Saturday, 31 December 2011

Malaysia Cyber Security Software

I couldn't agree more that Malaysia need to have its own cyber security software. In fact, it has become a norm in the US and elsewhere in the west, a computer security expert producing their own tool.

Well, you can start it as a hobby and it depends on how gud is your software for commercialization.

If you need to make it really secured, then the overall architecture must be entirely developed. From the language itself, syntax, source code, compiler and etc.

There is lot of effort required to realize this dream...perhaps start with an operating system first!...:).

Anyway, Happy New Year 2012!

For background info, please read. 

PS: I bought this book many years ago and it its gud for beginner and seasoned programmer.

Sunday, 25 December 2011

Want to learn web hacking? Anonymous?

Before you want to learn about web hacking, it is important to gain the knowledge of the web technology first. In web development there are few things that you must consider such as follows.
1) Web server – Apache or IIS
2) Domain name
3) Web hosting/IP
4) Web programming and scripting – HTML, CSS, PHP, Perl, Ruby, Java Script, CSS, XML and all .Net framework
5) Database - MySQL
6) Network, FTP, URL, HTTP and SSL
7) Multimedia files – JPEG, GIF, PNG and etc

These are the technical knowledge you must gain before involving yourself as web administrator or developer. But bear in mind technology is evolving fast and perhaps there could be some new technologies around as we move from Web 2.0 to Web 3.0.

Now, the same knowledge can be use for hacking though. By writing this posting it is by no means to promote web hacking but to educate people on how to defend your system. It depends on the individual to use their knowledge for good or bad.

1) Hacking web server – nothing is perfect in this world. So, any technologies developed could inherently have some kind of vulnerabilities. E.g. buffer overflows.
2) Web application – cross side scripting.
3) Password cracking – weak authentication.
4) SQL injection – to gain access.
5) Session hijacking – spoofing or man in the middle attack.

Just YouTube 1-5 you’ll get the information you need.

Saturday, 24 December 2011

Understanding the Operating System is a must in Digital Forensics

Usually digital forensics trainer will be mentioning about computer anatomy in their lecture. This is to ensure the computer bits and pieces are well described to the students.

It is common for the computer exhibit to be disassembled during the preservation phase. This is required in order to image/duplicate the hard disk evidence. Then the duplicated hard disk digital evidence is analyzed for any relevant info/data of the case. With the above process, it shows that the understanding of computer anatomy is important.

Equally important is the knowledge of the operating system at kernel level. This is essential for a digital forensics analyst to perform well. The operation relationship between computer hardware and software can be visualized better.

The operating system structure is divided into four areas as follows.
1)Device management - to handle the access to the input and output devices required by the computer applications or processes.
2)Memory management - apart from the operating system itself, other applications or processes are sharing the memory and it is the task of the operating system to manage/control the allocation.
3)File system management - the processed information must be stored and organized in a proper manner.
4)Process management - managing all processes accordingly by providing resources required. In a multitasking environment, many processes or applications can run at the same time.

Thursday, 22 December 2011

Digital Forensics in Wearable Computing

With the advent of wearable computing, digital forensics community must be able to prepare themselves on how to conduct the analysis on this technology. It is anticipated these wearable devices will be mainly embedded microcomputer with flash memory (the hard disk expansion is coming to an end and flash storage is up-and-coming). Thus, the digital forensics/data recovery scope is entrenched into the small-scale devices.

As such, the work conducted by Breeuwsma et al. (including my friend Mr. Klaver) [1] can be a pretty good reference because they have explored the embedded devices storage for data recovery analysis. It looked at the low level hexadecimal data of forty-five USB (universal serial bus) models and also mobile phones.

Before starting the actual analysis, they studied on the flash technology on its physical and logical characteristics. Then the data acquisition is performed using several methods such as flasher tool, JTAG port (usually used for testing/debugging) and interestingly removing the chip itself. Upon completing the data acquisition, the file system analysis is done on the USB and mobile phones (very technical) in order to extract the relevant data/digital evidence.

But the most intriguing part is the semi invasive data acquisition. Please bear in mind that some jurisdictions do not allow the analysis to be disruptive in nature (e.g. not like blood sample analysis). This means the exhibit must be in working condition after the analysis is completed.

Most probably, it is acceptable if the relevant data is obtained but will be a big issue if nothing is found instead. The defense side might contend the exhibit is destroyed and there is no further evidence can be gathered.

But the removal of the chip and imaging it could be the best possible method to extract the relevant data (just like the typical hard disk imaging process). Perhaps this is the risk that the digital forensics community needs to take and hopefully the method can be improved further.

[1] M.Breeuwsma, Jongh, C.Klaver, R.van der Knijff and M.Roeloffs. “Forensic Data Recovery from Flash Memory.” The Small Scale Digital Device Forensics Journal, vol. 1, no. 1, June 2007.

Tuesday, 20 December 2011

Wearable Computer

We had so much of fun with Apple’s product. It is not merely a computing device but include some kind of new experience to the user. E.g. User can enlarge the image instantaneous by only using the fingers. It was awesome when it is being introduced in the beginning.

But computer users are worried when Steve is no longer around. Are they going to experience the same thing in the future? The same fun they had with iPhone, iPad, MacBook and etc.

Have you heard about wearable computer?

For more info, please read this link.

Internet scams - Digital forensics analyst is not a magician

It is quite worrying to read the news about internet scam cases. Nowadays, a lot of people become victims even though the government has alerted them through media advisories and what not.

At first they never thought of being conned until something amiss happened. Then they will chase the police to solve their case and eagerly wanting their money back.

Sorry, it is not that easy…ok. There is so much work to do in the cyber world investigation and I have to say this…digital forensics analyst is not a magician.

So people, please be cautious...don't be greedy and follow your lust. And to those who are aware on this issue…advice your family members because the internet scams look so professional. It helps!

For background story, please read this link.

Friday, 16 December 2011

Mobile Phone Based Cases – The Death of Digital Forensics

Mobile phone based cases are increasing every each year not only in Malaysia but also in other countries such as in Australia and the USA. This trend could be a basis for a lot of research done in this field [1]. The analysis is tricky because mobile phones are manufactured proprietary (segregated and secured data area) in nature and this will hamper digital forensics analysis altogether.

The production of a new mobile phone model is fast. There would be a new mobile phone model in an average of six months whereas the development of mobile phone forensics tools is always lagging behind. This has created a huge challenge in digital forensics and some said could be the death of digital forensics because the analysis is almost impossible to be conducted (cloud computing is another issue).

National Institute of Standards and Technology (NIST) in the Unites States of America has tested several computer and mobile phone forensics software [2, 3]. The aim is to provide some kind of assurance of the software performance. There is a necessity to observe the standard of the mobile phone forensics software because the analysis is extremely technical. The standard is to ensure the analysis output is comprehensive and trustable; must be forensically sound.

The mobile phone forensics software available in the market does not provide a total solution. The researchers are putting interest to manually analyze (sometimes reverse engineering) the mobile phone [4]. They have gone into hardware analysis (hardware forensics) and this has given some new dimensions of the research field. It has given some hope for the practitioners as well because they are able to follow the proven methodology [5].

What about iPhone 4s? mmmmm…..

[1] K.Jonkers. “The forensic use of mobile phone flasher boxes.” The Journal Digital Investigation, 2010.
[2] “Test Environment and Procedures for Testing EnCase 3.20.” The National Institute of Standards and Technology, 2004.
[3] W.Jansen and R.Ayers. “Cell Phone Forensic Tools: An Overview and Analysis.” The National Institute of Standards and Technology Special Publication, 104 pages, 2007.
[4] B.Mellars. “Forensic examination of mobile phones.” The Journal of Digital Investigation, pp.266-272, 2004.
[5] S.Y.Willassen, Norwegian University of Science and Technology. Forensic analysis of mobile phone internal memory. Internet:, [Feb. 12, 2011].

Tuesday, 13 December 2011

Google Rocks

We have lost Steve Jobs and people mourn on his death till now. But we still have living geniuses around. They are Sergey and Larry (you must watch their data center security video below).

To start with, I can’t just imagine life without Google. Sergey and Larry did so much for us in the ICT revolution. With YouTube…you can watch some of the best lectures by Professors from MIT, industry experts, tech talks and etc.

I want to share a book on them titled Google Speaks, Secrets of the World’s Greatest Entrepreneurs, Segey Brin and Larry Page (you should read it). With this information, you could at least get some ideas on how they are brought up-the knowledge, family relationships and the process of Google success that matter most.

Sergey Brin.
Russian Roots.
American Passage.
Educating Sergey.
The Road to Stanford and many more…

The Collective Wisdom of Silicon Valley.
He’s Been the Rock; They’ve Been the Rockets.
A Man of Influence and many more…

The Ultimate Search Engine.
Not Inventing, but Improving Upon.
Look Around You for Inspiration and many more...

A Blessed Blunder.
From Noun to Verb.
Playing with the Name and many more…

Yahoo! Drew the Map.
The Requisite Garage.
The Venture Capitalists.
The Elusive Business Plan and many more…

“We’re Different”.
The Dutch Auction.
Buffett on Google and many more...

Make It Useful.
The Many Ways to Google.
Make It Big and many more...

New Management Style.
Ten Things Google Has Found to Be True.
Riding the Long Tail and many more…

Conflicts and Controversy.
Click Fraud.
Avoiding—or Not Avoiding—Pornography and many more...

GOOD CITIZEN GOOGLE.—the Philanthropic Part.
Google and the Environment.
Renewable Energy Less than Coal and many more...

Artificial Intelligence.
Onward to Web 3.0.
Cloud Computing.
YouTube and many more...

Google, Microsoft, and the Internet Civil War.
The Battle of Yahoo!
Gates on Google and many more...

Lessons from Larry and Sergey.
The Traits of Those Who Change the World.
Timeline and many more good information...

To end this, I would like to share on their Google data center security. It is really awesome.
- Physical security
- Protection of the data
- Reliability of operations...the best part is how they manage their hard disk…

Another ICT legend.

Saturday, 10 December 2011

Hacking Arduino - 10 years ago

10 years ago...I was really3 interested in embedded.

C programming, assembly and what not.

Of course it wasn't Arduino...

I had designed my own simple embedded circuit and was capable of doing what Arduino does today.

The MCU is the most important component.

Isn't it funny?

However mine is without USB...
but it was 10 years ago...

Hacking Arduino - 2011

Learning from my son A-AIM on how to hack ARDUINO!!!

Hardware hacking...

This is a gud hobby for your children...

RM1mil lost to online lover

This kind of case is not new...but still happening despite of all the awareness campaigns...

I'm quite sad...

Should we blame technology?

IT folk upset over draft Bill

The effort in getting a certification is almost the same with academic qualification. Of course the latter is going to take longer time and better than a certification. And, with both, you are more recognized for your knowledge in the field and certainly good for those working in the CNII sectors.

It depends to which certification you intend to obtain and some are quite difficult to attain. Nevertheless, in today’s world you will need both to gain reputation in the industry and academia.

Some background information, please read this.
Isn’t that innovation will come in one way or another? Is certification an issue? There are so many variables…to consider when innovation is concerned.

Thursday, 8 December 2011


Some say it is the deadliest...once had an experience with computer virus...really3 annoying!

Tuesday, 6 December 2011

Ten Information Warfare Trends

Knapp et al. [1] wrote on the cyber warfare trends. He said society is relying on the IT and exposed to diversity of potential attacks. This notation is true and his research work proposed an information warfare framework that contains the ten trends to promote a greater understanding of the growing cyber threat facing the commercial environment.

Information Warfare Characteristic
1. Computer related security incidents reported to CERT/CC - incidents increase yearly
2. Entry barriers for cyber attackers - at present low barrier
3. Forms of cyber-weapons - high availability
4. Nations with information warfare programs - most probably more than 30 nations
5. Economic dependency on information infrastructures - heavy dependency
6. Primary target in information conflicts - increasingly private targets
7. Cyber technology use in perception management - ubiquitous, global multi-media
8. Cyber technology use in corporate espionage - substantial & increasing
9. Cyber technology use in organized crime - substantial & increasing
10. Cyber technology use against individuals & small businesses - substantial & increasing

From the above facts, this is really alarming even though we have put some much effort in mitigating it.

Through my research…I found that we are so vulnerable!
There are so many incidences that I could cite…and there is no instance the trend is going to decrease.

[1] K.J.Knapp and W.R.Boulton. “Ten Information Warfare Trends,” in Cyber Warfare and Cyber Terrorism, L.J.Janczewski and M. Colarik, Hershey, PA: Information Science Reference, 2008, pp. 17-25.

Thursday, 1 December 2011

Cyberwar and 007

Are we ready?

Read this simple article

and ask yourself...