tag:blogger.com,1999:blog-7439013386414903935.post5098095289577344448..comments2024-03-23T20:56:40.825+00:00Comments on A Blog on the Landscape!: Cyber attacks- general question.AlanRhttp://www.blogger.com/profile/07180571503542781921noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-7439013386414903935.post-92044896055239059492017-03-21T10:05:55.207+00:002017-03-21T10:05:55.207+00:00Hi Ian, I may be talking tosh here. But it can'...Hi Ian, I may be talking tosh here. But it can't be beyond the realms to reduce the damage caused by hacking into a system as ABTA for example.<br />My parcels of encryption idea may not be the correct terminology but I thought that if each subscriber was sent a paragraph of data and it had blank spaces within it that the customer could fill in and make that a unique paragraph within the whole program which could only be accessed by someone sending that unique paragraph. I thought that this method would reduce the amount of data that a hacker could gain. I also have now done a pt 2 post which explains to me clearly. AlanRhttps://www.blogger.com/profile/07180571503542781921noreply@blogger.comtag:blogger.com,1999:blog-7439013386414903935.post-1024306879217857742017-03-20T22:37:45.345+00:002017-03-20T22:37:45.345+00:00Hi Alan,
I'm not sure what you mean by 'pa...Hi Alan,<br />I'm not sure what you mean by 'parcels of encrypted data' but encryption can't be used while databases are active. The reason for this is that say the database is ordered alphabtically - Alice, Bob, Carol, etc. If you encrypt these, they turn into random strings of characters and it is impractical to sort them. This may make operations such as sort and search impossible.<br /><br />Encryption can protect, to some extent, stored data but weak encryption is quite easy to crack and strong encryption slows down the system quite a lot. <br />Ian Sommerville.https://www.blogger.com/profile/08250241252861339865noreply@blogger.comtag:blogger.com,1999:blog-7439013386414903935.post-44084285578489311692017-03-18T10:10:44.533+00:002017-03-18T10:10:44.533+00:00Thanks Richard for the comment. The more info pass...Thanks Richard for the comment. The more info passed on the better. I have now posted Pt 2. I hope you find it interesting.AlanRhttps://www.blogger.com/profile/07180571503542781921noreply@blogger.comtag:blogger.com,1999:blog-7439013386414903935.post-50318776567539831762017-03-18T00:20:26.198+00:002017-03-18T00:20:26.198+00:00From the details ABTA gave in their press release,...From the details ABTA gave in their press release, it seems likely that their website was SQL-injected; meaning the attackers would have been able to extract data from the database with ease. If this was the case, the attackers would have exploited poorly coded web-pages and server configuration to get at the data i.e. all problems that are entirely down to the organisation running the servers.<br /><br />Although the reports from ABTA say the data was encrypted, this is a non-issue. By now most of that data would have been decrypted. As computers have become more and more powerful year-on-year, passwords need to become longer and longer; and most have not!<br /><br />My advice to all computer users is use a password manager application, which will allow very long completely random passwords that use very large characters sets (i.e. 90+ characters including at least all of uppercase, lowercase, numbers and symbols).<br /><br />And never, ever, ever reuse passwords!<br /><br />re: OS X. It can be secure, but the default configuration isn't. Anti-malware software is always recommended.<br /><br />Hope that helps<br /><br />Richard<br />PS I should add that I have no current or past involvement with the development of anti-malware or password management software.RIGhttps://www.blogger.com/profile/14176065957787524849noreply@blogger.comtag:blogger.com,1999:blog-7439013386414903935.post-75324050612476505922017-03-17T17:33:49.514+00:002017-03-17T17:33:49.514+00:00Dawn, Dave, I may have something I can post soon. ...Dawn, Dave, I may have something I can post soon. Stay tuned. Thanks for commenting anyway, I was thinking I was alone in the world.<br />Dave I too use Mac gear but I still use 3rd party protection.AlanRhttps://www.blogger.com/profile/07180571503542781921noreply@blogger.comtag:blogger.com,1999:blog-7439013386414903935.post-45600618208266294552017-03-17T16:37:23.262+00:002017-03-17T16:37:23.262+00:00Like Dawn, I'm pretty much in the dark beyond ...Like Dawn, I'm pretty much in the dark beyond taking - as Dawn suggests - reasonable precautions. If I'm doing anything like buying something online I try to get the transaction over, the history deleted and the browser closed as quickly as possible. All of which is a bit daft considering cyber attacks probably achieve their objective using processes lasting microseconds and then there's usually a sequence of confirming emails over which I have no control at all when it comes to security.<br /><br />I use an iMac and it's much the same when it comes to virus protection: half of the 'experts' seem to think the more recent versions of OS X have adequate built-in safeguards and there's no need for antivirus software; the other half say that approach is complacent and would leave me vulnerable. For my own part, I have no idea.<br /><br />Sorry, Alan; that didn't get us any further forward did it?Davehttps://ossroad.wordpress.com/noreply@blogger.comtag:blogger.com,1999:blog-7439013386414903935.post-15811907521336222592017-03-17T15:03:52.728+00:002017-03-17T15:03:52.728+00:00Have no answer to that one Alan. However, all this...Have no answer to that one Alan. However, all this cyber stuff is darned scary. As one who uses the computer a lot, all I can say is be darned careful, especially when checking e mails.Dawnhttps://www.blogger.com/profile/09839157927650251268noreply@blogger.com