Computer science

​A hoax is deliberately untrue information. Hoaxes have different ways of how they can be delivered. They can be delivered as emails messages, they can be delivered as blog or social media posts. The reasons of spreading hoaxes may vary. One of the reasons is to sway people opinion, financial gain, distribution of malware. I only listed a few reasons, however there could be more reasons. A person who received a hoax needs to verify such information from reputable sources.

​Identity fraud has another name as identity theft. It is an illegal activity to obtain private personal information.

​Identity theft is process of obtaining sensitive personal information illegally. For example an attacker may ask for social security number which can later be used in illegal activity or it can be resold.

​Pretending is a form of getting more I formation from a person. Manipulating can have different forms. For example an email message may contain wording SAFE. Pretending maybe a part of another attack. Pretending maybe suggestion of a topic for discussion.

​Eliciting information is a process of getting sensitive information from a person without that person realizing that sensitive information is given. For example a person maybe asked to tech, by teaching sensitive information maybe given.

​Tailgating is a process of following too close to another person who has access to restricted area. A person who has access to restricted area needs to be vigilant and question the reason why another person is getting too close.

​Shoulder surfing is process of retrieving information from a screen of a computer by a person who stands nearby. This information may include sensitive I information about the company or people who work there. An inexpensive protection from shoulder surfing is a privacy screen. A privacy screen allows straight view of the data in screen, but privacy screen turns black by looking at it at an angle.

​Dumpster diving is a technique to retrieve useful information about the company who work there or do business with that company. Good protection measures and it is inexpensive one is to put documents that contain sensitive information through a shredder.

​Spam email messages have a purpose to trick people entering their personal information in legitimate looking website. Such information later can be used by an attacker for illegitimate activity. Spam email filters do a good job of detecting spam messages, however they can either can let a spam message through or they can identify real message as spam message.

​Typosquatting attack is the attack where similar looking domains is used to trick people that they use real web site, by doing so, an attacker may get sensitive personal information such as a credit card information.

​A process priority can be specified with the use of ‘nice’ command . nice command accepts -n parameter which specifies the priority of the process. This value can be from negative 20 to positive 19. Negative values will mean higher priority and positive values will mean lower priority. In addition to priority, it is possible to specify a command to execute and the arguments of that command.

​If is command will give a list of running processes, than top command will give more information about running processes. Top command will display processes sorted by their current CPU usage. Output of top command will be refreshed every few seconds, so it is possible to see near real time information about system usage. Pressing letter ‘q’ will exit the top command. It is possible to sort directly output of too. Pressing shift + P will sort processes by their CPU usage. Pressing shift +  M will sort processes by their memory usage.

​If it is needed to show only specific processes that match specific wording, then it is possible to filter the list of all processes by a specific word. It can be done by adding grep command after the output of all processes is given. For example ‘ps -aux | grep ‘process name’. Only processes that match specific wording of the grep command will be shown.

​Listing of all processes in Linux system can be done using ‘ps -ux’ command.

E-mail makes it easy to communicate with each other. Even people who are located in different geographical locations can work on the same project using e-mail. Email is fast and mostly reliable. E-mail was invented awhile ago, so bugs had been worked out. Individual e-mail implementation may not be reliable, as it will depend on specific implementation of email service. E-mail communication makes it easy for people to communicate with each other, at the same time e-mail messages can easily be forwarded. Good ethic need to be used in e-mail communications, please be aware that email messages can be used as evidence against the sender of such email message.

Items that are posted in the internet are publicly available. Internet is a public place and privacy can't be expected there. Some web pages are encrypted in the Internet, such as e-commerce checkout pages, or banking pages. Encryption allows transfer data securely over publicly accessible networks. 

​A website charming attack where website is modified by an attacker in a way that website traffic is redirected to a different website. The website user may think that original website is being used, where in-fact illegitimate website is being used. This website can collect various personal information like username and a password. Username and password combination can be used to make a purchase online using that customer payment method, but shipping that order to a different address.

​Credentials harvesting is a process of obtaining user names and associated with these passwords. Good protection from credential harvesting is implementation of two factor authentication. Two factor authentication often means that a physical device needs to be used for successful authentication. Even if credentials will be obtained by an attacker, attacker still will not be able to authenticate successfully without having a physical device. Such a device will either display a random number that changes every few seconds, or a USB key that senses touch.

​A computer process is an application running in a computer. Such process may or may not have an interface to interact with a user. An example of a process that has user interface is text editing application. An example of a process that doesn’t have user interface is a mail server.

​Changing file permissions in Linux like shell environment can be done with the help of chmod command. This command will accept what type of permissions need to be assigned to a file or group of files. The chmod command will accept either numeric value of permissions that need to be set or specific values that need to be adjusted.

​Listing of file permissions in Linux system can be done with adding -l option to ls command.

​A file user ownership in Linux like system can be transferred to another user with the help of chown command. Group ownership of a file can be changed by using chgrp command. A proper file ownership is needed for proper management of such a file.

​Linux file level permissions can be abbreviated as UGO. Abbreviation UGO stands for user, group and other. Such permissions define if a file is writable, readable or executable by such a user.

​Having pre-packaged file to install software in Linux system is nice, someone did hard work for us, however such an opportunity is not always available and software needs to be compiled from scratch. Please refer to installation instructions of each individual software package as installation steps may differ. Installation of such software may require compiling in your system. It is usually done by executing make and make install commands. Compiling software from scratch may require additional dependencies to be available in the system, as source code may just refer that specific code needs to be included, however such code is not provided. Many of common software libraries are not included with such a software package.

Smart cars are the cars that rely on sensors to drive automatically. Cars with some level of automation can adjust speed while being in cruise control. Such cars can keep the lane, while driving on the freeway, they can stop being on cruise control, if the cars ahead stop. Probably the most famous car now days is tesla for the level of automation that goes in those cars. YouTube video

Smart building is building with occupancy sensors. If such sensors detect movement they can turn the lights on, or temperature in the building can be adjusted to a higher value. If there is no movement detected, these lights can be turned off. It has financial impact, as such technology will save money by providing less electricity to such a building. YouTube video

A sensor will detect activity in one specific area. It is possible to combine sensors to form a sensor network, in such a case, when one of these sensors goes off people will know about an activity. Common use of grouping sensors is to detect earthquakes. Sensors are spread across large geographical area in this case, so they will detect earthquake activity in that area, other sensors in that network, if they far away from epicenter of earthquake are likely not being impacted. YouTube video

A sensor is a small device which purpose is to measure specific activity like motion, direction, temperature or sound. Sensors can be embedded in a mobile phone, or they can be standalone devices. For example motion sensor will detect movement and it can turn on light or an alarm as an example. Sensors a low power devices, that can be either powered by a battery, or small electricity voltage.  YouTube video

​Some updates can be installed without an operating system restart, however some updates require reboot of the system. For example updates to the kernel will only occur when the system is rebooted. YouTube video

It is possible to update location of software update repositories by updating sources list file. This file is usually found in /etc/apt folder in Debian based Linux distributions. A company may decide to host its own version of packages repository for two main reasons: 1. Have greater control of what is being installed. 2. Lower network traffic needed to install updates. YouTube video

​There are different types of software repositories. There is main branch - such a repository holds main packages. universe branch contains community supported versions of software. multiverse repository contains packages that are limited by their software license. restricted repository contains various drivers. backport repository is not commonly used. It contains updates to previous releases of software. YouTube video

​A software repository is the publicly accessible web server location that holds updated packages for a specific version of Linux distribution. A person is responsible to install newer versions of software because updates fix functionality or security issues. YouTube video

​Existing software packages in Debian based systems can be upgraded with command: “apt-get upgrade”. Update process will just get the latest list of packages, however to actually install new packages in a system “apt-get upgrade” command needs to be used. Upgrading your software packages will resolve issues with that software and in some case will bring new functionality. Please be aware that in most case a new version of software is needed to bring new features. YouTube video

​To refresh a list of available software update options in Debian based Linux versions apt-get software can be used. Updating list of available software options is done specifying apt-get update. Please be aware that it is only updating the list of available software options and not updating actual software. It is a good habit and it is actually a good practice to update the list of software updates before updates are installed. By doing it you will ensure that the latest available version of that software is installed. YouTube video

​it is possible to both install and remove Debian packages with apt-get utility. It is a command line utility. A nicer looking aptitude can be used also. The beauty of installing packages with apt-get utility that it will resolve dependencies for you and install these. No manual work is required in this case. It only works for software that is distributed with that version of Linux. For other custom software please refer to installation instructions. YouTube video

​Even so DNS need to be used in majority of cases, it is possible to override DNS responses with your own data. In such case DNS will not be queried at all. In Linux system it is possible to update /etc/hosts file in Windows OS such file also exists, please Google location of it. I will not name it, because this file location is long. Please be aware that manipulation of hosts records will be done only for one machine, it is not scalable, it should be used for testing only. YouTube video

​DNS stands for Domain Name System or Server. It is responsible to translate human readable domain names into numbers that are easily understood by computers, by the way the opposite operation is also possible. If DNS records are manipulated or if they are wrong then DNS server may be used by the attacker. Such an attacker can replace destination address to his or her liking because in this case DNS will give incorrect data. A user may think that an actual destination is being used, where in reality destination pointer had been replaced. Popular DNS software is Bind. It is used in various Unix like operating systems. Windows OS has its own implementation of DNS DNS caches popular requests to lower load and speed up operations. YouTube video

A single computer will not have enough power to solve very complex computing operations, but if many computers are combined to solve one specific problem, and each one of them will work on a portion of this task, then they will provide a lot of computing power. For example this way a human genome was decoded. YouTube video

Even so computers cam do some work faster then humans, some of the work still needs to be done by humans. Captcha will identify if you are human, or a robot, and only when a puzzle is solved, verifying that you are in fact a human, then computing resources will become available. YouTube video

​Even so email spam filters are good now days and a lot of spam messages are detected, however some spam email messages may come through. If such email messages go through, then such a person needs to be vigilant to prevent phishing attempts. Spam email messages are not the only source of potentially dangerous content. Bad links can also be included in blog posts, in social media articles, or in text messages. A person needs to be vigilant from whom such a message is received, how it looks and where such a link takes. If email with such a content is received, then it is a good idea to mark it as spam message to train spam detection filters to block or mark as spam future emails like this. YouTube video

​Whaling is spam attempt that target important people. YouTube video

​Spear phishing is a phishing attack targeting one specific person. Phishing attempts target large group of people. Spear phishing attacks will be tailored to one specific person. For example a spear phishing email will have that person name. Spear phishing is more dangerous than just regular phishing, because such a person is likely to react to a message that is tailored specifically to such a person. YouTube video

​Smishing is a process of sending spam messages via SMS or text messages. YouTube video

​Spear phishing is a phishing attack targeting a specific individual. In such case, instead of generic public information such person unique data will be used. YouTube video

​Phishing is a term used to describe fraudulent information that has a purpose to collect personal data. For example an email message maybe received by an individual requiring a payment. Such an email may look official, but a link or multiple links in such email message will open a fake website to collect personal information such as credit card number. Credit card number maybe used later for fraudulent activity. Such incorrect data may be received not only via email messages,  but it can be included in text messages, links in blog comments. YouTube video

Even so computers can do computational work much faster then a human, they often can do it only for tasks that they had been programmed to do, if this is an unknown for them task, they often don't know how to approach it, human's work is needed in that case, a human has creativity ability, a human is able to resolve a problem that such a person had never seen before. Amazon Mechanical Turk is an example of online crowdsourcing marketplace for work that requires human's involvement in the computer's tasks. YouTube video

Crowdfunding is process of funding a development of a product by many people. Each person in such a project will contribute just an affordable amount of money. Since a product had not been released yet, there is a risk that it will never be released. There is a risk of loosing that money. YouTube video

​It is possible and it is even desirable to edit web files in your computer. In order to do so your computer needs to have local version of web software installed. It is actually a preferred way to develop software in the local machine. Even so development can be done in the remote machine, there is a risk of exposing programming errors to website visitors and make incorrect changes causing software errors. To make your web site available to a larger group of people, than online hosting of a web site is required. Processing and connectivity resources of hosting will depend on how complex your web site is, and how popular it is. YouTube video

​Term hosting means make your website publicly available. Even so, it is possible to create a website in a computer that is dedicated for your personal use, then in such case only you can access it. This is a good setup for development. To make available to anyone, it is necessary to use website hosting or use reliable and fast Internet connection with a static IP address. Static IP address is IP address that does not change. Hosting requirements depend on how complex and how popular your website is. It is a good idea to register and tie a domain name to your website. Domain name means a human readable name. Website can be accessed with numbers, however it is easier for a person to remember name than numbers. Even so, it is possible to have a web server at home to host a web site, it is likely will suffer availability issues. Things like power or internet connectivity outages will disrupt availability of such a web site. YouTube video

​To write a program in HTML language you don’t need any special software. HTML is a markup language, even simplest text editor will be sufficient to create an HTML document. However, some more advanced HTML editors may have syntax highlighting, code completion, and HTML opening and closing tags matching. These editors make job of writing HTML code easier. YouTube video

Incorrect data is a big risk in crowd sourcing. In example of Wikipedia, politically charged person may submit on purpose knowingly incorrect information, or a person that has limited knowledge of the subject will submit only partial information. In case of Wikipedia, it maybe corrected by people who know better or have more knowledge of that subject, but it may take a long time before that data is corrected. There is a risk of incorrect data with crowd sourcing. YouTube video

Crowdsourcing is a process when multiple people located in different geographical locations work on the same project. Software tools like email, collaboration. or instant messaging software help to reach a common goal. A good example of crowdsourcing in use is Wikipedia, people with different knowledge and background contribute to a single project. YouTube video

Collaboration software allows multiple people to contribute remotely to a single document or to communicate with each other remotely. One of the examples of collaboration software is Google documents, another one is Zoom, I am not going to provide a full list of examples here, I just explain what it is and give a few examples. YouTube video

Videoconferencing allows people to have communication with other people remotely. Video conferencing can be a team event by watching another person in a big screen, or video conferencing can be private conversation of two people. Video conferencing allow conversation with another person who is located remotely, Video conferencing save both time and money required for that person to travel, however video conferencing is difficult to use to transfer another person's feelings that can be shared with other people during an in person conversation. YouTube video

Social media is web content platform where information easily can be shared with others. Social media channels can have variety of topics. Most of social media platforms allow following the channel by other people. Examples of online social media platforms are YouTube and twitter. List of social media platforms are not limited by just these two online platform, these are just listed as examples. YouTube video

SMS is the abbreviation for "short message service". SMS is a popular way to send short text messages via mobile phones. Short messages have upper bound of how long a single text message can be. This limit is 160 characters. To shorten text messages to fit within this text limit and to type these messages quicker, abbreviation can be used. For example text " brb " is translated as " be right back ". YouTube video

Email communication is very fast. It is not instantaneous, but very, very fast. If there are no issues that will hold up email, then it will take an email message just a few seconds to show up in another person's imbox. Regular mail takes a long time to be delivered, however email solves delivery time issue. Regular mail cannot be completely replaced with email. For example, regular email can be used to sign a document by a person. Such physical signature is impossible to do with just email. Even so, request for a signature may come via email, a signed document will need to be send via regular mail. E-signatures gain popularity now days, where digital version of a signature can be used instead of a physical one. Email messages save both time and paper. YouTube video

Substitution cipher is a cipher where each letter of alphabet is replaced with another letter with a letter from substitution. Substitution cipher is easy to crack with computers, however to a human scrambled text will represent a challenge. YouTube video

Multi-factor authentication greatly improve information security of data. Two factor authentication prompt user for password. A password is first factor of authentication, something that a person knows. Second factor of authentication often is a random number from a 2FA device, or it could be a physical touch of a device like Yubi-key. YouTube video

Password can be your only protection from unauthorized access to data. There are a few rules to make password secure and not being easily guessable: 1. It need not be a dictionary or commonly used word. 2. It needs no to include names of your family members. 3. It needs to be complex. It needs to be long and it needs to include upper an lower case character, numbers and special characters, 4, It needs to be memorized and not being placed in the location where other people can see it. 5. It needs to be updated quite often. YouTube video

Your password can provide access to very sensitive information. Examples of such information are banking, web sites checkout pages, web mail console. I know that I had listed just a few examples of data that needs to be transferred over secure connection. Just imagine this scenario, if your password is exposed, what will you do? If you know it, you probably will be rushing to change your password, however if you don't know that your password was exposed, that there is a risk that some of your personal data can be exposed and even retrieved by a person with bad intentions. YouTube video

TLS stands for Transport Layer Security it is a successor to SSL encryption. TLS offers stronger encryption than SSL. People often refer to TLS encryption as SSL encryption. YouTube video

A person that use Internet needs to be vigilant. Such a person needs to verify that personal information such as password, credit card or banking information is submitted using encrypted sites in the Internet only. Submitting personal or sensitive data without encryption, means that such data can be viewed by others. YouTube video

SSL certificate includes domain name for which it was issued. If the domain that a user tries to access does not match the domain name for which such a certificate was issued, then a warning message is displayed. A common oversight is using encryption certificates that include www for web sites that don't use it. One of the ways to resolve this issue is to get wildcard SSL certificate, that can be used for any host names associated with that domain. YouTube video

Certificate authorities are organizations that had been trusted by Internet browsers to issue security certificates that can be used to encrypt data. There are root certification authorities and there are intermediate certification authorities. Root certification authorities delegate job of issuing encryption certificates to intermediate certification authorities. Because encryption certificates represent very sensitive information, then such data needs to be highly secured. YouTube video

Man in the middle attack (abbreviated as MITM) happens when some other site pretends to be the site that you want to visit. Your browsing, search or even payment information can be intercepted by an attacker. Public key encryption uses mechanism that verifies if the certificate matches the domain name that a person tries to access. SSL or newer TLS encryption includes domain name for which encryption certificate was issued. If this data does not match, then a warning is displayed, that there is no match between certificate and the web site that a person wants to visit. Public key encryption is a good security mechanism to ensure privacy of transmitted data. YouTube video

Encryption of data requires additional processing resources, so processors that encrypt data needs to be powerful. YouTube video

The Transport Layer Security (TLS) protocol is a pretty good encryption mechanism, it will take current computers very, very, very long time to decrypt TLS encryption. I am not sure if TLS encryption is vulnerable to quantum computing. Quantum computing is really-really fast, but it is at its infancy at this time. TLS encryption is used in HTTPs pages. TLS uses both asymmetric and symmetric encryption. Asymmetric encryption is used to pass secret key, used to encrypt the data, and symmetric encryption is used for the data. Using symmetric encryption is much faster and less resource intensive, than asymmetric encryption. YouTube video

Browsing Internet is a public activity. By public activity I don't mean that people stand behind your back and watch what is done browsing the web. However a lot of people have access to your browsing activity electronically. These could be people at the Internet service provider where your Internet connection goes to, these people could people that manages the web site you go to, these people can be people that manage Internet traffic in between your device and destination computer. If data that includes sensitive or private information is passed using clear text communication protocol, then such data can be easily obtained. Using HTTPS makes data secure, it makes it very very difficult to be unscrambled by a person who does not have the private key. YouTube video

Asymmetric encryption is type of encryption where different keys are used to encrypt and decrypt data. Public key is used to encrypt the data, it can be done by anyone. However such data can only be decrypted with the use of private key. Public key encryption can be used to transfer encrypted messages between two hosts. Public key encryption is foundation for current encryption of data in Internet browsers. Commonly known encryption mechanisms of this type are SSL and TLS. Whenever you see HTTPS in the address bar of your browser, public encryption is being used. YouTube video

Symmetric encryption and decryption is an algorithm where same key is used for both processes. This key need to be shared in private. The opposite of symmetric encryption is asymmetric encryption where encryption and decryption keys are different. YouTube video

Encryption is a process of making data unreadable. It is done via using an encryption algorithm to the source data. Decryption is the opposite process to encryption of taking unreadable text and make it  understandable . Often encrypted text will grow in size. YouTube video

​There are several ways a person with a malicious intent can perform a desired action. First one is Authority. Such a person can represent that he or she has authority to give commands to perform certain actions. Second one is an intimidation technique, when a person is scared and that person feels a need to perform certain actions to reduce or relieve the impact of these threats. Intimidation is forcefully making an individual to perform actions that an attacker wants to do. Third one is consensus, it is a technique to make a person to believe that others also do this action. Fourth one is scarcity. Scarcity - is a social engineering technique to let the person know that only this person knows how to perform a certain action. Fifth one is familiarity. Familiarity - is a social engineering technique to make believe that a victim is the only person who knows how to perform a certain action. Next one is trust. Trust - this is a social engineering technique to make a victim to b...

​Social engineering is manipulation of a human’s thinking to perform actions that an attacker wants to do. YouTube video

Encryption strength depends on two factors: 1. First one is encryption algorithm. There could be a strong encryption algorithm and a weak one. AES, TLS, RSA are examples of strong encryption algorithms. 2. Second factor is length of encryption key. For example AES uses keys that are 128, 192, 256 bits long. YouTube video

​Adversarial artificial intelligence is the use of AI to create code that is causing software harm. YouTube video

​Malicious code is a code that causes harm to data that is stored in a computer. Most of the antivirus programs are capable of detecting and removing malicious code, although antivirus programs lack some time at detecting malicious code, so that a person needs to be vigilant of what software is being installed in the computer. YouTube video

Caesar cypher has its name origin because of the ruler of Rome, who gave his orders to generals in encrypted form. If such order was intercepted by enemies, they will not be able to read it. An algorithm that was used by Caesar cypher was a simple one by today's standards of encryption. Each letter in original message was replaced by a letter certain number of steps away. By how many steps it is needed to shift letters was known by sender and a reader. Sender would encrypt the message by replacing all the letters of that message with letters that are certain number of steps away, a receiver to decrypt such a message would needed to reverse this process. The problem with this cypher it is weak. Somebody that receives an encrypted message in this form, needs only 26 combinations at maximum to decrypt it. Not much time is required to do so. YouTube video

​Antivirus software is made by multiple vendors and antivirus software may have different detection and cure rates for the malware. A good website to use which indicates of how good antivirus software is  https://www.av-comparatives.org/ This website list detection rates for antivirus products for computer viruses that are commonly used. This web site does periodic testing of antivirus products, so it is possible to make a decision based on the past data of which antivirus product to get. Computer virus detection rate will change over time. My recommendation is to get antivirus product that has good rating. A personal computer at home is used just by a few people, so they can be informed about dangers that computer malware can represent, however it is difficult to relay this information reliably to all of the people in the office. YouTube video

In the Internet a lot of private data is being exchanged. For example banking information, health data, or email passwords. It is a bad idea to transfer such data unencrypted or in plain text, because it can easily be captured by an attacker and used. In the Internet most of secure information is being encrypted. Whenever you see https in front of domain name or lock icon in the information about this site, it means this connection is secure. Google for example encrypts search results. Search data can reveal a lot about such a person interests. Encrypting data comes with additional processing load. YouTube video

A keylogger is a type of computer malware that records what a person types, some keyloggers also can take screenshots, later this information is send to the attacker. A keylogger is dangerous because private personal information can be exposed to the attacker. For example a password to online bank account can be exposed to attackers, if it is known then you may end up with $0 or even negative balance in the bank account. YouTube video

It is important to install software updates. Software updates may fix critical software security issues. Such security holes can be exploited even without this person interaction. YouTube video

Downloading software needs to be from trusted sources, if software is downloaded from an untrusted source such as file sharing network, such a file may be infected with one or more computer malware. Computer software needs to be downloaded only, only, only from well trusted sources. YouTube video

Email may have inter office encryption, but when it leaves boundaries of an office, email messages are transferred in plain, clear way of communication. Such communications if intercepted may reveal sensitive personal information. It is a good practice of not including sensitive or private information in email messages. If sensitive personal information need to be transferred to another person, then consider saving such a document in online storage that has encryption and restriction who can access it, and only send that link via email. YouTube video

Antivirus software is software that protects a user computer from computer malware. Computer viruses may cause a lot of harm to a computer. Antivirus software needs to be updated often, because it needs to keep up with viruses that are made on daily basis. An antivirus product may have heuristic virus detection method. Heuristic virus detection method work by detecting a virus not by a signature, but by behavior. For example certain system files need not to be accessed by other software, and if they do, than it is a good indication that a system maybe infected by a computer malware. Antivirus software vary one from another, antivirus software may have different rating of detecting most common current viruses. YouTube video

A firewall is often a hardware device that has rules which traffic can go out and what to do with incoming traffic. Physical device firewall management is often done by a dedicated networking person. Online services like AWS have traffic or firewall rules specify which traffic can be allowed to a virtual host. Firewall rules management is a big responsibility, because misconfiguration of firewall rules may either block network traffic that needs to traverse firewall boundaries, or it can allow traffic that needs to be stopped. YouTube video

A security patch is quick fix for vulnerability in software that either is being exploited in the wild or can be exploited. A security issue may have different levels of impact and complexity, it will influence how fast a fix needs to be applied. Also a vulnerability may be already being exploited, and software already exists to use such a vulnerability. This exploit is called "in the wild". Vulnerabilities with high risk of being exploited and can cause a lot of harm need to be fixed as soon as possible or mitigation needs to be put in place to prevent such vulnerabilities of being exploited ASAP. For example a vulnerably may exist in Windows NetBIOS API that was popular, but if such traffic is restricted by firewall, than mitigation measures are already in place, and there is no rush to install such fix. This fix needs to be still be installed, but there is no rush, such an exploit maybe used from inside. Patches can either be individual patches, that only fix a specific is...

​DHCP stands for Dynamic Host Configuration Protocol. The purpose of DHCP server is to assign IP addresses dynamically to the DHCP clients. DHCP server has a pool of IPs from which an IP address will be chosen by DHCP client. Dynamic IPs are good choice for client computers because a dynamic IP simplifies process of management of IP addresses for client computers,  however it is not a good choice for server computers because a client computer may store IP information of a server computer and if it changes then server shared resources may become inaccessible. Second reason why dynamic IP addresses need not be assigned to server computers is because specific firewall rules may be using specific IPs and if such an IP address changes, then firewall rules will no longer be valid for that computer. DHCP server has IP address lease time, it is a time period within a new IP address cannot be selected by a DHCP client. YouTube video

​In Linux system it is possible to set a random MAC address using ifconfig command. MAC addresses is hardware address assigned to a network card and it is usually remarked unchanged, however in Linux systems it is possible to change MAC address using ifconfig command. It needs not be changed for regular use, but only for specific cases. YouTube video

Malware can represent a serious financial risk to an individual. If access to financial data is obtained by malware, then finances of such a person may disappear, they can be transferred by an attacker to a different account. Often such accounts are not in the countries with good finance laws, so chances to return these funds are very limited. An individual needs to be vigilant to which links that person opens, and it is important not to enter any data in such websites. Even entering fake data, may let an attacker know that such malware was at least partially successful and further attacks may follow. YouTube video

Rogue access point is an access point installed in a network without owner's permission. Through rogue access point an attacker may either learn about habits of users and use such information in further attacks. It is even more dangerous, if credentials of a user passed in clear text and not encrypted. Such data can also be captured with a help of rogue access point. YouTube video

Downloading software from unknown sources may represent a danger. Such software may be either infected with malware, or malware itself. Installing such software in your computer may represent a danger to yourself and put many people in danger in your organization. YouTube video

The best way to respond to phishing emails is not responding to such emails at all. The best destination for such emails is trash bin. Even better is to mark such email as spam, so other individuals will not become victims of such an attack. If a person who had sent such an email will learns that such phishing email had reached an individual it gives an attacker an opportunity to target that individual again and again. YouTube video

Spear phishing is phishing attempt targeting a specific individual. It is more dangerous than just regular phishing, because it is tailored one specific person.  Spear phishing may involve prolonged conversations via email, so that person gains trust. If a person becomes a victim of such an attack, then the entire organization may be put in danger, because such an attack may install malware on this person computer, and other computers in the network may be impacted as well. YouTube video

When entering sensitive data online, a person needs to use secure connections. Internet browsers may show lock to indicate that such a connection is secure. Regular browsing does not need to be secured. Encrypting data requires additional processing resources, therefore some web sites only encrypt sensitive data. Google encrypts all information by default. YouTube video

Phishing is a process of tricking people to give up their personal information, such as logins to a bank account. Phishing scam is usually begins with email, which looks like legit, but further evaluation of it may reveal that it is not, for example such email may come from an unknown source. A scam email message may state that it comes from the bank, and that attempt to login to you account was made. Such email may have a link to reset your account password, to prevent further attempts of exploiting the password. A web page will look like a real banking web site, but in reality it is a fake web site that was setup by attackers. By entering user name and password information in such web site, a person just had revealed sensitive information to an attacker. Email service providers like Gmail had setup protection from spam emails, and such filters do a good job, but once in a while phishing email still goes through. A person needs to be vigilant. YouTube video

I think my installation of MAMP had completed successfully. Upon opening MAMP software I got presented with the information that all servers had started fine. Upon clicking the button to open WebStart page, I got presented with the welcome to MAMP web page. YouTube video

MAMP is the software package for Windows that includes the following components: Apache web server, MySQL database and PHP programming language. MAMP software download is available from https://www.mamp.info/ Upon installation of MAMP there will be a question to install MAMP Pro. MAMP Pro is commercial product, so I unchecked that checkbox. I also unchecked second option, which is Install Apple Bonjour. I don't think that I will need it, nor I think that I will be using it. Next screen is to agree with user agreement. I had heard of MAMP in the past, so I just checked the option that I agree, however if you have free time, you can read it all. Next screen prompts for installation location of MAMP software. I had chosen default option, which is C:\MAMP. Next screen was to give name to the Windows start menu shortcut. I had chosen the default one, which is MAMP I also had chosen to create desktop shortcut. Next screen appeared to verify choices that were made. After the choices were ...

Try to enter this search term in Google maps: "coffee near me". There are good chances that you will get relevant results. Even so your device location may be unknown, however general area may be known. Yor device will be assigned an IP address by your Internet service provider, and such data can be mapped to approximate location. IP address geolocation means translating an IP address to approximate geographical area. YouTube video

Various countries have different levels of monitoring Internet activity. Internet activity can also be collected and stored by ISPs (Internet Service Providers). Such data may indicate personal interests. In some cases user's information will not be available, but IP address of the device that use Internet resources such as a computer or a phone can be stored in the log files. Such log files can indicate this person's interests. YouTube video

A user search history can be used by search engines to improve relevancy of their search results, so don't expect privacy when you search information online. Search engine duckduckgo advertise that they don't store personal information. YouTube video

Search history may indicate personal interests. For example word python may indicate a snake or a programming language. Prior search history will reveal that person interests. YouTube video

Computer cookies are not cookies baked in the oven, computer cookie files link a person with a preferences chosen in web site. If such cookie files got leaked, than it is possible to find-out about such a person preferences. Cookies may have expiration. Cookies may be session cookies, that are good for that session only, or cookies may have a timestamp how long that cookie is valid for. A web site may use cookie data that is associated to it, in such case these cookies are called direct cookies. Also such a web site may display information from other sites, such web sites also may use cookies, such cookies are indirect and they are called third-party cookies. Many modern browsers include privacy mode, where cookie files will be deleted after that browser session is closed. YouTube video

Imagine this scenario, someone took a picture of car with license plate clearly visible in front of a restaurant, with a clock in a background showing time. Even so all if is a public information, linking such public information may give a good idea where that person was at specific time. YouTube video

Personal identifiable information (shortly known as PII) is the information that can be linked just to one person. Examples of such information are social security number, or driver license ID. As opposite to it is the information that can not be linked just to one person. For example a name of a person, or a city name that person lives in. For example multiple people with name John Doe may be living in New York city. PII when stored in computers may be a subject to computer theft, therefore such information needs to be properly secured. YouTube video

There are a lot of people on the Internet who try to use potential security issues. I will list a few measures that can be done to enhance information security: 1. Using strong passwords. Such passwords need not be dictionary word or commonly used passwords, because those are easy to break. Strong password means using alphanumeric characters, upper and lower case alpha characters and special characters  and special characters, and the password needs to be long. . 2. For sensitive data, please consider using two factor authentication. Two factor authentication means using two forms of authentication. First one is commonly a password, second one is a token which has changing number every few seconds, or it requires physical touch. Even more sensitive data requires a fingerprint or retina scan, but implementation of such technology is significantly more expensive, 3. If email message looks to good to be true, for example you just won $10,000,000, than destination of such email is tras...

Spyware is a type of malware that secretly collects information from a computer and then sends it to spyware owner. YouTube video

​Fileless virus is a type of malware that uses some sort of software vulnerability for propagation. There is no actual file in the system that stores content of this virus, virus is completely resides in operating memory of a computer. YouTube video

​There are different types of computer viruses based on their behavior and propagation mechanism. Memory resident viruses - this type of viruses remains in computer’s memory while the virus is active and a computer is on. Majority of viruses now days are memory resident viruses. Non-memory resident viruses is the type of virus that don’t reside in memory after execution. Boot sector viruses - are the viruses that infect startup sector of the computer’s disk. Macro viruses - are the viruses that us macros functionally of software to perform their functions. Macros functionally inside Microsoft office made it difficult if not impossible to use its functionality by computer viruses. Email viruses is a type of a virus that uses email for propagation. YouTube video

​ ​Computer viruses is a type of malware that self-copy and self-replicate. There are different types of viruses, I will try to explain each computer virus type separately. Windows operating system is the most susceptible to computer viruses due its popularity and file permissions. YouTube video

​Logic bombs is a type of harmful software that is executed when certain criteria is met. Usually it a specific date. YouTube video

Having multiple Internet connections will increase availability of Internet resources. Cable cuts, power outages may impact availability of the Internet service. If it just a home user or a small business that occasionally use Internet and does not depend on availability of Internet connection, than such people can wait for the Internet service to be restored. However, if this is a person or a company that heavily rely on availability of Internet, than having multiple Internet connection, that take different routes is an important thing to have. YouTube video

Dynamic IP addresses are IP addresses that are assigned to a network devices. DHCP server is responsible assigning these. DHCP server has an IP pool range out of which IP addresses will be assigned. Dynamic IP addresses are good for client machines, but they are not good for servers. For example if a mail server has DHCP address, the IP address of that server maybe different next time that server is rebooted. It will invalidate firewall rules to deliver mail. YouTube video

Cyber Monday is one of the biggest shopping days in US at the online retailers. Cyber Monday is the first Monday that follows Thanksgiving holiday. On Cyber Monday people shop online to get presents for Christmas. YouTube video

​New vulnerabilities are exposed periodically. Having an outdated security scanning result may not reflect current state of things. Just like vulnerabilities appear periodically, a security scan needs to be done periodically. There is no magic formula of how often a security scan needs to be performed. It depends on when new vulnerabilities are exposed and added to a security scanning software and security issues are fixed by a software vendor. YouTube video

​Devices such as firewalls may prevent access to systems running various applications. For example a firewall may only allow mail delivery to mail server, however that mail server may also run web server software that is not available from outside. Internal security scan will uncover that. So both external and internal security scans are important to be performed. External scan will indicate what vulnerabilities exist in publicly accessible services and it may indicate issues with configuration. Internal security scans have more access than external scans and they will indicate a larger number of problems. YouTube video

​Vulnerability testing or vulnerability scanning is a process of uncovering security related issues with software and configuration. Security scanning needs to be done on periodic basis since new issues are added to a security scanner often. Vulnerability scanning can be either internal or external. Internal scanning will uncover issues that exist in internal network, external scanning will uncover issues that are publicly available. Internal vulnerability scanning will usually report more issues than external scan, since firewall would block access to network ports that are accessible from inside. YouTube video

​Supply chain attacks are process of tampering with physical objects such as reading or replacing content in the envelopes. In this case holographic images maybe used to reduce likelihood of such an attack. YouTube video

​Card cloning is a process of capturing and duplicating information that is stored in the card. YouTube video