Tech
-
What is a “False Positive”?
A true positive is an outcome where the model correctly predicts the positive case. Ex: Downloaded file is malware, and the A.V. detected it as malware. A true negative is an outcome where the model correctly predicts the negative case. Ex: Downloaded file is NOT malware, and the A.V. did NOT detect it as malware. A false positive is an outcome where the model incorrectly predicts the positive case. Ex: Downloaded file is NOT malware, but the A.V. detected it as malware. A false negative is an outcome where the model incorrectly predicts the negative case. Ex: Downloaded file is a malware, AV did NOT detect it as malware. True…
-
What is Attack Surface?
Attack surface. First thing I start thinking is the surface area, or the exposed area that is susceptible to a cyber onslaught by threat actors, or bad people with malicious intent. According to Wikipedia: “The attack surface of a software environment is the sum of the different points (for “attack vectors”) where an unauthorized user (the “attacker”) can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure.” via Wikipedia “KEEPING THE ATTACK SURFACE AS SMALL AS POSSIBLE IS A BASIC SECURITY MEASURE.” **clap, clap** Does that last line stick out to anyone else?? It should.…
-
Start With Why — How Great Leaders Inspire Action | Simon Sinek | TedX [VIDEO]
-
What is Traffic Light Protocol (TLP)?
Traffic Light Protocol (TLP) is a system for classifying sensitive information created in the early 2000s in order to facilitate greater sharing of information. “TLP is a set of designations used to ensure that sensitive information is shared with the appropriate audience. It employs four colors to indicate expected sharing boundaries to be applied by the recipient(s).”[1] TLP is “optimized for ease of adoption, human readability and person-to-person sharing”.[1] It is to be noted that TLP is distinct from the Chatham House Rule, BUT may be used in conjunction, if deemed appropriate by the information exchange participants. Chatham House Rule— “when a meeting, or part thereof, is held under the…
-
What is Remote Code Execution?
What is Remote code execution (RCE)? A simple web search brings up a Wikipedia page on Arbitrary code execution (ACE). According to Wikipedia: In computer security, arbitrary code execution (ACE) is an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution…
-
Security Engineering Analysis Framework Notes…
Good security engineering requires 4 things: Policy: what you’re supposed to achieve Mechanism–the ciphers, access controls, hardware tamper-resistance, and other machinery that you assemble in order to implement the policy. Assurance–the amount of reliance you can place on each particular mechanism. Incentive–the motive that the people guarding & maintaining the system have to do their job properly.
-
Security + Course Notes
Threats, Attacks & Vulnerabilities Malware Malicious software; Broad term; there are many kinds of malware. Viruses Cyrpto-malware Ransomware Worms Trojan Horse Rootkits Keyloggers Adware/Spyware Botnets How do you get malware? These all work together. A worm takes advantage of a vulnerability. Or, installs malware that includes a remote-access backdoor. Bot may be installed later. Your computer must run a program. Email link–Don’t Click Links! Web page pop-ups Drive-by download Worm Your computer is vulnerable Operating System–keep updated! OS & applications. Viruses & Worms Viruses–malware that can reproduce itself; it doesn’t need you to click anything; it needs you to execute a program; Just simply running a program can spread a…
-
More C++ Notes…
More C++ Notes… Step 1–Define the problem to solve. Step 2–Define a solution. Step 3–Write a program that implements the solution. Step 4–Compile the program. Step 5–Link object files. Step 6–Test program. Step 7–Debug. C++ files should end in ‘.cpp‘ extension to indicate a C++ source file. Ex: name.cpp Use a C++ compiler to compile a C++ (.cpp) program. The C++ compiler sequentially goes through each source code (.cpp) file in your program & does 2 important tasks: First, it checks the code to make sure it follows the rules of the C++ language. If it does not, the compiler will give you an error to help pinpoint what needs…
-
Slackware Linux Configuration Notes
After the initial install of Linux, I am now configuring my install of Slackware Linux: Slackware Linux Configuration Notes Configure Info The first screen prompt in this next process was to “Make USB Flash Boot”. “If your computer supports booting from a USB device, it is recommended that you make a USB boot stick for your system at this time. It will boot your computer straight into the root filesystem on ‘/dev/sda2’. “Please insert a USB flash memory stick and then press ENTER to create a boot stick. WARNING! The existing contents of the USB stick will be erased.” The options are: Create–Make a USB Linux boot stick, or, Skip–Skip…
-
Arch Linux/Slackware Linux Install Notes
(Note: I first downloaded Arch Linux, and after doing that process noticed that much of the same below also applies to the install of Slackware. Also, more on Slackware install below starting with the “a” series section below.) I downloaded the Arch Linux ISO image from the Arch download site. Used “SHASUM” to verify. Now in Terminal on Mac, I entered the following (after using Disk Utility to erase the USB device): $ diskutil list (This showed a list of storage devices including my 32GB USB drive, as /dev/disk2 (external, physical). I made sure to verify the name & size so as NOT to touch my main Mac storage drive!)…