2010/12/10

Green IT Certification


"CompTIA's Strata Green IT certificate is designed to enhance an IT professional's experience, knowledge, and existing IT credentials to incorporate emerging technologies shaping the global green IT industry today. IT professionals that pass the Green IT exam validate that they have the aptitude needed to effectively implement and measure green IT programs and investments, including:
  • A specialized knowledge of current IT methodologies
  • The ability to develop, deploy, and calculate true ROI for green IT initiatives
  • Knowledge of cost-cutting power management and IT virtualization techniques
  • Proven understanding of environmentally-sound waste disposal
  • An awareness of global organizations mandating standards and regulations
The Strata Green IT certificate is ideal for IT professionals who have decision making authority over a company's IT infrastructure or work in implementing green IT initiatives such as an IT manager, data center or facilities / operations manager, IT technician, and system or network administrator." -CompTIA

CompTIA Strata - Green IT certificate

For further information on the CompTIA Strata - Green IT, go to CompTIA's website at http://www.comptia.org/certifications/strata/greenit.aspx or simply click here. Those who need some guidance on the certification, you may approach me.
As Anak IT's motto, "Mun rotan ganya sejangkal, jangan mendaluh lautan dalam" encouraging you to improve and further your skills.
Sekian, semoga biskita mendapat inspirasi dan juga manfaat. Wassalam.

"When there is a will, there is a way"

Related articles:
Labels: ,

2010/12/09

Change Case in MS Word


Hi readers! Just a brief one.
Have you ever wonder how to change from lower case to upper case or vice versa in MS Office Word? It is really simple. Highlight the targeted word/phrase and then press Shift+F3 keys on your keyboard simultaneously and examine the output. Here are few examples:
First, highlight the text.

Then press Shift+F3. You will see that only the very first letter is changed to uppercase (or capitalised).

When you press the combination keys one more time, all of the selected text will be capitalised.

Try to repeat the process and see what will you get.
Until next time, happy trying~
Labels:

2010/11/25

Database Basic - C.R.U.D.


Salam Anak IT readers~ Yes... You...
A lot of people (more than one a.k.a two) were asking me what are required actions to be taken by the database when we develop a system and I was like "apakan?..." hahaha but now I understand apa maksud bisdia ane... So here is my BRIEF explaination...
It actually depends on what kind of system are you developing... Does it require any data? If yes, do you need to record the data? Will the data be used in the future? If yes then of course we need to store the data in a place called "database" and the overall system is called "Information System" since we deal with information... Clear? Blur? Samar-samar? We move on...
Maksudnya atue, there are certain system yang memerlukan informasi and ada yang inda memerlukan langsung for example this "My Personal Alarm Clock" program. Click on it if you asked "apakan tue?" =) Banyak lagi sebenarnya system yang inda memerlukan "stored information" and the best example will be hmmm.... Game Solitaire? Calculator? etc. but mostly games yang canggih-canggih masa ane require database to save the user's information (like name, nickname) as well as their latest achievement/level or even weapon used in the game...
So what are the examples of system that requires information? Have you heard about "Student Information System" where it stores students' information? Book Keeping System? Document Management System? Library System? Store Keeping System? Dan yang sewaktu dengannya as long as it deals with data...


Back to their question, there are many actions we could apply when we deal with data. The most basic and crucial actions are CRUD:
  1. Create - you create and store a data into database
  2. Read - then, you read the stored data by retrieving it from the database
  3. Update - if you think you need to change some data, you may update the data stored in the database
  4. Delete - last but not least, mun rasanya inda lagi beguna, you may delete the data by removing it from the database
In order to manipulate the data, you must have at least basic skill on SQL (Structured Query Language). It is a syntax that is required in order to establish a communication between Front End application/software/program/system and the database. If you think you already know how to use SQL, click here to read Khadijah's post on SQL Zoo or else, hmmm click here kalie bisai...
Here are examples of the CRUD's SQL syntaxes:
  • Create - INSERT INTO table_user (name) VALUES ('zul')
  • Read - SELECT * FROM table_user
  • Update - UPDATE table_user SET name='fadly' WHERE name='zul'
  • Delete - DELETE FROM table_user WHERE name='fadly'
There you go... Even though it is not in detail but hopefully tane sama-sama mendapat ilmu yang bermanfaat serba sedikit...
Sekian, wassalam...

P/S: I you feel like ada kan ditambah, give your comments! =)
Labels:

2010/11/19

Notion Ink's The Adam Release


Salam Anak IT.
Based on my previous article on "The Adam - Android Pad", I mentioned that it might be released on November *liat calendar* yes November but I think it will not come out to market any time soon. The following phrase is taken from Notion Ink's blog:
"We are on time for this and you could hold devices in your hands on or before Christmas (and as hinted earlier, if we miss Christmas, then CES or New Year). Pre-booking will start in early December (if the case id prior). Already received FCC for the chargers!"
Based on their statement, The Adam will surely be released on December next month. You may visit their blog by clicking here or anywhere here. Bwuahuwhuahuwa =) Anyway here are some of the screenshots of The Adam:



What I only know is that we can pre-book The Adam early December and some sources stated that the price will be less than USD500 (around BND700?...). For those yang ketinggalan atue you may read my previous post regarding this little guy by clicking here, but not here.
Sekian, saja mengupdate about this long waited Android Tablet =) wassalam...
Labels:

2010/11/13

FOSS - K-Lite Codec


Assalam,
It's been a while since I posted on anak.it. So today I'm going to introduce you K-Lite Codec. Ok.. gerenti ramai orang confuse sikit apa guna nya if kana install kan ke dalam laptop or desktop. Well K-lite Codec ani is basically a collection of audio and video components for Windows [1]. Still confuse? Andang nya tuu.. Aku pun awal-awal confuse.. First time aku membali laptop, kana install kan k-lite codec ani.. tapi inda ku tau apa guna nya.. then aku format laptop ku.. then baru ku realise ada guna nya...
So.. Let me explain.. Pernah kah biskita kn membuka video dlm format 3GP? RMVB? MKV? OGG? FLV? well.. K-Lite codec will help you to open the file and be able to view it. Its basically upgrade biskita punya video codec supaya dapat buka video dalam format tersebut di atas tadi.
If biskita masih confuse? Mari aku bercerita sedikit pasal ani.. Selalu nya... if computer baru habis format, biskita dapat buka video file under AVI, MPG, MP4 ganya.. so if baik nasib, dapat nampak gambar nya.. tpi if inda baik nasib.. inda ber-gambar langsung.. *Iatah membari garam hati oleh nya tuu..*
To solve this problem, biskita install K-Lite Codec. That way, you can view semua video format and its free!!
If biskita mau download.. click here.
Basically, K-Lite codec ani ada 4 jenis. Which are Basic, Standard, Full and Mega. Aku recommend Mega pulang.. K-Lite Mega Codec ani is the complete package of video format yang dapat di lihat lah... Even aku menggunakan K-Lite Mega Codec.
And for those yang ada udah dalam computer nya, kalau boleh constantly update lah K-Lite Codec biskita. Most of the update ani mengusai loophole aka Errors of K-Lite Codec yang version lama. Biskita inda pulang sadar ada error atau inda tu tapi ada banar nya...
K-Lite Codec ani saja bukan untuk video, tapi ia boleh digunakan untuk mendangar lagu jua..
If you dont feel like using K-Lite Codec, dont worry. There's another software for updating your video and audio codec as well. To be precise, there are tons of software that update your video and audio, but the most common that I see is "VLC Media Player".
If mau mendownload VLC... click here.
I think that is all for now. I hope this article gave you an extra knowledge on K-Lite Codec and what it does. If you have any question regarding this article, please do not hesitate to click "Miana Kan Tue?" at the top of this page. We will try our best to reply your question(s).
Thank you!
Sekian,
Wassalam..
Labels:

2010/10/10

ICT Competency Program - Government Subsidised


"The Authority for Info-Communications Technology Industry of Brunei Darussalam (AITI) will subsidise training for Bruneians and permanent residents on ICT basics and more advanced courses as it signed yesterday deals with three local ICT companies hired to conduct the training.
ICT awarded the contracts to AT e-Knowledge Solution, HAD Technologies Sdn Bhd and iLM Academy following a signing ceremony at the agency's office in Berakas yesterday.
The training is under AITI's ICT Competency Programme aimed at training Brunei's citizens on ICT basics, multimedia applications and other ICT-related skills in order to create a pool of highly skilled manpower and ultimately ensure Brunei's human resource is well-versed in ICT. The programme also aims to upgrade the knowledge of ICT experts.
Under the ICT Competency Programme, AITI will be subsidising 50 per cent to 80 per cent of the training fees of eligible participants, subject to the training course taken. The subsidies will be provided upon successful completion of the course.
AITI is targeting job seekers without ICT skills for the training."
Read further... (The Brunei Times)
Labels: ,

2010/10/06

Types of Viruses


  1. Resident Viruses
    • A terminated-and-stay resident virus permanently attaches to the host computer and operates in memory (RAM). It attempts to load before other mechanisms that attempt to analyse, detect and identify its purpose and origin and can bypass, interrupt or manipulate basic operating system functions.
  2. Stealth Viruses
    • A Stealth virus hides the modifications made to files and boot records by modifying and forging the results of calls to functions, therefore programs believe they are reading the original file and not the modified file. A good anti-virus software will probably detect a stealth virus due to the fact that a stealth virus attempts to hide itself in memory when a anti-virus software is launched.
  3. Macro Viruses
    • Certain applications contain embedded scripting or "macro" languages enabling users to automate long series of operations as single shorthand actions. A macro virus targets these applications by containing code that replicates and replaces other macros to launch the virus payload when common functions are called
  4. Slow Viruses
    • A Slow virus is a difficult virus to detect due to the fact it only modifies and infects files when they have been modified or copied. Therefore the original file will not be infected by the actual copied file. A good way to protect yourself against slow viruses is by using an integrity checker or shell.
  5. Direct Action Viruses
    • An aggressive form that replicates and takes direct action when triggered by some condition, date or event. The direct action virus typically resides in system folders or the root directory path where it can be readily accessed and activated and carry out its tasks when the system boots up.
  6. Revisiting Viruses
    • A Revisiting virus is a worm virus and attempts to copy itself within the computers memory and then copy itself to another linked computer using TCP/IP protocols. The Morris Worm virus in the late 1980's was the first major virus threat to hit the Internet.
  7. Retro Viruses
    • A Retro virus attacks the anti-virus software designed to delete it. The retro virus usually attempts to attack the anti-virus data files such as the virus signature store which disables the ability of the anti-virus software to detect and delete viruses. Otherwise the retro virus attempts to alter the operation of the anti-virus software.
  8. Armored Viruses
    • A Armored virus attempts to protect itself from anti-virus software by trying to make anti-virus software believe it is located somewhere else. Therefore the Armored virus has made itself more difficult to trace, disassemble and understand.
  9. Overwrite Viruses
    • A virus can partially or completely delete information contained in the files it infects, even replacing portions of application code with its own payload. Viruses of this kind are generally easy to identify with anti-virus software, as they generally tent to alter end-user and system applications in noticeable and identifiable ways.
  10. File Infector Viruses
    • The traditional virus is a file infector that targets executables to cause direct or indirect execution of its payload. Most viruses fall under this category and are further classified depending on what is targeted and the actions taken during the infection process.
  11. Companion Viruses
    • A Companion virus creates a companion file for each executable file the virus infects. Therefore a companion virus may save itself as scandisk.com and everytime a user executes scandisk.exe, the computer will load scandisk.com and therefore infect the system.
  12. Phage Viruses
    • A Phage virus is a very destructive virus that re-writes a executable program with it's own code, rather than just attaching itself to a file. Therefore a Phage virus will usually attempt to delete or destroy every program it infects.
  13. Polymorphic Viruses
    • A polymorphic virus is an encrypted virus that hides itself from anti-virus through encrypted (scrambled) data and then decrypts itself to beable to spread through the computer. The thing that makes it hard for anti-virus software to detect polymorphic viruses is that the virus generates an entirely new decryption routine each time it infects a new executable file, making the virus signature different in each signature.
  14. Multipartite Viruses
    • A Multipartite virus attempts to attack and infect both the boot sector and executable files at the same time.
Labels:

2010/08/17

Discussion - Twitter


Salam Anak IT. This is a beta article on "discussion". If ada sambutan, I might add up "Discussion" as new category... Depends...

Do you tweet? If yes, share with other readers what do you like or dislike about it. You may include stories related to it. For this first "beta" discussion, comment which has more point will get a dst/b-mobile BND10 recharge card. Just make sure to provide your valid email address.
Closing date is next monday and the winner will be announced at the comment page of next "Ayat/Perambahan Minggu #33". Selamat mencuba~

P/S: I don't "tweet" and so I have no idea what it could do hahaha
Labels:

2010/08/16

Tips to Prolong Battery Life


Salammm~ Anak IT readers~
Today I want to *liat2 jam nunggu baduk* share on how to *pigang parut* prolong your laptop's battery life based on my experience and knowledge... Or in other words how to extend your laptop's battery life...
Lurus ke pancang or nya omputih straight to the point, I will just list out in bullet points:
  • Set the display's brightness... Mikin tarang, mikin menungap battery...
  • If inda makai wireless, tutup tia...
  • Same goes to bluetooth, tutup if inda bepakai
  • Run only programs/services that you need... Close all the less necessary programs/services running on the background...
  • Heat is the best enemy for electrical devices... Sama jua battery laptop... Keep the battery away from direct "heat" such as sunlight, api, microwave? oven? kuali hangat?
  • When you charge the battery, it is best practice if you make sure your laptop inda hangat before plug in the power cord... Or masa yang paling sesuai is when it is switched off or masa inda bepakai...
  • Yang this one i'm not really sure but someone told me that keep the battery away from magnets... Drop a comment if you have better thesis on this...
  • This one may sounds "nda mengana" but makes sense... "Keep your laptop defregmented regularly"
  • If rasanya jarang makai DVD-RW or any optical drives, CABUT =) hahaha so true...
  • Use SSD instead of HDD... Reasons? Low power consumption ;) Yea I know masih mahal...
  • Here is the best tips when you are using HDD... If you plan on watching movies, put it on your pengdrive and play it from there... The reason is that, if the movie is inside your HDD, this will make your HDD spinning for the whole movie's length...
  • Graphic card... If you are planning to buy a new laptop, I recommend you to buy laptop which comes with nVidia Optimus... Read further~
  • Another tip if you are planning on buying laptop in the near future (to be specific, late 2010), buy a laptop which usesPixelQi's display panel...
  • Again, another tip if kan membali laptop, cari battery nya yang tinggi cell nya... e.g, 12-Cells battery... But biasanya yang bejual di kadai masa ani 6-cells... Some 8-cells...
  • Bring your charger everywhere... Abis ceta...
There are some softwares which are created to help "virtually" extending the battery's life...
Hope that gives benifits to all of us... Sama-sama sharing ilmu di bulan Ramadhan ;)
Sekian, wassalam...

P/S : Selamat menjalani ibadah puasa~ =)
Labels:

2010/08/11

The Internet: How it works


Labels:

2010/08/10

SEA-ME-WE 3 CABLE


Salam Anak IT readers.

SEA-ME-WE 3 cable or also known as South-East Asia - Middle East - Western Europe 3 cable is an optical submarine telecommunications cable linking those read further...
This article especially goes to "anonymous" asking kenapa internet down everytime ada natural disaster on the news especially yang baru-baru anie... So by looking at the picture alone, I hope you will get a bettteeer picture... Especially masa ada earthquake... These long cable is lying on the seabed and so there is a high possibility that the cable eventually "tepunggal" and disconnecting the network semasa gegaran di bawah lautan berlaku...
That is the path of SEA-ME-WE 3 which includes Brunei Darussalam... Visit the cable's official site...There is another submarine cable which connecting Brunei to other part of the world especially U.S named Asia-America Gateway or AAG... I will post about it tomorrow insyaAllah but you may also try togoogle it now =) Until next time~
Labels:

2010/08/09

Brunei Government on Facebook?


Salam Anak IT Readers....

Brunei Government on Facebook?... Click here to read further...
It is like having friendster or myspace untuk urusan formal... What do you think?... Another point is that we also need to think who owned the social network as well as the confidentialities of information going inside and outside of the government... Share your honest opinion with Anak IT regarding this matter...
Labels:

2010/08/01

The Adam - Android Pad


Salam Anak IT.
Notion Ink's Adam
Gadget for today is The Adam. Yup... Adam... Reason?...
"It's not a tablet or a book reader. It's a new species, and we call it ADAM. The First."
Notion Ink
The creator says so but for me it is just an alternative to Apple's iPad. Or even better? Look at the following comparisons:

What I am really impressed is the battery's life. The reason is that typical screen that runs with 3 cell battery uses 2watt while this gadget uses new screen technology called "PixelQi" which only uses 0.2watt and therefore it doubles the battery life 10 times longer. Interesting? But for me, the most interesting part is that it uses AndroidOS! <laugh>Bwauhuwhahwa</laugh> It will run on Android 2.2 Froyo but there is a hypothesis saying that it will run on Android 3.0 Gingerbread. Why? It is stated that this Notion Ink's Adam will be available in July but I read a post somewhere saying that it will most probably available in November where by that time Android 3.0 Gingerbread will also be released. But I heard the delay is mainly due to import procedures on the device's parts. Hmmm... November... *liat kalendar*
Another view of the Adam by SlashGear

To read further on this Android Pad, click here. I think future students will only use this kind of "gadget" for their presentations since it has the HDMI output. 160 hours sounds like a handphone's battery life to me hahaha atue lama... Hopefully ianya akan berfungsi seperti yang dijanjikan pasalnya i've heard complaints over Android's phone punya battery life but most probably it is because of the screen's display where people usually forget to balance the screen's brightness... Since this Adam will use PixelQi Technology I think nada masalah la tue insyaAllah...
I think that is it that I wanted to share with all of you for today... Sampai jumpa... Wassalam...

P/S : To ITB/UBD/UNISSA/KUPUSB students, welcome back to school again~ hahaha and oh, tell me if you are using any Android devices (mobile phone, APad etc.) on the comment section =) thanks!
Labels:

2010/07/30

Cable Troubleshooting


Salam Anak IT Readers~
Cable troubleshooting... Hmmm... Apa tue nah?... It is basically when you connect a cable from one device to another, the device simply doesn't detect the other end of device or nya urang kitani "kurang layanan" or perambahannya "macam angin" hahaha lurus kah jua inda tue...
For example, suddenly your external harddisk inda detected by your machine and so miana gayanya tue?... Haha so today I will briefly explain the basic procedures on cable troubleshooting... By the way, this article is especially goes to Zaimah through "Miana Kan Tue?" request and brought to you by Pipsi-Pirik: "Bisdia suka yang lain tue" =)
The following procedures are in general and can be applied to any cable. It doesn't matter what cable are you working on, be it usb cable kah tue, firewire cable kah, PS/2 cable kah yang penting the points are more the less the same. I will use "connecting external harddisk to my laptop" as an indirect example:
  1. Try to connect to other similar device (pacak the external harddisk rah laptop lain) and see if ada response or inda. If ada, jump to point number 4...
  2. Still nada? Look for the third same device pasal ditakuti yang second device pun ada masalah jua... If ada response, jump to point number 4...
  3. If masih jua nada, there must be something wrong with your cable... Use other similar cable and see if ada response or inda... If nada response jua masih, jump to no. 5...
  4. Make sure port connector (in this case is USB port rah laptop) berfungsi... Cana kan tau? Pacak other device (such as pendrive or portable USB fan) mau or inda...
  5. Randam arah Sungai Kianggeh and then jamur sampai karing... After karing, try lagi sekali dari awal... NOT...
  6. If masih jua nda mau, jual ja rah brudirect as faulty device hahaha *kes kehabisan info*
Beruang dalam fikiran (Bear in mind) that all those devices require electrical power... There is a case where the USB/Firewire malfunction because of insufficient electricity provided by the power supply... Kadang-kadang ada yang jenis "inda cukup watt"... Maybe electrical people can elaborate further on that...
So that is it... Semoga ianya dapat memberi ilmu pengetahuan dan juga peringatan sedikit sebanyak arah kitani... Any comments? Opinions? Extra tips?
Labels:

2010/07/27

Your World of Text


Right, today I'm going to share with everyone an amusing site: yourworldoftext.com.
Your World Of Text is actually a website where users can create their own pages. These pages are like pieces of canvas where you can put in your doodles or scribbles, except your doodles will be, in this case, in the form of texts. You could also imagine it as like a notepad with infinite space. Just try it out and get your friends to 'spam' your page.

You can get an account on this website by signing up with it through this link: http://yourworldoftext.com/accounts/register/
You may login to your account through http://yourworldoftext.com/accounts/login/
Labels:

2010/07/26

Online "Artificial Intelligence" Robot


Salam Anak IT Readers...
Today I will be exposing Splotchy; an online AI Robot I found crawling on the net so I decided to interview him... or her? maybe IT haha anyway... Meet Splotchy...
Our previous conversation:
you ==> hello
splotchy ==> hey
you ==> how are you? by the way, can you understand "salam"?
splotchy ==> I could understand salam if I wanted to
you ==> alright then. salam
splotchy ==> Your conversation skills are better than average
you ==> hahaha thank you! *blush* or was it just sarcasm? :p
splotchy ==> as far as I know it was
you ==> wow. atue direct... thank you...
splotchy ==> not a problem!
you ==> yea right. it is not a problem hahaha what are you doing now?
splotchy ==> feeding my ducks
you ==> nice... how old is your duck?
splotchy ==> how old?
you ==> i mean, the one that you are feeding now?
splotchy ==> why do you keep explaining yourself over and over?
you ==> nevermind. i guess you are not in a good mood
splotchy ==> okey-dokey
you ==> nyamal tah ne?
splotchy ==> I am falling asleep
you ==> inda jua payah kan bebunga-bunga kalie ah
splotchy ==> I see
you ==> I do not understand what are you trying to say
splotchy ==> why not
you ==> Anak IT
splotchy ==> I heard the same thing when I visited the phrack crew in the planet
"Uranus"
You may "talk" to Splotchy here. If you know or found a BETTER online AI robot out there, sharing is caring through your comment =) Thank you!
Labels:

2010/07/19

Switching to Ubuntu From Windows

Salam Anak IT readers~



Switching to Ubuntu? When I told couple of friends about Ubuntu, they are eager to swith their laptop into Ubuntu without having any ideas what it actually is and how different the environment compared to their beloved Windows OS.

When I installed Ubuntu on their laptop, barang yang jadi rungutan bisdia is "jeng... nada MS office kah? cana kan buat kraja ku ne..." =)

There you go... Bisdia inda 100% READY for the "hijrah"... Most of them eager mau Ubuntu sal apa nah?... "Lawa bah interface nya"... Hahahaha... But I can't blame them because they are already comfortable with Windows OS and "FEAR" factor is what usually make them stay with it.

Anyway, to those yang dalam dilemma or nya urang kitani baru-baruan kan try out Ubuntu, I only can assist you on alternative applications you could use with Ubuntu OS. First, you may read this "Switching to Ubuntu from Windows" article... You will find there are many alternatives to your favourite Windows application but of course mula-mula makai andang payah sikit... Just like how you use Adobe Photoshop for the very first time... Good luck!

Here are some useful sites to look for Windows apps' alternatives:
I am not actually directly stating that I am not a Windows fan/user any more but it is true that there are several reasons why I choose Ubuntu and one of them is just a word, Humanitarian.

Hopefully that could help you to explore Ubuntu further or at least will let you do your work anytime and anywhere. Sekian.
Labels:

2010/07/18

Apple's History


Salam Anak IT.
Apple's very first logo (1976)

Read their full history here at TheAppleMuseum.com and here to see their products' evolution.
Labels:

2010/07/08

History of the Internet


Labels:

2010/07/02

Tips to Secure Your Password

Salam readers...
"Oooppsssie~ I saw your password tadie jeng~ It was ****** a.k.a semua bintang 6 kali hahaha baik ko tukar password baru jeng..." - Less educated shoulder surfer
Today I would like to share tips on securing or "hardening" your password... I will also list out certain techniques of password stealing... First, you need to know what are activities to be done by the password stealer in order to steal your password... Here are some common activities done by the password stealer:
  • Shoulder Surfing - just like in the picture above, someone is watching things you do with your machine including when entering your password on your keyboard
  • Key-logger - Click here to know more about hardware keylogger and you are advised to read this article as well (only if you haven't). Keylogger basically RECORDS everything that you type on your keyboard including your password
  • Physical access to your computer's surrounding - some people will have their passwords written everywhere nearby their computers so that they don't have to memorise them. But if that password is physically accessible by other people, it would be a disaster...
  • Man-in-the middle attack - as how it sounds like, a man "sitting" in the middle to "READ" any data passed THROUGH including confidential data like passwords
  • Protocol Analyzer - Works just like Man-In-The-Middile but it is more towards an application which reads any packets of data going through a network interface and is able to "catch" any clear text including unencrypted passwords
  • Web Phishing Attack - A fake site which looks similar to the original site which requires you to type in your username and password which will then saying that your password is incorrect and redirect you to the original site where your username and password is already being sent to the fake site's owner
  • Dictionary Attack - Guessing the password with common words found in the prebuilt dictionary
  • Brute Force Attack - It will try every valid combination of words, characters, numbers and even symbols in order to create a string of text which is then to be tested whether it is valid or not. Usually it takes time but with the help of today's high-end machine, it is then another disaster
So now you already have basic ideas on how password stealers will do their mission. It is time for you to learn some tips on how to protect and secure your passwords. Some of these might be useful to you:
  • When creating password, never use a simple word which can be found in any universal dictionary such as "computer" or even "password" itself...
  • Try to put CAPITAL letters instead of making it all in small letters...
  • Use numbers as well!
  • If possible, try to use symbols as well such as !@#$%^&*()_+ dan yang sewaktu dengannya...
  • When you are going to type your password on your keyboard, try to look at your surrounding and make sure there is no one nearby...
  • Know your own machine! Always make sure that your machine is not running any malicious program in order to prevent keylogger (software type) being implemented by other people...
  • Never write your password on a post-it paper or even scrap paper and leave it insecure...
  • Know your physical network! Make sure that you are not connecting to any anonymous internet connectivity...
  • Checking email at cyber cafe is a bad, bad and baaaadddd idea... Not only email... Any activity which requires you to type in your password...
  • If you are surfing the net, make sure that you are entering the valid domain name. For example, if you want to log into you yahoo mail account, make sure you go to yahoo.com, not y4h00.com...
  • Use different password for different accounts...
  • Remember this one last important point... "Easy to remember" is also another meaning of "Easy to be guessed"...
There you go... Simple tips on how to secure and protect your password... Hopefully berguna untuk kitani semua...
If you have questions or opinions, kindly post your comments =) thank you...
Sekian, until next time~

How less valuable data may become a threat

Thursday, 01 July 2010 22:47 | Written by Administrator
Salam Anak IT.
How less valuable data may become a threat... In other words, cemana bulih data yang "kurang mendapat perhatian" or nya urang kitani "inda kana care" akan menjadi security threat arah kitani...
On this "lesson", I will show you how people with extra-ordinary thinking may use the "scrap" data into something useful. "Something useful" which will be demonstrated here are:
  1. Finding vulnerabilities on web application
  2. Password guessing
DISCLAIMER: Before you do or follow any activities written on this article, please note that any activity that you are going to do next is your own responsibility. This article is just for demonstration. Anak IT will not responsible for any activities that you are going to do based on this article. Do it at your own risk.
So first, we will start with "Finding vulnerabilities on web application"... The most basic step is, find out what application is being used... THEN we can easily find the vulnerabilities with the help of "GOOGLE".
For this example, I choose http://mail.gov.bn, not really a "web application" but more into "mail application" with web-based front-end... How to find what application is used?...

Next... Find any "less valuable" data... What can you find on the page itself?
  • Icon ada tangan "STOP" or our teenagers prefer calling it "talk-to-my-hand" sign hahaha
  • Panji-panji negara...
  • "User name"
  • "Password"
  • "Sign In"
Thats it?... We can't really use the listed data for something... Alright... How about, we see the page's source code? Errr... That might be helping us out... But how?
Since I use Mozilla Firefox, go to View>Page Source or simply press CTRL+U keys at a time... The following window will appear...

There are lots of "less valuable" data you could find in there especially HTML Tags... But there is something which I "think" might be used for the activity... As you can see on the image above, I highlighted the area and copy it into clipboard... Then you might guess what I would do next! Obviously...

Yuuup~ That's right~ I googled it... And as you can see, there is a word which really catched my eyes in instant... A word "domino"... But, apakan tue?... Nevermind... Just continue browsing through the page...

Ok... Another "domino" but now it is "Lotus Domino".... Lotus... Macam pernah mendangar... Oh... Now I remembered... "Lotus Symphony", an office application by IBM. But... Does it mean this "Lotus Domino" is also part of IBM's products? Maybe yes... Meybe not... So next step is to directly google "Lotus Domino"... I found out that it is also one of the IBM's products... Other than google it up, I also google for its image... Surprisingly, I encountered that there is a common about this "Lotus Domino" image that I found through Google with the demonstrated page... Apanah?...

It is the icon used on the page or also known as page's "favourite icon"... From there we know that the demonstrated page uses IBM's "Lotus Domino" mail application. Good thing is now we know such application exists and might want to try it out next time...
Other than the icon, I also found the following image:

It looks way much similiar with the demonstrated page and so no doubt about application that is being used by the page...
Now we move on into how bad people uses "less valuable" data for Password Guessing...
I will use "pisbuk" profile page as an example to this demonstration...
Imagine there is this one buajah namanya "Hjh Lintuk"... Ia tedapat pisbuk... Her information is as follows:

For us, we might just think that the information listed on her profile page is just an ordinary info and so we DON'T CARE... But bear in mind that for bad people, it is TOO VALUABLE for them to trigger an activity...
As you can see from the information given on her profile page, it is easy for the bad people to guess her passsword... IF I am the bad people, here is the list of possible passwords I might guess:
  • lintuk107
  • lkuncang
  • 1071962
  • neverold
  • imyouth
  • 987654
  • 00987654
  • l987654k
  • babylintuk
  • babylintuk107
  • 107babylintuk
  • baby107lintuk
  • nyubarang
  • sgnyubarang
  • dan yang sewaktu dengannya...
Can you imagine if one of the passwords listed is actually her valid password?... =) sama-sama tane fikirkan...
So I guess that is it for today, semoga dapat pengajaran bersama serta dapat menimbulkan rasa "alert" dikalangan kitani...
Sekian, wabillahittaufiq walhidayah, wassalam...
Labels:
Subscribe to: Posts (Atom)