Monday 8 April 2013

Mobiles operating systems

Mobile operating systems on the top in the market is Android and IOS
IOS is the operating system of cisco internetworking operating system but Apple also want to take the same name to start the company os so they took this name from Cisco routers and switches
IOS is totally programmed in C++ and C and it is more powerfull as compare to android but it has limitations that's why people dislike this OS and go for android because Android gives people limitless features and Stability that's why it is more amazing and fun to use Android and android is totally designed in C and C++ some of it's features are designed in Java

System software and Application software

Difference between System software and Application software is very simple but some people don't understand this simple and amazing concept 

System Software 

                                   System software is the heart of the computer system software is a large set of instructions and softwares combine to make a system software in which whole system perform operations and the best examples of system software is OS operating system windows xp linux Unix these all are operating system use to operate the whole computer Mostly system software is programmed in C or C++

Application software

                                        Aplication software is totally different from system software it's a kind of software which actually runs inside the system software a small computer app or mobile app for example computer apps like microsoft word excel powerpoint notepad these all are application softwares which we run in system software mostly application softwares are developed in C or Java these days

Software engineering IT

Computer information technology is not just simple coding and programming some people think it's just coding and all work is just done by programming it's totally wrong concept programming is the base of IT but IT have alot of fields like Artificial intelligence networking algorithms and data structures but don't forget the main part and the core of every software designing and software engineering is programming other topics like artificial intelligence human computer interaction information coding theory computer software have 2 types
1.System software
2.Application software
mostly people concentrate on application software because it's easy and fun to develop amazing computer and mobile apps but system software is the most important part and core of the computer system 

Sunday 7 April 2013

Movie On hacking


Untraceable
Untraceableposter08.jpg
Theatrical release poster
Directed by Gregory Hoblit
Produced by Steven Pearl
Andy Cohen
Tom Rosenberg

Gary Lucchesi

Hawk Koch
Screenplay by Robert Fyvolent
Mark Brinker
Allison Burnett
Story by Robert Fyvolent
Mark Brinker
Starring Diane Lane
Colin Hanks

Billy Burke

Joseph Cross

Mary Beth Hurt
Music by Christopher Young
Cinematography Anastas Michos
Editing by David Rosenbloom
Studio Lakeshore Entertainment
Distributed by Screen Gems
Release date(s) January 25, 2008
Running time 100 minutes
Country United States
Language English
Budget $35 million[1]
Box office $52,659,594[1]
Untraceable is a 2008 American thriller film starring Diane Lane, Colin Hanks, Billy Burke, and Joseph Cross. It was directed by Gregory Hoblit and distributed by Screen Gems.
Set in Portland, Oregon, the film involves a serial killer who rigs contraptions that kill his victims based on the number of hits received by a website ("www.killwithme.com") that features a live streaming video of the victim. Millions of people log on, hastening the victims' deaths. Diane Lane plays the protagonist, a cybercop named Jennifer Marsh, who pieces the mystery together at great risk to herself and her family.

Laptop Addiction


Apple iphone IOS Based on LinUX



CLI mode and World With IT



Mobile hacking


Phone hacking is the practice of intercepting telephone calls or voicemail messages, often by accessing the voicemail messages of a mobile phone without the consent of the phone's owner. The term came to prominence during the News International phone hacking scandal, in which it was alleged (and in some cases proved in court) that the British tabloid newspaper the News of the World had been involved in the interception of voicemail messages of the British Royal Family, other public figures, and the murdered schoolgirl Milly Dowler.[1]

Techniques

Voicemail

Phone hacking often involves unauthorized access to the voicemail of a mobile phone.
Contrary to what to their name suggests, scandals such as the News International phone hacking scandal have little to do with hacking phones, but rather involve unauthorised remote access to voicemail systems. This is largely possible through weaknesses in the implementations of these systems by telcos.[3]
Since the early days of mobile phone technology, service providers have allowed access to the associated voicemail messages via a landline telephone, requiring the entry of a Personal Identification Number (PIN) to listen to the messages. Many mobile phone companies used a system that set a well-known four digit default PIN that was rarely changed by the phone's owner, making it easy for an adversary who knew both the phone number and the service provider to access the voicemail messages associated with that service.[4] Even where the default PIN was not known, social engineering could be used to reset the voicemail PIN code to the default, by impersonating the owner of the phone during a call to a call centre.[5][6] Many people also use weak PINs that are easily guessable; to prevent subscribers from choosing PINs with weak password strength, some mobile phone companies now disallow the use of consecutive or repeat digits in voicemail PIN codes.[7]
During the mid-2000s, it was discovered that calls emanating from the handset registered against a voicemail account were put straight through to voicemail without the caller being challenged to enter a PIN. An attacker could therefore use caller ID spoofing to impersonate a victim's handset phone number and thereby gain unauthorized access to the associated voicemail without a PIN.[8][9]
Following controversies over phone hacking and criticizm that was levelled at mobile service providers who allowed access to voicemail without a PIN, many mobile phone companies have strengthened the default security of their systems so that remote access to voicemail messages and other phone settings can no longer be achieved via a default PIN.[4] For example, AT&T announced in August 2011 that all new wireless subscribers would be required to enter a PIN when checking their voicemail, even when checking it from their own phones, while T-Mobile stated that it "recommends that you turn on your voice mail password for added security, but as always, the choice is yours."[10]

Handsets

An analysis of PIN codes suggested that ten numbers represent 15% of all iPhone passcodes, with "1234" and "0000" being the most common, with years of birth and graduation also being common choices.[11] Four-digit PINs are significantly easier to brute force than passwords, allowing someone with physical access to a handset to feasibly determine the PIN in a short time.[12] Enterprises may therefore implement policies enforcing strong passwords through mobile phone management systems.[13]
Mobile phone microphones can be activated remotely, without any need for physical access.[14][15][16][17][18][19] This "roving bug" feature has been used by law enforcement agencies and intelligence services to listen in on nearby conversations.[20]
Other techniques for phone hacking include tricking a mobile phone user into downloading malware which monitors activity on the phone, or bluesnarfing, which is unauthorized access to a phone via Bluetooth.[6][21]

Other

There are also flaws in the implementation of the GSM encryption algorithm that allow passive interception.[22] The equipment needed is available to government agencies or can be built from freely available parts.[23]
In December 2011, German researcher Karsten Nohl revealed that it was possible to hack into mobile phone voice and text messages on many networks with free decryption software available on the Internet. He blamed the mobile phone companies for relying on outdated encryption techniques in the 2G system, and said that the problem could be fixed very easily.[24]

Legality

Phone hacking is a form of surveillance, and is illegal in many countries unless it is carried out as lawful interception by a government agency. In the News International phone hacking scandal, private investigator Glenn Mulcaire was found to have violated the Regulation of Investigatory Powers Act 2000. He was sentenced to six months in prison in January 2007.[25] Renewed controversy over the phone hacking claims led to the closure of the News of the World in July 2011.[26]
In December 2010, the Truth in Caller ID Act was signed into United States law, making it illegal "to cause any caller identification service to knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value."[27]

Linux Distribution

The following distributions are available for free (without cost):

Mobile Security

Mobile security or mobile phone security has become increasingly important in mobile computing. It is of particular concern as it relates to the security of personal information now stored on smartphones.
More and more users and businesses use smartphones as communication tools but also as a means of planning and organizing their work and private life. Within companies, these technologies are causing profound changes in the organization of information systems and therefore they have become the source of new risks. Indeed, smartphones collect and compile an increasing amount of sensitive information to which access must be controlled to protect the privacy of the user and the intellectual property of the company.
All smartphones, as computers, are preferred targets of attacks. These attacks exploit weaknesses related to smartphones that can come from means of communication like SMS, MMS, wifi networks, and GSM. There are also attacks that exploit software vulnerabilities from both the web browser and operating system. Finally, there are forms of malicious software that rely on the weak knowledge of average users.
Different security counter-measures are being developed and applied to smartphones, from security in different layers of software to the dissemination of information to end users. There are good practices to be observed at all levels, from design to use, through the development of operating systems, software layers, and downloadable apps.

Threats

A smartphone user is exposed to various threats when he uses his phone. These threats can disrupt the operation of the smartphone, and transmit or modify the user data. For these reasons, the applications deployed there must guarantee privacy and integrity of the information they handle. In addition, since some apps could themselves be malware, their functionality and activities should be limited (for example, accessing location information via GPS, address book, transmitting data on the network, sending SMS that are charged, etc.).
There are three prime targets for attackers:[1]
  • Data: smartphones are devices for data management, therefore they may contain sensitive data like credit card numbers, authentication information, private information, activity logs (calendar, call logs);
  • Identity: smartphones are highly customizable, so the device or its contents are associated with a specific person. For example, every mobile device can transmit information related to the owner of the mobile phone contract, and an attacker may want to steal the identity of the owner of a smartphone to commit other offenses;
  • Availability: by attacking a smartphone you can limit access to it and deprive the owner of the service
The source of these attacks are the same actors found in the non-mobile computing space:[1]
  • Professionals, whether commercial or military, who focus on the three targets mentioned above. They steal sensitive data from the general public, as well as undertake industrial espionage. They will also use the identity of those attacked to achieve other attacks;
  • Thieves who want to gain income through data or identities they have stolen. The thieves will attack many people to increase their potential income;
  • Black hat hackers who specifically attack availability. Their goal is to develop viruses, and cause damage to the device. In some cases, hackers have an interest in stealing data on devices.
  • Grey hat hackers who reveal vulnerabilities. Their goal is to expose vulnerabilities of the device. Grey hat hackers do not intend on damaging the device or stealing data.[2]

Consequences

When a smartphone is infected by an attacker, the attacker can attempt several things:
  • The attacker can manipulate the smartphone as a zombie machine, that is to say, a machine with which the attacker can communicate and send commands which will be used to send unsolicited messages (spam) via sms or email;[3]
  • The attacker can easily force the smartphone to make phone calls. For example, you can use the API (library that contains the basic functions not present in the smartphone) PhoneMakeCall by Microsoft, which collects telephone numbers from any source such as yellow pages, and then call them.[3] But the attacker can also use this method to call paid services, resulting in a charge to the owner of the smartphone. It is also very dangerous because the smartphone could call emergency services and thus disrupt those services;[3]
  • A compromised smartphone can record conversations between the user and others and send them to a third party.[3] This can cause user privacy and industrial security problems;
  • An attacker can also steal a user's identity, usurp their identity (with a copy of the sim, telephone, etc.), and thus impersonate the owner. This raises security concerns in countries where smartphones can be used to place orders, view bank accounts or are used as an identity card;[3]
  • The attacker can reduce the utility of the smartphone, by discharging the battery.[4] For example, he can launch an application that will run continuously on the smartphone processor, requiring a lot of energy and draining the battery. One factor that distinguishes mobile computing from traditional desktop PCs is their limited performance. Frank Stajano and Ross Anderson first described this form of attack, calling it an attack of "battery exhaustion" or "sleep deprivation torture";[5]
  • The attacker can prevent the operation and/or starting of the smartphone by making it unusable.[6] This attack can either delete the boot scripts, resulting in a phone without a functioning OS, or modify certain files to make it unusable (e.g. a script that launches at startup that forces the smartphone to restart) or even embed a startup application that would empty the battery;[5]
  • The attacker can remove the personal (photos, music, videos, etc.) or professional data (contacts, calendars, notes) of the user.[6] 
  • Attack based on SMS & MMS

    Some attacks derive from flaws in the management of SMS and MMS.
    Some mobile phone models have problems in managing binary SMS messages. It is possible, by sending an ill-formed block, to cause the phone to restart, leading to denial of service attacks. If a user with a Siemens S55 received a text message containing a Chinese character, it would lead to a denial of service.[7] In another case, while the standard requires that the maximum size of a Nokia Mail address is 32 characters, some Nokia phones did not verify this standard, so if a user enters an email address over 32 characters, that leads to complete dysfunction of the e-mail handler and puts it out of commission. This attack is called "curse of silence". A study on the safety of the SMS infrastructure revealed that SMS messages sent from the Internet can be used to perform a distributed denial of service (DDoS) attack against the mobile telecommunications infrastructure of a big city. The attack exploits the delays in the delivery of messages to overload the network.[citation needed]
    Another potential attack could begin with a phone that sends an MMS to other phones, with an attachment. This attachment is infected with a virus. Upon receipt of the MMS, the user can choose to open the attachment. If it is opened, the phone is infected, and the virus sends an MMS with an infected attachment to all the contacts in the address book. There is a real world example of this attack: the virus Commwarrior [6] uses the address book and sends MMS messages including an infected file to recipients. A user installs the software, as received via MMS message. Then, the virus began to send messages to recipients taken from the address book.

    Attacks based on communication networks

    Attacks based on the GSM networks

    The attacker may try to break the encryption of the mobile network. The GSM network encryption algorithms belong to the family of algorithms called A5. Due to the policy of security through obscurity it has not been possible to openly test the robustness of these algorithms. There are two main variants of the algorithm that are deployed today: A5/1 and A5/2 (stream ciphers), the latter being a weaker version of encryption for countries with legal restrictions on the use of cryptographic schemes. Since the encryption algorithm was made public, it was proved it was possible to break the encryption in about 6 hours.[8] Both algorithms are at the end of their life and will be replaced by stronger public algorithms: the A5/3 and A5/4 (Block ciphers), otherwise known as KASUMI or UEA1[9] published by the ETSI. However it is necessary to bring GSM equipment using the A5/1 or A5/2 algorithms to manufacturers so they can incorporate new encryption algorithms, and thus it will take time to replace the A5/1 and A5/2 in practice.
    Once the encryption algorithm of GSM is broken, the attacker can intercept all unencrypted communications made by the victim's smartphone.

    An attacker can try to eavesdrop on Wi-Fi communications to derive information (e.g. username, password). This type of attack is not unique to smartphones, but they are very vulnerable to these attacks because very often the Wi-Fi is the only means of communication they have to access the internet. The security of wireless networks (WLAN) is thus an important subject. Initially wireless networks were secured by WEP keys. The weakness of WEP is a short encryption key which is the same for all connected clients. In addition, several reductions in the search space of the keys have been found by researchers. Now, most wireless networks are protected by the WPA security protocol. WPA is based on the "Temporal Key Integrity Protocol (TKIP)" which was designed to allow migration from WEP to WPA on the equipment already deployed. The major improvements in security are the dynamic encryption keys. For small networks, the WPA is a "pre-shared key" which is based on a shared key. Encryption can be vulnerable if the length of the shared key is short. With limited opportunities for input (i.e. only the numeric keypad) mobile phone users might define short encryption keys that contain only numbers. This increases the likelihood that an attacker succeeds with a brute-force attack. The successor to WPA, called WPA2, is supposed to be safe enough to withstand a brute force attack.
    As with GSM, if the attacker succeeds in breaking the identification key, it will be possible to attack not only the phone but also the entire network it is connected to.
    Many smartphones for wireless LANs remember they are already connected, and this mechanism prevents the user from having to re-identify with each connection. However, an attacker could create a WIFI access point twin with the same parameters and characteristics as the real network. Using the fact that some smartphones remember the networks, they could confuse the two networks and connect to the network of the attacker who can intercept data if it does not transmit its data in encrypted form.[10]
    Lasco is a worm that initially infects a remote device using the SIS file format.[11] SIS file format (Software Installation Script) is a script file that can be executed by the system without user interaction. The smartphone thus believes the file to come from a trusted source and downloads it, infecting the machine.[11]

     

Linux Best OS for SYSTEM ADministration

Linux (Listeni/ˈlɪnəks/ LIN-əks[6][7] or /ˈlɪnʊks/ LIN-uuks)[8][9][10] is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of Linux is the Linux kernel, an operating system kernel first released 5 October 1991 by Linus Torvalds.[11][12] Since the main supporting user space system tools and libraries originated in the GNU Project, initiated in 1983 by Richard Stallman, the Free Software Foundation prefers the name GNU/Linux.[13][14]
Linux was originally developed as a free operating system for Intel x86-based personal computers. It has since been ported to more computer hardware platforms than any other operating system. It is a leading operating system on servers and other big iron systems such as mainframe computers and supercomputers:[15][16][17][18] more than 90% of today's 500 fastest supercomputers run some variant of Linux,[19] including the 10 fastest.[20] Linux also runs on embedded systems (devices where the operating system is typically built into the firmware and highly tailored to the system) such as mobile phones, tablet computers, network routers, televisions[21][22] and video game consoles; the Android system in wide use on mobile devices is built on the Linux kernel.
The development of Linux is one of the most prominent examples of free and open source software collaboration: the underlying source code may be used, modified, and distributed—commercially or non-commercially—by anyone under licenses such as the GNU General Public License. Typically Linux is packaged in a format known as a Linux distribution for desktop and server use. Some popular mainstream Linux distributions include Debian (and its derivatives such as Ubuntu and Linux Mint), Red Hat Enterprise Linux (and its derivatives such as Fedora and CentOS), Mandriva/Mageia, openSUSE (and its commercial derivative SUSE Linux Enterprise Server), and Arch Linux. Linux distributions include the Linux kernel, supporting utilities and libraries and usually a large amount of application software to fulfill the distribution's intended use.
A distribution oriented toward desktop use will typically include the X Window System and an accompanying desktop environment such as GNOME or KDE Plasma. Some such distributions may include a less resource intensive desktop such as LXDE or Xfce for use on older or less powerful computers. A distribution intended to run as a server may omit all graphical environments from the standard install and instead include other software such as the Apache HTTP Server and an SSH server such as OpenSSH. Because Linux is freely redistributable, anyone may create a distribution for any intended use. Applications commonly used with desktop Linux systems include the Mozilla Firefox web browser, the LibreOffice office application suite, and the GIMP image editor.

Most Linux distributions support dozens of programming languages. The original development tools used for building both Linux applications and operating system programs are found within the GNU toolchain, which includes the GNU Compiler Collection (GCC) and the GNU build system. Amongst others, GCC provides compilers for Ada, C, C++, Java, and Fortran. First released in 2003, the Low Level Virtual Machine project provides an alternative open-source compiler for many languages. Proprietary compilers for Linux include the Intel C++ Compiler, Sun Studio, and IBM XL C/C++ Compiler. BASIC in the form of Visual Basic is supported in such forms as Gambas, FreeBASIC, and XBasic, and in terms of terminal programming or QuickBASIC or Turbo BASIC programming in the form of QB64.
A common feature of Unix-like systems, Linux includes traditional specific-purpose programming languages targeted at scripting, text processing and system configuration and management in general. Linux distributions support shell scripts, awk, sed and make. Many programs also have an embedded programming language to support configuring or programming themselves. For example, regular expressions are supported in programs like grep, or locate, while advanced text editors, like GNU Emacs have a complete Lisp interpreter built-in.
Most distributions also include support for PHP, Perl, Ruby, Python and other dynamic languages. While not as common, Linux also supports C# (via Mono), Vala, and Scheme. A number of Java Virtual Machines and development kits run on Linux, including the original Sun Microsystems JVM (HotSpot), and IBM's J2SE RE, as well as many open-source projects like Kaffe and JikesRVM.
GNOME and KDE are popular desktop environments and provide a framework for developing applications. These projects are based on the GTK+ and Qt widget toolkits, respectively, which can also be used independently of the larger framework. Both support a wide variety of languages. There are a number of Integrated development environments available including Anjuta, Code::Blocks, CodeLite, Eclipse, Geany, ActiveState Komodo, KDevelop, Lazarus, MonoDevelop, NetBeans, Qt Creator and Omnis Studio, while the long-established editors Vim, nano and Emacs remain popular.[66]

Social Engineering Certification

Certified Social Engineering Prevention Specialist (CSEPS) refers to both an individual Mitnick Security Consulting certification and a broader professional certification program.
The CSEPS program currently offers one type of certification. To attain this certification, a candidate must attend a CSEPS training course and pass the exam proctored at completion.
The training program focuses primarily on how Social Engineering works through the use of numerous case histories and a detailed breakdown of the psychological principles related to influence. It more specifically focuses on how a malicious hacker or information thief uses Social Engineering and/or Pretexting to obtain illicit access to computer systems by duping employees, and what can be done to minimize social engineering based attacks in an organization.
The course and exam costs approximately US$2300.00 per person. The course is two days in length. The exam takes between 1 and 2 hours to complete and consists of between 50-90 multiple choice questions and an essay section dealing with specific actions taken to prevent Social Engineering in a proposed scenario.
The exam was first designed by Kevin Mitnick and Alexis Kasperavičius in 2004, with assistance from various experts in the psychology field.

Vulnerability

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.
Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.[1] To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface.
Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities"[2] This practice generally refers to software vulnerabilities in computing systems.
A security risk may be classified as a vulnerability. The usage of vulnerability with the same meaning of risk can lead to confusion. The risk is tied to the potential of a significant loss. Then there are vulnerabilities without risk: for example when the affected asset has no value. A vulnerability with one or more known instances of working and fully implemented attacks is classified as an exploitable vulnerability — a vulnerability for which an exploit exists. The window of vulnerability is the time from when the security hole was introduced or manifested in deployed software, to when access was removed, a security fix was available/deployed, or the attacker was disabled—see zero-day attack.
Security bug (security defect) is a narrower concept: there are vulnerabilities that are not related to software: hardware, site, personnel vulnerabilities are examples of vulnerabilities that are not software security bugs.
Constructs in programming languages that are difficult to use properly can be a large source of vulnerabilities.

Vulnerabilities are related to:
  • physical environment of the system
  • the personnel
  • management
  • administration procedures and security measures within the organization
  • business operation and service delivery
  • hardware
  • software
  • communication equipment and facilities
  • and their combinations.
It is evident that a pure technical approach cannot even protect physical assets: you should have administrative procedure to let maintenance personnel to enter the facilities and people with adequate knowledge of the procedures, motivated to follow it with proper care. see Social engineering (security).
Four examples of vulnerability exploits:
  • an attacker finds and uses an overflow weakness to install malware to export sensitive data;
  • an attacker convinces a user to open an email message with attached malware;
  • an insider copies a hardened, encrypted program onto a thumb drive and cracks it at home;
  • a flood damages your computer systems installed at ground floor.

Software vulnerabilities

Common types of software flaws that lead to vulnerabilities include:
Some set of coding guidelines have been developed and a large number of static code analysers has been used to verify that the code follows the guidelines.

Best Social Engineers

Notable social engineers

California police departments investigating red light violations

More than 30 California police departments mail out fake red light camera "tickets," also called "Snitch Tickets," in an effort to bluff registered owners into revealing the identity of the person who was driving the vehicle at the time of the alleged violation. Because these "tickets" have not been filed at court, they carry no legal weight and (in the US) the registered owner has the right to remain silent and is under no obligation to respond in any manner. In California, a genuine ticket will bear the name and address of the local branch of the Superior Court and direct the recipient to contact that Court, while a fake "ticket" generated by the police will not.[13][14][15][16]

Kevin Mitnick

Reformed computer criminal and later security consultant Kevin Mitnick points out that it is much easier to trick someone into giving a password for a system than to spend the effort to crack into the system.[17]

Badir Brothers

Brothers Ramy, Muzher, and Shadde Badir—all of whom were blind from birth—managed to set up an extensive phone and computer fraud scheme in Israel in the 1990s using social engineering, voice impersonation, and Braille-display computers.[18]

Archangel

The white hat hacker, computer security consultant, and writer for Phrack Magazine, Archangel (nicknamed "The Greatest Social Engineer of All Time") has demonstrated social engineering techniques to gain everything from passwords to pizza to automobiles to airline tickets.[19][20][21][22][23]

Steve Stasiukonis

Security Consultant for Secure Network Technologies. Inventor of the USB thumb drive test where USB sticks contained exploits to test if employees would run them from within their business environments. This attack is now one of the most popular social engineering techniques in existence and is used to test the human element of security around the world.

JB Snyder

Principal Consultant for Bancsec, Inc., and one of the world's top experts in banking cybersecurity, developed and proved in over 50 U.S. bank locations "the most efficient social engineering attack in history." This attack vector, primarily utilizing email, allows a social engineer to make unauthenticated, unauthorized, large cash withdrawals from bank branches [24] with an extraordinarily high success rate (over 90%) while enjoying low probabilities of immediate detection or subsequent incarceration. Among his other successful bank social engineering test accomplishments is wire transfer through a combination of emails and telephone pretexting.

Mike Ridpath

Security consultant for IOActive, published author, and speaker. Emphasizes techniques and tactics for social engineering cold calling. Became notable after his talks where he would play recorded calls and explain his thought process on what he was doing to get passwords through the phone.[25][26][27]

Others

Other social engineers include Frank Abagnale, David Bannon, Peter Foster, Mehdi Zilaoui, and Steven Jay Russell.

Social engineering (hacking)

Social engineering, in the context of security, is understood to mean the art of manipulating people into performing actions or divulging confidential information.[1] This is a type of confidence trick for the purpose of information gathering, fraud, or computer system access. It differs from traditional cons in that often the attack is often a mere step in a more complex fraud.
"Social engineering" as an act of psychological manipulation had previously been associated with the social sciences, but its usage has caught on among computer professionals.[2]

Pretexting

Pretexting (adj. pretextual), also known in the UK as blagging or bohoing, is the act of creating and using an invented scenario (the pretext) to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances.[4] An elaborate lie, it most often involves some prior research or setup and the use of this information for impersonation (e.g., date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target.[5]
This technique can be used to fool a business into disclosing customer information as well as by private investigators to obtain telephone records, utility records, banking records and other information directly from company service representatives. The information can then be used to establish even greater legitimacy under tougher questioning with a manager, e.g., to make account changes, get specific balances, etc.
Pretexting can also be used to impersonate co-workers, police, bank, tax authorities, clergy, insurance investigators — or any other individual who could have perceived authority or right-to-know in the mind of the targeted victim. The pretexter must simply prepare answers to questions that might be asked by the victim. In some cases, all that is needed is a voice that sounds authoritative, an earnest tone, and an ability to think on one's feet to create a pretextual scenario.

Diversion theft

Diversion theft, also known as the "Corner Game"[6] or "Round the Corner Game", originated in the East End of London.
In summary, diversion theft is a "con" exercised by professional thieves, normally against a transport or courier company. The objective is to persuade the persons responsible for a legitimate delivery that the consignment is requested elsewhere — hence, "round the corner".

Phishing

Phishing is a technique of fraudulently obtaining private information. Typically, the phisher sends an e-mail that appears to come from a legitimate business—a bank, or credit card company—requesting "verification" of information and warning of some dire consequence if it is not provided. The e-mail usually contains a link to a fraudulent web page that seems legitimate—with company logos and content—and has a form requesting everything from a home address to an ATM card's PIN.
For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user's account was about to be suspended unless a link provided was clicked to update a credit card (information that the genuine eBay already had). Because it is relatively simple to make a Web site resemble a legitimate organization's site by mimicking the HTML code, the scam counted on people being tricked into thinking they were being contacted by eBay and subsequently, were going to eBay's site to update their account information. By spamming large groups of people, the "phisher" counted on the e-mail being read by a percentage of people who already had listed credit card numbers with eBay legitimately, who might respond.

IVR or phone phishing

This technique uses a rogue interactive voice response (IVR) system to recreate a legitimate-sounding copy of a bank or other institution's IVR system. The victim is prompted (typically via a phishing e-mail) to call in to the "bank" via a (ideally toll free) number provided in order to "verify" information. A typical system will reject log-ins continually, ensuring the victim enters PINs or passwords multiple times, often disclosing several different passwords. More advanced systems transfer the victim to the attacker posing as a customer service agent for further questioning.
One could even record the typical commands ("Press one to change your password, press two to speak to customer service" ...) and play back the direction manually in real time, giving the appearance of being an IVR without the expense.
Phone phishing is also called vishing.

Baiting

Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the victim.[7]
In this attack, the attacker leaves a malware infected floppy disk, CD-ROM, or USB flash drive in a location sure to be found (bathroom, elevator, sidewalk, parking lot), gives it a legitimate looking and curiosity-piquing label, and simply waits for the victim to use the device.
For example, an attacker might create a disk featuring a corporate logo, readily available from the target's web site, and write "Executive Salary Summary Q2 2012" on the front. The attacker would then leave the disk on the floor of an elevator or somewhere in the lobby of the targeted company. An unknowing employee might find it and subsequently insert the disk into a computer to satisfy their curiosity, or a good samaritan might find it and turn it in to the company.
In either case, as a consequence of merely inserting the disk into a computer to see the contents, the user would unknowingly install malware on it, likely giving an attacker unfettered access to the victim's PC and, perhaps, the targeted company's internal computer network.
Unless computer controls block the infection, PCs set to "auto-run" inserted media may be compromised as soon as a rogue disk is inserted.
Hostile devices, more attractive than simple memory, can also be used.[8] For instance, a "lucky winner" is sent a free digital audio player that actually compromises any computer it is plugged to.

Quid pro quo

Quid pro quo means something for something:
  • An attacker calls random numbers at a company, claiming to be calling back from technical support. Eventually this person will hit someone with a legitimate problem, grateful that someone is calling back to help them. The attacker will "help" solve the problem and, in the process, have the user type commands that give the attacker access or launch malware.
  • In a 2003 information security survey, 90% of office workers gave researchers what they claimed was their password in answer to a survey question in exchange for a cheap pen.[9] Similar surveys in later years obtained similar results using chocolates and other cheap lures, although they made no attempt to validate the passwords.[10]

Tailgating

An attacker, seeking entry to a restricted area secured by unattended, electronic access control, e.g. by RFID card, simply walks in behind a person who has legitimate access. Following common courtesy, the legitimate person will usually hold the door open for the attacker. The legitimate person may fail to ask for identification for any of several reasons, or may accept an assertion that the attacker has forgotten or lost the appropriate identity token. The attacker may also fake the action of presenting an identity token.

Other types

Common confidence tricksters or fraudsters also could be considered "social engineers" in the wider sense, in that they deliberately deceive and manipulate people, exploiting human weaknesses to obtain personal benefit. They may, for example, use social engineering techniques as part of an IT fraud.
A very recent type of social engineering technique includes spoofing or cracking IDs of people having popular e-mail IDs such as Yahoo!, GMail, Hotmail, etc. Among the many motivations for deception are:
  • Phishing credit-card account numbers and their passwords.
  • Cracking private e-mails and chat histories, and manipulating them by using common editing techniques before using them to extort money and creating distrust among individuals.
  • Cracking websites of companies or organizations and destroying their reputation.
  • Computer virus hoaxes

Countermeasures

  • Organizations must, on an employee/personnel level, establish frameworks of trust. (i.e., When/Where/Why/How should sensitive information be handled?)
  • Organizations must identify which information is sensitive and question its integrity in all forms. (i.e., Social Engineering, Building Security, Computer Security, etc.)
  • Organizations must establish security protocols for the people who handle sensitive information. (i.e., Paper-Trails for information disclosure and/or forensic crumbs)
  • Employees must be trained in security protocols relevant to their position. (e.g., employees must identify people who steer towards sensitive information.) (also: In situations such as tailgating, if a person's identity cannot be verified, then employees must be trained to politely refuse.)
  • An Organization's framework must be tested periodically, and these tests must be unannounced.
  • Insert a critical eye into any of the above steps: there is no perfect solution for information integrity.[11]
  • Dumpster Security by using a waste management service that has dumpsters with locks on them, with keys to them limited only to the waste management company and the cleaning staff. Also making sure the dumpster is located in a place where it is not out of view, and trying to access it will carry a risk to being seen or caught or behind a locked gate or fence where the person must trespass before they can attempt to access the dumpster.[12]