Knowledge of terms to know
What is QR code (quick response code)?
A QR code (quick response code) is a type of two dimensional (2D) bar code that is used to provide easy access to online information through the digital camera on a smartphone or tablet.
A reader in the camera interprets the bar code, which typically contains a link to view a webpage, send an SMS text message or call a phone number. The technology for QR codes was developed by Densa-Wave, a Toyota subsidiary. The codes were originally used for tracking inventory.
Static QR codes, like the one above, are used typically to disseminate information to the general public. They are often displayed on posters and billboards and in ads in newspapers and magazines.
The person who created the code can track information about the number of times their code was scanned and whether or not the code’s call to action was taken. Dynamic QR codes (sometimes referred to as unique QR codes) offer more functionality.
What is Security Architecture?
Security architecture is a unified security design that addresses the necessities and potential risks involved in a certain scenario or environment. It also specifies when and where to apply security controls. The design process is generally reproducible.
In security architecture, the design principles are reported clearly, and in-depth security control specifications are generally documented in independent documents. The system architecture can be considered a design that includes a structure and addresses the connection between the components of that structure.
What is Cyberwarfare?
Cyberwarfare is any virtual conflict initiated as a politically motivated attack on an enemy’s computer and information systems. Waged via the Internet, these attacks disable financial and organizational systems by stealing or altering classified data to undermine networks, websites and services.
Cyberwarfare is also known as cyber warfare or cyber war.
Cyberwarfare involves the following attack methods:
- Sabotage: Military and financial computer systems are at risk for the disruption of normal operations and equipment, such as communications, fuel, power and transportation infrastructures.
- Espionage and/or security breaches: These illegal exploitation methods are used to disable networks, software, computers or the Internet to steal or acquire classified information from rival institutions or individuals for military, political or financial gain.
On the flip side, systems procedures are continuously developed and tested to defend against cyberwarfare attacks. For example, organizations will internally attack its system to identify vulnerabilities for proper removal and defense. A common perception of a hacker is that of a teenage geek who fools breaks into computer systems for fun. While this perception was perhaps once true, modern cyberwarfare involves well trained, well funded professionals backed by nation states. Examples, such as the Stuxnet virus, are given by some experts to demonstrate that much more is happening behind the scenes, and that the front lines in future wars will be digital.
What is Cyber Defense?
Cyber defense is a computer network defense mechanism which includes response to actions and critical infrastructure protection and information assurance for organizations, government entities and other possible networks. Cyber defense focuses on preventing, detecting and providing timely responses to attacks or threats so that no infrastructure or information is tampered with. With the growth in volume as well as complexity of cyber attacks, cyber defense is essential for most entities in order to protect sensitive information as well as to safeguard assets.
With the understanding of the specific environment, cyber defense analyzes the different threats possible to the given environment. It then helps in devising and driving the strategies necessary to counter the malicious attacks or threats. A wide range of different activities is involved in cyber defense for protecting the concerned entity as well as for the rapid response to a threat landscape. These could include reducing the appeal of the environment to the possible attackers, understanding the critical locations & sensitive information, enacting preventative controls to ensure attacks would be expensive, attack detection capability and reaction and response capabilities. Cyber defense also carries out technical analysis to identify the paths and areas the attackers could target.
Cyber defense provides the much-needed assurance to run the processes and activities, free from worries about threats. It helps in enhancing the security strategy utilizations and resources in the most effective fashion. Cyber defense also helps in improving the effectiveness of the security resources and security expenses, especially in critical locations.
What is Cloud calling?
Cloud calling, also known as cloud telephony, is a subscription-based delivery model for unified communications as a service (UCaaS) offerings. Cloud calling allows subscribers to place phone calls and send SMS messages from any smart device that has an internet connection.
Cloud telephony services can be web- or applications-based. When compared with traditional, on-premises options in the enterprise, cloud calling can be more:
- Cost-efficient: offloading telecom hosting and management to a cloud communications provider reduces the capital expenditures associated with maintaining infrastructure in-house.
- Flexible: an employee with a cloud-based telephone number can take and make inbound and outbound calls from any smart device.
- Resilient: cloud telephony service failover ensures backup is available if a problem occurs with a connection.
- Scalable: in B2B settings, administrators using cloud telephony can add or change employee telephone numbers on demand through a self-service portal.
Cloud telephony systems are connected to a PBX hosted in a public or private cloud. In addition to voice and SMS services, some cloud telephony providers also support complementary B2B features such as interactive voice response (IVR), voice and keyword analytics and artificial intelligence (AI)-enabled customer support capabilities.
PumpKIN is an open-source, fully functional TFTP server and client that’s helpful for maintenance of network equipment and transferring files over an ntalk connection.
You can use carets ( ^ ) to find and replace [first occurrence] on the command line. I mostly use it for typos.
# /home/admin/file.txt gets cat'd
netpalm offers scalable API access into your network. It makes it easy to push and pull state from apps to network by providing multiple southbound drivers, abstraction methods and modern northbound interfaces such as open API3 and REST webhooks. Allows you to bring your own jinja2 config, service and webhook templates, python scripts and webhooks for quick adoption into your existing devops workflows.
The Geek Stuff is where software engineer Ramesh Natarajan posts instruction guides, how-tos, troubleshooting tips and tricks for Linux and open-source technologies. Focuses on educational content and problem resolution.
Daniel and Jorge Explain The Universe is an entertaining exploration of the unanswered scientific questions that have fascinated mankind for centuries. In each episode, Daniel Whiteson (a CERN Physicist) and Jorge Cham (an online cartoonist) discuss mind-bending topics in a light, conversational way that’s fun and enjoyable.
Knowledge of terms to know
What is Negativity Bias?
Negativity bias is the tendency of humans to place more significance on negative events than neutral or positive ones.
Negativity bias is an important concept for marketers to understand because it plays an important role in customer experience management. When a customer perceives something negative about a product or service, it takes more than one positive event to restore balance because humans will naturally place more emphasis on the negative experience.
Many psychologists believe that negativity bias evolved as a survival technique. Quite simply, those humans who didn’t pay enough attention to negative outcomes were less likely to survive. In business, the same concept can be applied to customer service — those companies who don’t pay enough attention to negative customer outcomes are less likely to survive in the marketplace.
Unhappy customers often choose to share their negative impressions with friends and family on social media. It’s important for marketers to understand that even when there are nine positive comments in a discussion thread, people will place more value on the tenth comment if it’s negative.
What is Cyberveillance?
Cyberveillance refers to monitoring all of an employee’s computer activity both online and offline. This is done to decrease or eliminate instances of cyberloafing, where employees use their Internet access during working hours for personal use or otherwise use their computers for personal activities.
Cyberveillance allows managers to watch an employee’s file changes, website visits, use of email, keystrokes and literally every movement on the computer screen.
Studies consistently show that a significant amount of the money spent by corporations on Internet access is wasted by employees doing nonwork activities on office computers.
Some employers also install proxy servers to prevent access to sites and services such as instant messaging, chat or Internet gambling.
What is Cybercrime?
In general, cybercrime is defined as either a crime involving computing against a digital target or a crime in which a computing system is used to commit criminal offenses.
As a broad category of crime, cybercrime includes such disparate sorts of activities as illegal access of data, use of computer communications to commit fraud, or the ransoming of systems via digital means.
Cybercrime may also be referred to as computer crime.
What is Penetration Testing?
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Pen test results are used to evaluate the overall effectiveness of an organization’s security policies and prioritize future investments in security.
Penetration testing can be automated, using software applications, or it can be performed manually. Either way, the process involves gathering information about the target before the test, identifying possible entry points, initiating an attempt to break in and reporting back the findings.
Penetration testing efforts should be tailored to the individual organization, as well as the industry it operates in, and should include follow-up and evaluation tasks. The ultimate goal is to make sure that vulnerabilities found in the latest pen test are not repeated in following tests.
Timekpr-nExt. GUI application to control and limit how long an account can use the computer in Linux. This is a handy utility for parents who do not want children to spend excessive time on the computer. Reminder: Do not use Timekpr-nExt for your own main account. You may lock yourself out.
Install Timekpr-nExt for Ubuntu-based Linux distributions using PPA via command line:
sudo add-apt-repository ppa:mjasnik/ppa sudo apt update sudo apt install timekpr-next
To remove Timekpr-nExt if you used PPA to install it, use the following command:
sudo apt-get remove --purge timekpr-next
Delete the Timekpr-nExt PPA repository as well:
sudo add-apt-repository -r ppa:mjasnik/ppa
The beta version of Microsoft’s Edge web browser is now available as a preview build on Linux. Download DEB/RPM files for Microsoft Edge then double-click to install it or install Microsoft Edge beta on Ubuntu based Linux distributions via command line:
curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg sudo install -o root -g root -m 644 microsoft.gpg /etc/apt/trusted.gpg.d/ sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/edge stable main" > /etc/apt/sources.list.d/microsoft-edge-dev.list' sudo rm microsoft.gpg sudo apt update sudo apt install microsoft-edge-dev
Ubuntu 20.10 is now available to download!
Here are the new features in Ubuntu 20.10 Groovy Gorilla:
- Calendar events in the message tray
- Battery percentage indicator
- QR Code WiFi sharing
- Muted mic indicator
- Restart option in Power Off menu
- Improved fingerprint login support
- App reorder and organizing
- Raspberry Pi 4 support
- Kernel 5.8 brings USB 4 (Thunderbolt port 3) support and more under the hood changes
- nftables replaces iptables
- Revamped screenshot tool
KDE Plasma 5.20 was released earlier with exciting improvements including the new wallpaper ‘Shell’ by Lucas Andrade, icon-only taskbar, digital clock applet with date, get notified when your system almost runs out of Sspace, set the charge limit Below 100%, workspace, system settings, Wayland support, and other improvements.
Trisquel Linux 9.0 Etiona was released this week as well including:
- MATE desktop based on the fork of GNOME 2.x, provides a classic desktop environment matching the user experience of previous Trisquel releases.
- Trisquel Mini based on the LXDE desktop environment and a selection of resource-saving applications.
- Triskel running the KDE environment.
- Trisquel netinstall image.
- Trisquel TOAST based on the Sugar learning platform with dozens of educational activities for children.
Fedora 33 beta released with below new features:
- Btrfs as the new default filesystem
- Nano as the default terminal-based text editor
- Swap on zRAM by default
- systemd-resolved enabled by default
- Improved hardening for 64-bit ARM devices
- GNOME 3.38 and all the visual changes
- Animated background based on time of day
Knowledge of terms to know
What is Flatpak?
Flatpak is a universal packaging system created by Alexander Larsson, that lets you distribute, install and manage software without needing to worry about dependencies, runtime, or the Linux distribution.
What is Cloud-to-Cloud Backup (C2C Backup)?
C2C backup (cloud-to-cloud backup) is the practice of copying data stored on one cloud service to another cloud service. The backup stored on the second cloud service serves the same purpose as an off-site backup.
Cloud-to-cloud backup is important for organizations that rely on software-as-a-service (SaaS) applications like Microsoft Office 365, Box and Zendesk. SaaS vendors back up their customers’ data, but any system can fail and restores can be difficult if the SaaS vendor’s backup software is fairly basic.
As more software applications are being delivered as services, there are an increasing number of vendors who are specializing in C2C backups for specific applications. In this scenario the C2C provider manages both the backup software and its implementation for the C2C customer. Typically, C2C backups are run automatically without manual intervention. Customers can restore data from the target cloud if it is no longer available through the SaaS app.
What is Artificial Intelligence of Things (AIoT)?
Artificial intelligence of things (AIoT) is a broad term for applying artificial intelligence to the internet of things (IoT), a new phenomenon that represents many simple digital connections between hardware devices. The internet of things is comprised of billions of small connected devices, including traditional devices and appliances networked together and communicating over internet protocols. Adding AI to IoT brings its own system of challenges and potential solutions.
Artificial intelligence of things represents technologies that are built into the IoT to make it smart. AI can add value in helping IoT achieve machine learning goals or in using key data for signaling or developing insights. Where data analysis on the internet of things is automated, it constitutes artificial intelligence of things. Companies and other parties are talking about artificial intelligence of things when they talk about efforts to broaden what users can do over the internet of things or how technologies can utilize the internet of things to function.
What is ROWE?
A Results-Only Work Environment (ROWE) is one in which the most important criteria for evaluating employee performance is the completion of satisfactory work on time. How or where an employee completes work is not important.
A ROWE does not provide employees with paid sick days, personal days or vacation days. Employees who work in this type of outcome-focused work environment are free to set their own hours and work from any location as long their choices do not cause bottlenecks that hold up other people’s work.
ROWEs were popular with startups in the early days of the internet and have received renewed interest because of COVID-19. The concept of “results-only” is also being applied to IT service contracts in a delivery model called “outcome-based results.”
What is Empowered edge?
Empowered edge is a term in IT that is used to talk about empowering computing centralization that is distributed toward the edge of a network, toward the end user and the end user device. It is a key concept in device management in the cloud and big data age.
Empowered edge is also known as device democracy.
The idea of empowered edge is that engineers and enterprises are putting more computing transactions and significant data transfers at the edge of an increasingly complex system of network nodes. One of the major challenges of dealing with the internet of things (IoT) is managing a decentralized network. Empowered edge helps to achieve security and efficiency goals.
Empowered edge also works well with the cloud principle – in the cloud computing age, data is continuously being sent to different stakeholders or partners. It makes sense to address the edge of the network as a place where business gets done. In that sense, empowered edge is likely to be more a part of electronic systems and services in the future.
What is Dropper?
A dropper is a small helper program that facilitates the delivery and installation of malware.
Spammers and other bad actors use droppers to circumvent the signatures that anti-virus programs use to block or quarantine malicious code. It’s much easier to change the dropper, should its signature become recognized, than it would be to rewrite the malicious codebase.
Droppers, like many of their larger Trojan horse counterparts, can be persistent or non-persistent. Non-persistent droppers install malware and then automatically remove themselves. Persistent droppers copy themselves to a hidden file and stay there until they complete the task they were created for.
Droppers can be spread many ways, including by:
- Opening an infected e-mail attachment.
- Picking up a drive-by download on an infected website.
- Clicking a malicious link on a website or in an email.
- Using an infected flash drive.
Sometimes droppers are bundled with free utility programs (such as ad blockers) to avoid detection. When the free program executes, the dropper will first download and install malware before it unpacks and installs the legitimate utility.
What is Smart Device?
A smart device, as the name suggests, is an electronic gadget that is able to connect, share and interact with its user and other smart devices. Although usually small in size, smart devices typically have the computing power of a few gigabytes.
Smart devices are interactive electronic gadgets that understand simple commands sent by users and help in daily activities. Some of the most commonly used smart devices are smartphones, tablets, phablets, smartwatches, smart glasses and other personal electronics. While many smart devices are small, portable personal electronics, they are in fact defined by their ability to connect to a network to share and interact remotely. Many TV sets and refrigerators are also therefore considered smart devices.
DnsLeakTest sends your client a series of domain names to resolve within a specific test domain in order to find any traffic originating from your computer that is not being routed through the anonymity network. Enables you to locate traffic leaks outside the secure connection that an attacker monitoring your traffic could use to log your activity.
Automating with PowerShell: Deploying Azure Functions is a blog post that contains scripts for single-click deployment buttons for a number of Azure functions.
Dnspython is a DNS toolkit for Python queries, zone transfers, dynamic updates, nameserver testing and more. High-level classes perform queries for data of a given name, type and class. Low-level classes allow direct manipulation of DNS zones, messages, names and records. Almost all RR types are supported.
Polr is an open-source link shortener that allows you to host your own URL shortener so you can brand and control your URLs. Nice for getting branded URL shortening on the cheap, and it’s got a decent little API for programatically generating shorts.”
BashGuide is intended to help beginning users learn good practice techniques for using BASH. Requires no knowledge aside from being able to log into a Unix-like system and open a command-line interface. Provides guidance on writing simple scripts.
Knowledge of terms to know
What is Ubicomp?
Ubicomp is an abbreviation for the term “ubiquitous computing.” Ubiquitous computing is an idea related to expanding an interface to make it seem “pervasive” in a given environment.
Ubicomp is also the name of an annual conference on ubiquitous computing.
Much of the progress around ubiquitous computing involves the new ways that developers and engineers have been able to distribute computing systems across wireless technologies and sets of hardware pieces that are wirelessly connected to each other. Wireless sensor networks and radio frequency technology have enabled the emergence of “body area network systems” that track behavior in motion across the human body, and other kinds of comprehensive interfaces that make computing seem, in a word, ubiquitous.
An easy way to think about ubiquitous computing is by contrasting it to traditional technologies. As computing systems emerged, they were always linked to very specific interfaces—the computer screen and computer hardware. There was one screen that disseminated information. There was one motherboard or tower that computed processes. Various peripherals facilitated human response.
By contrast, ubiquitous computing involves moving that interface to a wider variety of points. Some people think of ubiquitous computing as the ability to use different devices to access the same information, in much the same way that modern cable-television carriers offer the ability to view shows or movies from any TV in a house. But that is only part of the enormous potential of ubiquitous computing systems to broaden our horizons when it comes to how we interact with computers.
Ubiquitous computing has been linked to ideas like the “Internet of Things,” which posits a greater array of hardware pieces linked to local or global wireless networks.
What is E-Voting (Electronic Voting)?
E-voting is an election system that allows voters to record a secret ballot and have it tabulated electronically. Votes are stored so they can be re-counted should the need arise.
E-voting systems can speed up election results and lower the cost of conducting an election by significantly reducing the number of people required to operate a polling place and tabulate results. A primary concern with e-voting, however, is how to store votes so they can be recounted if required.
Electronic voting was first introduced in the United States during the 1960s when mechanical voting machines were first used and punchcards were the storage medium for votes. Since the Help America Vote Act (HAVA) of 2002, however, lever voting machines have largely been replaced by optical scan systems and all voting systems must produce a permanent paper record.
Here is how three of the most popular types of e-voting systems work:
- Optical scan system: the voter records their vote on a paper ballot, and the paper ballot is digitally scanned. Votes are either tabulated by the scan system locally, or they are collected in a ballot lockbox and sent to a central location for tabulation.
- Ballot marking device (BMD): BMDs allow the voter to record their vote on a digital device’s touchscreen, but the device does not store the ballot. Instead the voter prints out their completed ballot and submits it for tabulation by an optical scan system.
- Direct-Recording Electronic (DRE): the voter casts thier vote directly into the voting system’s computer memory by touching a screen. Some DREs will provide the voter with a Voter-Verified Paper Audit Trail (VVPAT) to provide the voter with assurance that the correct vote was recorded.