Tuesday, November 27, 2007

Project 3





Watching TV series isn’t my thing. I can’t believe that I didn’t fall asleep while watching this. Maybe it was because we were allowed to critique the parts in the video that were related with computers. It is funny seeing how some video makers exaggerate what technology can do (in that time).

There are some parts of the video which I found interesting. First of which is the part when they have already have the victim’s laptop and they were trying to view the contents of that laptop. First of all, the video was made on 2002, operating systems already implemented “User Logins”. Computer users are required to give a password in order to use the computer, unless it was set to none, but if they said that the computer contained important information, why wouldn’t the owner put a password? Assuming that the owner set a password, it would be hard for them to guess that password or even crack it because they only would have 1 input box for the password and no place where they can type in commands for them to crack in the system. It may still be possible if they have tried several passwords (brute force).

When they opened the laptop and looked at the files, they found that a file was accessed after the victim was killed. For me, the file access timestamp is not that reliable because you can “cheat” it. You can do this by changing the system time and date, then that date and time will be the one used by the system for the timestamp.

The next thing that I found interesting was when the IT girl said that passwords can be easily cracked. My first reaction was, I don’t think so. Not all passwords can be cracked easily, that’s why encryption, and hashing were made so that hackers can’t read passwords in plain text. But if she was referring to the password protection of files like Microsoft Office Documents (*.doc), yes it can be easily cracked, there are a lot of software out there that does this for you and I have tried a couple of them.

It was also mentioned in the movie that deleted files can be retrieved. This thing is true, files are a linked list, and we know how a linked list works. When a file is deleted, the address of the head of the file deleted is forgotten so that the file will be “lost”. If you’ll be able to find the head, you’ll be able to access the deleted file, that is, if the user of the computer isn’t fond of saving big amounts of data all the time which may have overwritten parts of “lost/deleted” files. But this can be said false if the user of the computer used a file shredder.

Another interesting part was when the IT expert discussed how the bad guy knew what the victim was doing in her computer. The IT expert mentioned that it was because of a worm that she opened from her email. At first, I felt that this idea was preposterous because I haven’t encountered a virus that bad, not even something close to that, and second, if that kind of virus was made, and it spread to billions of computers, imagine how much computers the hackers would be able to watch, but for what? I bet that a big percentage of the ones that they can access wont give helpful information. But if the virus was made specifically for her, it can be possible. There are a lot of programs wherein you can watch/control remote computers like VNC and NetOP, if a program can do it, why not a virus? A virus is still a program.

Next thing that they mentioned was, there were not much laws that they can use against the bad guy. I believe that this is true, specially here in the Philippines.

Another thing that they said was they could trace email through the header of the email. This is something that is true, when you read the header of emails, you will see there the IP address of the sender, IP of the recipient, and also the servers & routers where the email passed in order to get from the source to the destination. This thing can still be cheated IF a machine was programmed to do so, whenever a hop is made, that machine adds its identity in the header, that machine if maliciously programmed, can change everything in the header so that it will be impossible to trace the source, but things like these can be easily detected because of discrepancies in the “hops”, time, etc.

It was also mentioned that a deleted email can still be read, I think that it depends on how the system is implemented. If it was really deleted from the disk (cut the link to the head of file), there is a high chance that the email may have been overwritten specially if that server has a lot of users (incoming of mail may have overwritten the deleted mail) but there is still a chance that the mail is still preserved in the disk. But if she was referring to Delete and send to Trash, of course it can be easily found.

Lastly, a company that steals information. When they showed the office of that company, I didn’t believe it at all. First of all, before you can put up a company, the government should approve it, do you think that the government would allow something like that? I think that a lot of underground things like this happens but not like how they showed it in the video. Also, I believe that the US government has their own group of information stealers.

All in all, I think that that episode was well thought of.






No comments: