Integrity, Availability and Confidentiality

--Originally published at Eric tries to write down cool things

This one is a bit more boring since it’s mainly definitions, my grain of sand here is to add the fun to it, so here goes nothing.

Confidentiality:

Don’t gossip and try to keep everyone as safe as possible. Damn it

Confidentiality is roughly equivalent to privacy. Measures undertaken to ensure confidentiality are designed to prevent sensitive information from reaching the wrong people, while making sure that the right people can, in fact, get it: Access must be restricted to those authorized to view the data in question.

Availability:

Does this thing even work? Damn it.

Availability is best ensured by rigorously maintaining all hardware, performing hardware repairs immediately when needed and maintaining a correctly functioning operating system environment that is free of software conflicts. It’s also important to keep current with all necessary system upgrades. Providing adequate communication bandwidth and preventing the occurrence of bottlenecks are equally important. Redundancy, failover, RAID even high-availability clusters can mitigate serious consequences when hardware issues do occur.

Can I trust this thing? Damn it.

Integrity:

Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people (for example, in a breach of confidentiality). These measures include file permissions and user access controls.

Reference:

http://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA

Damn it.

Internet security? What the devil is that?

--Originally published at Eric tries to write down cool things

Nowadays everyone has a computer. Everyone is on a social media, everyone is connected, the. whole. time. Even your mother has a device that may connect to her microwave and when she warms that bowl of milk, she might be risking her own security online, and she won’t even notice it!

When it comes to security, you do not mess around, especially if you are living in 2017 where everyone gets offended and triggered.

Basic security is needed by everyone. If you are a good citizen of this world and a merciful God with the non-programmer mortals, you will be willing to share your knowledge with whoever needs it. Intermediate security knowledge must be a thing that all CS students need to have under their belt, it’s just matter of learning it by force and you may not like what you get out of that.

According to our ethics, you are enforced to promote these values with your family and friends.

Now be a good boy/girl/thing and help your mother set up her 2 step verification on Facebook, her information and your family will thank you for that

It’s the little things …

--Originally published at Eric tries to write down cool things

Here is a special blog post about some small security issues in my campus:

First of all, I use to work at my campus a year ago and I was given an ID which allowed me to enter the campus… I still have that ID and works perfectly to avoid security at the front of the campus

Then in the online student services, we can allocate students very easily with only their names.

If that wasn’t crazy enough, you can get the information from students from across all campuses, this dude is in Monterrey and I study in Guadalajara. Makes no sense to be able to get his info

Whenever we are about to start class, most of the professors expose their info into our faces. Info that may be used later for other purposes. The screen also shows a lot of student’s info, which may be sensitive info and used in a wrong manner.

You might want to start thinking about things you ignore …

--Originally published at Eric tries to write down cool things

Recently I started taking a security class and at the beginning, I felt confident with the knowledge I started with, but it was not long until I felt a little out of place with my knowledge. We started talking about the most baaaaaasic security issues, which most of the time come from the users.
I use to not care much about having multiple passwords across all my accounts because I knew I would forget a password sooner or later… so I use to have 1 master password across all services (mentioning this doesn’t affect me anymore ).

Right after the very first sessions of my security class, I started taking action across my accounts and started using a password manager. At the beginning, I was not very confident about my decision, but once I started noticing the advantages of a password manager, I was starting to see why such a change was necessary. And if you haven’t thought about it, I encourage you to have a peek at it… after all, that’s the first step

Gonna even make it easy for you:

http://www.pcworld.com/article/3195260/security/password-managers-the-good-the-bad-and-the-ugly.html

Bottom line: If your attention is caught by something and you know you are … somewhat ignorant about it, you might want to start reading about it, especially if it’s something security related.

The very very beginning of this… thing

--Originally published at Eric tries to write down cool things

This is my first blog that I will actually try to keep alive, at least until the end of this semester.

I’m somewhat bad at expressing myself to random unknown users because most of the times I create misunderstandings with the words I use, so spoiler alert, you might sometimes feel uncomfortable while reading this (after all, it’s my blog ).

Anywayyyyyyyys, here goes nothing:

Everything started when I was a little toddler…