Information Technology Challenges

This week I am reflecting on an assignment I had for my network security class. I had a choice of four tasks and I chose to find my cookies in Google's Chrome browser. This was a task that seemed easy enough. I used Windows Explorer to navigate to the Chrome program folder. I did not find the cookies there. I then navigated to my users file and looked in the Chrome folder there. Nope. I even looked in the Temp files and nothing looked familiar. I took several online classes while I was in the Air Force because I wanted to be able to use Microsoft Office more efficiently. One of  the first things that is taught is the Help menu. This practice has avoided hours of frustration when I wanted to learn how to do something new. Coming back to the present, I decided to use the Help menu that is in most applications. I invoked the Chrome browser menu which is the three dots stacked on top of one another and lives next to the plug-ins and address bar on the right hand side of the scree...

In this special edition, I would like to bring to light the network security threat known as spoofing. Spoofing is masking the true identity of an IP address, port number or even a MAC address. This is often used to attempt to penetrate a wireless network. Regarding wireless networks, the cellphones we use and are practically part of most of us, belong to some of the wireless networks in the world. Based on the cellphone plans that we have with our cellphone service provider, we make phone calls, send text messages, surf the internet, play games or video chat. There is a dark side to cellphone use. They are highly mobile devices that can be difficult to track. To make things more difficult, people who like to play practical jokes have a way to rattle their victims even more. I decided to use Google and see what I could find as far as cell number and text message spoofing. I found some interesting apps that could be downloaded and installed for free. Be advised that free is a rela...

In most professions, personnel safety is the highest priority. Reasons that come to my mind are that people are unique and not replaceable. On the other hand, we can always purchase a new computer or other widget. We usually have an emotional attachment to our co-workers, colleagues, friends and family. The loss of one of our companions or family members is devastating and can impact the way our mind functions for a very long time. The reason I mention this is I have a story of a flawed disaster plan. A few years ago, I retired from the United States Air Force. I was an explosives handler and worked in an explosives storage area. Specifically I was a Munitions Controller. In the event of an incident that required evacuation such as a fire, we had a response plan. We were required by the Department of the Air Force to have a disaster response plan. The plan was that during an evacuation, one Controller would stay behind in the control room to coordinate disaster response actions whi...

This week in my network security class, we reviewed the SQL Injection attack among many others. I enjoy many mobile applications which are mainly games. These games usually are massive multiplayer online games and have teams. These teams are tailored to the content of the game. For example, a game that features space battles will have a multiplayer feature called a fleet or alliance. With the fleet or alliance, there are benefits such as in game rewards and a chat or messaging feature. Some games will display page after page of teams while other games will display a group of featured teams. Still, other games allow the user to search for teams by name. This last method allows you to find your friends or family that might be playing the game more easily. Besides, playing the game with your friends or family is more fun because you feel more connected. Recently, I downloaded a mobile app that was recommended by the Google play store. The app has some of my favorite fictional characte...

What kind of biometric recognition system is the best? This is a good question. If we rely on statistics to help us make a decision, then we rely on something called the Crossover Error Rate or CER. This is where the False Rejection Rate and the False Acceptance Rate are equal. The lower the CER the more reliable the system will be in protecting the asset it was put in place for. In addition, if there are too many rejected attempts to access the asset that come from users with a valid access and need, the access control system is less useful. In this case, the availability of the asset has been impacted because the system is refusing to grant access for valid attempts. On the flip side, if there are too many false acceptances, the asset could also be compromised in a hostile or unfriendly attempt to gain access. Both of these scenarios are unacceptable to the institutions with assets to protect. In my research, the best way to find out if a product is worth the money is to visi...

I feel the IT threat that is most difficult to defend against is the insider threat. Mandatory education and strict policies are no match against someone who wants to do harm to an organization. Rogue networks and brute force attacks are met with countermeasures that are implemented by a company's IT department. If that person were say, an administrator, who wanted to cause as much damage as possible before being terminated, there is really nothing to stop the act itself. The consequences such as lawsuits and jail time, are real enough but the damage is already done. I think the best defense in this case would be to ensure vital tasks require a two-person policy. The next best defense would be to rotate personnel through different departments. Mandatory vacations are also a good idea because if an incident occurred, timeframes are easier to nail down as well as other details. Criminal and financial background checks are important in this area too. Knowing your people is essenti...