell South, Miami-Dade, the U.S. Department of Defense, and NASA. Yes, James hacked into NASA’s network and downloaded enough source code to learn how the International Space Station worked. The total value of the downloaded assets equaled $1.7 million. To add insult to injury, NASA had to shut down their network for three whole weeks while they investigated the breach, which cost them $41,000. The story of James has a tragic ending, however. In 2007, a number of high profile companies fell victim to a massive wave of malicious network attacks. Even though James denied any involvement, he was suspected and investigated. In 2008, James committed suicide, believing he would be convicted of crimes that he did not commit. Kevin Mitnick Kevin Mitnick’s journey as a computer hacker has been so interesting and compelling that the U.S. Department of Justice called him the “most wanted computer criminal in U.S. history.” His story is so wild that it was the basis for two featured films.
  12. 12. What did he do? After serving a year in prison for hacking into the Digital Equipment Corporation’s network, he was let out for 3 years of supervised release. Near the end of that period, however, he fled and went on a 2.5-year hacking spree that involved breaching the national defense warning system and stealing corporate secrets. Mitnick was eventually caught and convicted, ending with a 5-year prison sentence. After serving those years fully, he became a consultant and public speaker for computer security. He now runs Mitnick Security Consulting, LLC. Albert Gonzalez Albert Gonzalez paved his way to Internet fame when he collected over 170 million credit card and ATM card numbers over a period of 2 years. Yep. That’s equal to a little over half the population of the United States. Gonzalez started off as the leader of a hacker group known as ShadowCrew. This group would go on to steal 1.5 million credit card numbers and sell them online for profit. Shadow Crew also fabricated fraudulent passports, health insurance cards, and birth certificates for identity theft crimes totaling $4.3 million stolen. The big bucks wouldn’t come until later, when Gonzalez hacked into the databases of TJX Companies and Heartland Payment Systems for their stored credit card numbers. In 2010, Gonzalez was sentenced to prison for 20 years (2 sentences of 20 years to be served out simultaneously).
  13. 13. Kevin Poulsen Kevin Poulsen, also known as “Dark Dante,” gained his fifteen minutes of fame by utilizing his intricate knowledge of telephone systems. At one point, he hacked a radio station’s phone lines and fixed himself as the winning caller, earning him a brand new Porsche. According to media, he was called the “Hannibal Lecter of computer crime.” He then earned his way onto the FBI’s wanted list when he hacked into federal systems and stole wiretap information. Funny enough, he was later captured in a supermarket and sentenced to 51 months in prison, as well paying $56,000 in restitution. Like Kevin Mitnick, Poulsen changed his ways after being released from prison. He began working as a journalist and is now a senior editor for Wired News. At one point, he even helped law enforcement to identify 744 sex offenders on MySpace.
  14. 14. Gary McKinnon Gary McKinnon was known by his Internet handle, “Solo.” Using that name, he coordinated what would become the largest military computer hack of all time. The allegations are that he, over a 13-month period from February 2001 to March 2002, illegally gained access to 97 computers belonging to the U.S. Armed Forces and NASA. McKinnon claimed that he was only searching for information related to free energy suppression and UFO activity cover-ups. But according to U.S. authorities, he deleted a number of critical files, rendering over 300 computers inoperable and resulting in over $700,000 in damages. Being of Scottish descent and operating out of the United Kingdom, McKinnon was able to dodge the American government for a time. As of today, he continues to fight against extradition to the United States. Now, do you know any famous hackers who should be in this hall of infamy? Put his (or her) name down in the comments.
  15. 15.  Why do people hack computers? When someone hacks a computer or network system, it's typically for one of three main reasons:  Hacking for fun Some hackers make attempts on computers, servers or network systems just for the personal gratification. Others may feel that they need to prove something to their peers or friends, and hack something only for the challenge.  Hacking to steal Another reason to hack a system is to steal information or money. A large portion of hacking attempts fall into this category. Banks and large companies are common targets for hacking jobs, but sometimes smaller companies or even a specific person's computer are targeted, as well.  Hacking to disrupt There are also some hackers, including hacking groups; that target a company to disrupt business, create chaos and just be a nuisance. These groups often be trying to make a statement with their hacking, demonstrate security inadequacies, or to show general
  16. 16. disapproval for the business itself. Examples of hacking groups that made headlines are Anonymous and LulzSec.  Types of Hacker Hackers aren’t inherently bad — the word “hacker” doesn’t mean “criminal” or “bad guy.” Geeks and tech writers often refer to “black hat,” “white hat,” and “gray hat” hackers. These terms define different groups of hackers based on their behavior. The definition of the word “hacker” is controversial, and could mean either someone who compromises computer security or a skilled developer in the free software or open-source movements.  Black Hats Black-hat hackers, or simply “black hats,” are the type of hacker the popular media seems to focus on. Black-hat hackers violate computer security for personal gain (such as stealing credit card numbers or harvesting personal data for sale to identity thieves) or for pure maliciousness (such as creating a botnet and using that botnet to perform DDOS attacks against websites they don’t like.) Black hats fit the widely-held stereotype that hackers are criminals performing illegal activities for personal gain and attacking others. They’re the computer criminals. A black-hat hacker who finds a new, “zero-day” security vulnerability would sell it to criminal organizations on the black market or use it to compromise computer systems. Media portrayals of black-hat hackers may be accompanied by silly stock photos like the below one, which is intended as a parody.  White Hats White-hat hackers are the opposite of the black-hat hackers. They’re the “ethical hackers,” experts in compromising computer security systems who use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes.
  17. 17. For example, many white-hat hackers are employed to test an organizations’ computer security systems. The organization authorizes the white-hat hacker to attempt to compromise their systems. The white-hat hacker uses their knowledge of computer security systems to compromise the organization’s systems, just as a black hat hacker would. However, instead of using their access to steal from the organization or vandalize its systems, the white-hat hacker reports back to the organization and informs them of how they gained access, allowing the organization to improve their defenses. This is known as “penetration testing,” and it’s one example of an activity performed by white-hat hackers. A white-hat hacker who finds a security vulnerability would disclose it to the developer, allowing them to patch their product and improve its security before it’s compromised. Various organizations pay “bounties” or award prizes for revealing such discovered vulnerabilities, compensating white-hats for their work.  Gray Hats Very few things in life are clear black-and-white categories. In reality, there’s often a gray area. A gray-hat hacker falls somewhere between a black hat and a white hat. A gray hat doesn’t work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things. For example, a black hat hacker would compromise a computer system without permission, stealing the data inside for their own personal gain or vandalizing the system. A white-hat hacker would ask for permission before testing the system’s security and alert the organization after compromising it. A gray-hat hacker might attempt to compromise a computer system without permission, informing the organization after the fact and allowing them to fix the problem. While the gray- hat hacker didn’t use their access for bad purposes, they compromised a security system without permission, which is illegal. If a gray-hat hacker discovers a security flaw in a piece of software or on a website, they may disclose the flaw publically instead of privately disclosing the flaw to the organization and giving them time to fix it. They wouldn’t take advantage of the flaw for their own personal gain — that would be black-hat behavior — but the public disclosure could cause carnage as black-hat hackers tried to take advantage of the flaw before it was fixed.
  18. 18.  How to give a password to account  Use length to your advantage. Create a password that has eight or more characters since this is usually the minimum for most password requirements. The longer the password the more secure it is likely to be  Form a "random" sequence of words and/or letters. Create a phrase or series of letter that is seemingly "random" but is easy to remember. Call this your "base-word." 1. Example: My children are Jessie, Cassey, Michael and Jenny, so my base-word becomes "jecamije". 2. Example: My first house was on Spooner Street becomes "houseonspooner".  Add numbers to the base-word to make it more secure. 1. Example: Add the ages of the children to the end making it "jecamije22191612". 2. Example: Add the house number to the end of the base-word to create "houseonspooner1500".  Use punctuation and symbols to "complicate" it further. 1. Example: Add random punctuation to create "jecamije_22191612". 2. Example: Add a symbol to the word to make "houseonspooner#1500".  Create complexity with upper and lowercase letters. 1. Example: Take advantage of adding capital letter to create "JeCaMiJe22191612". 2. Example: Add the house number to the end of the base-word to create "houseonSpooner1500".
  19. 19.  Generate similar but altered passwords. Use the same or similar base-words to help you remember your passwords easily without making them "too" easy to crack. 1. Example: "JeCaMiJe_22191612" can become "mykidsJeCaMiJe-90807060" or "12161922*JeCaMiJe". 2. Example: "HouseonSpooner#1500" can become "1500*myfirstHouseonSpooner" or "***15HouseonSpooner00". TIPS  Don't use obvious base-words like a name, birthday or date, these are easier to crack than whole phrases.  Don't use your name, it will be easy to crack!  Change your passwords periodically or whenever it may have become compromised. Frequent password changing is required by company policy or federal law in some businesses, but may encourage users to choose weaker passwords or write down their password near their computers. Don't re-use an expired password.  You can also use accented letters. It makes your password much harder.  Take a word (for example, money), spell it backwards (yenom) and put your birthdate in between. Say you were born February 5, 1974. So it would be yfebe5n19o74m. Hard to remember, yes, but also nearly impossibly to crack.  For even more security, try to use "nonsense words." Combine these with numbers to make memorable, secure passwords. For example, "brickbeak9468."  If you have trouble remembering all the passwords you need, try using a password manager, they can store all your passwords securely using a single master password.
  20. 20.  Mixing in numbers and letters (E.G.: j78hu5948h0gy67g) can almost be impossible to crack, so try using that tip. If you're afraid you'll forget your password, write it down in a secure place where you won't forget it.  How to secure our data Creating a strong password To keep your account safe, here are a few tips on how to create a strong password:  Use a unique password for each of your important accounts  Use a mix of letters, numbers, and symbols in your password  Don’t use personal information or common words as a password  Make sure your backup password options are up-to-date and secure Keep your passwords secure
  21. 21.  What should I do if I've been hacked? If you believe you have been hacked or a company that is hosting your account has been hacked the most important thing you should do is change your passwords.  Reset your passwords Your account and account details are what most hackers want. If you cannot log into your account, try resetting your password. If resetting your password does not work, or the e- mail associated with the account no longer works look for an account recovery option. If all options fail to reset the account, you must contact the company to have them intervene. When changing your password keep the considerations below in mind:  A password should never be easy to guess. Passwords like 1234, password, etc. are easy to guess.  Don't use passwords that you've used in the past.  Passwords should have letters, numbers, spaces, and other characters. Note: If you are using the same password for other accounts (which is not advised) you need to change your other account passwords to a different password. Once a hacker determines your username and password that information is stored and often shared and can be used to compromise other accounts. Tip: If you have a difficult time remembering all your passwords use a password manager to store them safely.  Check your machine
  22. 22. If the company your accounts are hosted by did not notice or mention a security breach, it's possible you or your machine have been the source of the attack. Make sure to scan your computer for any spyware and malware that may be stealing your account details or logging your keystrokes. Tip: If malware is found on your computer you may want to reset your account passwords again, as infections may have logged your new password.  Verify account details After all of your passwords have been changed if your accounts have any shipping information make sure the shipping information is still your address. If the account authorizes any third-party programs or apps (e.g. Facebook and Twitter) make sure no third-party apps have rights to your accounts that you haven't given permission. Best advice is to delete any app you are unfamiliar with or do not remember installing.  Let your other contacts know about the hack If your e-mail account or any account with contacts is hacked, let your contacts know about the hack. Hackers often gain access to other accounts by using affiliated accounts since people are not as suspicious of e-mails coming from someone they know.  Verify past posts If your social network (e.g. Google+, Twitter, or Facebook) has been hacked make sure there are no posts or messages that have been made on your behalf. Social network accounts are hacked to help spread spam, malware, and advertisements on your behalf.  New accounts setup If a hacker gains access to your e-mail, they often use your e-mail address as a way to setup new accounts. Check your inbox, sent items, and trash for any new account notifications using your e-mail address. If new accounts have been created, you can try logging into those accounts by using the reset password feature and then delete the account.  How do you secure my data?
  23. 23. We understand how important it is to keep your data safe and secure - which is why we've gone to pretty extreme lengths to lock things down. We break our practical security measures down into four attributes, based on best practice management of risk.  Encryption Our first security defence is simple, important but often overlooked - we make sure every single connection between your computer or wireless device and the AffinityLive servers is encrypted, using 265 bit securty encryption which is roughly twice as strong as many banks use today. Unlike many other web-based services that provide encryption as an option, with AffinityLive, this level of encryption and security is compulsory - there is simply no way to access AffinityLive without at least 256 bit encryption.  Access In addition to making sure the connection between your desktop and the servers is secure, we also go to pretty significant lengths to ensure the connections our engineers use to manage your system and keep it secure are also tightly controlled and secured. All engineers are closely vetted, and access to the server infrastructure by our engineers is only possibly via a 2048bit encrypted VPN connection, secured in addition through private keys and a server-side access control list that allows for immediate revocation if required. While a small group of our engineers need to be able to access systems to manage, optimize and maintain them, the only services that are accessible outside this protected channel are via the website and mail server that you use, each of which is firewalled and locked down at the front door. The database and file server that store your critical data are never accessible directly to the outside world.  Segregation When it comes to data security, segregating your data from that of other AffinityLive clients is an important and effective security measure. When you become an AffinityLive client, your data is kept in a separate, segregated database which is tied completely to your - and only your - deployment of AffinityLive. In hosted or multi-tenant applications that run in the cloud, one of the risks is that everything is stored together in a single database, and all it takes is one oversight by a programmer and other people may get unauthorized access to your data. With AffinityLive, we make sure you're quarantined and segregated into your own database, to ensure this can never happen.  Vigilance & Expertise Servers, websites and applications are created by people, so in a sense there's always a chance that a bug or hole might be found. The good news is that Affinity Live is built upon systems and technology with more than a decade of proven performance in large scale environments, including Google, Facebook and more. By choosing to build upon servers like the Apache Web Server, the Postfix Mail Server and the MySQL Database Server, we've made sure we're using some of the most stable, secure and proven platforms to build Affinity Live upon. Should a hole or exploit be found, we've also architected our systems to support a high level of automation; within a matter of minutes we can have our dozens of systems and
  24. 24. services automatically updated and patched. With a team of dozens watching these things around the clock, a mixture of expertise, vigilance and doing things right ensures your data is protected and secure, much more so than it would be sitting on a server in the corner of your office.  Advantages of hacking  Can be used to recover lost information where the computer password has been lost.  Teaches you that no technology is 100% secure.  To test how good security is on your own network.  They call it white hat computer hacking.  Disadvantages of Hacking  Criminals can use it to their advantage.  It can harm someone's privacy  It's Illegal
  25. 25. Conclusion The word "hacker" carries weight. People strongly disagree as to what a hacker is. Hacking may be defined as legal or illegal, ethical or unethical. The media’s portrayal of hacking has boosted one version of discourse. The conflict between discourses is important for our understanding of computer hacking subculture. Also, the outcome of the conflict may prove critical in deciding whether or not our society and institutions remain in the control of a small elite or we move towards a radical democracy (a.k.a. socialism). It is my hope that the hackers of the future will move beyond their limitations (through inclusion of women, a deeper politicization, and more concern for recruitment and teaching) and become hacktivists. They need to work with non-technologically based and technology- borrowing social movements (like most modern social movements who use technology to do their task more easily) in the struggle for global justice. Otherwise the non- technologically based social movements may face difficulty continuing to resist as their power base is eroded while that of the new techno power elite is growing – and the fictionesque cyberpunk-1984 world may become real.
  26. 26. References  