Basics of Software and Security
•
0 j'aime•589 vues
This slide contains basic concepts of Software Development and basic concepts of System Security.
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
En vedette
Similaire à Basics of Software and Security
Similaire à Basics of Software and Security (20)
Plus de PiTechnologies
Plus de PiTechnologies (13)
Dernier
Dernier (20)
Basics of Software and Security
- 2. www.pitechnologies.net PiTechnologies is an Egyptian company PiTechnologies is specialized in: Mobile Applications Development Web Applications Development Security Services Professional Training Services About PiTechnologies
- 3. www.pitechnologies.net Agenda Software Technical Point of View Basic Security Concepts Security is a must
- 6. www.pitechnologies.net Code Life Cycle Source Codes Compiler Object Files Linker Exe File Compiler Based Run www.pitechnologies.net
- 7. www.pitechnologies.net Code Life Cycle Source Codes Interpret er Interpreter Based Run www.pitechnologies.net
- 8. www.pitechnologies.net Source Code It is human readable code written on a normal text file www.pitechnologies.net
- 9. www.pitechnologies.net Compiler It is the program that transfers the human like code into a machine code Compiler targets certain machine (processor architecture) Input is source file, output is object file www.pitechnologies.net
- 10. www.pitechnologies.net Linker It is a program that gathers all the object files (compiler output) into a single exe file Gathering object files into a single exe file is called static linking, while linking object file with an external lib is called dynamic linking www.pitechnologies.net
- 11. www.pitechnologies.net EXE file It is the final product (runnable file) in the compiler based languages www.pitechnologies.net
- 12. www.pitechnologies.net Compiler Example GCC GNU C Compiler www.pitechnologies.net
- 13. www.pitechnologies.net Interpreter It is an application that runs the source code without compiling A programming language is either interpreter based or compiler based www.pitechnologies.net
- 14. www.pitechnologies.net Interpreter Example Python Perl Shell scripting PHP www.pitechnologies.net
- 15. www.pitechnologies.net Compiler VS Interpreter Which is better ? Wrong Question www.pitechnologies.net
- 16. www.pitechnologies.net Usage Compiler Interpreter Size Large Projects Small Projects Reuse High reusability Low reusability Output Application Script Functions Multi Function Single Function www.pitechnologies.net
- 19. www.pitechnologies.net Portability It means that you can run the same executable file on different platforms Operating System + Processor Architecture www.pitechnologies.net
- 20. www.pitechnologies.net Illustration Platform 1Platform 2 Bin 2 Bin 1 www.pitechnologies.net
- 21. www.pitechnologies.net Illustration Platform 1Platform 2 Bin 2 Bin 1 Bin 0 JVM JVM Bin 0 JVM JVM www.pitechnologies.net
- 22. www.pitechnologies.net Benefits We will change only one app for each new platform, the JVM We don’t need to change all the apps for each new platform www.pitechnologies.net
- 23. www.pitechnologies.net Security is a Must
- 24. www.pitechnologies.net Laptops Phones Employees Secure the following …
- 27. www.pitechnologies.net Confidentiality Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information
- 28. www.pitechnologies.net Integrity Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity
- 29. www.pitechnologies.net Availability Ensuring timely and reliable access to and use of information
- 33. www.pitechnologies.net Session HiJacking S E R V E R Client Username + Password + remember me Cookie Cookie
- 34. www.pitechnologies.net Session Hijacking S E R V E R Attacker Victim Machine Text + JavaScript XSS Text + JavaScript Text: Display JS: Run Cookie
- 35. www.pitechnologies.net Password Reuse Q? Do you reuse your password for many sites ?
- 37. www.pitechnologies.net Sniffing Local Network Who ? Public/Cafe/Free Wifi Cookies UnencryptedTraffic
- 40. www.pitechnologies.net 100 Billion $ Cost of Cyber Crimes / Year 100,000,000,000
- 41. www.pitechnologies.net 556 Million Victims / Year of Cyber Crimes ~ 18 Victim / Second 556,000,000
- 42. www.pitechnologies.net 216,000 FB Accounts hacked / Year ~ 600 Account / Day 216,000
- 43. www.pitechnologies.net 36 % of Cyber attacks target Companies’ networks and websites 36 %
- 47. www.pitechnologies.net A competitor getting an access to your computer 2
- 48. www.pitechnologies.net Employees getting access to confidential documents 3
- 49. www.pitechnologies.net A virus halts your office/home computers for a week 4
- 50. www.pitechnologies.net A customer see your website/blog/Facebook page down, or hacked 5
- 51. www.pitechnologies.net Some one is reading and sending messages from your inbox 6
- 52. www.pitechnologies.net It is not an easy job for an attacker to do the previous issues, howeverDon’t worrymuch .. YOU Help him doing this
- 53. www.pitechnologies.net Do you want to know how you are helping the attacker ?
- 56. www.pitechnologies.net Change Passwords .. Dont trust Public Networks .. Stay Secure ..
- 57. www.pitechnologies.net Easy to Remember Hard to Guess • word site number • ahmedfb21@! • aHMeDFB21@! • zHMdDRG21@! ! • Pass for gmail: using gm can be: zHMdDTJ21@! ahmedfb2121 use shift with second 21 use shift with non vowel letters use the key below the vowel letter in the keyboard use the key above the letter in the keyboard for the site letters f,b
- 58. www.pitechnologies.net Thanks for listening :) ayossef@pitechnologies.net skype: ahmedyossef.21 facebook.com/PiTechnologies.page