Introduction to Computer & IT Insecurity
Computer security and IT security are terms associated with the protection of computer software, hardware, and the network systems from the hazards of external attacks from virus, cracking, hacking, etc. In fact, the security measures and policies aim at safeguarding or protecting the information systems and information from anyone other than the administrator including consultants, customers, employees, suppliers, and the malevolent hackers.
But unfortunately, the security precautions that majority of the present-day computer-systems have are very limited. Most of the present day efforts for maintaining IT security are designed to consider the system on which they work as the ‘trusted system’ and focus primarily on the external hazards posed by crackers, virus, hackers, etc. However, some of the domain experts believe this kind of a distinction between the external perils and the trusted system is the major cause of majority of the security concerns that arise in current systems.
For instance, if an attacker (external) manages to undermine a single portion of the system that had no security provisions, he/she will easily have access to almost all the other system features. Moreover, this kind of a security standpoint is more likely to result in insecure systems as most computer systems are highly complex and 100 percent defect-free system cannot be guaranteed.
Security breaches in computer systems can lead to an enormous financial damage. The cost of revamping the systems after the damage caused by identity thefts, phishing, and computer worms, etc., might be quoted in millions of dollars. Individuals and organizations will have to probably undergo a time-consuming, costly process of getting their computer systems, infected with malware or spyware, cleaned. Physical and computer security are similar in many ways. Similar to the real-world physical security, the primary motivations behind computer security breaches vary greatly between the attackers, also sometimes referred to as crackers or hackers. In order to block these attacks and protect one’s computer system, one needs to follow a number of techniques.
However, before understanding and using these techniques, it is important to first understand the details of all the different kinds of ‘threats’ or ‘attacks’ that may be made against your system. Most of the threats or computer security vulnerabilities are categories into 7 classes – exploits, eavesdropping, social engineering, denial of service exploits, indirect attacks, backdoors, and the direct access attacks. Besides, hacking, cracking, penetration, ethical hacking, and vulnerabilities are some of the things you must be aware of in detail so as to become efficient enough to safeguard your computer systems. This article provides a brief description of these aspects to make your job easier.
Breaking into someone else’s computer system, especially into a network, is referred to as ‘Cracking’. Cracker, the individual who does the cracking, may get involved in the act maliciously, to earn profits, to enjoy the challenge involved, or for other altruistic causes. Besides, some cracking is also apparently done to identify the weaknesses in the security system of a website. In contrast to the common belief, there is no baffling ‘hackerly’ brilliance involved in cracking. Instead, cracking has more to do with dogged repetition and persistent use of a few popular tricks to exploit the weaknesses of the target system’s security. The concept of cracking can be best explained through two of its common forms – Software Cracking and Password Cracking. Password Cracking is mainly used as a means for hacking.
Introduction: Software cracking refers to the act of modifying software in order to disable or remove features that are considered as ‘objectionable’ by the cracker. It is typically associated with protection methods such as copy protection, trial versions, hardware key, date checks, serial number, software annoyances, and CD checks. The use or distribution of such cracked copies of softwares in considered to as illegal in nearly all the developed countries across the globe. Numerous lawsuits have been filed over the issue of software cracking till date. The first copy-protection, in fact, was on the early Commodore 64, Apple II, and Atari 800 softwares. The publishers of various softwares, especially those involved in gaming softwares, have resorted to highly sophisticated measures over time in an attempt to put a check on the unauthorized software copying.
Evolution: Initially, majority of the crackers were computer aficionados or geeks, who often competed in their own groups in the spreading and cracking of various softwares. Interestingly, being able to break into a new scheme for copy protection in the shortest possible time was enough to prove one’s technical superiority over others in the group. In fact, several low-skilled computer hobbyists used to edit the unencrypted strings of text of the already cracked softwares to alter the messages provided to a game player in the gaming softwares, and passed such modified copies into pirate networks just to create some fun. As the technical know-how of cracking evolved with time, the crackers began to advertise their skills through ‘crack intros’ or ‘Demoscenes’, which they attached with the cracked softwares release for pirated distribution. After 1980's, most of the software crackers, especially those with an in-depth knowledge of the assembly needed for cracking protected systems, emerged as reverse engineering experts capable of reverse-engineering a Windows binary-only driver into a driver with Linux source code. Today, the small, ‘elite’ cracking groups function as ‘The Scene’ to compete with the fellow crackers and reverse engineers to develop new cracking techniques, but not for profit.
1. The commonest among all the software cracks includes making a change in the binary of an application to prevent or cause a particular key branch in execution of the program. This kind of a modification is brought about by using debuggers, like OllyDbg, SoftICE, Macs Bugs, or GDB, to reverse engineer a compiled program until the particular subroutine containing the key method of software protection is identified. A hex editor or a debugger is then used to modify the binary in a way that it replaces the original branching ‘opcode’ with the complementary NOP opcode. This makes the key branch always skip over the specific subroutine or execute it completely. Majority of the software cracks follow this method, with or without a little variation. This kind of modification is made difficult to accomplish by use of developing techniques, like encryption, self-modifying code, and code obfuscation.
Example: The cracks, which remove the expiration time limits from an application’s trial version, are a good example of this cracking method. They are nothing but brilliantly coded programs made for patching a program executable and quite often are ‘.so or .dll’ files linked to applications. Similar cracking methods are employed in case of softwares that need hardware dongles.