This blog is submitted in partial fulfillment of the requirements for the degree of Doctor of Computer Science in the in Emerging Media for the University of Colorado Technical University, Colorado Springs, Colorado. Professor Dr. Brian Pankau, EM835: Information Accountability and Web Privacy Strategies.
Privacy Attack Vectors
Group A: BS 1, Psychological Security Traps
There are many areas of psychological security traps and what motivates psychological mind of the developer or security professional. The validated psychological situation that causes weak security that comes into realization. External influences and restrictions are placed on a technological mental game. It’s compared to a coin that can take on 2 dimensions when the defenders also play the game. Side A) Prevent errors that would otherwise lead to attacks. Side B) Use these same techniques to game the attackers and how they operate. (Oram & Vega, 2009 pg 2).
In other words, the psyche of it all is all a game of cat & mouse versus the security developer and the hacker. However, what motivates the hacker? Many hackers want power and money and like to eavesdrop to select the perfect target to attack. The security developer creates the software to ensure that the attacker that can’t intrude. However, no security program is full proof because of the psychological security trap that game of cat & mouse that is a part of security creation.
Hackers often enjoy hijacking data when using encryption and hold it for ransom. Hackers can participate selling their service, which includes distributing spam, eavesdropping, cracking passwords, and generating DoS events. (Stewart, 2011). Think about the real-life example involving Microsoft how help systems, administrators can unveil security vulnerabilities by writing password cracking tools that recovered Microsoft user passwords. Password vulnerabilities are very common now days because it is happening not only in corporations but also with end-users email accounts. A popular psychological security threat tools that a security professional can use is Hijack this security application. However, a tier level Help Desk Analyst can use to clear the end-user’s PC from malware, spyware, and other computer parasites that are on the computer. This enables the security developer to use these same techniques to game the attackers and how they operate.
The moral of the psychological Security trap story is to see how hackers attack vulnerabilities of customers and end-users by using their own weapons against them. Also by using their very tactics against them by creating a stronger security software application that can give peace of mind to end-users and corporations worldwide.
References
Oram, A. & Vega, J. (2009). Beautiful Security: Leading Security Experts Explain How They Think. Sebastopol, California: O’Reilly Publishing, Inc.
Stewart, M. J. (2011) Network Security, Firewalls, and VPNs. Sudbury, Massachusetts: Jones & Bartlett Publishing, Inc.
No comments:
Post a Comment