author: aman
Blog I - Part I - Day 01
Hey guys, I was just sitting an thinking to what else can be initiated in CEV, as an attempt to show my college people something “Cutting-Edge” and that can actually share with the undergrads here, to what is called as “The Road not taken!”
With that I came up with a thought to start a series of micro-blogs on “Why?” and “What in?” in Security? for the next 20-Days.
In this micro-blog
- What am I talking about?
- Why am I talking about it?
- What the world is upto against such __ ?
- Basic Challenges faced
- Unimportant sounding complete terms
- Motivation behind
What am I talking about?
Well, whenever a system does whatever it shouldn’t directs towards a clue that a system is not safe/secure. The smaller and mere the words they look the bigger the journey they carry. Imagine your system should not store your passwords in a file stored on the desktop, and it is! Find it scary y’all, right!
A system is secure whenever it withdraws itself from doing harms executed intentionally by an attacker, and safe when a system says no to an unintentional harm caused. These harms could be anything, crashing of systems where it shouldn’t, leaking information, leaving traces for attackers, deadlocks, and most importantly it is not reaching a state “it should reach!” (that mean a system should reach a desired state without causing any harmful-trace behind).
In further text I’ll try to explain the keep my focus on so-called safety and security of the System to be general.
Why am I talking about it?
Recently, one of my one-year Junior teammate, Priyansh, reached out to me asking about the BACKDOORS, which very vaguely means whenver an attacker is able to find a way to bypass the normal authentication or login process, and gets an access to internal data!
I read additional information around to sudden-struck about an interesting case, when Edward Snowden, an Ethical Hacker and a CIA employee, turned into a whistleblower to National Security of Agency(NSA), revealing a highly classified information stored by United States! “They wanted me gone! - Edward Snowden”, after revealing about the greatest information burglary of history, where NSA secretly “backdoored” data of SKYPE calls of its citizens.
What could you do with that now? How if you are successful in stopping the backdoors, but find that, this is the very place SAFETY and SECURITY of a software/system/software-system comes in! Now, go back to the definition of SECURITY & SAFETY and relate how crucial it is!
I am not talking about a few benign functional bugs, but super sensitive SECURITY BUGS, which can even allow the attackers to takeover your machine. A few bugs, which cost “he US in 2018 is approximately $2.84 trillion” in an year.[1]
Excited??? A lot of technical stuff is coming up, so gear up. Though I’ll take this coaster a bit slowly.
And since, my mind always boggles about applications and new technology, I’ll will take practical cases of my beloved tech, The BLOCKCHAIN also, due to a reason, as many wont attend the blog, until a “BUZZWORD” comes in
I will pickup examples of TENDERMINT(POS consensus), ETHEREUM, the techniques used to cover this up, and the special “Road not taken stuff”. I will tell about the motivation behind this stuff, in my very next part of this series. The series will also cover that the researchers has been doing since decades, and what has not gone old-school till date.