Free Software and Computer Security Notes

9/27

OnWorks Ubuntu in the browser

CoCalc terminal in the browser

UEFI boot

  1. "Guige" in google translate is Greg
  2. By downloading uefi-boot-files-g21A.tgz from here and extracting it into the root directory of USB, you can make it bootable on a UEFI computer provided security boot is disabled.
  3. boot loader (e.g. extlinux, syslinux, isolinux, grub) will load: vmlinuz (kernel), initrd.img, root file system (which may be a partition or a squashfs)

img

Install Ubuntu on Oracle VirtualBox

  1. recommended iso: linux mint 20.2 or ubuntu 20.04
  2. memory at least 4GB but 8GB is better
  3. disk size at least 8GB and 20GB is quite enough
  4. hypervisor, host, guest

You will this keywords in the future quiz!!!

Edward Snowden "Prism"

Virtual machine - Host, Guest, hypervisor

If you wanna install the CLI version of Ubuntu also called as "Ubuntu SubSystem" under Windows CMD you can follow this LINK

DDos = Distributed denial of service
This type of attack takes advantage of the specific capacity limits that apply to any network resources
The DDoS attack will send multiple requests to the attacked web resource with the aim of exceeding the website’s capacity to handle multiple requests and prevent the website from functioning correctly.

categories of image metadata:
-technical metadata
-descriptive metadata
-administrative metadata

standardized formats of metadata:
*IPTC
*XMP
*Exif
*DCMI
*PLUS

Android "adb"
IOS "62078"

Flashing
finfisher citizen lab
Censorship must require surveillance.
wayback machine(archive.org)

FLASHING- reprogramming the device by installing a different ROM/OS
wayback machine-check the history of the internet
ADB -Android debug bridge vs ios 62078

Carrier IQ
Photo Metadata(JPG, EXIF, iptc, xmp)

adb - android debug bridge
cryptographic hash functions example sha256
properties of CHF

  1. deterministic
  2. fixed length
  • pre-image;data = input
  • digest;result = output

Secure Properties of Hash Funtions

  1. pre-image resistance (hash funtions are hard to decrypt)
  2. collision resistance (hard to find matches)
  3. second pre-image resistance ()

salted hash - addition of random string(salt) into the hash
avalanche effect - small change in inputs, output changes drastically

rainbow table- table of reversed hashes
cyphertext-
symmetric encryption- same key
asymmetric encryption-has 2 keys, private/secret key and public key
end-to-end encryption

cross device tracking - company can track you from different devices
browser finger printing (canvas fingerprinting)
cambridge analytica scandal
brute-force attack
cross device tracking - company can track you from different devices
browser finger printing (canvas fingerprinting)
cambridge analytica scandal
brute-force attackfor master key:
make backup files
make it unaccessible

Team Viewer
Remote Desktop Protocol
Virtual Network Computing
SHH- examined by many security experts
ssh -X ~~~ = ssh X forwarding

ssh tunnel

scrcpy-provides display and control of Android devices connected on USB
hash-converts a numerical input value into another compressed numerical value
examples:
*MD
*SHA
*RIPEMD
*Whirlpool
~deterministic(number of characters always remain the same)
~avalanche property
salt-is a random string of data used to modify a password hash
Rainbow tables-tables of reversed hashes used to crack password hashes

Hash functions (ex: sha256sums)
Deterministic 1st property of Cryptographic hash function

data(input)
image(output)
digest

properties of secure hash functions:
1.Preimage resistance - hard to
2.Collision Resistance - avoid two different input values to produce same digest
3.Second preimage resistance - prevents the bad guys from finding a way

salted hash - adding of random string in the hash
md5sum- old version
avalanche
rainbow table
ciperText
symmetric encryption
Asymmetric
public key(encrypt)
private key(decrypt)

end-to-end encryption (encrypt in the very beggining to ensures that no one can eavesdrop)

photo metadata
exif,xmp..
archive.org, wayback machine.
android -adb vs ios - 62078

Cryptography Hash functions (SHA256SUMS)
deterministic
data input(pre-image),output(image)
digest

Message Digest (MD)
Secure Hash Function (SHA)

preimage resistance
collision resistance
second preimage resistance

salted hash - addition of a unique, random string of characters known only to the site to each password before it is hashed

rainbow table
Plaintext
Ciphertext
Symmetric encryption
Asymmetric encryption
public key
private key
(Encryption, decryption)

11/01 Keywords :

  1. decentralized finance
  2. address
  3. blockchain merkle tree
  4. (merkle root)
  5. block time

11/08 keywords:

-EVM, NFT

  1. nonce
  2. cusdotial/noncustodial wallet
  3. man in the midlle attack
  4. proof of work
  5. proof of stake
  6. proof of authority
  7. solidity
  8. genesis block

11/22 keywords:

  1. cross device tracking
  2. browser fingerprinting
  3. cambridge analytica
  4. brute-force attack

Things to remember:
-Ublock Origin and Privacy Badger
-adblock plus

ssh protocol : ssh, scp, sftp
12/6/13 keywords :

  1. linux window manager comparis
  2. ssh tunnel
  3. ssh-agent
  4. vnc
  5. ssl

NAT - network address translation
PGP - Pretty Good Privacy
Steganography
steghide
base64- how binary data converted into text file
-Mangement engine(intel)
-digital forensics

Quiz keywords :

  1. steganography
  2. Dual EC DRBG

eavesdrop - what NSA do
end-to-end encryption

MitM-Man in the Middle attack(eavesdropping attack, where attackers interrupt an existing conversation or data transfer)

Digital signature-validates the authenticity and integrity of a digital document

Decentralized finance-financial system that operates without the need for traditional, centralized intermediaries

Merkle tree-used for data verification and synchronization

Block time-average time taken to create each block

  1. Encryption and Decryption(plain text -> encrypt(using public key) -> cipher text -> decrypt(using private key) -> plain text)
  2. Digital signature(plain text -> encrypt(using private key) -> cipher text -> decrypt(using public key) -> plain text)
    Blockchain(also called as public ledger) - all blockchains are databases but not all databases are blockchains

Genesis - very first block

key words to remember:

  1. Decentralized finance(Defi)
  2. address
  3. Genesis Block
  4. merkle tree
  5. merkle root
  6. solidity
  7. browser fingerprinting

proof of work - proving a lot of work to finish the block
proof of stake

custodial wallet - some party can control your private keys
non-custodial wallet -owner is the only one who can control the wallet.

Terms to remember:

  1. TPM(Trusted Platfform Module)
  2. Audio Beacon
  3. cross device tracking
  4. Browser fingerprinting
  5. Cambridge Analytica
  6. Brute-force Attack
  7. Remote Desktop Protocol
  8. Virtual Network Computing

22

adblock plus - to block advertisement
syntax

sites that are not in teacher's website:

  1. https://filterlists.com/
  2. https://www.cyut.edu.tw/~ckhung/g/bsp.php?id=143a

SSH-secure shell
teamviewer

ssh -X ~~~~
"ssh x forwarding"

Quiz words:

  1. ssh tunnel
  2. Vnc
  3. ssh-agent
  4. vnc over ssh tunnel
  5. all remote connection things~
  6. -x Forwarding

http + ssl

ways on how to open VNC:
= using (ssh -X v) x forwarding
= using (ssh -fNL 8805:localhost:5947 xxxxx@v.im.cyut.edu.tw) ssh tunnel

Primitive FTPd

what can you do when you have public key?
-when you have the public key you can send encrypted messages to the owner of public key.

Backdoors:
Management Engine (intel)
Dual EC DRBG (Microsoft)

Quiz words:

  1. steganography
  2. Dual EC DRBG(Dual Elliptic Curve Deterministic Random Bit Generator)

Nonce - is an abbreviation for "number only used once," which, in the context of cryptocurrency mining, is a number added to a hashed—or encrypted—block in a blockchain that, when rehashed, meets the difficulty level restrictions.
Solidity - programming language for smart contract
Cross chain technology(blockchain bridge)

Doesn't support JavaScript:
Lynx, w3m - console based browsers
Dillo - lightweight browser
Browser
fingerprinting - information collected for the purpose of identification

Merkle Tree : a data structure in which a single hash code function (a type of cryptographic code) splits into smaller branches. In a similar way to a family tree, where a parent branch splits into child branches, which are then extrapolated into grandchild branches.
a Merkle tree keeps a record of the history of each element. This type of data structure enables for faster verification on a blockchain network.

Merkle roots are used in cryptocurrency to make sure data blocks passed between peers on a peer-to-peer network are whole, undamaged, and unaltered.
to verify the data on the merkle tree.

NAT : Network Address Translation
Dual EC DRBG

User Agent

Ublock origin-blocks ads through its support of the Adblock Plus filter syntax
Adblock plus

To authenticate using SSH keys, a user must have an SSH key pair on their local computer. On the remote server, the public key must be copied to a file within the user’s home directory at ~/.ssh/authorized_keys.

Brute force attack - hack that relies on guessing possible combinations of a targeted password until the correct password is discovered

Remote desktop protocols:
RDP-remote desktop protocol(Windows)
VNC-virtual network computing

22-default port to establish SSH connection

Primitive FTPd - allows to exchange files with other machines over WiFi

"-localhost no" -> without this it would be safer

-X forwarding: allows to forward programms that use a graphical interface through your remote SSH connection to CS machine

dd, the disk/data duplicator (or disk destroyer) allows us to copy raw data from one source to another

Select a repo