Monday, 6 June 2011
Meeting Seven
Meeting 7
https://www.grc.com/haystack.htm --> Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered.
The above tells you how long would it take to break your password.

Public Key Infrastructure (PKI)
● What is it?
– It is a scheme that allows for the deployment of an electronic means to sign documents that one can then check that it authentic
– Accepted by governments and businesses
Public Key Infrastructure
● Why has it not taken off in a big way?

– People have not seen a critical need for it.

– “ No itch to scratch” yet : Things are done bcos ppl wants to do it. That is bcos there is ‘an itch that he wants to scratch’ but when the itch is gone, he wouldn’t continue on the project.

– Easy and transparent way to use it has not evolved yet

– No legal requirement to mandatorily to use it: Not necessary to use it.

– Should governments run it? Would you trust the government to run this well? : The government had suggested to have an email account (designated) for everyone but ppl find no need for this to happen.

Public Key Infrastructure

● Web of Trust : if I trust A and A trust B , I can trust B.
key signing party : Each party have a public and private key. Take the public key and email to one person (the organiser). The organiser puts it on the wiki. To be a part of the key signing party, each party must bring their public key and his identifier. Then the organiser sign their public key and send it back to them. If you go elsewhere and you wanna run a key signing party, then you can spread this web of trust to another part of the world to ppl who know the organiser. Afterall, since they know the organiser, they would join this key signing party.

– Pretty Good Privacy by Phil Zimmerman

● http://www.philzimmermann.com/EN/background/index.html
– Built on the mathematical principle of public and
private key made possible by Ron Rivest, Adi
Shamir, and Leonard Adleman
– The mathematical algorithm uses two prime
numbers

– http://world.std.com/~franl/crypto/rsa-guts.html
– http://en.wikipedia.org/wiki/RSA
LAMP
● LAMP
– Linux
– Apache
– MySQL/PostgreSQL : A database where you store info and you can retrieve it
– Perl/Python/PHP/Ruby

-MAMP : Mac instead of Linux
-WAMP: Windows instead of Linus

● LAMP forms the bedrock of applications that go “up the stack” to provide highly reliable and scalable performance

● The concept of 4 Nines, 5 Nines, 6 Nines, 7 Nines
Hardware : A computer with CPU, RAM, Hard disk, Network, Input/Output (I/O),USB, Audio, Microphone. For a server, you may not need some of these components.
USB device are designed based on standards. If not, you are ‘locked-in’ , meaning, you are restricted to using only something of a certain design. For instance, if you don’t like Linux, you can use Windows becos they are standard-based. Hence, they can be interchangeable. You wont be locked in.


5 nines means that that is 315.36s of downtime. If you increase to 6 nines, you have only 31.54s of downtime. This is somewhat like the reliability of the system. Bcos of cloud computing, the reliability can go on and on to near 100%.
Open Source Collaboration Tools
● Collaboration involves the need to track and manage contributions by many authors 24 hours a day.
● You need to have access control to it, rights as to who can view, change, modify, add, remove
● Open Source software development is an example of this an some of the tools that do this include: – Git/Subversion/CVS/Darcs, RSS, Wikis, Blogs


Is open source safe?
http://apache.org/ --> is running more than 60% of the world’s web server. It is the software that runs the pages. Apache is an open source but there had been no problems with it despite the hostility in the internet world.
http://news.netcraft.com/
MORE EYES MAKE BUGS SHALLOW: when more ppl are looking at something, there is more chances to see mistakes and thus easily solved.
A port is a place you connect to. There are some port numbers that are agreed globally. The port numbers are divided into three ranges: the well-known ports, the registered ports, and the dynamic or private ports.

Cloud computing
http://xkcd.com/908/
In meeting 5, we have discussed about virtualisation and cloud computing.
A virtual hardware is a software that behaves like a hardware, operating system, database, and so on. It doesn’t occupy space, you can email it to another person cos its just a file, a software. Hence, you can make copies of it, having as much capacity as you want. You can change the way you use the hardware. How? You can shut down a whole bunch of servers or sell them to others bcos you don’t need to use it. (e.g. amzon ELASTIC COMPUTE CLOUD (EC2)).

Paas, Iaas, Saas : Platform as a service , Software as a service , Infrastructure as a service.
Classroom : considered as IAAS. The desk and chairs are the infrastructure and ppl are the software that runs around.
Lab: considered as PAAS. The computers are considered as a platform where it is
fixed and you uses it.
SAAS: we are using a service and we are constantly using it. E.g. Facebook.
A game e.g. Farmville, is using Facebook as a platform that ppl can use it. Hence it becomes PAAS.


« OLDER
NEWER »