Thursday, February 28, 2008
Wednesday, February 27, 2008
SSH Connection (as part of the webpage assignment)
We will now begin to learn about Linux machines and commands for interacting with them.
Accounts have been made for all of you on the CS 12 server. The details are:
In order to connect to the server you will have to use an SSH client. For those with Windows, you can install the SSH Secure Shell. If you don't want to install anything, you can also use PuTTY by downloading the appropriate executable file.
I have written an introduction to Linux tutorial. There are a few things that are beyond what we will do in this class, but feel free to read it if you like. I have also made the following videos to show just the connection to the Linux server.
Connection with SSH Secure Shell
If you install the SSH Secure Shell, you will hit the ``quick connect'' button shown below:
Then you will type in the correct information:
The video below shows this [By-the-way, you will NOT see the password since it is masked by asterisks *** So even though you might think you see it, you don't.]:
Connection with PuTTY
After you download putty.exe, double click it. You will have to fill in the appropriate information, such as the hostname and then press the open button:
Then you will be asked for your user name and password. You will not see your password when you type!
Here is a video of PuTTY in action:
Accounts have been made for all of you on the CS 12 server. The details are:
Host Name: cs12.cs.qc.cuny.edu
User Name:
First 2 letters of LAST name, followed by
First 2 letters of FIRST NAME, followed by
Last 4 digits of Student ID.
Password: 9 digits student ID.
In order to connect to the server you will have to use an SSH client. For those with Windows, you can install the SSH Secure Shell. If you don't want to install anything, you can also use PuTTY by downloading the appropriate executable file.
I have written an introduction to Linux tutorial. There are a few things that are beyond what we will do in this class, but feel free to read it if you like. I have also made the following videos to show just the connection to the Linux server.
Connection with SSH Secure Shell
If you install the SSH Secure Shell, you will hit the ``quick connect'' button shown below:
Then you will type in the correct information:
The video below shows this [By-the-way, you will NOT see the password since it is masked by asterisks *** So even though you might think you see it, you don't.]:
Connection with PuTTY
After you download putty.exe, double click it. You will have to fill in the appropriate information, such as the hostname and then press the open button:
Then you will be asked for your user name and password. You will not see your password when you type!
Here is a video of PuTTY in action:
Tuesday, February 26, 2008
Linux Commands
As you have discovered, Linux is somewhat different than Windows. The paths to files are much different, for example in Windows you have a path like:
However in Linux, there are no drive letters and the slashes go a different direction:
Everything in the file system is mounted after the root directory, which is just a forward slash - /
We also learned that there are several users on the same Linux server and that each user has his/her own home directory (folder) that has the same name as the username. You can see above that I have my home directory with the same name as my username: jlevy. It is inside that folder that I have permission to create and use new files.
We also learned that when we log in, we can see who we are and which directory we are in by looking at the prompt:
You can see my username and the tilde ~ which indicates that I am in my home directory. After you log in, the commandline is simply waiting there for you to issue it a command.
Basic Commands
In the last class we covered some basic Linux commands such as:
One thing to note about Linux: Commands ARE case sensitive so you have to type them in all lower case!
C:\Documents and Settings\jlevy\My Documents
However in Linux, there are no drive letters and the slashes go a different direction:
/home/faculty/jlevy
Everything in the file system is mounted after the root directory, which is just a forward slash - /
We also learned that there are several users on the same Linux server and that each user has his/her own home directory (folder) that has the same name as the username. You can see above that I have my home directory with the same name as my username: jlevy. It is inside that folder that I have permission to create and use new files.
We also learned that when we log in, we can see who we are and which directory we are in by looking at the prompt:
[jlevy@cs12 ~]$
You can see my username and the tilde ~ which indicates that I am in my home directory. After you log in, the commandline is simply waiting there for you to issue it a command.
Basic Commands
In the last class we covered some basic Linux commands such as:
passwd changes your password
clear clears the screen
pwd print working directory
tree print out a tree of all
files from location
mkdir create (or make) a new directory
rmdir [directory] remove directory
rm [file] remove file
rm -Rf [dir] remove directory and all files
inside DANGEROUS!
touch [file] create (or update) a file
ls list out files
ls -a list out all files including
hidden files
ls -l list out files with permissions
ls -al list out all files with permissions
cd [path] change directory to [path]
cp [oldfile] [newfile] copy the oldfile to the newfile
or location
mv [oldfile] [newfile] move the oldfile to the newfile
or location
chmod [perms] [file] change the mode (permissions)
to perms for file
pico [file] open file for editing with pico
text editor
exit end session (logout)
One thing to note about Linux: Commands ARE case sensitive so you have to type them in all lower case!
Thursday, February 14, 2008
Privacy and the Internet (updated 2/15)
In our ever more Globalized society, privacy is often compromised. The Internet is adding to the loss of privacy as well. Some of it is at the fault of the individual. Some of it is at the fault of some miscreant aimed at an individual. And some of it is happenstance due to the progress of technology. The problem is, once content is on the internet it often stays on the internet. There is not anyway to take back something once it has been downloaded and passed around, or cached in google cache or saved on computer somewhere.
Other links:
Myspace
My Death Space (Even in death, there is no privacy...)
Washington Post Article
Google Maps Street View
boingboing Article
View of License Plate
Wired Article with Submissions of Weirdness
Youtube Invasion
Star Wars Kid
Star Wars Kid Files Lawsuit
Star Wars Kid a ``Cyber-lebrity''
Star Wars Kid Original Video
Remake of SWK Video with Special Effects
SWK Matrix Style
Numa Numa
Gary Brolsma's website
Numa Numa Original Video
Navy Numa Numa :-)
New Numa Numa
Clinton youtube video
Surveillance Cameras
Surveillance Cameras in NYC
Wired article on cameras in NYC
NYTimes Article: The New Security: Cameras That Never Forget Your Face
Yale course about surveillance cameras (includes abuses of this technology)
Think an image isn't that big of a deal? Look at this amazing video of how much information can be organized and manipulated:
Sunday, February 10, 2008
Questions for Frontline Video
Here are the questions for the Frontline Video we watched in class:
1) The video portrays a struggle between parents and their children in the age of technology. Do you think there is a solution to the struggle and if so, what is it?
2) The internet is still considered the ``wild west'' at this point and teenagers are able to flourish without adult supervision. One concern about this however, is safety. As addressed in the video, studies have shown teens are able to take care of themselves when approached by strangers online. The media often broadcasts the opposite view, however. What are your thoughts about this topic?
3) Cases of cyberbullying have grown more rampant in the last few years. In the suicide cases we discussed, the bullies are not punished by the state due to a lack of laws in place. There may also be problems with jurisdictions since cyberbullying takes place on line and knows no boundaries. How do you think that cyberbullying can be punished? Should there be an special task force/cybercourt to handle online cases or should laws be updated by our governments to handle these items?
4) How aware do you feel you were about the items seen in the video?
5) How do you feel about the video overall?
1) The video portrays a struggle between parents and their children in the age of technology. Do you think there is a solution to the struggle and if so, what is it?
2) The internet is still considered the ``wild west'' at this point and teenagers are able to flourish without adult supervision. One concern about this however, is safety. As addressed in the video, studies have shown teens are able to take care of themselves when approached by strangers online. The media often broadcasts the opposite view, however. What are your thoughts about this topic?
3) Cases of cyberbullying have grown more rampant in the last few years. In the suicide cases we discussed, the bullies are not punished by the state due to a lack of laws in place. There may also be problems with jurisdictions since cyberbullying takes place on line and knows no boundaries. How do you think that cyberbullying can be punished? Should there be an special task force/cybercourt to handle online cases or should laws be updated by our governments to handle these items?
4) How aware do you feel you were about the items seen in the video?
5) How do you feel about the video overall?
Friday, February 8, 2008
Myspace passwords
Here are a couple of articles about Myspace password analysis:
Bruce Schneier's blog
Brian Kreb's blog
They also talk about a few exploits that were used to obtain the account names and passwords.
There was a recent case about a stalker who harassed Amor Hilton on Myspace.
Also, don't think that you are safe just because you have a ``Private Profile.'' Weaknesses in the Myspace website allowed access to people's private pictures and information. Myspace had known about the flaw for sometime, but still hadn't fixed it.
Bruce Schneier's blog
Brian Kreb's blog
They also talk about a few exploits that were used to obtain the account names and passwords.
There was a recent case about a stalker who harassed Amor Hilton on Myspace.
Also, don't think that you are safe just because you have a ``Private Profile.'' Weaknesses in the Myspace website allowed access to people's private pictures and information. Myspace had known about the flaw for sometime, but still hadn't fixed it.
Thursday, February 7, 2008
Pretending to be something you're not...
We had discussed an article from wired about a mole from the media who attended Defcon. The organizers suspected that she was in fact a reporter, in spite of the fact that she refused to buy the media pass instead of the regular one. She was hoping to out agents and others doing ``illegal activities'' and even commented on
She then made the mistake of telling others her intent and revealing her hidden camera, so her unveiling was inevitable:
Social Engineering
We also discussed Social Engineering in the class and also talked a little about one of the best known social engineers. Here is a video on how to social engineer a free pizza:
Phishing
We also discussed Phishing, which is a type of social engineering. We even took a Phishing IQ test and saw how tricky some of these guys can be.
We even took a look at a fraudulent email I received the same day, and I showed you how to do a whois lookup to see which country the email is coming from. This is a Nigerian Letter or 419 fraud letter. There is a website called 419eater that is dedicated to fighting these fraudsters.
How the people in Kansas would be interested in what takes place [at such events].
She then made the mistake of telling others her intent and revealing her hidden camera, so her unveiling was inevitable:
Social Engineering
We also discussed Social Engineering in the class and also talked a little about one of the best known social engineers. Here is a video on how to social engineer a free pizza:
Phishing
We also discussed Phishing, which is a type of social engineering. We even took a Phishing IQ test and saw how tricky some of these guys can be.
We even took a look at a fraudulent email I received the same day, and I showed you how to do a whois lookup to see which country the email is coming from. This is a Nigerian Letter or 419 fraud letter. There is a website called 419eater that is dedicated to fighting these fraudsters.
Wednesday, February 6, 2008
Hackers
We had talked in class about what ``Hackers'' are and even how to become one.
We even talked about how things can get exaggerated in the eyes of the media, by watching a Fox Special on ``Hackers on Steroids'':
One of the items mentioned here, however was how a boy's myspace account was ``compromised'' several times. We saw that myspace actually sends usernames and passwords in the clear, so it could be easily obtained. However, most of the time usernames and passwords are obtained by Phishing, where the user is tricked into giving their information. [We will talk more about phishing later...]
There is actually more to the story on the fellow in the Fox Special, however. You can search around for the details on your own ...
We even talked about how things can get exaggerated in the eyes of the media, by watching a Fox Special on ``Hackers on Steroids'':
One of the items mentioned here, however was how a boy's myspace account was ``compromised'' several times. We saw that myspace actually sends usernames and passwords in the clear, so it could be easily obtained. However, most of the time usernames and passwords are obtained by Phishing, where the user is tricked into giving their information. [We will talk more about phishing later...]
There is actually more to the story on the fellow in the Fox Special, however. You can search around for the details on your own ...
Tuesday, February 5, 2008
Growing up Online
Frontline on PBS had an interesting article about kids growing up online:
http://www.pbs.org/wgbh/pages/frontline/kidsonline/
There are interviews with some of the people involved in the making of this video that you can read:
http://www.pbs.org/wgbh/pages/frontline/kidsonline/interviews/
As well as interviews with the directors/researchers:
http://www.pbs.org/wgbh/pages/frontline/kidsonline/etc/notebook.html
You can also find updates about some of the kids in the video.
There's also a deeper look inside the issues. As well as other things located at the main website link.
Myspace Suicide
This video made me think some other cases that occured over the last few years, especially one in particular:
Megan Meier was a teenager with some teenage problems who was duped by some ``friends'' including the mother of one of these friends. They had created a fake profile of a teenage boy and engaged in conversation with Megan. Eventually, they started to harass Megan with the fake profile and she took it rather badly and killed herself.
Here are some articles:
http://www.news.com/8301-13860_3-9819394-56.html
http://blog.wired.com/27bstroke6/2007/11/blog-readers-ou.html
http://blog.wired.com/27bstroke6/2007/11/megan-meier-sui.html
Some readers became so outraged that they outed the adults that had duped Megan and posted not only their names, but places of business, phone number and address. Then one of the bloggers who had outed them got outed herself:
http://www.wired.com/politics/onlinerights/news/2007/11/vigilante_justice
An even odder turn in the case, is that of a blog that surfaced as a comment in another article called ``Megan Had it Coming.'' The writer of the blog at some point ``confessed'' to being Lori Drew, or the mother of the child who was friends with Megan, and had harassed her to her death.
http://www.dvorak.org/blog/?p=14913
http://sigmundcarlandalfred.wordpress.com/2007/11/19/megan-the-bitchhad-it-coming-or-how-to-kill-a-child-twice/
http://www.cnn.com/2007/US/12/08/internet.suicide.ap/index.html
The blog was posted here:
http://meganhaditcoming.blogspot.com/
and seems to have been taken over by some someone else. Most of the posts have since been erased. Either way, this is a tragic story with examples of invasion of privacy and questions about how children should be protected.
Subscribe to:
Posts (Atom)