Cryptography Concepts Simplified

Dan — Sat, 17 Aug 2024 08:20:16 +0000

What is Cryptography

Cryptography is scary, Its based on math that most of us don't understand yet it makes the internet secure.

Cryptography takes bytes of data and scrambles them up with an algorithm making it really impossible for you to understand.

Brief History of Cryptography

Cryptography is the science of creating secrets and it has been around since 1900BC long before the computer.

Before humans got good at math, they used to tattoo messages on the scalps of slaves and wait for the hair to grow back, and send them to other leaders. Although this seems a bit vulnerable since the attacker can shave the head of the slave but it seems that the message itself seemed to work.

Things got much better by the time of Julian Caesar who shifted the letters of the alphabet before passing the message to his military generals.

Important Cryptography Concepts:

Hash

The first concept we will look at is the hash, Hash is the action of chopping and mixing.

You start with an input that is any length that is passed off to a hashing function, this function will return a fixed length value of what looks like garbage.

Same Input -> Same Output

Salt

Now the fact that the hashing function will always return the same output, its a bit predictable and also a problem when it comes to passwords.

This brings us to the second cryptography topic which is Salt. Salt is a random value that is added to the password before it's hashed, therefore making it much harder to guess.

HMAC

Hash-Based Message Authentication Code is a hash that also requires a password, so the only person that can create the same hash signature must also have the corresponding hash password

Encryption

What if you want to share a secret with someone and allow them to read the original message. This is where encryption comes in.

With encryption we take a message scramble up the bytes and make it unreadable, this is called cipher text and provide a key allowing someone else to decrypt it.

CrowdStrike Blew Up the Internet

Dan — Sat, 20 Jul 2024 13:22:31 +0000

Bad code broke a million Windows machines...

Yesterday millions of Windows computers got BRICKED around the world thanks to an update pushed by enterprise cybersecurity firm CrowdStrike. Airports are shutting down, hospitals are unable to treat patients, and banks are not able to get your money.

Let's dig deeper into the technical side of this disaster and find out how such a catastrophic mistake can even happen in the modern work:

A huge number of fortune 500 companies use CrowdStrike for cybersecurity, its primary product is called "Falcon". Falcon is a tool that provides ENDPOINT protection using artificial intelligence and analytics to detect threats in real time. It is publicly traded, and its stock is down right now because everybody is blaming them for the BSOD.

Luckily MacOS and Linux chads are unaffected, to understand why we first need to understand how CrowdStrike's Falcon Sensor actually works. Falcon is installed just like regular software but integrates with the OS at a low level often using kernel mode drivers and sits there in the background looking for threats. So basically, it is a third-party software sitting in the critical path of a computer. If it fails, the entire computer might fail.

Apparently, some automated software update yesterday had some bad code in it and every computer that got that update is now dead. Part of the reason this is bad, is that it's not a normal outage but every affected computer needs rebooted into safe mode so that the driver can be removed manually.

However, they were quick to fix it...

The fix is really EASY. All you have to do is the following:

Detach the OS Disk
Create a Snapshot of the disk
Mount a Volume to new virtual server
Find driver (%WINDIR&\System32\drivers\CrowdStrike)
Delete the bad file (C-00000291*.sys)
Detach Volume from virtual server
Reattach volume to impacted server

Piece of cake... but option 2 is to go buy a hammer and use it to uninstall windows and install Linux.

What everyone failed to realize is that giving one company kernel access to the computer of most companies might actually be a bad idea, because it only takes 1 automatic update with a misplaced 0 to nearly destroy the entire world.

DEV Community: Dan