|Back to Back Issues Page|
eBits n ByteZ, Issue #002 -- The Story Continues...
October 30, 2015
The Story Continues...
Happy Halloween, and welcome to the new issue of eBits n ByteZ. Thank you for subscribing.
Want to learn about computers, how to use them and fix issues? eComputerZ is the right place to be. Frustrated by computer glitches? Don’t worry – imagine being this guy!
He was presenting at an award ceremony about how great his company’s product was, when it triggered the dreaded Blue screen of Death! It’s the last thing you need when presenting in front of hundreds of people! Shudder!!
Before we continue, if you are reading this by e-mail with HTML enabled, and the formatting is not great, please click here to read directly on my web site. The formatting here will be perfect.
A 15 year boy from Ireland has been arrested on suspicion of carrying out the attack. A second person was arrested today.
But what type of attack was it exactly?
DDoS stands for Distributed Denial of Service – it is where a web site, such as TalkTalk’s, is bombarded with huge waves of traffic, resulting in the Service becoming unavailable. When you try to access the site, a message similar to the image below greets you.
Think of it as you walking into a bank, and just when you are about to approach the teller, someone rushes in front of you and spends a lot of time asking the teller for information about things they are ultimately not interested in.
As a legitimate customer you are unable to deposit your cheque until they are finished. Then, just as they are finished, someone else cuts in front of you and does exactly the same thing; keeping you waiting even longer.
You grow tired of waiting for this teller, and go to the next one, but the same things happens there too. When you look across all the tellers, other people, like you who want to do something productive in the bank, are kept waiting by these ‘malicious users’ who are wasting the teller’s time. You are effectively ‘denied the service you require’.
Whilst this explains why customers could not access their online TalkTalk accounts, it doesn't explain why customer’s records could be compromised. A DDoS attack is exactly what it says on the tin – a denial of service, not a theft of people information.
The technique suspected of stealing people information is an SQL injection. This is where the perpetrator gains unauthorised access to the database that holds your records by adding instructions to a web form.
Computers are simple machines (no, really!). They need told exactly what to do. So when you click a link on a web page, or complete a form and click the submit button, the code in the background controls exactly what need to be done with the information e.g. Add, Remove, Amend/Update etc.
Someone cleaver enough can ‘inject’ or add additional lines of code so when you or they click the submit button, their code is run too, and like the good little computer, it does exactly what the code says e.g. bring back all of TalkTalk’s customers bank details.
Whichever way you look at it, this is embarrassing for TalkTalk, and the
frustrating thing is DDoS and SQL Injection attacks are easily preventable with investment in the right technology. A hard lesson learned!
The take home bits you need to know are:
Image courtesy of Winbeta.Org
Do you use windows 10 and Microsoft Edge? What do you think of it? Let me know via the Contact Me page.
Gone are the days where technology is only on your desk or in your pocket!
Part of the new concept called ‘Internet of Things’ (IoT). Wearable technology is at a critical juncture. Limitations in battery life, design concerns and price are set to be largely resolved in the next 12 month.
So what is on the market today, and what could emerge in the coming years? Well that’s difficult to predict. However some of the ideas and innovations are rather impressive. For instance, 3 types to look out for include.
The possibilities are endless, especially in healthcare where real time data could be sent to your physician about your eating habits or emotions/mental health. Watch this space!
Finally, the latest pages to be written and released are focused on computer basics. This is a good place to start if your knowledge is limited, or you need a refresher of the basics.
The domain name has been officially changed from Home Computer Support to eComputerZ. The motivation behind this is to make it easier for smartphone users to access the site.
Thank you for taking the time to read my newsletter. Until next time feel free to take a look at the following eComputerZ resources.
|Back to Back Issues Page|