Documente Academic
Documente Profesional
Documente Cultură
About CSI
2
1
Preface
The editorial team of CSI-NSIT Students Branch presents to you the
fourth edition of its quarterly newsletter, Bits n Bytes. While the first two
editions primarily focused on spreading awareness about Open Source
and related tools, the third one focused on Web Development. This edition,
however, diversifies the focused area as we delve into topics like Digital
Security and 3G Technology. The article on All About Computer Viruses
would hopefully be an interesting read. The 3GTechnology and its
Evolution introduces one of most powerful ways of communication. Open
Source does feature in the form of gOS, an upcoming operating system.
Also included are tips and tricks about the Microsoft Windows. We hope that
you have a fine reading experience!!!
- Bits n Bytes Team
Index
All about COMPUTER VIRUSES
Pg 4
PG 7
PG 9
Pg 11
gos
Pg 13
Steganography
Pg 14
Winhacks
Pg 15
Activities
Academic Year 2008-2009
Placement Seminar: The Placement Seminar was conducted by
the triumphant final year students placed in companies like
Adobe, CISCO, Deloitte, DE Shaw, Amazon etc. It saw an attendance of more than 300 students. The successfully placed students
shared some invaluable tips with those present in the form of
their personal strategies, resources they utilized while preparing.
The seminar was very well received especially by the third year
students.
Joomla Workshop: Joomla! is a populat open source content management system. With Joomla!, its easy to
make complex websites in a matter of minutes using a simplified GUI which can be used even by novices. Students were given information of the platform on which Joomla! was developed and were informed of the need
for PHP, MySQL and Apache. They were given a detailed walkthrough of the installation of the Joomla! package on the client system, rather than on a web server. They were also given details on how to install and upload
code and text using Joomlas features. This workshop had an enthusiastic response from the students. The follow up to this workshop was also commendable since many students contacted the speakers later on for any
problems they were facing, and were helped out by the speakers over the Internet.
Ubuntu Workshop: This workshop focused on the installation of the popular open source Linux based operating system, Ubuntu. This workshop was quite a hit amongst students, especially those of IT and COE. Students were given a detailed walkthrough of installing Ubuntu and troubleshooting any problems that might occur during the installation. Students were provided with handouts with detailed instructions for installing and
using Ubuntu. CSI members were provided with Ubuntu CDs, free of cost, while non-CSI members were
charged a nominal rate for the CDs.
C it for yourself: This workshop was aimed at the 2nd year students in COE and IT. The aim was not to teach
them basic C coding but it was to hone and sharpen their C coding skills. Students were provided with brain
teasers bases on syntax and logic. Every attendee was given a handout containing the questions. These questions were discussed in detail by the speakers. This workshop was held in two parts, on consecutive Wednesdays. This workshop also received a very warm response from the students as it helped them to further their C
skills as well improve their understanding of C from an academic standpoint.
Startup Fair: The startup fair was held by CSI in collaboration with EDC- IIT
Roorkee. The startup fair provided an opportunity for students to land up lucrative
internships with upcoming startups at a time when the world economy is facing a
recession and job opportunities are becoming harder to find. Nearly 200 students
across all semesters participated in the startup fair. All the students were pre registered on the CSI website before hand. The fees for CSI members were quite less
compared to non-CSI members. 5 startups gave presentations on their startups and
the positions offered. Many students from IIT-Roorkee also attended the meet to
avail the internships. All from the startups were provided executive lunches from
NSIT, students were provided with refreshments coupons. Interviews were held
that very day in NSIT at various locations.
4
COMPUTER VIRUSES
A computer virus is a computer program that can copy
itself and infect a computer without the permission or
knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the
reproductive ability. A true virus can only spread from
one computer to another (in some form
of executable code) when its host is
taken to the target computer. Viruses
can increase their chances of spreading
to other computers by infecting files
on a network file system or a file system that is accessed by another computer.
Malware includes computer viruses, worms, trojan horses,
most rootkits, spyware, dishonest adware, crimeware, and
other malicious and unwanted software, including true
viruses. Viruses are sometimes confused with computer
worms and Trojan horses, which are technically different.
A worm can exploit security vulnerabilities to spread itself
to other computers without needing to be transferred as
part of a host, and a Trojan horse is a program that appears
harmless but has a hidden agenda. Worms and Trojans,
like viruses, may cause harm to either a computer system's
hosted data, functional performance, or networking
throughput, when they are executed.
vantage of lingering problems with Microsoft IIS security and previously installed Code Red or Sadmind
worms. Nimda cost an estimated $635 million in damage.
SQL Slammer, 2003: On January 25, this worm began
using a buffer-overflow bug in Microsoft SQL Server
and MSDE (Microsoft Desktop Engine) database products. It rapidly distributed copies of itself around the
world, causing major denials of service and slowing
down the entire Internet. An estimated 150,000 to
200,000 systems were affected. As with Code Red, a
patch for the SQL Server flaw had been available for
months.
MS Blaster, 2003: Beginning on August 11, Blaster
spread via various Windows operating systems and targeted Microsofts windowsupdate.com site with DoS
(denial-of-service) attacks. It caused widespread trouble
and multiple restarts in machines running Windows NT,
Windows XP (64-bit) and Windows 2003, although a
patch for this vulnerability was already available. Victims included the Federal Reserve Bank of Atlanta,
BMW AG, Philadelphias City Hall, and thousands of
home and corporate users. Although its ultimate origin
is thought to be Chinese, the Blaster.B variant was created by then-18-year-old Jeffrey Lee Parson, who was
caught because he programmed it to contact a domain
registered to his father.
MyDoom, 2004: This email-transmitted virus, first
identified on January 26, quickly spread by appearing to
be an error message with an attachment that, when
opened, emailed copies of the virus to addresses in the
victims address book, and also propagated itself
through the Kazaa file-sharing service. Oddly, it avoided
infecting computers at certain universities (University of
California, Berkeley; Massachusetts Institute of Technology; Rutgers University and Stanford University)
and corporations (Microsoft and Symantec Corp.), but
then launched a distributed DoS attack against Microsoft
and The SCO Group Inc. from about 1 million infected
machines. Later versions attacked the Google, AltaVista
and Lycos Inc. search engines.
Sasser, 2004: On April 30, Sasser spread among Windows XP and Windows 2000 machines by exploiting a
buffer overflow in these operating systems. It had unusually direct physical-world consequences, resulting in
Delta Air Lines Inc. canceling 40 trans-Atlantic flights
and forcing Australian trains to halt because operators
could not communicate with signalmen. Despite this,
Sassers then-teenage German creator was tried as a juvenile and drew a mere 21-month suspended sentence
for releasing Sasser into the wild.
10 virus symptoms
Programs take longer to load. Memory-intensive operations take a lot of time to start.
A change in dates against the filenames in the directory. When the virus modifies a file the operating
system changes the date stamp.
Increased use of disk space and growth in file sizethe virus attaches itself to many files.
Strange characters appear in the directory listing of
filenames.
Strange graphic displays such as falling letters or a
bouncing ball appear on screen.
Programs may hang the computer or not work at all.
Junk characters overwrite text in document or data
files.
Listed below are some of the steps recommended by experts to safeguard your PC from viruses. These are a
compilation of magazine sources and experience.
Change a setting in the BIOS that enables your PC
to boot from the C-drive first.
Use a good anti-virus program to scan floppy disks
before copying files. Recommended ones are Norton
Antivirus 2000 and McAffee 5.
Do not install pirated software, especially computer
games.
Activate watch-guard programs (monitors) that look
out for suspicious activity.
Use the update service offered by software vendors
and update the anti-virus software every month.
Scan the entire hard disk twice a month.
Scan files downloaded from the Internet or those
transferred through a network.
Prepare a rescue disk with critical system files. Preferably, it should be bootable.
Keep the original CD-ROM or diskettes containing
the operating system handy.
More on 3G
3G technology, which is short for third generation mobile telephone communication systems technology,
improves the efficiency of data can be transferred
through your cellular phone. The data transfer rates for
third generation mobile telecommunications is up to 2
Mbps (Megabits per second). (EDGE is standardized
by 3GPP as part of the GSM family, and it is an upgrade that provides a potential three-fold increase in
capacity of GSM/GPRS networks! This means users
can download and view video contents in a jiffy.) 3G
networks offer a greater degree of security than 2G
predecessors. Aside from this feature, 3G cellular
phones also have conventional voice, fax and data services, as well as high-resolution video and multimedia
services which can be used while on the move. It also
includes mobile office services such as virtual banking
and online-billing, video conferencing, online entertainment and access to the Internet.
Such mobile telephone technology would improve the
way people will be able to communicate with each
other, as well as develop new uses for their cellular
phones. One particular advantage of using such a technology on your cellular phone would be your phones
ability to watch television shows on your phone, and it
also allows you to have video conversations with other
people who also use the same 3G technology.
3G What is it?
The latest buzz word in Mobile Technology for the
past few months has been 3G. Many a times we go
through the newspaper reading about 3G, without a
clue of what it is and its power. Ask a NERD what is
3G and you will get the following answer: 3G better
known as International Mobile Telecommunications2000 (IMT-2000) is a is a family of standards for
wireless communications defined by the International
Telecommunication Union, which includes GSM
EDGE, UMTS, and CDMA2000 as well as DECT and
WiMax.
In lay man language we can say that 3G (Third Generation) is the latest wireless technology which provides wireless access to the data and information to
the users from anywhere and anytime. Its services include wide-area wireless voice telephone, video calls,
and wireless data, all in a mobile environment. First
launched in Japan in October 2001 3G phones were
designed so users would be able to surf the Internet,
view pictures of the people they are talking to, watch
movies and listen to music on their handsets.
This makes one of the 3G phones most essential feature better, which is the ability for people to conduct
video conferencing. However, this only makes up a
very small fraction of use from the 3G phones.
Other applications of the 3G technology include map
and positioning services, as well as multiplayer gaming, which is more popular with the mobile phones
y o u n g e r
s u b s c r i b e r s .
9
9
10
You can also pay your bills and balance your checks
by logging on to your bank account using the 3G devices that you have. You also book in advance dinner
and hotel reservations in any city that you are in. Such
technology also benefits you by giving you enough
flexibility to function at your best in your workplace.
Teleconferencing is one of the best applications for the
3G
technology
in
your
work.
Although 3G technologies offer a lot of new advancements and changes in the world of telecommunication,
there are still a few things that render the use of 3G
telephone communication systems technology as disadvantageous. One thing that makes 3G cellular
phones disadvantageous to its users is the fact that
these types of cellular phones are more expensive as
compared to those which do not share the same technology. Aside from this, people who have 3G can only
enjoy the video conferencing feature of the technology
with other 3G subscribers.
Conclusion
3G is an exciting new technology that is being incorporated into mobile devices across the globe. Users
are now able to make person-to-person calls,
download data and do a variety of other tasks they
never imagined possible all via their 3G cell phones.
Situation in India: People are still on 2.5G. The factors
restricting private sector telecoms to move to 3G are :
High capital investment, high cost of 3G compatible
phones as compared to GPRS enabled ones, mass people using cell phones for communication purposes
only( The number of people using mobile phones for
internet and TV watching is very small), high service
rates. Although MTNL has rolled out their 3G services, but no big impact on people is seen. Also the
spectrum allocation for 3G by Govt. is getting delayed. It will take some more time to actually see 3G
in action in India. But when out it will surely change
the way people use their cell-phones.
Compiled by:
Dipankar Patro, CoE
Abhinav Arora, IT
Sources:
Wikipedia
Articlebase.com
110words.com
ENCRYPTION
Secure Your Data - Scramble It
Encryption is an important part of digital security. It is on
of the most effective methods to provide data security and
is widely used by multinationals, bankers, the military and
even journalists. It facilitates secret communication between two systems.
Encryption refers to schemes that encode the plain text
into non-readable form or cyphertext, providing privacy.
So plain text is basically the human readable form of information. The receiver of the encrypted text uses a "key"
to decrypt the message, returning it to its original plain
text form. The key is the trigger mechanism to the algorithm.
Web browsers will encrypt text automatically when connected to a secure server, that is when an address beginning with https. The server decrypts the text upon its arrival, but as the information travels between computers, interception of the transmission will not be fruitful to anyone "listening in" i.e. tapping your communication. They
would only see unreadable gibberish. Emails can also be
encrypted. This can easily be accomplished with encryption programs that feature plug-ins or interfaces for popular email clients. The most longstanding of these is called
PGP (Pretty Good Privacy), a humble name for very
strong military-grade encryption program. PGP allows
one to not only encrypt email messages, but personal files
and folders as well.
Encryption can not only be applied to webpages and
emails but entire hard drives can be encrypted. To use the
drive, it is "mounted" using a special decryption key. In
this state the drive can be used and read normally. When
finished, the drive is dismounted and returns to an encrypted state, unreadable by hackers , Trojan horses, or
spyware. Some people choose to keep financial programs
or other sensitive data on encrypted drives.
In recent years, many encryption algorithms have been
developed to provide better encryption for different applications.
Some popular ones are:
RSA:
RSA was developed by Ron Rivest, Adi Shamir and Leonard Adleman at MIT. This scheme was named in their
honour. It involves three steps: key generation, encryption
and decryption. RSA involves a public and private key.
The public key can be known to everyone and will be
10 used to encrypt messages. Messages encrypted with the
9 public key can only be decrypted using the private key.
11
Blowfish:
Blowfish is a keyed, symmetric block cipher, designed
in 1993 by Bruce Schneier and included in a large
number of cipher suites and encryption products.
Blowfish provides a good encryption rate in software
and no effective cryptanalysis of it has been found to
date. Schneier designed Blowfish as a general-purpose
algorithm, intended as a replacement for the DES and
free of the problems and constraints associated with
other algorithms. At the time Blowfish was released,
many other designs were proprietary, encumbered by
patents or were commercial/government secrets.
Blowfish has a memory footprint of just over 4
kilobytes of RAM. This constraint is not a problem
even for older desktop and laptop computers, though it
does prevent use in the smallest embedded systems
such as early smartcards.
QC provides much
more security compared
to previous algorithms.
This is because the two
parties involved in data
transaction can detect
the presence of any
third party trying to
gain knowledge of the
key. This is because of
Heisenbergs Uncertainity Principle, that a
quantum system is disturbed when someone
tries to measure its
properties. A third party
trying to eavesdrop on
the key must in some
way measure it, thus introducing detectable anomalies.
However, some attacks have been formulated which
cause a minimal change in the quantum states used in
the encryption procedure. However, these changes can
be detected by the receiver.
DES
The Data Encryption Standard (DES) is a block
cipher (a form of shared secret encryption) that was
selected by the National Bureau of Standards and
which has subsequently enjoyed widespread use
internationally. It is based on a symmetric-key
algorithm that uses a 56-bit key. The algorithm was
initially controversial with classified design elements,
a relatively short key length, and suspicions about a
National Security Agency (NSA) backadoor. DES
consequently came under intense academic scrutiny
which motivated the modern understanding of block
ciphers and their cryptanalysis. DES is now
considered to be insecure for many applications. This
is chiefly due to the 56-bit key size being too small.
Quantum cryptography is only used to produce and distribute a key, not to transmit any message data. This key
can then be used with any chosen encryption algorithm
to encrypt (and decrypt) a message, which can then be
transmitted over a standard communication channel. Algorithms such as BB84 and E91 protocol have been designed for QC.
IDEA
International Data Encryption Algorithm (IDEA) is an
algorithm that was developed by Dr. X. Lai and Prof.
J. Massey in Switzerland in the early 1990s to replace
the DES standard. It uses the same key for encryption
and decryption, like DES operating on 8 bytes at a
time. Unlike DES though it uses a 128 bit key. This
key length makes it impossible to break by simply
trying every key, and no other means of attack is
known. It is a fast algorithm, and has also been
implemented in hardware chipsets, making it even
faster.
12
BUYERS GUIDE
FOR ASSEMBLING
A DESKTOP
COMPUTERPART 2
In the previous
issue we dealt
with
mother
board and processor. In this
issue we will
talk about audio
and visual components of a PC
namely Graphics Card, Monitor and Speakers. Apart from
that we will also
look into an optional PSU(Power Supply Unit). Let us
get straight to the sections.
Choosing the correct Graphics Card
Graphics card has become de-facto for almost all users. With prices as low as Rs 2000, anyone can get
him/herself a decent graphics card. What to watch out
for while buying?
Graphics Cards come
in mainly two types
AGP and PCIe. AGP
has become old and is
almost phased out by
PCIe Cards in terms of
technology. By default
new mother boards
have PCIe (x16) slots
for graphics card.
For Non/Light gamers:
People of this category
dont require high end
graphics for daily usage. A graphics card with 128MB
(Video Memory)/DDR2 will do just great. For people
who also want to try a little bit gaming in this category
can opt for 256MB/512MB, DDR2 graphics card, believe me it can run most
games like Wolverine at decent frame-rates. Graphics Cards from both nVidia and ATI are superb. As
DDR2 Cards dont require additional power, you also
wont require having a new PSU.
For Serious Gamers/ Graphics Designers: People in
this category need the best in class Graphics Cards
(at a cost lot more than the above). A graphics card
with at least of 512MB Memory, DDR3 technology is
for you. If you want to be future proof (for 4-5yrs)
and are having a good budget, then go for 1GB or
more Memory. But remember one thing, since DDR3
graphics card require more power, so they need to be
supplied with a PSU than can provide such power.
Even if you find that the price difference between
DDR2 and DDR3 graphics cards is not much, but going for DDR3 will add another Rs 3000 to your bill
for PSU.
PSU should be selected after selecting a graphics
cards since the power recommendations are always
mentioned by the manufacturers of the cards. This
varies with models.
Note: Both DDR2 and DDR3 are compatible with
PCIe (x16) slots.
Upgrading suggestions
Check the slot first. If its AGP then choosing a good
AGP card with greater memory may give you better
results. For PCIe, you can select according to the
above criteria.
Note, for same amount of memory, AGP cards cost
more than their PCIe counter parts. While upgrading,
keep the future usage in mind.
Choosing the correct Monitor
Gone are the days when CRTs were better than LCD.
Now you
can get a
s l e e k
L C D
monitor
for as low
as
Rs
5 0 0 0 .
N o w
CRTs use
Analogue
output
(VGA/DSUB connector to graphics card), but LCD monitors
support that and also Digital output (DVI connector to
1211
13
Upgrading suggestions
If you are having a CRT, and are not happy with the
movie viewing, then you should upgrade for a widescreen monitor according to your requirements as
mentioned above.
Choosing a correct set of Speakers
Everybody listens to music while working, relaxing,
or almost
doing anything! So
why not
have a decent set of
speakers
that will
set your
mood and
ambience
of room.
Remember
that while
buying a
speaker set
Upgrading suggestions
If you have a 2.1 speaker set and want to have better
sound, get yourself a better RMS rated speaker set. If
you have a 6 channel sound support system go for a
5.1 speaker set.
So that was Audio and Visual components for your
new PC. In next issue we will see how to select correct Storage Devices. If you have any queries regarding this topic, you can contact me.
Compiled by: Dipankar Patro, COE
Source: Internet
1213
14
gOS
14
13
15
STEGANOGRAPHY
Encryption is extensively used these days to secure
communication in digital networks. Many efficient
and nearly unbreakable algorithms have been developed to this effect. However, the one the serious drawback with encryption is that you can easily be aware of
encrypted text.
Consider the following text:
This is Bits and Bytes, CSI-NSITs newsletter.
It was encoded using the Blowfish algorithm with a
key of 28 bytes. The resulting cipher text is:
2EB7D1F6CCF41B3F43716D208554DC95
866DA9D7678C71432334C96C0BC4A726
82F55498F03DA0E92D2ED175091B21F2
If an attacker manages to compromise the network and
download the message, its rather obvious that the message has been encrypted. He would then use standard
algorithms and generate keys for those algorithms and
then try to crack the message. So, eventually the attacker will be able to decrypt the message. Obviously,
this represents a serious drawback. Encrypted data
sticks out like a sore thumb. Steganography is a
method that overcomes this drawback.
Steganography is the science of hiding information.
Whereas the goal of cryptography is to make data unreadable by a third party, the goal of steganography is
to hide the data from a third party. In reality, steganography is what is called deniable encryption. In
this article, we will focus on the interesting aspects of
digital steganography.
These days, it is common for data to be embedded in
innocuous image files. To a computer, an image is an
array of numbers that represent light intensities at various points. A common image size is 640x480 pixels.
This is roughly 300,000 pixels. Pictures are either 8 bit
or 24 bit. That means a pixel either uses 1 byte or 3
bytes in the image. The more the number of bytes
(bits), the better the quality of the image. Then image
formats such as JPEG or GIF are used to store the images. They compress the image, ie the reduce the number of bytes the image occupies. To hide data, the
steganography software selects a pattern of bytes. It
can then modify the least significant bit in the byte to
represent data. It changes the colour of a pixel, but the
pixels are selected so that the hidden data is invisible
to the naked eye. This is one of the simplest methods
of steganography involving images.
Consider the following images:
15
14
16
Winhacks
Hack Your BIOS for Faster Startups
BIOS stands for Basic Input/Output System, its a procedure that ensures that your hardware is in order as
your PC boots. It is the first piece of code that runs
when your machine boots up.
When you turn on your PC, it goes through a set of
startup procedures in its BIOS before it gets to starting
Windows. So, if you speed up those initial startup procedures, youll make your system start faster.
You can speed up your startup procedures by changing
the BIOS with the built-in setup utility. How you run
this utility varies from PC to PC, but you typically get
to it by pressing either the Delete, F1, or F10 key during startup. Youll come to a menu with a variety of
16
15
Scheduled Tasks
Some tasks are scheduled to run as soon as your computer loads like Google update. Some of these tasks
maybe important to help your secure your computer.
Go to C:\WINDOWS\Tasks, and delete the shortcuts of
any programs that you dont want to run.
Hacking the Interface
Your
machine
might not look as
cool as a Mac.
Dont
worry,
there are lots of
hacks and programs to get you
out of your Windows into a Macintosh (almost).
When you start
your
machine,
you'll see a
17
vendor-specific welcome screen, which provides access to BIOS settings. Depending on your setup, after
that you might see a menu that lets you boot from one
of multiple operating systems. But if you run only one
instance of Windows XP, you will be greeted immediately by the Windows splash screen. To get an almost
complete Mac experience, we are going to replace the
default Windows logo with something more Mac-like.
To do this, we use BootSkin by Stardock , which is
free for noncommercial use.
After downloading and installing the program we need
to obtain a Mac-like boot skin. A particularly nice one
is called G5, available at
http://
www.wincustomize.com/skins.asp?
library=32&SkinID=740. Once you have downloaded
it, you need to import it into BootSkin. From BootSkin, choose File -> Import from file. After you import it, it will show up in BootSkin
The Dock
18
Other Hacks
How to Send Any File to Any Place By One Click
This can be done by providing more locations to Send
To option that comes when you right click on a particular file. To do that,
1. G o
to
C:\Documents
and
Settings\User_name\SendTo (where User_Name is your
user name)
2. The folder will be filled with shortcuts to all the
locations you find on your Send To context menu.
3. To remove an item from the Send To menu, delete
the shortcut from the folder.
AND
19
For Item nos. 1-5, write in your complete details and postal address. This is the address where you will be
mailed the CSI Magazines, so do ensure it is foolproof.
In Item no. 6, write B.E. under the Degree field and leave others blank.
In Item no. 7, write Netaji Subhas Institute of Technology, Azad Hind Fauj Marg, Sector 3, Dwarka.
City: New Delhi. Pin: 110078
If you want your name to be included in membership lists for commercial purposes, then tick Yes otherwise No in Item no. 14.
Attach a photograph in the space provided and give another photograph along with the filled-up form.
Membership Fee is Rs. 500 for two years membership. Forms are also available with the 2nd year Executive Board Members, CSI-NSIT.
Contact your class/branch CSI representative and hand over the form along with the membership fees and
photograph to him/her.
19
18
20
Faculty Members
Dr. MPS Bhatia
PhD (Software Engineering)
Assistant Professor,
COE/IT Department
Dr. Ritu Sibal
PhD (Software Engineering)
Lecturer, COE/IT Department
Student Board
Director - Bits n Bytes
Ashish Kapoor
Pavit Laul
Directore-Operations
Pavit Laul
Director - Marketing
Nitin Garg
Director - Event Management
Swarandeep Singh
Newsletter Team
Design
Ekansh Preet Singh
Nikhil Gupta
Editorial Board Members
Abhinav Arora
Dipankar Patro
Shikhar Kohli