I have always thought that Mac OS X was total crap and vowed to myself that I would never become another Apple fan boy. However these thoughts were always based on my bias towards windows and not my actual experience with Mac OS X.
When I was given the opportunity this summer to use a Mac Book Pro (MBP) at my internship I was excited to see what the Mac world was all about and hopefully stumble upon some real reasons for hating it. :)
Some things I like about my MBP is that the machine has some really great features. These include the magnetic battery, lots of keyboard hot button, Expose, and the Tiger version of OS X is incredibly stable. The operating system itself is great because it can do just about everything Windows can maybe even more since you can use Linux commands.
There is also a few things I hate about MBPs. The hardware is total crap, I have seen at least 3 hard drives completely fail on brand new out of the box machines. Even the cd rom drives seem to have a short life span. And if you hardware does die don't count on opening up the machine yourself and fixing the problem because MBPs are a real pain to open up and work on. The Leopard version of OS X is a sorry excuse of an operating system and in my opinion is just as unstable as Windows Vista. So ignore all this Mac and PC propaganda Apple puts out. Another thing I dislike is the fact that when a MBP is on standby this stupid light always shines and there is no way to turn it off.
Overall Mac OS X and MBPs are decent. I think they both do the same things, if you need any more power then they offer you should just go to Linux. I of course would never purchase a Mac just based on the fact that they are way overpriced and the hardware is too likely to take a dump, but if you need the coolest toy out there go ahead and get one. :)
Tuesday, July 1, 2008
Monday, February 4, 2008
AIM: Friend or Foe?
Just about everyone born in the last 25 to 30 years uses AOL Instant Messenger to communicate with their friends instantaneously at any time of day. Its easy to see how AIM is quickly becoming a large part of our everyday lives but users should understand the costs that are associated with using this software.
Each and every message sent via AIM travels across the internet in plain text, which is a huge problem for those concerned with security. When sending information across the internet there are generally two ways of sending it, in plain text or encrypted text. Sending a message in plain text does not protect you message in any way, and anyone with the proper tools can see what your message is. In other words, someone could be ease dropping on your aim conversation without your knowledge right now! OMGZ.
However if you encrypt the messages you send out only the intended recipient will be able to read them. We can do this by installing two pieces of software Pidgin and Pidgin Encryption. Pidgin is an AIM client which will replace the AOL version of AIM. It has lots of features and can do everything AOL AIM does and more! It also allows you to add plug ins such as Pidgin Encryption that add on even more features. Theres instructions on how to install both programs on their websites and you can contact me as well if you have any trouble.
Don't forget to tell your friends about this software because you can only use the encryption with other people who have the same software.
Each and every message sent via AIM travels across the internet in plain text, which is a huge problem for those concerned with security. When sending information across the internet there are generally two ways of sending it, in plain text or encrypted text. Sending a message in plain text does not protect you message in any way, and anyone with the proper tools can see what your message is. In other words, someone could be ease dropping on your aim conversation without your knowledge right now! OMGZ.
However if you encrypt the messages you send out only the intended recipient will be able to read them. We can do this by installing two pieces of software Pidgin and Pidgin Encryption. Pidgin is an AIM client which will replace the AOL version of AIM. It has lots of features and can do everything AOL AIM does and more! It also allows you to add plug ins such as Pidgin Encryption that add on even more features. Theres instructions on how to install both programs on their websites and you can contact me as well if you have any trouble.
Don't forget to tell your friends about this software because you can only use the encryption with other people who have the same software.
Wednesday, January 30, 2008
Security+: An Overview
After a semester of working 40 hours a week on top of taking 12 credits at school I felt very unproductive during the first few weeks over winter break. Since the need to "accomplish" something seemed overwhelming I decided to set some time aside to study for the Security+ certification, with the assumption of attempting the exam at the end of break. I did end up taking the exam and would like to share my overall experience.
Overview:
The Security+ certification covers a great deal of information ranging from general security concepts to organizational security. Below is a list of the official domains the exam covers:
Studying:
I knew a great deal about the concepts that would be covered on the exam, either from school or my work experience which was the reason I chose the self study method. I would recommend self study to just about everyone who meets the requirements but especially to poor college kids like me :-p.
To prepare I read over one book titled "All in One Security+ Certification Exam Guide" published by Osborne. I read each chapter once and then picked out a few I needed to reread to fully understand the concepts. These included the chapters on PKI, Remote Access protocols, Standards and Protocols which all had a vast amount of very detailed information. Upon my completion of the book I used the practice exam that came with it and the exam that came with my voucher to get a feel for what the test would actually be like. I passed the book test with flying colors on my first try but I was getting far below passing on the other test.
It was at this point I began to panic. I was scheduled to take my test in a week and here I was not even able to pass a practice test. After hours of researching the exam on Google I was convinced that the Security+ test was not well written and a horrible experience altogether. Despite the face I was very nervous for the test, I showed up on exam day.
The exam:
I personally found the Security+ exam to be very well written and I was able to understand each and every question I was asked. If you hear any reports saying that the test is confusing or anything like that disregard that information. As long as you are familiar with the information in the domains you will be able to pass this exam with no problems what so ever. As you might have guessed I passed the test first try w00t!
Conclusion:
Overall I learned a great deal from the preparation for this exam. I especially learned new things about PKI (Public Key Infrastructure) and different protocols such as PPTP, L2TP, and IPsec. Along with knowledge I also gained a great entry level certification into the Information Security field. Feel free to check out the Security+ website for more info.
Overview:
The Security+ certification covers a great deal of information ranging from general security concepts to organizational security. Below is a list of the official domains the exam covers:
- General Security Concepts
- Communication Security
- Infrastructure Security
- Basics of Cryptography
- Operational/Organizational Security
Studying:
I knew a great deal about the concepts that would be covered on the exam, either from school or my work experience which was the reason I chose the self study method. I would recommend self study to just about everyone who meets the requirements but especially to poor college kids like me :-p.
To prepare I read over one book titled "All in One Security+ Certification Exam Guide" published by Osborne. I read each chapter once and then picked out a few I needed to reread to fully understand the concepts. These included the chapters on PKI, Remote Access protocols, Standards and Protocols which all had a vast amount of very detailed information. Upon my completion of the book I used the practice exam that came with it and the exam that came with my voucher to get a feel for what the test would actually be like. I passed the book test with flying colors on my first try but I was getting far below passing on the other test.
It was at this point I began to panic. I was scheduled to take my test in a week and here I was not even able to pass a practice test. After hours of researching the exam on Google I was convinced that the Security+ test was not well written and a horrible experience altogether. Despite the face I was very nervous for the test, I showed up on exam day.
The exam:
I personally found the Security+ exam to be very well written and I was able to understand each and every question I was asked. If you hear any reports saying that the test is confusing or anything like that disregard that information. As long as you are familiar with the information in the domains you will be able to pass this exam with no problems what so ever. As you might have guessed I passed the test first try w00t!
Conclusion:
Overall I learned a great deal from the preparation for this exam. I especially learned new things about PKI (Public Key Infrastructure) and different protocols such as PPTP, L2TP, and IPsec. Along with knowledge I also gained a great entry level certification into the Information Security field. Feel free to check out the Security+ website for more info.
Tuesday, January 29, 2008
Formatting A Hard Drive: The Real Way
Some of you might thing that after you click the "Empty Recycle Bin" button on your windows computer that the data you deleted is gone forever; this is not the case. You also might have been led to believe that reformatting your hard drive completely destroys all of your data; this is also not the case.
In reality all you are removing is the reference to your data on your hard drive, not the data itself. Since the data you meant to remove is still on your hard drive anyone with the correct tools could easily have access to it. There are hundreds of examples of where this might cause a problem but anyone who is selling or donating their computer hardware should defiantly be concerned.
In this situation it would be beneficial to have a tool that would completely overwrite all the data on your PC. One such tool that I have recently become familiar with is called DBAN short for "Darik's Boot and Nuke." This tool will allow you to boot from a CD and completely wipe your hard drive of any and all data. It works by writing random data over your hard drive hundreds of times which "prevents or thoroughly hinders all known techniques of hard disk forensic analysis."
Check out DBAN's website for more information: http://dban.sourceforge.net/
This software provides an easy way to be certain that selling or donating your old computer hardware will not result in identity theft. If you have any questions on using the software feel free to contact me.
In reality all you are removing is the reference to your data on your hard drive, not the data itself. Since the data you meant to remove is still on your hard drive anyone with the correct tools could easily have access to it. There are hundreds of examples of where this might cause a problem but anyone who is selling or donating their computer hardware should defiantly be concerned.
In this situation it would be beneficial to have a tool that would completely overwrite all the data on your PC. One such tool that I have recently become familiar with is called DBAN short for "Darik's Boot and Nuke." This tool will allow you to boot from a CD and completely wipe your hard drive of any and all data. It works by writing random data over your hard drive hundreds of times which "prevents or thoroughly hinders all known techniques of hard disk forensic analysis."
Check out DBAN's website for more information: http://dban.sourceforge.net/
This software provides an easy way to be certain that selling or donating your old computer hardware will not result in identity theft. If you have any questions on using the software feel free to contact me.
Monday, January 28, 2008
First Blog Post Ever W00t!
So I just got this blog thing going today.
I'm not really sure what I am going to be posting just yet but it will most likely deal with any interesting things I find out about Information Security. I've noticed in the last month or so that just about every Information Security professional out there has a blog of some sort or another so I guess it would be beneficial for me to have one.
I'm not really sure what I am going to be posting just yet but it will most likely deal with any interesting things I find out about Information Security. I've noticed in the last month or so that just about every Information Security professional out there has a blog of some sort or another so I guess it would be beneficial for me to have one.
Subscribe to:
Posts (Atom)