Artificial Brain and cryptanalysis

Was reading about different Blue brain or Artificial brain projects and thought of writing a simple network myself. So all I could afford myself is one compute machine from amazon which allows to run 3000 threads only if I am not doing much in each neuron. Each thread is a neuron and after adding little logic of filtering I came down to much lower number. I felt like, what am I doing, so to simulate this in cloud framework, I need the following,

  • A good messaging platform
  • A very lightweight service framework to make it work as neuron

And to able to use this network for doing a cryptanalysis is not far but the brain I produced is a size of an ant or less. I need bigger brain means a lot of machines => a lot of money ??

Yet another phishing on SBI

Recently got the following mail with nicely arranged phishing page, only it was not https…

Email stating where to visit

The phishing email

The site where it takes and from there the hell / the login page 🙂

You will land on it : first

Future attacks ??

I liked the article on some remote attacks without network!!! Interesting…….

http://www.scientificamerican.com/article.cfm?id=hackers-can-steal-from-reflections

What about analyzing your brain waives..Hah.. Funny… 🙂

Phishing Attack – An amateur example

I got an email from some amateur hacker asking me to change my bank account details.

The email was quite promising, I liked it 🙂 Here is an screen shot of that from my mailbox :-

sc4

After i clicked th URL, the layout was good but the URL that was visible on address bar is really bad, I mean really amateur 🙂

Here is a screen shot of that. I have marked the mistakes 🙂

Screenshot-2

BIOS attack & cryptography

i liked the article on BIOS attack :- http://searchsecurity.techtarget.com.au/articles/33210-BIOS-can-become-a-source-of-malware.

The author sited two examples/ mechanism to prevent such attacks:

1) Non-writable BIOS, well it was before, but not user freindly.

2) Trusted Platform Module. This based on cryptographic verification and very secure. But there is problem of certificate expiration of public key cryptography. With current standard a certificate can be valid upto 2-3 years max and you can’t throw your PC after that period if you do not update your certificate store. Now that becomes more or you can say very complicated process. Atleast not so user friendly.

Virtualization Security Issues — Adding an sticky Firewall

It might be a good idea to  add a firewall to each of your VMs to protect the whole system. The “Whole System” is of concern becuase one compromise VM can become a hacker’s playground and will be used it attack other VMs in it’s boundary. But there is an; LATENCY, software switches makes the latency more and the firewall (software) will add to it. The presentation from ALTOR networks looks promising for ALTOR VF.

Unintentional Attacks

I have been observing a quite simple but very interesting attack these days and that is based on the popularity of the Web Service. Though is it similar to this definition but it has a  clear distintion from the previous one.

Consider about the enormou popular Web Servers like – yahoo, google, ….etc.  Now consider about all the Developer, system testers, testers, network troubleshooter, network tester and so on…

What is the first thing you do when your server is not respondig? This what:

  1. Ping (includes all kind) google or yahoo or … any web server that you remember or you trust or is popular
  2. then so on.. other methods

I am not claiming that this same to everyone of us but it is somewhat common. Now, immediate question will be; How to get rid of such attack? Ans: It is really great to have such honor.