CATFISHING

Catfishing is when in social media they steal an identity and fake they are someone else. A lot of people have been victims of this people. Some of them have been lucky and found out, before getting hurt, but there are others not so lucky that have fallen in the lies of this people. There are cases where the victim falls in love with ths people and has given them money, or even worse been kidnap. We have to take precaucions and don’t accept or be fooled by any user you don’t know. If you don’t know the user don’t give any of your personal information. In your profil make sure everything is private or that the information you are displaying is alright for you.

Here is an example:

Y4PT

Two weeks ago I came back from a hackaton in Dubai due a competition we won last october(the prize was participate into the Dubai’s Mobility Hackaton by Youth For Public Transport). We flew 24 hours from Guadalajara to the event, then we were developing our product(business model, prototype, slides, pitch) and we presented the project to some Dubai’s authorities such as the Dubai Prince, CEO of Careem, CEO of RTA, head of Y4PT among others. Our project was a virtual assistante to move through the city in a clean, fast and sustuinable way, with this we won the 3rd place. It was such an amazing experience to meet people from around the globe and share ideas and see different ways of thinking about the global problems we are living in. After this we presented the project in an expo, in the Dubai World Tarde Centre for a couple of days. It was great to have won a price, but it is more important to me the experience, the possibility to aquire a new global vision and have fun with this amazing experience. We are looking forward to win the next edition of this event next year in Sweden!

Aaron Swarts

Aaron Swarts was born in Chicago in the year of 1986.

At the age of 12 years he developed open source systems for Oracle. At age 14 he co-authored RSS 1.0, making XML to share internet content.

He studied at Stanford University. In his early years he created Infogami, a way to create attractive websites. He collaborated with the founders of Reddit and Y Combinator to support the Open Library project. Later it was merged with Reddit. Later he created a company called Jottit, a markdown system to generate content.

In 2008 Watchdog.net was launched on the web, where information about politicians was released. He also wrote a circular called «Guerrilla Open Access Manifesto» where he created a famous quote that says «There is no justice in complying with unjust.» It is time to come to light and, following the tradition of civil disobedience, to oppose this theft deprived of public culture. » Deaddrop development, a secure communication platform between journalists and information sources.

He created Demand Progress in 2010, a group to take action and positively influence political leaders and Congress. He developed studies on political corruption.

Stop the online Hacking Act is one of the main activists against the SOPA law. He was an active member of wikiLeaks, possibly filtering information. In 2011 he was arrested for downloading files from an MIT Open database. With the months the federal crimes against him were added, for charges and violations in the line and «Act of Fraud and Computational Abuse». On January 11, 2013, he had a fine of 4 million dollars and was sentenced to 50 years in prison. That day he committed suicide by hanging himself in his room.

 

Recovered from:

https://es.wikipedia.org/wiki/Aaron_Swartz

https://hipertextual.com/2015/09/aaron-swartz-perseguido

http://www.bbc.com/mundo/noticias/2013/01/130113_aaron_swartz

Rubber Ducky

So most of us don’t know what a ruuber ducky is. A rubber ducky is a malicious code hiden in a USB and when pluged it runs a code that could give the Hacker acess to your computer and all your information.

There have been various companies that have been hacked with a rubber duckie. Companies and users shoud be causious on what they insert into their computers. For precausion you should do the following:

• Don’t insert any USB found on the floor.
• Don’t insert any USB by a stranger or someone you don’t know.
• Don’t buy any USB from someone that isn’t certified to sell you this stuff

Being hacked by a USB is really easy. For example, I could just leave a USB laying around and I’m sure that someone would grab it and insert it into their computer or even worst their company computer.

Talent Land

So this week I participated in a hackathon in one of the biggest events of technology in Mexico. The hackathon was organized by BOSCH and they wanted us to create something creative and inovative way to optimize the public transport and help the environment. I love the idea that many companies are starting to find some way to help society by creating an enterprise. I trully believe that busnisses should be both sostainable and sustainable to be able to work and give back to society.

We had an idea of more or less an idea of what we wanted to do, but if it weren’t for Francisco from Kio, we wouldn’t even be able to find the client, jaja. He helped us create a valor proposition, he helped us find our client and helped us to empathies with them.  I loved my experience with this hackathon, and I loved learning new things. I never thought I could learn that much in a week from various diferent companies, and I’m relly thankful.

Blockchain

Now a lot of us understand what bitcoin is, but most of use don’t know what is blockchain.

Blockchain is a way to secure your network. Basically what it does is it encrypts your data and sends it to everybody in the network. This means that everybody has a copy of what you’ve just send. So when sombody else tries to modify that information and send it. Everybody knows in the network knows that the information is not rue and will restore the correct data to that computer.

Blockchain is trully a great way to identify a person and really see if the person you are talking to is him or her.

Here is a short video that explains what blockchain is:

SQL INJECTION

So the first thing is what is sql injection. For does people that don’t know what sql is, sql is a programming language to help you save up information, for example:

The banks save up all customer information about their names, ssn, credit cards, etc.. in a sql table, which is kind of like excel.

SQL injection happens when a company dind’t sanities data and are able to get into the compañies data base.

What a hacker does is find the vulnerabilities and when they have they can either:

 

• Control the application’s behavior that’s based on data:
  • For example, show information that the company doesn’t want others to know.
• Alter data in the database:
  • For example, erase or create new users that don’t exist.
• Access data without authorization:
  • For example, give a user access to personal data of other people.

What can you do to defend yourself from this vulnerability:

• Discover SQLi vulnerabilities, you can do so by using a special software to check how secure your code is.
• Avoid and repair SQLi vulnerabilities by using parameterized queries.
• Remediate SQLi vulnerabilities
• Mitigate the impact of SQLi vulnerabilities, you can do so by only allowin certain access to user to a certain part of the data base or by using certificates.

Here is a really cool video of an example of this vulnerability:

Ethical Hacking

So I trully belief that any security class should start with what is ethical hacking and what you have to do to be able to become one.

Ethical Hacking – this is a term to describe an action performed to help a company or individual see potential threats either in a computer or network. The ethical hacker is the one that executes this activity.

Now I know we all have an idea that the term hacker means, since movies, social media, etc… have put a really big stereotype in our minds, for example:

• A person begin a screen trying to do bad stuff, like hacking the gobernment and seending nuclear missils around the globe.

 

And what better to give thanks to, than the creators of WARGAMES released in 1983. This was one of the first movies to present hacking in a bad way. They told a story of a teenager who was able to hack the military’s central computer and maybe start world war III.

Since then and even before that there were people doing really bad stuff, they saw a security breach and they would take it, mostly to get money out of it. An example is:

Vladimir Levin

 

He was a really smart Russian hacker who in 1995, broke into Citibank’s computer and stole 10 million dollars from varios global accounts.

 

 

 

 

 

Now there have also been a lot of great hackers doing great stuff for a user or a company a great example of that is Parisa Tabriz google’s white hacker helping them fight bad guys, this is kind of superheroish, jaja. And she has been heping google protect their millions of users.

Now there are a lot of people like her who want to protect either a company (even if the company is evil itself) or individual like us. What these people have in common is :

• They have either an expressed or written permission to attempt to identify potential security risks.
• They respect the companies information.
• They close everything that has to do with work not letting anyone know others information.
• They let the customer know about the vulnerabilities of their software.

Now I know that some people want to hack to gain money and most of the news are filled with people who have stole, but you ca also be a good hacker and earn a lot of money, it all depends on you and how you want to be recognized.