This marks the last security related blog post written for a course grade. The purpose is to summarize my prior posts and analyze the topics I chose, the sources I used, and my thoughts on the usefulness of security blogging. It will wrap up with a small section regarding the lessons I have learned since I wrote my first security post.Continue reading
Cyber Security and Geopolitics
This post is going to address the relevance of cyber security in the realm of geopolitics and internationally organized crime. Topics discussed will include espionage and theft. The point of this paper is to inform the reader of the extent in which cyber attacks are used. It is not just “script kiddies” with hack tools – it is governments and organized criminal units, as well. The writing will begin with an overview, demonstrate an example of cyber crime, delve into the dynamics of it, move on to examine recent charges of espionage, and finish with a summary of the key points.Continue reading
N-Factor Authentication
This post is going to talk about N-Factor Authentication. It is commonly represented in the form of Two-Factor Authentication, but more factors can be required, resulting in more security. The main purpose is to stress the importance of out-of-band transmission when using N-Factor Authentication. It does not matter how many factors are used to authenticate the identity of a person if every factor is transmitted over the same channel; if a hacker can compromise the channel, the number of factors matters not.Continue reading
Legality and Morality of Reverse Engineering
This post is going to discuss the legality and morality of reverse engineering. It will introduce a definition to start, list some common use-cases, and weave in and out of the morality of it all. A discussion and comparison of the similarities and differences between patents and copyrights will be given, followed by a brief overview of digital rights management (DRM) and the Digital Copyright Millennia Act (DCMA) to finish things up.Continue reading