Moving On and Moving Forward

What a nice semester it’s been. A quick one too. But thankfully, for the first time in my life, I had the opportunity to take a class covering a subject that has fascinated me ever since I was young enough to click a mouse – computer science. Classes like these were never taught in my school, and the closest I came to understanding computers was learning all of the functions of Microsoft Word^® (the registered trademark symbol that I just typed was the culmination of all of my learning).

Here, though, my mind has been opened up to many different topics, some of which I hadn’t even considered until going over it in class. I will say that this semester has definitely made me realize that I have a passion for computer science, and I will find a way to use my skills in the future. Since a few years ago, when I had first decided that I wanted to go into the computer science field, I had told myself to try and earn a position in one of the largest computing businesses in the world. This meant that I had my sights set on Microsoft, Apple, and Google. How cool would it be to work for someone that was known all around the globe? But what was then a dream, is now a determined goal. I want to learn every application of computer science that would make me a strong candidate.

Of course, even if I fall short when I shoot for the moon, I’ll land among the stars. My true interest lies in programming. Programming what, exactly, I’m not sure. What I do know is that the languages created for the sake of creating a program fascinate me. How one small error could put it all in shambles, or one small edit could make the result exponentially better. Whether this path takes me down the path of software development, or a more operating systems-related field, I am sure that I would take great interest and put a lot of effort into whatever I do.

If I had to look for one thing that I desired more of in CIS 115, it would have to be basic programming skills. Yes, I know, that’s what the upper level CIS courses are for, but like I said if I had to pick one thing. Programming using Scratch was very useful for understanding the basics of logic and the like, and it is great to have that background to build off of. I just hoped that there would be more words than blocks at the end of the day.

Overall, I had a blast. I’m glad that I got my college career off to a good start, and that CIS 115 helped that feeling. I can’t wait to take more classes, and learn more about this field that will help shape society for many, many years to come.

For the Safety of the Network

“With great power comes great responsibility.”

Aunt Mae said it best when talking to Peter Parker, and believe it or not this phrase can mean more than “be careful swinging from webs in New York.” When thinking of large corporations such as Sony, Apple, or Google, it’s not hard to believe that there is a lot of work that goes into keeping them afloat. One of the large ways that corporations strive to stay safe in this day and age is cyber security. With the threat of viruses and hackers constantly looming, businesses try to make sure that their data is safe, as well as their employees.

Now, if I was a leader of one of these multinational, multibillion dollar organizations….well, first off, I wouldn’t be in school. More realistically (and hopefully) I might be employed by a large corporation in their IT department. One of the duties of this position would more than likely involve protecting the business’s network and data from attacks.

Sadly a team of trained ninjas only physically protects the business. Digitally, malicious users are always looking for different ways to steal data or hack into a system. Of course, there are a few measures I would take to try and prevent such attacks. The first and most important protection would be to install antivirus software on any workstation affiliated with the company. This basic precaution provides a nice, starting level of defense. It does not wholly protect the machine, however. Another tactic of mine would involve login information. Certain restrictions and criteria would be placed on the creation of passwords, so as to make sure that passwords that are created are not blatantly obvious, like “password”. I would also employ a web filter, making sure that potentially harmful websites cannot be accessed through the company’s network.

While protecting data is important, it is also a major factor of how you store it, since this too can affect its safety. I would store the data on local servers. A user would have access to their personal files as well as shared company resources, while administrators of the network can monitor others’ file systems on the network. By having the servers stay local, they can be monitored while at work, and also immediately taken down if something were to go wrong. I would also employ backup data servers for archival purposes, so that in the event something goes wrong with the primary data servers, all is not lost.

Of course what one man might see as impenetrable, another might be able to break with his finger. Along with all of the measures I would put into place, I would want to make sure that they work. This might involve hiring a team of penetration testers to find holes in the system. I would want to know where the major flaws in the network’s security are, and how they can be fixed. In the long run this could really pay off by ensuring the safety of the network and the business.

Now while I might have this fortress of defense built around my network, there will always be one variable that can send the whole thing crumbling down: humans. More specifically, employees. One person brings in a flash drive riddled with viruses and the next thing we know the network becomes sicker than Bill Murray in Osmosis Jones. There is a way to prevent, or at least impede, this: knowledge. By training employees and making them aware of the dangers that are present to the company, they can lead a safer, more productive career. This training would involve seminars and training sessions, to make sure that employees don’t just know what not to do, but they understand it. Anyone who joined the company would go through these training sessions to ensure that the company’s and their own data remains safe and secure.

Now we have a solid security, backed up data, and employees that will stay off of random game websites in the middle of the day. What am I missing? Oh yeah…people in the outside world. The con artists, the real life hackers – social engineers. These people will set up complex schemes and frauds to worm their way in to the company and gain access to its information. This not only requires the work of the IT department, but the communications department. Social engineering might be through phone calls, phishing emails, or a variety of others. Part of this, sadly is unavoidable. On the other hand, much of it can be prevented through the aforementioned training. Making sure employees never give out their password is one of the key concepts that should be understood. Employees should also make sure to always know who they are speaking to if it is over the phone or in an email, to make sure that they are a trusted source. Employees must also be trained to avoid being “baited”. Plain and simple, you might see a nice shiny object, but that does not mean that the shiny object is “nice”. Often times, people with malicious intent will load a flash drive or CD with malware and leave it in a public place, such as a bathroom or parking lot. An unknowing person will come along, pick it up, and decide to load it on their computer right away. This might install the malware on the machine, giving it the ability to roam around and access whatever it wants. Employees of a company, and computer users in general, should be sure to never load a disk that they have found randomly lying around.

Since everything seems to be taken care of, I’m done now, right? WRONG. Just because someone has a secure network does not mean that it will deter attackers. Attacks happen from many different locations, several times a day. The larger the corporation, the more likely it is to be targeted. The only thing to do in case of an attack is to just be smart about the situation. This isn’t a kindergarten playground; just because someone hits you does not mean that you have to hit them back. If you know you are being attacked, the best plan is to make sure that your security can withstand it. If necessary, have a team that is trained in white-hat hacking that will make sure that the network can be defended. Let authorities know of the incident. If you don’t know who to contact, the first place to look is the Department of Justice. As a large company it is not worth the risk to perform cyber-vigilante justice, not to mention it would fall outside of legal boundaries.

Who’s to say that I wouldn’t make a bad cyber security consultant? It’s an interesting thing to consider, especially with the digital age only moving forward. Maybe one day, I’ll take all of this information that I started learning in CIS 115 and put it to some really good use (which means really good money, I think). 

Head of the IT department of some multinational corporation…what ARE the chances?

The Pattern on the Stone

Throughout my adventures in CIS 115 (Intro to Computer Science) I have had the opportunities to read the textbooks for our class. One of these books is The Pattern on the Stone: The Simple Ideas that Make Computers Work by W. Daniel Hillis. I think I took the most interest in this book because it felt less like reading for class and more of reading out of interest. The writer does a very good job to add personality to the book, as he tells of his own experiences. The terms that Hillis uses makes concepts easy to learn. Coming from a background of only self-taught computer knowledge, I was immediately interested, and was eager to learn more.

The book did not fail to meet my expectations. I was automatically hooked at the first mention of Boolean algebra, which I had not heard of at the time of my reading, especially since I also have a love of math. To learn about these individuals that helped set the foundation for computing science was really axciting. To think that Hilli has actually met Claude Shannon! Whew, I got a little excited there.

Of course, all of this new information led me on a mad Google and Wikipedia spree, looking at the "mathematics" behind Boolean algebra, logic gates, and other concepts which led me in this spider web-like pattern across the web, where I had links open in my browser on everything from Charles Babbage to Minecraft (logic gates work in video games too, you know).

What amazed me most about my findings was he amount of information I did not know. While I did not have that much prior knowledge, it was surprising to see how much depth the information had to it, spanning generations, countless contributors, and multiple discoveries that helped shape the computing world into what it is today. The book also helped me understand present technologies that I work with today, by trying to understand them on a simpler level.

Besides the fact that most of my friends are not exactly technologically-literate, I would definitely recommend this book to them if they wanted to learn more. Like I said in the beginning, the book really became an easier read as it was easy to understand from the beginning. The comparisons in the book are relatable to other information that a reader might identify, making the learning that much easier. I'm glad to have had the opportunity to read The Pattern on the Stone.

Security Questions

Thank you for registering your account. Please provide your mother's maiden name, first pet's name, social security number, bank account PIN, and thumbprint to continue.

Wait, what?

There is some information that you just don't give away (if you're smart and careful, at least). Yet, the internet and web services continue to push the boundaries of "how much is too much?" Of course I have a Facebook, a Twitter, and also an Instagram, so it isn't difficult to find me on the web. That can be said for most people my age as we go through this age of social media. However, how many of us are protected? How much of our information can actually be seen? As present as I am on the internet, my valuable information is only seen by those who I trust (as much as you can trust friends on Facebook). I pay attention to who I connect with on social media, and block whoever might be potentially dangerous or unknown.

Social media isn't the only place where information is given out, however. Web services from all over will ask for an account to be created, or to sign in with certain information. This information can run from very modest to the equivalent of your life's story. I take great care in paying attention to these details to make sure that nothing I touch on the internet has more information than they need. For example, if I use a web service that I will never buy a product from, or never need something shipped to me, then why should I provide my home address? My address isn't that private, but at the same time is not absolutely necessary to divulge. Sometimes it is just nice to stay anonymous on the web. There isn't a way for potentially malicious sources to hunt you down, and it certainly helps to lessen your personal presence on the web.

There are some, however, who have no boundaries when it comes to the amount of information that they share. No, I'm not just talking about the people who tweet about when they are on the toilet. These are the people who have all of their contact information listed directly on Facebook, completely open to the public. These are the people that are too trusting, too faithful in humanity, or just too unaware of what can happen should something go wrong. Scammers pray upon these people, hoping to get just enough information to make use of it. None of us are going to get five free iPads if we give our email address and name out, and not a single person reading this blog will come into a million dollars from Africa if they help out by giving their bank account information. There's something good to be said about the trust that these people have, but not everything that seems good is safe.

Stay in school, stay safe, and remember: don't post on Facebook to "hit you up" if 1,000 of your friends live somewhere you've never heard of.

The Two Words

Type the two words:

Ah, CAPTCHA. That Completely Automated Public Turing test to tell Computers and Humans Apart. Many just know it as the annoying text box that they have to get past to do several things on the internet. CAPTCHA actually traces its roots back to the beginning of the internet, and computer hackers.

In the beginning, users wanted to create text that was illegible to computers. The first hackers, wanting to post sensitive information without being caught by filters, would change characters in text (such as changing the E in “hello” to a 3, so the word would read “h3llo”). This procedure became popular, and would later come to be known as leetspeak (which would infect the world of gaming). The term “CAPTCHA” was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas Hopper, and John Langford, and the most common form of CAPTCHA was developed by Mark D. Lillibridge, Martin Abadi, Krishna Bharat and Andrei Z. Broder. This form involves a distorted word, image, or digits. CAPTCHA was originally developed as a sort of gateway, preventing computer bots from entering certain parts of the net. This could include sensitive data, preventing programs from mass creating accounts for websites, or downloading large quantities of data.

The CAPTCHA system was refined into commercial systems, one of which being reCAPTCHA. It uses the same word recognition system, in the form of two word prompts. This system not only prevents bots (working with two distorted words instead of one), but it also helps digitize the text of books. The reCAPTCHA service is a subscription service, supplying websites with images and words that cannot be read by recognition software. Businesses pay for the service to use in their validation procedures, and in turn the results of the test are sent back to reCAPTCHA to help with digitalization projects. reCAPTCHA has worked on digitizing archives of the New York Times, and as of 2012 has digitized 30 years of the magazine. Acquired by Google in September of 2009, the system’s slogan has become “Stop spam, read books”.

While CAPTCHA seems to escape most when thinking of frequent web technologies, it is more relevant than most think. Websites that use the system include Facebook, CNN.com, and Ticketmaster. CAPTCHA reports that it displays over 100 million CAPTCHAs every day, showing how widespread the system is. While we are all humans (at least, I hope so), this system helps security on a wide range.

From computer hacking to stopping thousands of computer bots, what are the chances?