Computer Virus Protection

--Originally published at Sebastian Luna

Virus Protection

Conceptual Overview

Imagine having contact with many human beings, getting certain level of connection with every single one of them, every single day of your life. You can imagine that, eventually, you will get sick if you don’t have some precautions (washing your hands, getting your vaccines, keeping your distance, etc.).

When computers interact with other computers, some of them can have a Computer Virus, so they too can get infected, just like us! (sort of).

A Computer Virus is software with malicious intent that replicates itself by modifying other computer programs and inserting its own code. There are many methods in which a computer can get a virus, and there are different Computer Viruses that can have different negative effects on a computer, like accessing private information (your credit card too!), corrupting data (say goodbye to the pictures of your kids), spamming your e-mail contacts, or leaving your computer useless.

Available Methods

Some methods that can help you clean your computer from Viruses, or just to protect it against getting one are:

· Keep your software up to date

o Sometimes software has bugs that can be exploited by hackers, which could be used to infect your computer.

· Don’t click/respond to strange emails

o I’m sorry to tell you, but the Wife of the President of Uganda isn’t contacting you to give you 100 million dollars; you also didn’t win the Bill Gate’s foundation for 50 billion dollars.

· Use an antivirus software

o It’s a program designed to detect and remove viruses from computers and other threats.

· Use a Firewall

o A system designed to prevent unauthorize access to or from a private network.

· Download only from verified places

o Maybe Continue reading →

PROBLEM: Interval of Times

--Originally published at Sebastian Luna

The problem

Your company built an in-house calendar tool called HiCal. You want to addd a feature to see the times in a day when everyone is available.

To do this, you’ll need to know when any team is having a meeting. In HiCal, a meeting is stored as an instance of a Meeting structure with integer member variables startTime and endTime. These integers represent the number of 30-minute blocks past 9:00am.

typedefstruct{

unsignedstartTime;

unsignedendTime;

}Meeting;

For example:

typedefstruct{

unsignedstartTime;

unsignedendTime;

}Meeting;

Meeting meeting1 ={2,3}; // meeting from 10:00 – 10:30 am

Meeting meeting2 ={6,9}; // meeting from 12:00 – 1:30 pm

Write a function mergeRanges() that takes an array of meeting time ranges and returns an array of condensed ranges.

For example, given:

[{0,1},{3,5},{4,8},{10,12},{9,10}]

Your function would return:

[{0,1},{3,8},{9,12}]

Do not assume the meetings are in order.The meeting times are coming from multiple teams.

Write a solution that's efficient even when we can't put a nice upper bound on the numbers representing our time ranges. Here we've simplified our times down to the number of 30-minute slots past 9:00 am. But we want the function to work even for very large numbers, like Unix timestamps. In any case, the spirit of the challenge is to merge meetings where startTime and endTime don't

Continue reading →

How to get a job in Computer Science

--Originally published at Sebastian Luna

Today I'll give you a step by step guide on how to get a job in the industry:

Buy the book: Cracking the Coding Interview
Memorize every problem and its solution
Go to an interview
Play dumb when they give you a problem you already know
Give the solution

You like to solve problems without having memorized solutions? You enjoy thinking about the problem and finding out different solutions? You want to show your real skills even if that means not being able to solve a given problem?

Some of us do, but that's not how the cool kids do it nowadays...

congratulations, you're hired

Cryptography is fun, TC2027

--Originally published at Sebastian Luna

Let's wikipedia:

Cryptography is the practice and study of techniques for secure communication from third parties.
It is about constructing and analyzing protocols that prevent unauthorized access to the message.

Modern cryptography is based on mathematics and computer science, thanks to computers, we have the power to encrypt data and make it 'impossible' for a human to decrypt it.

Getting started
The way I got into cryptography, was with the series "Gravity Falls", they put some hidden messages all over the place, on the intro, at the end of the episode, and they used different encryption methods. It was really fun to try to decypher a code that you found on an episode.
If you know nothing about cryptography, I would recommend to enter the link provided at the end of this document, and to watch the animated series.

Encryption methods
Some encryption methods that were used on Gravity Falls are:

Caesar cipher: substitute the original letter for the nth letter before it. In the case for letters X, Y, and Z, (if n = 3) one would have to cycle through to the beginning of the alphabet.

Atbash cipher: decoded by reversing the letters. (A turns into a Z)
EXAMPLE: World -> D

A1Z26: simple substitution cipher decoded by substituting the nth letter of the alphabet for given number n.

Vigenère cipher: it's a series of Caesar ciphers where each letter shift depends on a key word. Vigenère ciphers use a Vigenère square to encrpyt the message.

These are relatively simple Encryption methods, computers use other methods but I will write about it on another blog, I want this one to be for "begginers".

http://gravityfalls.wikia.com/wiki/List_of_cryptograms

Revolution, TC2027

--Originally published at Sebastian Luna

We need one, we need a revolution on the way we learn.

I am currently developing a project that started with one of our professors, Sergio Hernández.
He started Estación Meiquer to give Social Service hours to ITESM GDA students. I was lucky to be one of them, because it covers topics I really like.
But for about a year now, we wanted to do more than giving Social Service hours, we see that there is a need for kids to change the way they think and the way they learn. We see everyday the consequences of a bad educational system, even here, at my school; there hasn't been a single time where partials are comming, and I see students studying from very specific questions and exercises (it took me a few semesters to realize they were studying from exams). I've seen students that take pictuers of the exam as soon as it's on their hands, before making it and after the professor gives them back so we can check our mistakes. What went wrong? Why is it more important to get an exam or find really clever ways to copy, than actual learning? Why is a number (grade) more important than all the effort someone can make on a whole semester learning by experimentation or research? Why aren't we allowed to make mistakes? We're not perfect, we learn from mistakes, I can tell you that the things I remember or learned the most, are things I struggled with, I had to find a way to solve it or I f*cked up really bad.

Our project is called Estación Meiquer, our goal is for kids to develop skills that, according to the World Economic Forum, will drive the 4^th Industrial Revolution. These skills are:

· Problem solving
· Continue reading "Revolution, TC2027" →

Elevation of Privileges, TC2027

--Originally published at Sebastian Luna

What is Elevation of Privileges?

Elevation of Privileges or Privilege Escalation is exploiting a system or application to gain more access than you normally should have. This means you have the power to do unauthorized actions.

There are two branches of privilege escalation, Horizontal and Vertical.

Horizontal

Access to other user's information or content. It's horizontal because you are in the scope of a user, but you can gain access to other users, this is still gaining more access than you should, but not at a higher level.

Vertical

Access to information or content that should only be accessd by someone with higher access. You stay on your scope, but now you "escalate steps" in the privilege section.

The following image shows the different levels of privileges that a system has.

My favorite example of elevation of privileges:

Jailbreak

I remember I was in highschool when I got my first iPod Touch, it was Christmas and Santa gave me and my brothers an iPod. I was really excited and I opened it on the bathroom, as soon as I took it out of the box, it fell.

I always liekd playing and listening to music on my iPod, but after a while (still in highschool) I discovered that you could "jailbreak" it, letting you add more functionalities and customize your iPod, I didn't know it back then but that was a form of Elevation of Privileges.

Normally, you couldn't do all those things that Cydia allowed you to do, but when you jailbreaked it, you gained control of many things and it felt really nice.

Other methods

This webpage tells more about EoP and ways that it cacn be exploited:

https://securitycommunity.tcs.com/infosecsoapbox/articles/2017/06/07/all-you-know-about-stride-elevation-privilege-threat-eop
Here there are 6 ways to exploit and gain EoP that the webpage Continue reading →

Elevation of Privileges, TC2027

--Originally published at Sebastian Luna

Access to other user's information or content. It's horizontal because you are in the scope of a user, but you can gain access to other users, this is still gaining more access than you should, but not at a higher level.

Vertical

Access to information or content that should only be accessd by someone with higher access. You stay on your scope, but now you "escalate steps" in the privilege section.

The following image shows the different levels of privileges that a system has.

My favorite example of elevation of privileges:

Jailbreak

Normally, you couldn't do all those things that Cydia allowed you to do, but when you jailbreaked it, you gained control of many things and it felt really nice.

Other methods

This webpage tells more about EoP and ways that it cacn be exploited:

Essay of How Not To Be Wrong, The Power of Mathematical Thinking

--Originally published at Sebastian Luna

HOW NOT TO BE WRONG, The Power of Mathematical Thinking is a book written
by Jordan Ellenberg, a Mathematician and a child prodigy, this book focuses on
mathematics, but he approaches it on such a way for everyone to understand even if
they don’t have much mathematical background, while still letting people with
knowledge about mathematics to learn more things without being too easy or too
boring.

“The armor, said Wald, doesn’t go where the bullet holes are. It goes where the
bullet holes aren’t: on the engines.” This is from the second story the author opens the
book with, which is a great example on the purpose of the book and how it develops.
Ellenberg does an excellent job at telling us different stories –that involve mathematics
in one way or another– and teaching us –the readers– some valuable insights.
This second story is about Wald, a member from the Statistical Research Group, he was
considered a mathematician eminence, and he was approached to find the optimum way
to shield planes so they’re not too heavy but they’re protected enough, and his way of
thinking let him realize there was no use on analyzing the bullet holes from the planes
that did come back, and if they didn’t have many holes on the engine, it was simply
because the ones that did get hit, didn’t come back.

There are many stories that Ellenberg gives us to show us precisely what he
showed above, that sometimes we are stuck with some problem or there’s something
going on in the world, and mathematics let us think and analyze things in such a way
that we can solve problems in an unexpected way.

Ellenberg is successful in collecting real life situations, from every possible
field, that mathematics had a big impact Continue reading →

20:10 p.m.

--Originally published at Sebastian Luna

I have a huge passion for knowledge and research, I would love to create knowledge as a full-time job and do research. For the past few years I've been following a lot of YouTube channels related to science or stuff that I like. Basically I'm at YouTube 24/7 and whenever I find a new video I watch it to learn more and more.

With the blog I have to do for Ken's class, I've decided to write about things I learn on (maybe a weekly basis) and about stuff that I like, some of it won't be related to Computer Security. This, with the hope of creating a YouTube channel and doing videos about stuff that I like and know, so other people that like similar stuff can enjoy and learn more.

So here's the list, I hope you like and enjoy them as much as I do and if you know about more interesting channels, please let me know.

Mark Rober

https://www.youtube.com/user/onemeeeliondollars/featured

ASAP Science:

https://www.youtube.com/user/AsapSCIENCE/videos

Brain Stuff: How stuff works

https://www.youtube.com/watch?v=n8EvWzWEbz0

C de Ciencia

https://www.youtube.com/user/CdeCiencia/videos

Crash Course:

https://www.youtube.com/channel/UCX6b17PVsYBQ0ip5gyeme-Q

How Stuff Works

https://www.youtube.com/channel/UCWIQBDDWcnaDtZ_7E7CeSVg/videos

It’s Okay to be Smart

https://www.youtube.com/channel/UCH4BNI0-FOK2dMXoFtViWHw

Kurzgesagt - In a Nutshell

https://www.youtube.com/channel/UCsXVk37bltHxD1rDPwtNM8Q

LemmiNo

https://www.youtube.com/channel/UCRcgy6GzDeccI7dkbbBna3Q

Life Noggin

https://www.youtube.com/channel/UCpJmBQ8iNHXeQ7jQWDyGe3A

Mind Your Decisions

https://www.youtube.com/channel/UCHnj59g7jezwTy5GeL8EA_g

Minute Earth

https://www.youtube.com/channel/UCeiYXex_fwgYDonaTcSIk6w

MinutePhysics

https://www.youtube.com/channel/UCUHW94eEFW7hkUMVaZz4eDg

Numberphile

https://www.youtube.com/channel/UCoxcjq-8xIDTYp3uz647V5A

Objectivity

https://www.youtube.com/channel/UCtwKon9qMt5YLVgQt1tvJKg

PBS Space Time

https://www.youtube.com/channel/UC7_gcs09iThXybpVgjHZ_7g

Periodic Videos

https://www.youtube.com/channel/UCtESv1e7ntJaLJYKIO1FoYw

Physics Girl

https://www.youtube.com/channel/UC7DdEm33SyaTDtWYGO2CwdA

Potholer54

https://www.youtube.com/channel/UCljE1ODdSF7LS9xx9eWq0GQ

Questions For Science

https://www.youtube.com/channel/UCc2-xT3ub5IhGoYae8-GjWA

SciShow

https://www.youtube.com/channel/UCZYTClx2T1of7BRZ86-8fow

SmarterEveryDay

https://www.youtube.com/channel/UC6107grRI4m0o2-emgoDnAA

Today I Found Out

https://www.youtube.com/user/TodayIFoundOut/videos

Veritasium

https://www.youtube.com/channel/UCHnyfMqiRRG1u-2MsSQLbXA

Vihart

https://www.youtube.com/channel/UCOGeU-1Fig3rrDjhm9Zs_wg

Encrypting USB Drive (at least for Windows Users) – TC2027

--Originally published at Sebastian Luna

A lot of people use USB drives, and we put sensitive information on it

We obviously don't want anyone accessing our information without our consent, but what if we lost that USB? then it would be completely vulnerable and free to use for anyone that finds it (or we could "lose" a rubber ducky and have fun with it).

We can protect our USB by encrypting it, it can still be hacked but it's much more difficult and it requires technical skill that a random person that could find your USB laying around may not have.

I read that you can use BitLocker for it, however, since I dont have BitLocker on my computer, I did my research on more ways to do this, if you want to try BitLocker, check my references at the end.

Steps:

Download Rohos from https://www.rohos.com/products/rohos-disk-encryption/
Select the language you want it installed
Click next
Accept terms and agreements
Select where to put the folder and click Next
Click install
You're done, you can run Rohos now

So after I ran Rohos, I plugged in my USB and clicked Cypher the USB unit, and it checks for connected USBs.

After that, I entered the password clicked Next and you have to wait for the process to finish.

And there you have it, you can add important documents or stuff you want inside your USB and don't worry (that much) if you lose it.

There are many options, you can search for one that fits you the best but I found this one to be pretty easy and with a free 30 day trial.

References:

http://www.tomsguide.com/faq/id-2318737/encrypt-usb-flash-drive.html

https://www.online-tech-tips.com/computer-tips/encrypt-usb-flash-drive/

https://beebom.com/best-usb-encryption-software/