In this video, I’m showing you how to sync up your QNAP shares to Amazon Drive. Enjoy!
In this video, I’m showing you how to sync up your QNAP shares to Amazon Drive. Enjoy!
Technology is like anything else that can be used for good or for evil purposes. Many things have dual purposes or even more than just dual purposes, and technology is no exception to this fact. Perhaps, there is an exception to the rule, but my small brain cannot think up one for the moment. Anyhow, there are forces in the world that are trying to use technology for evil purposes. For an example, from nuclear to cyber threats. Nuclear threat has existed for many decades already, and by now most people know what MAD means. In this blog post I’m not going to bother with voicing my opinion on nuclear threat. Instead, I’m going to focus on voicing my opinion on cyber threat.
Lately, we have seen big powers like USA and China accuse each other of cyber warfare. It’s obvious that it’s hard to know who is doing what in term of hacking one another in the cyberspace. Nonetheless, I think I know why cyber threat is a growing concern.
On the surface, before we unravel all the layers of onion, we truly cannot see why there are fusses about cyber security. For some people, they think that cyber threat can be dealt with best cyber security practices and no more than that. Of course, it’s true that cyber security measures such as installing well known antivirus software and firewall are definitely going to help counter most cyber vulnerabilities. Nonetheless, there are other cyber vulnerabilities out there that won’t be eliminated by even the most powerful firewall and antivirus programs. Why? I think there are some well kept or new cyber vulnerabilities that have not been dealt with, because these cyber vulnerabilities are well kept secrets or too new. By using these cyber vulnerabilities and better hacking tools, hackers are able to wreck havocs on the cyber networks of the world.
When we peel more layers of the onion off, we can see that cyber security is very important. How come? In my opinion, it’s about a digital future where money mainly get create in digital form. This is the future trend that our present (the world) is heading for. Of course, if we just rely on cyber networks for communication and not for banking and monetization, then cyber security can only be boiled down to privacy and few other things but not of money matters. Nonetheless, cyber networks as in the Internet can be used for electronic commerce, banking, and the whole nine yards. This means cyber security is needing to be taken seriously, otherwise hackers can just waltz in and erase, steal, change, and do whatever else to the digital money that belong to various money matter institutions such as banking, electronic commerce giants, and whatnot.
I can imagine a scenario that a group of powerful hackers that is sponsored by a powerful organization hacks a cyber system of a country to a point that they erase all of the digital money from this country, leaving this country as a bankrupted nation. Nonetheless, this country can totally create new digital money out of thin air if she wants to, but will this be ethically, legally, and sensibly? Can such an incident be covered up easily? After all, we’re living in a globalized world, and transactions are having been done globally all the time; something like this if to rain upon a country will not be easily covered up.
This is why I think cyber security issues are so important nowadays. Without proper measures to protect cyber networks, the vulnerable Internet can gradually weaken the trust of digital money transactions, leaving countries and everyday people seek out the traditional means of doing transactions. Perhaps, this is why we’re seeing the prevalence of traditional transactions today. Cash is one good example of traditional transactions.
When I’m hearing how one country is having difficulty in protecting a state secret from being leaked out through the cyber networks, I think it’s absurd that such a country is connecting her secret networks to the Internet in the first place. I think each country should keep her state secrets on an Intranet that won’t be connected to the regular Internet. Furthermore, such a country needs to provide physical protections to her Intranet, because when hacking cannot be done remotely someone ought to waltz into such a network physically so the hacking can be done eventually. For an example, stealing state secrets with the usage of a thumb drive (USB devices or similar devices).
In summary, I think the fusses about cyber security threat are real. This is why we are hearing countries complain about being victims to hack attacks and whatnot. Corporations are also experiencing cyber security issues, because corporate espionage can be done through cyber networks with ease. Whenever an entity is connecting to the Internet and it doesn’t matter what type of entity that is, cyber security issues become real just like any other important issue that matters. Of course, if there is a day that we do not rely on the Internet anymore and money transactions do not take place in the Internet, then cyber threat will not be a threat of anything but only a historical fact.
Personal Note: The advance of encryption is also important, because encryption can be incorporated into various network tools to secure the Internet transactions. With strong encryption, it’s harder for hackers to decrypt the Internet transactions into plain text, thus preventing important information from being leaked.
Some rights reserved by o5com on Flickr.com -- image licensed by Creative Commons Attribution 2.0 Generic
Tor has caught my eyes recently. It seems to me Tor is great for anonymizing a user, but it’s not so great in protecting privacy unless the user is serious enough and encrypting everything he or she has to send through Tor. Anyhow, I’m new to Tor, and so what I write about Tor in this blog post might need to be revised again in the near future. Suggestions for corrections are welcome! As always, I dabble on!
Let work backward a little! Why Tor is great at anonymizing and not protecting privacy? Well, Tor is known for being great at obscuring the identity of the data source. Did I say identity? It’s all about hiding (i.e., anonymizing) the IP addresses of the Internet users. Here is an example, let say you want to visit a website, but you do not want to reveal an IP address of yours to this website, Tor is perfectly well-suited in hiding your IP address and so a website will not be able to know that it’s you who have visited it.
Tor is so able in obscuring an IP address for Tor has not a central router where every connection’s identity is made known. Yes, I know it’s hard to understand what I mean by the previous sentence, but it means Tor relies on random folks like you to run Tor exit relay or non-exit relay (i.e., another meaning — Tor router). The magic is happening when each Tor exit relay or non-exit relay sends the data onto the next destination.
Did I say magic? Tor relay, especially the non-exit relay, encrypts the source and the destination IP addresses before it forwards the data onto the next Tor relay. I do not know if Tor is going to encrypt the meat of the data (i.e., the whole enchilada of the content of the data) between the transit also, but it seems that this isn’t the case (please correct me on this if I’m wrong on this). Anyhow, since the source and destination IP addresses are going to be encrypted over and over again through each Tor relay, therefore even next in line Tor relay (i.e., the next Tor relay to be received your data from the previous Tor relay) can only know about a previous Tor relay’s IP address and not the source or the destination IP address. To make things even more illusive, Tor client will always choose a different path within Tor network each time it requests or send data to a destination. This makes the matter worse for whoever or whatever that tries to trace back to a source IP address. I think software that specialize in analyzing web traffic might find Tor specifically unfriendly.
OK, we got the anonymizing part down, but why Tor isn’t so great in protecting privacy? If I’ve not misunderstood from several online sources that I read on Tor, it seems to be that each Tor relay has the ability to read and log the transit data. As the data reach a Tor exit relay, the data retain the original forms. From here the data exit a Tor exit relay and entering third party ISP network (i.e., the Internet Service Provider which provides service to the destination — example, an ISP which provides bandwidth to a website that you’re visiting). The third party ISP network has to be the one which passes on the data to the final destination (e.g., a website, an online service, a social network). Since Tor relay isn’t actually encrypting the data, therefore each Tor relay is capable in reading and logging the source’s data. This means privacy isn’t actually being protected by using Tor.
Nonetheless, many users can protect their privacy by using Tor! How? They only pass their data through encrypted protocol. An example is that a user use Tor to browse the web, but he or she relies on HTTPS protocol to encrypt his or her web data. So, in a way if a Tor user can encrypt his or her data before send the data onto Tor network (i.e., Tor relays), his or her privacy might be protected from prying eyes.
To really protect one’s privacy and using Tor the right way, Tor suggests users to use Tor Bundle Browser download. The heavily configured, latest Firefox browser (i.e., heavily configured by Tor) which comes with Tor Bundle Browser download will always attempt to pass the data through an encrypted protocol (I might be wrong on this). Also, Tor’s own heavily Firefox modified browser would not come with plugins that might reveal a user’s IP address, and it might actually block a user from installing such plugin in the first place (I might be wrong on this).
Can Tor be vulnerable to hack? According to blog.torproject.org’s Rumors of Tor’s compromise are greatly exaggerated article, hackers might be able to hack into Tor relays (i.e., known Tor relays), and then somehow congest the not-so easy to hack Tor relays with some sophisticated hacks so the traffics/data of the congested Tor relays will have to go through the Tor relays that the hackers have hacked into. This way, the hackers can actually log and read the data of the congested Tor relays since such data must go through the compromised Tor relays. As how the article above has pointed out, it might take huge amount of computing resources to congest so many known Tor relays. So, it might not be something that the average hackers may want to try.
It seems Tor can be used by all types of people. Good people might want to use Tor to really protect their anonymity for good reasons, but bad people might want to use Tor for hiding their real identities so they can do very bad things. Here is one example how bad people might use Tor to hide their real identities so their really nasty, dirty laundries won’t hang out in the open; they might use Tor for viewing child porn videos online.
Tor can be speeded up for most Tor users if there are many more Tor users who actually host their own Tor relays. I suspect many more Tor users who only use Tor as client. These folks simply want to hide their identities from whatever web destinations and various ISPs (e.g., watching Hulu videos that are not made viewing available for certain people who have their IP addresses belong to the countries that are being blocked by Hulu) . Nonetheless, few Tor users go on hosting Tor relays out of their altruistic nature.
I might be wrong, but there are four ways a Tor user can set up his or her own Tor relay or relays. The first way would be the hosting of Tor middle relays (also known as Tor non-exit relay). Tor middle relays are somewhat safe to host, because the middle relays cannot appear as the source of the data. On the other hand, when a Tor user hosts Tor exit relays, he or she might be liable for the misuses of their Tor exit relays by some random Tor users, because Tor exit relays will always appear as the source of the data. One example of a misuse of Tor exit relays would be someone might use Tor exit relays to view child porn. The third and the fourth types of Tor relays are Tor private and public bridges. It seems to me that Tor private bridges are only made known to the people who might know each other personally, because Tor private bridges’ information would not be distributed openly. On the other hand, the Tor public bridges are made known to Bridge Authority. According to blog.torproject.org, Bridge Authority is a special relay which collects all bridges’ IP addresses that pass through it. If I’m not wrong, int a nutshell, Tor private and public bridges help Tor users to circumvent the ISPs that are blocking Tor’s normal relays (i.e., Tor middle and exit relays), consequently allowing these users to use Tor normally. Still, ISPs can also block known Tor public bridges, therefore Tor private bridges might be the best hope for Tor users who want to truly circumvent ISPs’ Tor blocking measure.
Using Tor is easy as downloading Tor Browser Bundle for Mac or Windows or Linux, extract the Tor Browser Bundle to a known location on the computer, and then go to this location to fire up Start Tor Browser (i.e., essentially a heavily modified latest version of Firefox browser). You might also notice when you fire up Start Tor Browser, a control panel known as Vidalia would also pop up. Vidalia control panel allows Tor users to configure how they want to use Tor. From Vidalia control panel, Tor users can configure Tor to be just a client to hosting a Tor relay. Some users might even configure Vidalia to have Tor hosts hidden services. What are Tor hidden services and why some people might want to host them? Well, Tor hidden services are just like any other normal computing/web related services, and these might be websites, game servers, and so on. What makes Tor hidden services different than the rest is that Tor hidden services will not reveal the IP addresses of the Tor users who host Tor hidden services. This might appeal to some Tor users who want to get their services or messages out to the public but stay anonymous.
In conclusion, Tor is fascinating to me since it’s a tool that can be excellent in doing what it does best, that is to anonymize a user’s IP address. Unfortunately, Tor cannot be used solely for protecting one’s privacy. Therefore, many people encrypt their data before they pass such data onto Tor network so their privacy can be protected better. Tor isn’t hacker-proof, because hackers might know how to congest Tor network and compromise known Tor relays to do their dirty deeds. Few Tor users might have been using Tor for malicious purposes such as anonymizing them from persecution of child porn and the likes. These users might make the many Tor users who use Tor for legitimate purposes look really bad in the eyes of non-Tor users. Tor true fans might even go as far as to host a Tor relay, because setting up one is not that hard! All in all, Tor is pretty nifty, crafty and useful, but it can also be malicious as well!
Sources:
Some rights reserved by gcg2009 (Creative Commons License - Attribution 2.0 Generic) from Flickr.com
Tips to how to secure your router and network in 2012 and beyond. These tips are pragmatic, and so it’s most likely that you may be able to apply these tips onto most routers and network setups. Unfortunately, even though these tips are pragmatic in details, sometimes the tips here won’t be any useful for you if you have older routers or your network setups are too unique and special. Let us get on with the tips.
In no particular order, the tips to secure your routers and networks are:
Through months of preparation, several largest web players in the known web will turn on their IPV6 networks around 8:00 p.m. eastern standard time or 5 p.m. pacific time today. They will feed large portions of data of their web services through IPv6 networks to test and see how the new web protocol will hold up, because IPv6 has never been tested and launched in a major way before. I figure more than enough people may experience IPv6 disruption as they cannot surf to their favorite websites such as Yahoo.
I don’t think the problems will be the faults of these gigantic web services (i.e., Yahoo, Google, Facebook, etc…), but the problems are the faults of the web visitors. Old routers and weird computer configuration (i.e., network customization) may prevent them from surfing to major IPv6 web destinations. Nonetheless, this is only one day test, I think. It should not be a big deal for short time being, but it’s really a big deal as more companies are going to turn on their IPv6 networks or abandon IPv4 altogether in the long run.
Just to be honest, I can be totally wrong since major web services are going to go dual stack. Dual stack means companies will implement both IPv4 and IPv6 at the same time, and so people should be able to visit these major web services in anyway. Well, at least I might be wrong in the short term, but everyone knows that applying dual stack isn’t cheap. Probably more headaches than necessary when huge companies have to implement dual stack, I think. Anyhow, today is the day to see how IPv6 will play out in large scale.
Usually, if you don’t mess around with your Windows 7’s network setting much, then IPv6 should be enabled by default. Now, if you had IPv6 disabled sometimes ago, then you should reenable it. How to do that? Go to Control Panel >> Network and Internet >> Network and Sharing Center, and then right click on your network adapter, choose Properties (i.e., if my memory serves me well), and then make sure a check mark is inside the box next to Internet Protocol Version 6 (TCP/IPv6). Click OK and you should be set.
If you still have a problem of making IPv6 works for you even though your computer has been enabled with IPv6, then you may want to scrutinize your router for issues. You can also call up your ISP to help you figure out your IPv6 problem. If your ISP is the one who had provided you the router in the first place, then you can always ask them to upgrade you to a newer router that can support IPv6. I don’t think a good ISP will charge you a fee for an up-to-date router, but I have been wrong before! Anyhow, good luck in playing with IPv6 today! So, don’t forget to turn on your computer around the time of the launch of IPv6 and try to visit major websites such as Yahoo to test out your network’s IPv6 compatibility. Good luck!
Source: http://news.cnet.com/8301-30685_3-20069841-264/ipv6-day-kicking-the-tires-of-a-next-gen-net-today/, http://www.networkworld.com/news/tech/2007/090507-tech-uodate.html
You must be logged in to post a comment.