|Back to Back Issues Page|
eBits n ByteZ, Issue #002 -- The Story Continues...
October 30, 2015
The Story Continues...
Happy Halloween, and welcome to the new issue of eBits n ByteZ. Thank you for subscribing.
Want to learn about computers, how to use them and resolve issues? eComputerZ is the right place to be. Frustrated by computer glitches? Don’t worry – imagine being this guy!
He was presenting at an award ceremony about how great his company’s product was, when it triggered the dreaded Blue screen of Death! It’s the last thing you need when presenting in front of hundreds of people! Shudder.
Before we continue, if you are reading this by e-mail with HTML enabled, and the formatting is not great, please click here to read directly on my website. The formatting here will be perfect.
It is difficult to get the formatting right for all types of e-mail services, so please bear with me :)
TalkTalk Attack – To DDoS or not to DDoS?
For those unfamiliar with TalkTalk, they are one of the largest broadband and mobile phone providers in the UK. A short while ago, they announced they were subject to a major cyber-attack, putting up to 4 million customers banking and personal details at risk.
A 15-year boy from Ireland has been arrested, suspected of carrying out the attack. A second person was arrested today.
But what type of attack was it exactly?
Note: 15 years old is the norm for this type of attack. ‘Script Kiddies’ have many resources available to them on the Internet. If they have the dedication to learn how to use the tools expert hackers sell on the black market, it is easy for them to perform such an attack. Fortunately, they almost always get caught because they cannot cover their tracks so well.
Initially, TalkTalk said they were subject to a sustained DDoS attack. What on earth is one of these?
DDoS stands for Distributed Denial of Service – it is where a website, such as TalkTalk’s, is bombarded with huge waves of traffic, resulting in the Service becoming unavailable.
Think of it as you walking into a bank, and just when you are about to approach the teller, someone rushes in front of you and spends a lot of time asking the teller for information about things they are ultimately not interested in.
As a legitimate customer, you are unable to deposit your cheque until they are finished. Then, just as they are finished, someone else cuts in front of you and does the same thing; keeping you waiting even longer.
You grow tired of waiting for this teller, and go to the next one, but the same things happen there too. When you look across all the tellers, other people, like you who want to do something productive in the bank, are kept waiting by these ‘malicious users’ who are wasting the teller’s time. You are effectively ‘denied the service you require’.
Whilst this explains why customers could not access their online TalkTalk accounts, it doesn't explain why customer’s records could be compromised. A DDoS attack is exactly what it says on the tin – a denial of service, not a theft of people information.
The technique suspected of stealing people information is an SQL injection. This is where the perpetrator gains unauthorized access to the database that holds your records by adding instructions to a web form.
Computers are simple machines (no, really!). They need told exactly what to do. So, when you click a link on a web page, or complete a form and click the submit button, the code in the background controls exactly what need to be done with the information e.g. Add, Remove, Amend/Update etc.
Someone cleaver enough can ‘inject’ or add additional lines of code so when you or they click the submit button, their code is run too, and like the good little computer, it does exactly what the code says e.g. bring back all of TalkTalk’s customers bank details.
Whichever way you look at it, this is embarrassing for TalkTalk, and the frustrating thing is DDoS and SQL Injection attacks are easily preventable with investment in the right technology. A hard lesson learned!
Microsoft Edge - Take Home Bits
Windows 10 comes with a new web browser called Microsoft Edge. Sceptical to begin with, this new browser is growing on me, and may even propel Microsoft to compete again with the likes of Firefox and Chrome.
The take home bits you need to know are:
Image courtesy of Winbeta.Org
Do you use Windows 10 and Microsoft Edge? What do you think of it? Let me know via the Contact Me page.
What is Wearable Technology
This is a huge growth industry. Wearable technology is exactly that – IT devices you wear!, such as Glasses (Search for Google Glass). Wristbands dominate the market today that do all sorts of things.
Gone is the days when technology is only on your desk or in your pocket!
Part of the new concept called ‘Internet of Things’ (IoT). Wearable technology is at a critical juncture. Limitations in battery life, design concerns and price are set to be largely resolved in the next 12 month.
So, what is on the market today, and what could emerge in the coming years? Well, that’s difficult to predict. However, some ideas and innovations are rather impressive. For instance, 3 types to look out for include.
The possibilities are endless, especially in healthcare, where real-time data could be sent to your physician about your eating habits or emotions/mental health. Watch this space.
What's New on eComputerZ
Finally, the following pages and sections have recently been written and released on eComputerZ.
Finally, the latest pages to be written and released are focused on computer basics. This is a good place to start if your knowledge is limited, or you need a refresher of the basics.
The domain name has been officially changed from Home Computer Support to eComputerZ. The motivation behind this is to make it easier for smartphone users to access the site.
Thank you for taking the time to read my newsletter. Until next time, feel free to take a look at the following eComputerZ resources.
|Back to Back Issues Page|