Understanding factors that influence webiste performance- Ben Jones
Thursday, 31 July 2014
Introduction
If you are an internet user and/or a website creator and are having problems, this blog is here to help you. In this blog I will explain perhaps why you are suffering with slow connecting speeds and will make sure that you are aware of the dangers that threaten your website and how you can protect yourself.
Wednesday, 30 July 2014
Factors that influence website performance- User Side
User side factors are factors that the users are in control of, they arise from the users choices such as which software to run, which version of a browser to run and how much memory they choose to use.
Browsers
There are a large range of browsers out there that can be used examples include Internet Explorer, Safari, Google Chrome and Mozilla Fire Fox. There is no specific evidence that each of these browsers effect speed on their own but the version can. Every browser often releases updates and has new versions. Fire Fox releases regular updates while Internet Explorer just brings out new versions. Currently Internet Explorer is on version 11, this means that any new websites being created will be optimised to work in this version. If you are trying to access one of these websites in an older browser the performance will be negatively effected some of the content won't work as your browser will be out and date and will not be able to run the more sophisticated content of Internet Explorer 11.
Connection Speed
In an obvious way a websites performance will be negatively affected if a connection to the internet can't be established, you won't be able to access the website. But in fact it's not just as simple as going and getting an internet connection the type of connection can determine the loading time of the website and if all the content even loads at all. There are a wide range of connection types such as dial up, broadband, mobile broadband and WI-FI. To get the best connection possible it is advised not to use a dial up connection, this involves connecting up a modem to telephone lines in order to communicate with the internet service provider. These can provide a slow service especially when many telephones are connected up to and are being used at the same time. Similar can be said for WI-FI, WI-FI works by a receiver sending out frequencies that are then picked up by smartphones, laptops etc to establish a connection. This type of connection can prove troublesome as it is not possible to always be in a WI-FI hot spot and you could encounter trouble connecting if a large number of people are also trying to connect at the same time.
Another option is Mobile Broadband also referred to as Wireless Wide Area Network. This refers to the internet that is picked up from mobile devices through your providers 3G network. Especially with the invention of 4G and EE networks this type of internet has become very fast but it can still hinder website performance as some websites are optimized for PC only and will contain content that will not work on mobile broadband. The final and most common type of connection is simply broadband, often this is the fastest available connection. this means that websites will be loaded quickly and so will the content, also when loaded the content won't be compromised. Broadband works by a cable carrying large amounts of data at high speeds directly into a computer from a router.
PC Memory
Cache Memory- The purpose of cache memory is to speed up the running and add convenience to using a computer. Cache memory works by storing frequently visited websites, this is why you may find yourself typing a web address and it appears after the first two letters, your cache memory has remembered the web address. This type of memory also enhances website performance by helping it to load faster because all of the files from that site have already been transferred to your browser, this means the next time you visit that site its just a case of displaying them rather than downloading them from the web server again.
RAM- RAM stands for Random access memory, RAM is linked to a computer's hard drive when you open up a program it is loaded from the hard drive to the RAM. This allows the speed of a website to be increased because loading from the RAM is a lot quicker than loading from the hard drive. This is why it is beneficial to have a computer with more RAM this effectively means that a computer can load more from the hard drive. In fact increasing the RAM can have a bigger effect on performance than upgrading a computer.
References:
http://www.webopedia.com/DidYouKnow/Computer_Science/wifi_explained.asp
http://computer.howstuffworks.com/cache1.htm
http://www.techterms.com/definition/ram
http://www.sleepydogmedia.com/blog/what-separates-a-web-design-professional-from-an-amateur/
http://en.wikipedia.org/wiki/Dial-up_Internet_access
http://mobileoffice.about.com/od/glossary/g/mobile-broadband.htm
http://www.techterms.com/definition/broadband
Browsers
There are a large range of browsers out there that can be used examples include Internet Explorer, Safari, Google Chrome and Mozilla Fire Fox. There is no specific evidence that each of these browsers effect speed on their own but the version can. Every browser often releases updates and has new versions. Fire Fox releases regular updates while Internet Explorer just brings out new versions. Currently Internet Explorer is on version 11, this means that any new websites being created will be optimised to work in this version. If you are trying to access one of these websites in an older browser the performance will be negatively effected some of the content won't work as your browser will be out and date and will not be able to run the more sophisticated content of Internet Explorer 11.
Connection Speed
In an obvious way a websites performance will be negatively affected if a connection to the internet can't be established, you won't be able to access the website. But in fact it's not just as simple as going and getting an internet connection the type of connection can determine the loading time of the website and if all the content even loads at all. There are a wide range of connection types such as dial up, broadband, mobile broadband and WI-FI. To get the best connection possible it is advised not to use a dial up connection, this involves connecting up a modem to telephone lines in order to communicate with the internet service provider. These can provide a slow service especially when many telephones are connected up to and are being used at the same time. Similar can be said for WI-FI, WI-FI works by a receiver sending out frequencies that are then picked up by smartphones, laptops etc to establish a connection. This type of connection can prove troublesome as it is not possible to always be in a WI-FI hot spot and you could encounter trouble connecting if a large number of people are also trying to connect at the same time.
Another option is Mobile Broadband also referred to as Wireless Wide Area Network. This refers to the internet that is picked up from mobile devices through your providers 3G network. Especially with the invention of 4G and EE networks this type of internet has become very fast but it can still hinder website performance as some websites are optimized for PC only and will contain content that will not work on mobile broadband. The final and most common type of connection is simply broadband, often this is the fastest available connection. this means that websites will be loaded quickly and so will the content, also when loaded the content won't be compromised. Broadband works by a cable carrying large amounts of data at high speeds directly into a computer from a router.
PC Memory
Cache Memory- The purpose of cache memory is to speed up the running and add convenience to using a computer. Cache memory works by storing frequently visited websites, this is why you may find yourself typing a web address and it appears after the first two letters, your cache memory has remembered the web address. This type of memory also enhances website performance by helping it to load faster because all of the files from that site have already been transferred to your browser, this means the next time you visit that site its just a case of displaying them rather than downloading them from the web server again.
RAM- RAM stands for Random access memory, RAM is linked to a computer's hard drive when you open up a program it is loaded from the hard drive to the RAM. This allows the speed of a website to be increased because loading from the RAM is a lot quicker than loading from the hard drive. This is why it is beneficial to have a computer with more RAM this effectively means that a computer can load more from the hard drive. In fact increasing the RAM can have a bigger effect on performance than upgrading a computer.
References:
http://www.webopedia.com/DidYouKnow/Computer_Science/wifi_explained.asp
http://computer.howstuffworks.com/cache1.htm
http://www.techterms.com/definition/ram
http://www.sleepydogmedia.com/blog/what-separates-a-web-design-professional-from-an-amateur/
http://en.wikipedia.org/wiki/Dial-up_Internet_access
http://mobileoffice.about.com/od/glossary/g/mobile-broadband.htm
http://www.techterms.com/definition/broadband
Tuesday, 29 July 2014
Factors that influence website performance- Server Side
The following factors affect a websites performance at a server level. This means they are problems at the web hosts or Internet Service providers end. This means unlike the user side the user doesn't have the power to resolve these issues on their own.
Server storage space
When you create a website you most likely go to a web host and you ask them to host your website for a fee. The fee you pay is for space on the web host's server, if a website gets close to or exceeds this space the creator will be unable to add content. Depending on the type of website depends on how much the website is affected by this. If the main feature is a forum the website will be compromised if a user is unable to post. Also the page will start to lose favour with the audience if it is unable to be updated/interacted with. To solve this the creator can either pay for more storage space or cut down the size of the website, for example by optimizing images.
Bandwidth Limitations
Bandwidth is determined by the speed of a person's modem which is provided by an ISP. Bandwidth is the rate that a computer can transfer files from one point to another, this is usually expressed in bits per second (bps). If a computer is operating at a low bandwidth the files needed to load a website will take a long time to transfer to the user's browser, meaning the websites performance will be drastically affected e.g. time to load and quality of video/animated content.
Pages with too many scripts
All web pages run scripts, these are a sequence of instructions for the programs on a computer to run. There are many examples of these scripts the most popular being JavaScript. Having a lot of scripts isn't a bad thing, for some websites they need a lot of scripts to run their content. But website creators have to be aware that too many scripts will slow the websites down on the user's side. In order to combat this the creator will have to buy extra space or save space in other areas of the website.
Website content
One of the most obvious components that make a website is the content, there are a wide range of different a website can have. For example text, images, sound, animation and databases. This content can have large file sizes and can cause a website to run slowly and could cause other content not to work. Obviously you can't do without this content so a website creator has to find a way to get the same content but at a smaller file size. A good way to do this is to optimize the it, this means decreasing the file size without decreasing the quality.
References:
http://searchenterprisewan.techtarget.com/definition/bandwidth
http://technet.microsoft.com/en-gb/library/hh831739.aspx
http://compu2learn.co.uk/notes/theory/networks/internet/6180-2/
http://searchenterpriselinux.techtarget.com/definition/script
Server storage space
When you create a website you most likely go to a web host and you ask them to host your website for a fee. The fee you pay is for space on the web host's server, if a website gets close to or exceeds this space the creator will be unable to add content. Depending on the type of website depends on how much the website is affected by this. If the main feature is a forum the website will be compromised if a user is unable to post. Also the page will start to lose favour with the audience if it is unable to be updated/interacted with. To solve this the creator can either pay for more storage space or cut down the size of the website, for example by optimizing images.
Bandwidth Limitations
Bandwidth is determined by the speed of a person's modem which is provided by an ISP. Bandwidth is the rate that a computer can transfer files from one point to another, this is usually expressed in bits per second (bps). If a computer is operating at a low bandwidth the files needed to load a website will take a long time to transfer to the user's browser, meaning the websites performance will be drastically affected e.g. time to load and quality of video/animated content.
Pages with too many scripts
All web pages run scripts, these are a sequence of instructions for the programs on a computer to run. There are many examples of these scripts the most popular being JavaScript. Having a lot of scripts isn't a bad thing, for some websites they need a lot of scripts to run their content. But website creators have to be aware that too many scripts will slow the websites down on the user's side. In order to combat this the creator will have to buy extra space or save space in other areas of the website.
Website content
One of the most obvious components that make a website is the content, there are a wide range of different a website can have. For example text, images, sound, animation and databases. This content can have large file sizes and can cause a website to run slowly and could cause other content not to work. Obviously you can't do without this content so a website creator has to find a way to get the same content but at a smaller file size. A good way to do this is to optimize the it, this means decreasing the file size without decreasing the quality.
References:
http://searchenterprisewan.techtarget.com/definition/bandwidth
http://technet.microsoft.com/en-gb/library/hh831739.aspx
http://compu2learn.co.uk/notes/theory/networks/internet/6180-2/
http://searchenterpriselinux.techtarget.com/definition/script
Monday, 28 July 2014
Security risks to a website
If you have created and or run your own website, it is important to be aware of the security risks that pose a threat to the security of your website. These acts will often be carried out by people trying to gain access to your website for malicious reasons, the potential risks are.
Hacking
Hacking is the illegal process of gaining access to a website or a network without authorisation through malicious attacks. In order to gain access to the network the hacker will most likely have to bypass the networks security systems such as firewalls. Once inside the network the hacker will have the same privileges as an administrator they will use this power to try to accomplish goals outside those of the creator. There are a variety of goals hackers can have e.g. to shut down a webpage completely or to post their own content on to the page. Often hackers are computer experts thus can be rewarded with jobs testing the security of websites and networks within an organisation. High profile examples in hacking can be seen in the case studies.
Pagejacking
Pagejacking is the practice of copying content and HTML source code from a legitimate website to a cloned version. This means that the web browser will display to the user the a cloned page which they believe is the real one. This can be used to display either illegal or contradictory content to the actual website. Presumably the user will quite quickly realise the page is cloned and will try to close it. For this reason 'jacked pages' often contains mousetraps which don't allow the user to leave the page by opening a new URL every time the user attempts to close the page.
Viruses
Viruses often make there way into systems by appearing to be legitimate programs but instead they contain hidden destructive code that can affect a computer with a virus. In the world today their are hundreds of computer viruses and they each perform different functions for their creator meaning a virus can pose many threats to a website some include:
- Corrupting or deleting data on the hard drive
- Important/confidential details can be stolen
- Harming relationships between partners by displaying malicious content or forwarding them a virus
- Using your computer to carry out further attacks
Phishing
Phishing is an online scam most commonly carried out by email, an email is sent out on a mass scale to a wide range of recipients claiming to be from a legitimate enterprise usually a bank. The email will then take you to a website mimicking the legitimate organisation the email is claiming to be from. From here the user will be asked to enter personal/bank details. If confirmed the users details we be stolen and possibly used for identity theft.
Identity Theft
Identity theft links in with some of the potential risks above and is often a result of them especially phishing and hacking. Some websites have a responsibility to store private and sensitive data about their customers (as set out by the Data Protection Act 1998.) If their secure systems get hacked this information could be stolen and used for identity theft or to steal from the customers. A recent example of this is when Playstation got hacked and the credit card details and details such as address were stolen. Feasibly many customers could have had their identity stolen. It is solely the responsibility of the website's creator/moderator to make sure these details are secure.
References
Sunday, 27 July 2014
How to overcome these risks?
As mentioned in the previous post there are a lot of potential risks to a website, for this reason a website creator will have to consider how to protect against all of these eventualities. Below are some of the measures that can be taken to protect a website.
Firewalls
Firewalls can be both hardware and software and are put in place to stop unauthorised access to private networks, they are especially used to protect intranets which have restricted access anyway. A firewall will examine all incoming and outgoing communications and make a decision whether to allow it access or not. This decision will be made on a set of criteria created by the user. An example of this criteria would be the user instructing the firewall to block communications from a certain IP address. Firewalls can be purchased from companies such as McAffe and AVG.
Secure Socket Layers (SSL)
SSL is a protocol that helps ensure that messages sent from a website are sent securely. The securest areas of sites are often protected by SSL for example pages after you have logged in to a site. SSL encrypts the messages being sent so anyone trying to view data not intended for them for malicious reasons can't only the users computer and server can recognise the data. Another example of SSL is online shopping, without SSL it would be too insecure to work as SSL encrypts your personal details such as name, address and bank details so only you and the vender can see it. An easy way to know if the page you are visiting is secure is by looking at the start of the web address, if it says HTTPS the website is secure.
Digital Certificate
Digital certificates are attached to electronic messages to aid security. The most common type of digital certificate is to verify that the sender of a message is who they claim to be. The user then has the chance to send an encoded reply. In order to obtain a digital certificate you have to apply to the CA (Certificate Authority) with ID details. The applicant is then issued with their own key and the CA's public key. The recipient of the message uses the CA's public key to decode the message.
Passwords
In order to stop unauthorised access to a website a person can set up password or word catchers, these can be put on the computer itself and the content of the website for example databases. When setting up a password you should ensure that it is not too obvious i.e. something obviously related to you. The safer passwords contain a mix of lower case letters, capital letters and numbers. Word catchers are good as they will prevent computer programs not being controlled by humans gaining access to your website and spamming it.
Legal Considerations
When dealing with website security there are a series of legal obligations and considerations that a website creator has to implement.
Data Protection Act (1998)- The Data Protection Act was created when computers started to become available to everyone and were being used to store personal data. The main aim of the act is to stop the misuse of personal information held by a company. This is because be serious crimes such as identity theft could be committed with the stolen information. The act has 8 important principles that have to be adhered to when handling personal data.
In order stick to this act an organisation will have to ensure that they restrict access to data so only people that need to can view it and that when it is viewed it isn't taken out of the system. They could do this by creating an intranet/remote network, this will allow users to access information they need anywhere without taking it out of the system and it potentially getting lost or stolen. Along with that an organisation will have to regularly check their information and protocol to ensure they aren't breaching the act.
Computer Misuse Act (1990)- This act came into effect in 1990
Privacy and Electronic Communication Regulations 2003- This act was created to stop increasing levels of criminal activity relating to computers, mainly hacking. A large amount of data was being accessed by people who had no right to access it. For this reason the Computer Misuse Act covers
To effectively implement this act companies may have to employ extra staff within the IT department or they will have to train their current ones on what is and isn't permitted under the terms of this act. These staff would also be in charge of monitoring the system to ensure no one is breaching the act to steal material. Along side this they will have to put policies and security mechanisms to stop anyone being able to remove information from the system without authorisation.
http://www.webopedia.com/TERM/F/firewall.html
http://www.techterms.com/definition/ssl
http://www.webopedia.com/TERM/D/digital_certificate.html
Firewalls
Firewalls can be both hardware and software and are put in place to stop unauthorised access to private networks, they are especially used to protect intranets which have restricted access anyway. A firewall will examine all incoming and outgoing communications and make a decision whether to allow it access or not. This decision will be made on a set of criteria created by the user. An example of this criteria would be the user instructing the firewall to block communications from a certain IP address. Firewalls can be purchased from companies such as McAffe and AVG.
Secure Socket Layers (SSL)
SSL is a protocol that helps ensure that messages sent from a website are sent securely. The securest areas of sites are often protected by SSL for example pages after you have logged in to a site. SSL encrypts the messages being sent so anyone trying to view data not intended for them for malicious reasons can't only the users computer and server can recognise the data. Another example of SSL is online shopping, without SSL it would be too insecure to work as SSL encrypts your personal details such as name, address and bank details so only you and the vender can see it. An easy way to know if the page you are visiting is secure is by looking at the start of the web address, if it says HTTPS the website is secure.
Digital Certificate
Digital certificates are attached to electronic messages to aid security. The most common type of digital certificate is to verify that the sender of a message is who they claim to be. The user then has the chance to send an encoded reply. In order to obtain a digital certificate you have to apply to the CA (Certificate Authority) with ID details. The applicant is then issued with their own key and the CA's public key. The recipient of the message uses the CA's public key to decode the message.
Passwords
In order to stop unauthorised access to a website a person can set up password or word catchers, these can be put on the computer itself and the content of the website for example databases. When setting up a password you should ensure that it is not too obvious i.e. something obviously related to you. The safer passwords contain a mix of lower case letters, capital letters and numbers. Word catchers are good as they will prevent computer programs not being controlled by humans gaining access to your website and spamming it.
Legal Considerations
When dealing with website security there are a series of legal obligations and considerations that a website creator has to implement.
Data Protection Act (1998)- The Data Protection Act was created when computers started to become available to everyone and were being used to store personal data. The main aim of the act is to stop the misuse of personal information held by a company. This is because be serious crimes such as identity theft could be committed with the stolen information. The act has 8 important principles that have to be adhered to when handling personal data.
- It has to be fairly and lawfully obtained
- It can't be used for any other reason that the one specified to the client
- Only that is relevant to the purpose is aloud to be stored
- The information can't be held for any longer than necessary and has to be kept up to date
- It has to be correct and not more detailed than it needs to be
- Processed in accordance to the rights of the person it concerns
- The information has to be kept securely
- It can't be transferred out of the European Economic Area without a suitable level of data protection
In order stick to this act an organisation will have to ensure that they restrict access to data so only people that need to can view it and that when it is viewed it isn't taken out of the system. They could do this by creating an intranet/remote network, this will allow users to access information they need anywhere without taking it out of the system and it potentially getting lost or stolen. Along with that an organisation will have to regularly check their information and protocol to ensure they aren't breaching the act.
Computer Misuse Act (1990)- This act came into effect in 1990
Privacy and Electronic Communication Regulations 2003- This act was created to stop increasing levels of criminal activity relating to computers, mainly hacking. A large amount of data was being accessed by people who had no right to access it. For this reason the Computer Misuse Act covers
- Unauthorised access to computer material
- Unauthorised access with intent to commit a criminal offence
- Unauthorised acts with intent to impair the use of the computer
To effectively implement this act companies may have to employ extra staff within the IT department or they will have to train their current ones on what is and isn't permitted under the terms of this act. These staff would also be in charge of monitoring the system to ensure no one is breaching the act to steal material. Along side this they will have to put policies and security mechanisms to stop anyone being able to remove information from the system without authorisation.
Privacy and Electronic Communication regulations (2003) - This act was passed in 2003 because obtaining information about people online was happening in a unregulated way and in ways that were hidden from the consumer themselves. Regulations regarding the following practices were drawn up.
These regulations have caused companies to check that they are only sourcing information form valid and trusted sources, this will help them as they may be questioned to see if they really are following the regulations. Companies now have to make it obvious to consumers that they will be advertising them especially through the use of cookies, in an advertising sense cookies track what a user visits and use this information to suggest adverts for them on other websites that they may be interested in. Now companies are obligated to inform the user if their website runs cookies.
References: - Spam
- Cookies
- Location and Traffic Data
- Publicly available directories
These regulations have caused companies to check that they are only sourcing information form valid and trusted sources, this will help them as they may be questioned to see if they really are following the regulations. Companies now have to make it obvious to consumers that they will be advertising them especially through the use of cookies, in an advertising sense cookies track what a user visits and use this information to suggest adverts for them on other websites that they may be interested in. Now companies are obligated to inform the user if their website runs cookies.
http://www.webopedia.com/TERM/F/firewall.html
http://www.techterms.com/definition/ssl
http://www.webopedia.com/TERM/D/digital_certificate.html
Saturday, 26 July 2014
Case Study 1 (Hackers)- Adrian Lamo
Threat
Adrian Lamo is a former computer hacker, his crimes took place in 2002, up until then he would try to break into computer systems of major companies such as Worldcom in order to help them fortify their own systems.. But in February 2002 he illegally broke in to the computer network of the New York Times through a wrongly configured proxy server. He then threatened the security of personal information of high profile associates of the Sunday Times as he added his name to their internal database and conducted his own research. He was able to do this as one of the employees who had the authority to create new accounts had not changed their password from the company default. The validity of the Sunday Times data was also jeopardized as Lamo accessed and modified confidential databases.
Impact
Employees and 3,000 contributors at the Sunday Times were negatively affected as personal information was given out about them, Information such as their names and social security numbers were viewed. This means that the risk and chance of their identities being stolen became very high. Other information taken was logs of customer home delivers, lists of business contacts and a series of passwords. All of this meant that the Sunday Times came in for heavy criticism as all of this information was taken because of their weak password system. That in turn meant the contacts whose identities were revealed lost a lot of trust in the Sunday Times and they ultimately lost business.
Resolution
After a 15 month investigation by the prosecutors in New York Lamo was tracked down and surrendered to the FBI on September 11th 2003. He pleaded guilty to one count of computer crimes against Microsoft, LexisNexis and The New York Times. He was sentenced to 6 months detention in his parents house, during this time he had limited access to computers and all emails were monitored by probation officers, he was also sentenced to 2 years probation and fined $64,900. As a result the Sunday Times strongly tightened up their security systems. Lamo is no longer a hacker and in 2010 he proved his hacking days are behind him because he reported a former soldier to the authorities for leaking secret US documents to the website Wikileaks.
References
http://www.computerworld.com/s/article/94600/_i_New_York_Times_i_hacker_Adrian_Lamo_gets_home_detention
http://www.geek.com/news/adrian-lamo-hacks-new-york-times-548405/
Adrian Lamo is a former computer hacker, his crimes took place in 2002, up until then he would try to break into computer systems of major companies such as Worldcom in order to help them fortify their own systems.. But in February 2002 he illegally broke in to the computer network of the New York Times through a wrongly configured proxy server. He then threatened the security of personal information of high profile associates of the Sunday Times as he added his name to their internal database and conducted his own research. He was able to do this as one of the employees who had the authority to create new accounts had not changed their password from the company default. The validity of the Sunday Times data was also jeopardized as Lamo accessed and modified confidential databases.
Impact
Employees and 3,000 contributors at the Sunday Times were negatively affected as personal information was given out about them, Information such as their names and social security numbers were viewed. This means that the risk and chance of their identities being stolen became very high. Other information taken was logs of customer home delivers, lists of business contacts and a series of passwords. All of this meant that the Sunday Times came in for heavy criticism as all of this information was taken because of their weak password system. That in turn meant the contacts whose identities were revealed lost a lot of trust in the Sunday Times and they ultimately lost business.
Resolution
After a 15 month investigation by the prosecutors in New York Lamo was tracked down and surrendered to the FBI on September 11th 2003. He pleaded guilty to one count of computer crimes against Microsoft, LexisNexis and The New York Times. He was sentenced to 6 months detention in his parents house, during this time he had limited access to computers and all emails were monitored by probation officers, he was also sentenced to 2 years probation and fined $64,900. As a result the Sunday Times strongly tightened up their security systems. Lamo is no longer a hacker and in 2010 he proved his hacking days are behind him because he reported a former soldier to the authorities for leaking secret US documents to the website Wikileaks.
References
http://www.computerworld.com/s/article/94600/_i_New_York_Times_i_hacker_Adrian_Lamo_gets_home_detention
http://www.geek.com/news/adrian-lamo-hacks-new-york-times-548405/
Friday, 25 July 2014
Case Study 2 (Hackers)- Kevin Mitnick
Threat
Kevin Mitnick was one of America's most notorious hackers so much so it was once said he was so dangerous if he was allowed access to a phone he could start a nuclear war by whistling into it. Mitnick threatened the privacy and jeopardized the operations of many of America's most powerful companies such as Sun Microsystems, Digital equipment corporation, Motorola, Netcom, Nokia and even the FBI. Mitnick gained even more notoriety considering these were some of the most well guarded computer networks in America. Mitnick was able to gain access to all of the information housed in these systems by bypassing the security systems and he was even able to wiretap the FBI (connecting a device allowing you to listen into private telephone conversations. Mitnick even toyed with McDonald's for a bit of fun.
Impact
Through his use of wiretapping the FBI's telephone systems the FBI's confidentiality promise and the right for a person to remain anonymous was jeopardized as Mitnick knew what exactly was being reported and who it was by. Mitnick was also able to disadvantage the FBI, this is because he was able to always keep on top of any evidence the FBI had on him. This in turn enabled him to cover his tracks if he felt the FBI were getting close to a conviction. He also had an impact on McDonald's and its customers, he hacked into the frequency of a local McDonald's drive-through. He would either insult the customers who drove in or would make up offers such as your order is free. This meant that a lot of customers left feeling very offended and annoyed so have maybe chosen not to go back to McDonald's.
Resolution
Mitnick was finally arrested on February 15th 1995 and in 1999 he confessed to 4 counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication. Mitnick was sentenced to 46 months plus and extra 22 months for violating the supervised release sentence for computer fraud. After serving 5 years in prison he was released and at first the only piece of communication technology he was aloud to use was a landline. Nowadays he runs Mitnick Security Consultaants Ltd a company specialising in testing and advising on how to improve a companies computer network.
References
http://www.forbes.com/sites/singularity/2013/04/11/kevin-mitnick-the-hacking-hamburglar/
http://gizmodo.com/5925114/kevin-mitnick-the-worlds-most-notorious-hacker-is-here-to-talk-about-what-got-him-started
Kevin Mitnick was one of America's most notorious hackers so much so it was once said he was so dangerous if he was allowed access to a phone he could start a nuclear war by whistling into it. Mitnick threatened the privacy and jeopardized the operations of many of America's most powerful companies such as Sun Microsystems, Digital equipment corporation, Motorola, Netcom, Nokia and even the FBI. Mitnick gained even more notoriety considering these were some of the most well guarded computer networks in America. Mitnick was able to gain access to all of the information housed in these systems by bypassing the security systems and he was even able to wiretap the FBI (connecting a device allowing you to listen into private telephone conversations. Mitnick even toyed with McDonald's for a bit of fun.
Impact
Through his use of wiretapping the FBI's telephone systems the FBI's confidentiality promise and the right for a person to remain anonymous was jeopardized as Mitnick knew what exactly was being reported and who it was by. Mitnick was also able to disadvantage the FBI, this is because he was able to always keep on top of any evidence the FBI had on him. This in turn enabled him to cover his tracks if he felt the FBI were getting close to a conviction. He also had an impact on McDonald's and its customers, he hacked into the frequency of a local McDonald's drive-through. He would either insult the customers who drove in or would make up offers such as your order is free. This meant that a lot of customers left feeling very offended and annoyed so have maybe chosen not to go back to McDonald's.
Resolution
Mitnick was finally arrested on February 15th 1995 and in 1999 he confessed to 4 counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication. Mitnick was sentenced to 46 months plus and extra 22 months for violating the supervised release sentence for computer fraud. After serving 5 years in prison he was released and at first the only piece of communication technology he was aloud to use was a landline. Nowadays he runs Mitnick Security Consultaants Ltd a company specialising in testing and advising on how to improve a companies computer network.
References
http://www.forbes.com/sites/singularity/2013/04/11/kevin-mitnick-the-hacking-hamburglar/
http://gizmodo.com/5925114/kevin-mitnick-the-worlds-most-notorious-hacker-is-here-to-talk-about-what-got-him-started
Subscribe to:
Posts (Atom)