computer viruses
Transcription
computer viruses
2 About CSI Computer Society of India (C.S.I.) is a non-profit body comprising of I.T. professionals, students, academicians, scientists and corporate and other institutions. This wide spectrum of members is committed to the advancement of the theory and practice of Computer Engineering and Technological Systems, Science and Engineering, Information Processing and other computer related fields. CSI-NSIT students’ branch functions under the able guidance of Dr (Ms.) Ritu Sibal and Dr M.P.S. Bhatia (DSW, NSIT). CSI-NSIT primarily works to bridge the gap between technology and the academia by conducting various seminars, presentations and workshops. It has also organized many competitions over the past years, encouraging a new thought process in the budding engineers of NSIT. It is one of the few societies in the college to have its own Web-Portal located at http://societies.nsitonline.in/csi , Discussion Forums at http:// societies.nsitonline.in/csi/forum and a very active Yahoo Group ([email protected]). The Yahoo group proves as a very useful platform for communication between CSI members. It comprises of many members (and growing each day...) and undertakes in-depth discussion encompassing a wide range of topics. 2 1 3 Preface The editorial team of CSI-NSIT Students’ Branch presents to you the fourth edition of its quarterly newsletter, Bits ‘n’ Bytes. While the first two editions primarily focused on spreading awareness about Open Source and related tools, the third one focused on Web Development. This edition, however, diversifies the focused area as we delve into topics like Digital Security and 3G Technology. The article on ‘All About Computer Viruses’ would hopefully be an interesting read. The ‘3G—Technology and its Evolution’ introduces one of most powerful ways of communication. Open Source does feature in the form of gOS, an upcoming operating system. Also included are tips and tricks about the Microsoft Windows. We hope that you have a fine reading experience!!! - Bits ‘n’ Bytes Team Index All about COMPUTER VIRUSES …………………………………………… Pg 4 3g - Technology & its evolution …………………………………………… PG 7 Encryption - Secure your data …………………………………………… PG 9 Buyer’s guide for AssemBling A Desktop PC - Part II …………………………………………… Pg 11 gos …………………………………………… Pg 13 Steganography …………………………………………… Pg 14 Winhacks …………………………………………… Pg 15 2 3 4 Activities Academic Year 2008-2009 Placement Seminar: The Placement Seminar was conducted by the triumphant final year students placed in companies like Adobe, CISCO, Deloitte, DE Shaw, Amazon etc. It saw an attendance of more than 300 students. The successfully placed students shared some invaluable tips with those present in the form of their personal strategies, resources they utilized while preparing. The seminar was very well received especially by the third year students. Joomla Workshop: Joomla! is a populat open source content management system. With Joomla!, its easy to make complex websites in a matter of minutes using a simplified GUI which can be used even by novices. Students were given information of the platform on which Joomla! was developed and were informed of the need for PHP, MySQL and Apache. They were given a detailed walkthrough of the installation of the Joomla! package on the client system, rather than on a web server. They were also given details on how to install and upload code and text using Joomla‘s features. This workshop had an enthusiastic response from the students. The follow up to this workshop was also commendable since many students contacted the speakers later on for any problems they were facing, and were helped out by the speakers over the Internet. Ubuntu Workshop: This workshop focused on the installation of the popular open source Linux based operating system, Ubuntu. This workshop was quite a hit amongst students, especially those of IT and COE. Students were given a detailed walkthrough of installing Ubuntu and troubleshooting any problems that might occur during the installation. Students were provided with handouts with detailed instructions for installing and using Ubuntu. CSI members were provided with Ubuntu CDs, free of cost, while non-CSI members were charged a nominal rate for the CDs. C it for yourself: This workshop was aimed at the 2nd year students in COE and IT. The aim was not to teach them basic C coding but it was to hone and sharpen their C coding skills. Students were provided with brain teasers bases on syntax and logic. Every attendee was given a handout containing the questions. These questions were discussed in detail by the speakers. This workshop was held in two parts, on consecutive Wednesdays. This workshop also received a very warm response from the students as it helped them to further their C skills as well improve their understanding of C from an academic standpoint. Startup Fair: The startup fair was held by CSI in collaboration with EDC- IIT Roorkee. The startup fair provided an opportunity for students to land up lucrative internships with upcoming startups at a time when the world economy is facing a recession and job opportunities are becoming harder to find. Nearly 200 students across all semesters participated in the startup fair. All the students were pre registered on the CSI website before hand. The fees for CSI members were quite less compared to non-CSI members. 5 startups gave presentations on their startups and the positions offered. Many students from IIT-Roorkee also attended the meet to avail the internships. All from the startups were provided executive lunches from NSIT, students were provided with refreshments coupons. Interviews were held that very day in NSIT at various locations. 4 3 5 COMPUTER VIRUSES A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. Worms and Trojans, like viruses, may cause harm to either a computer system's hosted data, functional performance, or networking throughput, when they are executed. low this link : http://en.wikipedia.org/wiki/Computer_viruses A brief history of viruses THE 1st VIRUS The Creeper virus was first detected on ARPANET, the forerunner of the Internet in the early 1970s. Creeper was an experimental self-replicating program written by Bob Thomas at BBN in 1971. Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper. The first PC virus in the wild was a boot sector virus dubbed (c)Brain, created in 1986 by the Farooq Alvi Brothers, operating out of Lahore, Pakistan. The brothers reportedly created the virus to deter pirated copies of software they had written Before computer networks became widespread, most viruses spread on removable media, particularly floppy disks. In the early days of the personal computer, many users regularly exchanged information and programs on floppies. Some viruses spread by infecting programs stored on these disks, while others installed themselves into the disk boot sector, ensuring that they would be run when the user booted the computer from the disk. Until floppy disks fell out of use, this was the most successful infection strategy and boot sector viruses were the most common in the wild for many years. Windows and UNIX have similar scripting abilities, but while UNIX natively blocks normal users from having access to make changes to the operating system environment, older copies of Windows such as Windows 95 and 98 do not. In 1997, when a virus for Linux was released – known as "Bliss" – leading antivirus vendors issued warnings that Unix-like systems could fall prey to viruses just like Windows. The Bliss virus may be considered characteristic of viruses – as opposed to worms – on UNIX systems. Bliss requires that the user run it explicitly (so it is a Trojan), and it can only infect programs that the user has the access to modify. Unlike Windows users, most UNIX users do not log in as an administrator user except to install or configure software; as a result, even if a user ran the virus, it could A virus has basically three parts 1. Replicator - The replicators job is to ensure the survival of the virus on a system. Most successful viruses do this by not inflicting damage on the system but by appending themselves to legitimate programs in the machine. Each time the program is run then the virus will 'wake up' and start to reproduce. As said earlier, this is the most important part of the virus code. 2. Concealer - This part of the virus has the job of hiding the virus. It uses a number of methods to do this but the point is if you don't know a virus is there then you wont try and kill it. Today's viruses use advance techniques to stop being caught from Antivirus software. 3. Payload - The payload of a virus can be practically anything, in fact if it can be programmed then it can be the payload. If an obvious payload gets delivered soon after infection then the user is soon going to notice and will go virus hunting. This does not help the long life or wide spread of a virus. To know about the stealth techniques of these viruses, fol5 4 6 not harm their operating system. The Bliss virus never became widespread, and remains chiefly a research curiosity. Its creator later posted the source code to Usenet, allowing researchers to see how it worked. The 10 Worst Virus Attacks of All Time Morris, 1988: One of the first-ever Internet worms, Morris was created by Cornell University student Robert T. Morris, who claimed its purpose was to gauge the size of the Internet. Instead, since it used existing flaws in UNIX send mail and infected a given computer multiple times, it crippled roughly 6,000 computers (the Internet had an estimated 60,000). Although Morris caused between $10 million and $100 million in damage, he wound up with just three years‘ probation and a $10,050 fine — along with a sweet teaching gig at MIT. Melissa, 1999: Allegedly named for a Florida lap dancer whom David L. Smith, its creator, fancied, Melissa forced major companies such as Microsoft, Intel Corp. and Alcatel-Lucent to shut down their email gateways due to the large volume of traffic the virus generated. Smith faced 40 years in prison and enormous fines, which he magically reduced to 20 months and $5,000 by spending a few years undercover helping the FBI catch other malware authors. VBS/Loveletter, 2000: Starting on May 4 in the Philippines, this worm spread worldwide in a single day by using infected computers‘ email address lists to send large numbers of messages directed at new targets. It is thought to have caused $5.5 billion in damage, mostly in lost staff time, as corporate and government email systems had to be shut down to eradicate the virus. Code Red, 2001: It began on July 13. Code Red infected computers running the Microsoft IIS Web server, exploiting a buffer overflow and defacing Web sites with the text, ―HELLO! Welcome to http:// www.worm.com! Hacked By Chinese!‖ A fix had been available for this vulnerability for about a month, limiting its damage — kind of — to just $2.6 billion, but Code Red still managed to cause a ―major disruption in connectivity,‖ according to the Internet Storm Center. (―Hacked by Chinese‖ evolved into a fairly common IT-world putdown, although never as popular as ―All your base are belong to us.‖) Nimda, 2001: Nimda (―admin‖ spelled backwards) took just 22 minutes to spread as far and wide as Code Red. Nimda's secret was using several different propagation vectors: It created masses of emails to transmit itself, lured users to infected Web sites, and took ad- 6 5 vantage of lingering problems with Microsoft IIS security and previously installed Code Red or Sadmind worms. Nimda cost an estimated $635 million in damage. SQL Slammer, 2003: On January 25, this worm began using a buffer-overflow bug in Microsoft SQL Server and MSDE (Microsoft Desktop Engine) database products. It rapidly distributed copies of itself around the world, causing major denials of service and slowing down the entire Internet. An estimated 150,000 to 200,000 systems were affected. As with Code Red, a patch for the SQL Server flaw had been available for months. MS Blaster, 2003: Beginning on August 11, Blaster spread via various Windows operating systems and targeted Microsoft‘s windowsupdate.com site with DoS (denial-of-service) attacks. It caused widespread trouble and multiple restarts in machines running Windows NT, Windows XP (64-bit) and Windows 2003, although a patch for this vulnerability was already available. Victims included the Federal Reserve Bank of Atlanta, BMW AG, Philadelphia‘s City Hall, and thousands of home and corporate users. Although its ultimate origin is thought to be Chinese, the Blaster.B variant was created by then-18-year-old Jeffrey Lee Parson, who was caught because he programmed it to contact a domain registered to his father. MyDoom, 2004: This email-transmitted virus, first identified on January 26, quickly spread by appearing to be an error message with an attachment that, when opened, emailed copies of the virus to addresses in the victim‘s address book, and also propagated itself through the Kazaa file-sharing service. Oddly, it avoided infecting computers at certain universities (University of California, Berkeley; Massachusetts Institute of Technology; Rutgers University and Stanford University) and corporations (Microsoft and Symantec Corp.), but then launched a distributed DoS attack against Microsoft and The SCO Group Inc. from about 1 million infected machines. Later versions attacked the Google, AltaVista and Lycos Inc. search engines. Sasser, 2004: On April 30, Sasser spread among Windows XP and Windows 2000 machines by exploiting a buffer overflow in these operating systems. It had unusually direct physical-world consequences, resulting in Delta Air Lines Inc. canceling 40 trans-Atlantic flights and forcing Australian trains to halt because operators could not communicate with signalmen. Despite this, Sasser‘s then-teenage German creator was tried as a juvenile and drew a mere 21-month suspended sentence for releasing Sasser into the wild. 7 Program viruses: These infect executable program files, such as those with extensions like .BIN, .COM, .EXE, .OVL, .DRV (driver) and .SYS (device driver). These programs are loaded in memory during execution, taking the virus with them. The virus becomes active in memory, making copies of itself and infecting files on disk. Examples: Sunday, Cascade default, leave a nice big hole in the security by allowing applets free run into there machine. There has been a lot of commotion behind this and with the amount of power that JAVA imparts, things from the security angle seem a bit gloom. These are just a few broad categories. There are many more specialized types. The following link contains the name of all the known viruses in a search-by-alphabet format. http://www.probertencyclopaedia.com/virus.htm Multipartite viruses: A hybrid of Boot and Program viruses. They infect program files and when the infected program is executed, these viruses infect the boot record. When you boot the computer next time the virus from the boot record loads in memory and then starts infecting other program files on disk. Examples: Invader, Flip, and Tequila 10 virus symptoms Programs take longer to load. Memory-intensive operations take a lot of time to start. A change in dates against the filenames in the directory. When the virus modifies a file the operating system changes the date stamp. Increased use of disk space and growth in file sizethe virus attaches itself to many files. Strange characters appear in the directory listing of filenames. Strange graphic displays such as falling letters or a bouncing ball appear on screen. Programs may hang the computer or not work at all. Junk characters overwrite text in document or data files. Stealth viruses: These viruses use certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected file‘s size shown in the directory listing. For instance, the Whale virus adds 9216 bytes to an infected file; then the virus subtracts the same number of bytes (9216) from the size given in the directory. Examples: Frodo, Joshi, Whale Listed below are some of the steps recommended by experts to safeguard your PC from viruses. These are a compilation of magazine sources and experience. Change a setting in the BIOS that enables your PC to boot from the C-drive first. Use a good anti-virus program to scan floppy disks before copying files. Recommended ones are Norton Antivirus 2000 and McAffee 5. Do not install pirated software, especially computer games. Activate watch-guard programs (monitors) that look out for suspicious activity. Use the update service offered by software vendors and update the anti-virus software every month. Scan the entire hard disk twice a month. Scan files downloaded from the Internet or those transferred through a network. Prepare a rescue disk with critical system files. Preferably, it should be bootable. Keep the original CD-ROM or diskettes containing the operating system handy. Polymorphic viruses: A virus that can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect. Examples: Involuntary, Stimulate, Cascade, Phoenix, Evil, Proud, Virus 101 Macro Viruses: A macro virus is a new type of computer virus that infects the macros within a document or template. When you open a word processing or spreadsheet document, the macro virus is activated and it infects the Normal template (Normal.dot)-a general purpose file that stores default document formatting settings. Every document you open refers to the Normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other c o m p u t e r s . Examples: DMV, Nuclear, Word Concept. Active X: ActiveX and Java controls will soon be the scourge of computing. Most people do not know how to control there web browser to enable or disable the vari- Compliled By : Nikhil Gupta, IT ous functions like playing sound or video and so, by 7 Source : Wikipedia, Articles by Mayur Kamat, Internet. 6 8 3G – Technology and its Evolution This was the first time when standards were set for the Mobile Telecommunications. With the chart provided the evolution of different Generations are shown with some of their features. This would help in comparing it with its previous generations. More on 3G 3G technology, which is short for third generation mobile telephone communication systems technology, improves the efficiency of data can be transferred through your cellular phone. The data transfer rates for third generation mobile telecommunications is up to 2 Mbps (Megabits per second). (EDGE is standardized by 3GPP as part of the GSM family, and it is an upgrade that provides a potential three-fold increase in capacity of GSM/GPRS networks! This means users can download and view video contents in a jiffy.) 3G networks offer a greater degree of security than 2G predecessors. Aside from this feature, 3G cellular phones also have conventional voice, fax and data services, as well as high-resolution video and multimedia services which can be used while on the move. It also includes mobile office services such as virtual banking and online-billing, video conferencing, online entertainment and access to the Internet. Such mobile telephone technology would improve the way people will be able to communicate with each other, as well as develop new uses for their cellular phones. One particular advantage of using such a technology on your cellular phone would be your phone‘s ability to watch television shows on your phone, and it also allows you to have video conversations with other people who also use the same 3G technology. 3G – What is it? The latest buzz word in Mobile Technology for the past few months has been 3G. Many a times we go through the newspaper reading about 3G, without a clue of what it is and its power. Ask a NERD what is 3G and you will get the following answer: 3G better known as ‗International Mobile Telecommunications2000 (IMT-2000)‘ is a is a family of standards for wireless communications defined by the ‗International Telecommunication Union‘, which includes GSM EDGE, UMTS, and CDMA2000 as well as DECT and WiMax. In lay man language we can say that 3G (Third Generation) is the latest wireless technology which provides wireless access to the data and information to the users from anywhere and anytime. Its services include wide-area wireless voice telephone, video calls, and wireless data, all in a mobile environment. First launched in Japan in October 2001 3G phones were designed so users would be able to surf the Internet, view pictures of the people they are talking to, watch movies and listen to music on their handsets. Evolution - till now The history of wireless telecommunication (mobile phones) dates back to 1908. The Generation Zero (or 0G) was introduced in 1945. 8 7 7 This makes one of the 3G phone‘s most essential feature better, which is the ability for people to conduct video conferencing. However, this only makes up a very small fraction of use from the 3G phones. Other applications of the 3G technology include map and positioning services, as well as multiplayer gaming, which is more popular with the mobile phone‘s y o u n g e r s u b s c r i b e r s . 9 9 9 8 8 10 You can also pay your bills and balance your checks by logging on to your bank account using the 3G devices that you have. You also book in advance dinner and hotel reservations in any city that you are in. Such technology also benefits you by giving you enough flexibility to function at your best in your workplace. Teleconferencing is one of the best applications for the 3G technology in your work. Although 3G technologies offer a lot of new advancements and changes in the world of telecommunication, there are still a few things that render the use of 3G telephone communication systems technology as disadvantageous. One thing that makes 3G cellular phones disadvantageous to its users is the fact that these types of cellular phones are more expensive as compared to those which do not share the same technology. Aside from this, people who have 3G can only enjoy the video conferencing feature of the technology with other 3G subscribers. Conclusion 3G is an exciting new technology that is being incorporated into mobile devices across the globe. Users are now able to make person-to-person calls, download data and do a variety of other tasks they never imagined possible all via their 3G cell phones. Situation in India: People are still on 2.5G. The factors restricting private sector telecoms to move to 3G are : High capital investment, high cost of 3G compatible phones as compared to GPRS enabled ones, mass people using cell phones for communication purposes only( The number of people using mobile phones for internet and TV watching is very small), high service rates. Although MTNL has rolled out their 3G services, but no big impact on people is seen. Also the spectrum allocation for 3G by Govt. is getting delayed. It will take some more time to actually see 3G in action in India. But when out it will surely change the way people use their cell-phones. Compiled by: Dipankar Patro, CoE Abhinav Arora, IT Sources: Wikipedia Articlebase.com 110words.com ENCRYPTION Secure Your Data - Scramble It Encryption is an important part of digital security. It is on of the most effective methods to provide data security and is widely used by multinationals, bankers, the military and even journalists. It facilitates secret communication between two systems. Encryption refers to schemes that encode the plain text into non-readable form or cyphertext, providing privacy. So plain text is basically the human readable form of information. The receiver of the encrypted text uses a "key" to decrypt the message, returning it to its original plain text form. The key is the trigger mechanism to the algorithm. Web browsers will encrypt text automatically when connected to a secure server, that is when an address beginning with https. The server decrypts the text upon its arrival, but as the information travels between computers, interception of the transmission will not be fruitful to anyone "listening in" i.e. tapping your communication. They would only see unreadable gibberish. Emails can also be encrypted. This can easily be accomplished with encryption programs that feature plug-ins or interfaces for popular email clients. The most longstanding of these is called PGP (Pretty Good Privacy), a humble name for very strong military-grade encryption program. PGP allows one to not only encrypt email messages, but personal files and folders as well. Encryption can not only be applied to webpages and emails but entire hard drives can be encrypted. To use the drive, it is "mounted" using a special decryption key. In this state the drive can be used and read normally. When finished, the drive is dismounted and returns to an encrypted state, unreadable by hackers , Trojan horses, or spyware. Some people choose to keep financial programs or other sensitive data on encrypted drives. In recent years, many encryption algorithms have been developed to provide better encryption for different applications. Some popular ones are: RSA: RSA was developed by Ron Rivest, Adi Shamir and Leonard Adleman at MIT. This scheme was named in their honour. It involves three steps: key generation, encryption and decryption. RSA involves a public and private key. The public key can be known to everyone and will be 10 used to encrypt messages. Messages encrypted with the 9 public key can only be decrypted using the private key. 11 bit string known only to them, which can be used as a key to encrypt and decrypt messages. Blowfish: Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. Schneier designed Blowfish as a general-purpose algorithm, intended as a replacement for the DES and free of the problems and constraints associated with other algorithms. At the time Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial/government secrets. Blowfish has a memory footprint of just over 4 kilobytes of RAM. This constraint is not a problem even for older desktop and laptop computers, though it does prevent use in the smallest embedded systems such as early smartcards. QC provides much more security compared to previous algorithms. This is because the two parties involved in data transaction can detect the presence of any third party trying to gain knowledge of the key. This is because of Heisenberg‘s Uncertainity Principle, that a quantum system is disturbed when someone tries to measure its properties. A third party trying to eavesdrop on the key must in some way measure it, thus introducing detectable anomalies. However, some attacks have been formulated which cause a minimal change in the quantum states used in the encryption procedure. However, these changes can be detected by the receiver. DES The Data Encryption Standard (DES) is a block cipher (a form of shared secret encryption) that was selected by the National Bureau of Standards and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm that uses a 56-bit key. The algorithm was initially controversial with classified design elements, a relatively short key length, and suspicions about a National Security Agency (NSA) backadoor. DES consequently came under intense academic scrutiny which motivated the modern understanding of block ciphers and their cryptanalysis. DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key size being too small. Quantum cryptography is only used to produce and distribute a key, not to transmit any message data. This key can then be used with any chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a standard communication channel. Algorithms such as BB84 and E91 protocol have been designed for QC. IDEA International Data Encryption Algorithm (IDEA) is an algorithm that was developed by Dr. X. Lai and Prof. J. Massey in Switzerland in the early 1990s to replace the DES standard. It uses the same key for encryption and decryption, like DES operating on 8 bytes at a time. Unlike DES though it uses a 128 bit key. This key length makes it impossible to break by simply trying every key, and no other means of attack is known. It is a fast algorithm, and has also been implemented in hardware chipsets, making it even faster. The current commercial systems are aimed mainly at governments and corporations with high security requirements. Key distribution by courier is typically used in such cases, where traditional key distribution schemes are thought not to provide enough guarantee. This has the advantage of not being distance limited, and despite long travel times the transfer rate can be high due to the availability of large capacity portable storage devices. The major difference of quantum cryptography is the ability to detect any interception of the key, whereas with courier the key security cannot be proven or tested. QKD (Quantum Key Distribution) systems also have the advantage of being automatic, with greater reliability and lower operating costs than a secure human courier network. The future of encryption The future of encryption lies in quantum computing, specifically in quantum cryptography(QC). QC uses quantum mechanics to provide secure communication. It enables two parties to produce a shared random 11 Compiled By : Shikhar Kohli, IT 10 12 BUYER’S GUIDE FOR ASSEMBLING A DESKTOP COMPUTER—PART 2 In the previous issue we dealt with mother board and processor. In this issue we will talk about audio and visual components of a PC namely Graphics Card, Monitor and Speakers. Apart from that we will also look into an optional PSU(Power Supply Unit). Let us get straight to the sections. Choosing the correct Graphics Card Graphics card has become de-facto for almost all users. With prices as low as Rs 2000, anyone can get him/herself a decent graphics card. What to watch out for while buying? Graphics Cards come in mainly two types AGP and PCIe. AGP has become old and is almost phased out by PCIe Cards in terms of technology. By default new mother boards have PCIe (x16) slots for graphics card. For Non/Light gamers: People of this category don‘t require high end graphics for daily usage. A graphics card with 128MB (Video Memory)/DDR2 will do just great. For people who also want to try a little bit gaming in this category can opt for 256MB/512MB, DDR2 graphics card, believe me it can run most games like ―Wolverine‖ at decent frame-rates. Graphics Cards from both nVidia and ATI are superb. As DDR2 Cards don‘t require additional power, you also won‘t require having a new PSU. For Serious Gamers/ Graphics Designers: People in this category need the ―best in class‖ Graphics Cards (at a cost lot more than the above). A graphics card with at least of 512MB Memory, DDR3 technology is for you. If you want to be future proof (for 4-5yrs) and are having a good budget, then go for 1GB or more Memory. But remember one thing, since DDR3 graphics card require more power, so they need to be supplied with a PSU than can provide such power. Even if you find that the price difference between DDR2 and DDR3 graphics cards is not much, but going for DDR3 will add another Rs 3000 to your bill for PSU. PSU should be selected after selecting a graphics cards since the power recommendations are always mentioned by the manufacturers of the cards. This varies with models. Note: Both DDR2 and DDR3 are compatible with PCIe (x16) slots. Upgrading suggestions Check the slot first. If its AGP then choosing a good AGP card with greater memory may give you better results. For PCIe, you can select according to the above criteria. Note, for same amount of memory, AGP cards cost more than their PCIe counter parts. While upgrading, keep the future usage in mind. Choosing the correct Monitor Gone are the days when CRTs were better than LCD. Now you can get a s l e e k L C D monitor for as low as Rs 5 0 0 0 . N o w CRTs use Analogue output (VGA/DSUB connector to graphics card), but LCD monitors support that and also Digital output (DVI connector to 1211 13 graphics card). Latest LCD monitors support HDMI (but that requires you to have HDMI output from your Graphics Card, available in DDR3 models) For Simple Users: Now that they don‘t watch movies or any HD content, they can go for a 15‖ LCD monitor without DVI input. This will be a cost effective solution and will help to reduce power consumption. For Advanced Users: People in this class can go for a decent 17‖/19‖ Wide-screen (16:9) LCD monitors with DVI input. This will help them with watching movies and playing games at better resolutions. Remember that Graphics Card will be the ultimate factor to decide visual performance. For Professional Users: They should get a 19‖ / 21‖ wide-screen LCD monitor that supports true HD content viewing. This category also consists of those who want to watch movies at 1080p resolution and also for hardcore gamers who don‘t want to miss a single target. Remember to run this monitor at native resolution smoothly you need to have a high end graphics card (DDR3). always test it and look for it‘s RMS power ratings. Higher the RMS power, better the sound production. Don‘t go by PMPO rating which is generally used for promoting a set. For Non – Audiophiles: This is for those who listen to music just for fun, no serious business if sound is not produced in right wave. They like their music and lyrics, that‘s all. They should go for a 2 speaker set or a better 2.1 speaker set. The difference b/w 2 and 2.1 is 2.1 will have a separate bass speaker for producing low frequency sounds thus producing better quality sound than just 2 speakers handling all types of frequencies. LCD Monitor. They should go for 5.1/7.1 speaker set. For Audiophiles/True Movie-Experience/Gamers: This is for those who want their music to be perfect because their music define them! Of course they would need just more than a bass and two speakers. Also those who want to have a perfect movie experience and have already bought a nice 21‖ wide-screen Upgrading suggestions But before that they should check whether they have sound card support. Most of the motherboards nowadays have on board high definition 5.1 channel surround sound support. Some of them even have 7.1 support! So that basically saves money for not buying a dedicated sound card. A 5.1 Speaker set supports 6 channel sound output that is Front right, front left, centre, rear right, rear left & sub-woofer. They produce surround sound just like movie halls, providing you a great movie experience, also helping gamers to accurately spotting their enemies. But if you don‘t want to go for a 5.1 set, you can opt for a high quality 2.1 speaker set that will do the work of a better Music /Gaming experience. If you are having a CRT, and are not happy with the movie viewing, then you should upgrade for a widescreen monitor according to your requirements as mentioned above. Choosing a correct set of Speakers Everybody listens to music while working, relaxing, or almost doing anything! So why not have a decent set of speakers that will set your mood and ambience of room. Remember that while buying a speaker set Upgrading suggestions If you have a 2.1 speaker set and want to have better sound, get yourself a better RMS rated speaker set. If you have a 6 channel sound support system go for a 5.1 speaker set. So that was Audio and Visual components for your new PC. In next issue we will see how to select correct Storage Devices. If you have any queries regarding this topic, you can contact me. Compiled by: Dipankar Patro, COE Source: Internet 1213 14 gOS Rocket, Good OS introduced the use of Google's "Google Gears" technology which promises to make Google's web applications usable without an Internet connection. Currently, Google Reader and Google Docs are the only supported Google applications, though other web applications such as Remember the Milk have added Google Gears functionality. You can install gOS by downloading an iso file. It also has an option of running a live CD. The installation doesn‘t take much time and is very easy, similar to installing other Linux distros. After the installation, the first thing you'll notice is that the gOS desktop looks very different than your standard Ubuntu desktop. Since gOS uses Enlightenment instead of Gnome or KDE, so you get to see an interface which will remind you of Mac OS X. The gOS desktop is similar to Mac OS X in some ways, particularly the way that its iBar behaves. The iBar functions similarly to Windows' "Start" button menus. gOS, run using VMware on a Mac This article is the first in a series describing several innovative yet relatively unknown Linux based operating systems. Like all other Open Source projects, these operating systems are free to download and install and provide all the benefits of Open Source technology. We start with gOS, described as the “unofficial Google OS”. We look at the technology behind it and the services and technologies it offers to users. gOS or "good OS" is an Ubuntu-based Linux distribution created by 'Good OS LLC', a Los Angeles-based corporation. The company initially advertised it as "An alternative OS with Google Apps and other Web 2.0 apps for the modern user‖. It is essentially a Linux based online operating system. Based on the idea of cloud computing, all versions of gOS use on-line applications built on Web 2.0 and AJAX technology so they do not require much hard disk space for applications. The whole gOS-1 system fits comfortably in less than 2 GB. Also many of the documents created with gOS, such as Google Docs documents, can be saved on Google servers instead of on the local hard disk, so gOS can work with very small hard disks. In gOS V2 14 13 gOS focuses mainly on Google‘s applications. Its iBar natively supports Gmail, Google News, Google Docs, Google Calendar, Google Maps, Youtube, Blogger. Obviously, you cannot access these applications offline. However gOS comes with several applications to keep you happy during downtime. Some of these are OpenOffice, Gimp and Mozilla Thunderbird(an email client). Good OS will release a cloud-based version of the OS, the pragmatically named Cloud. Cloud runs a hybrid browser/linux kernel, offering quick startups and faster processes. Cloud launches within a few seconds, provides access to the internet, runs client apps (like Skype), as well as a variety of web apps, including a dock full of them from Google. In addition, Cloud is compatible with flash video and mp3s, giving users options for multimedia use within the OS. But Cloud is not meant to be a standalone solution. Instead, it will be packaged in Netbooks alongside Windows XP, along with a dock icon that will switch you over to the more robust operating system when more computing power is required. Cloud is expected to be available early next year, when it is shipped alongside Gigabyte's Tablet Notebooks. Compiled By : Shikhar Kohli, IT 15 STEGANOGRAPHY Encryption is extensively used these days to secure communication in digital networks. Many efficient and nearly unbreakable algorithms have been developed to this effect. However, the one the serious drawback with encryption is that you can easily be aware of encrypted text. Consider the following text: This is Bits and Bytes, CSI-NSITs newsletter. It was encoded using the Blowfish algorithm with a key of 28 bytes. The resulting cipher text is: 2EB7D1F6CCF41B3F43716D208554DC95 866DA9D7678C71432334C96C0BC4A726 82F55498F03DA0E92D2ED175091B21F2 If an attacker manages to compromise the network and download the message, its rather obvious that the message has been encrypted. He would then use standard algorithms and generate keys for those algorithms and then try to crack the message. So, eventually the attacker will be able to decrypt the message. Obviously, this represents a serious drawback. Encrypted data sticks out like a sore thumb. Steganography is a method that overcomes this drawback. Steganography is the science of hiding information. Whereas the goal of cryptography is to make data unreadable by a third party, the goal of steganography is to hide the data from a third party. In reality, steganography is what is called deniable encryption. In this article, we will focus on the interesting aspects of digital steganography. These days, it is common for data to be embedded in innocuous image files. To a computer, an image is an array of numbers that represent light intensities at various points. A common image size is 640x480 pixels. This is roughly 300,000 pixels. Pictures are either 8 bit or 24 bit. That means a pixel either uses 1 byte or 3 bytes in the image. The more the number of bytes (bits), the better the quality of the image. Then image formats such as JPEG or GIF are used to store the images. They compress the image, ie the reduce the number of bytes the image occupies. To hide data, the steganography software selects a pattern of bytes. It can then modify the least significant bit in the byte to represent data. It changes the colour of a pixel, but the pixels are selected so that the hidden data is invisible to the naked eye. This is one of the simplest methods of steganography involving images. Consider the following images: 15 14 The first image contains no hidden data, it is a copy of the CSI logo. Consider the second image. In this seemingly innocuous image, the message ―This message is hidden in the CSI logo‖ has been embedded, with the password bitsnbytes (you can ‗unstego‘ it by using the stego tool at http://mozaiq.org/decrypt/ ). The images appear similar to the naked eye and can be dismissed to be identical copies of each other. This is the advantage that digital steganography offers over encryption. Countermeasures In computing, the detection of steganographically encoded messages is called steganalysis. Basically, the goal of steganalysis is to identify suspected packages, determine whether or not they have data encoded into them, and, if possible, recover that data. Stegananlysis is not an easy task to accomplish. First, the task of the analyst is the identify the the packages in which digitally encoded information is likely to be present. This is a huge challenge if steganography is involved in hiding the data. Its possible that the hidden data may have encrypted first. One obvious way of steganalysis is obtaining a ‗true‘ copy of the file in which data has been hidden. Then you can use a program which can match the bit patterns of the corresponding files and display the anomalies. However, it is often impossible to obtain such a file. For images, many specific methods of steganalysis are available. Based on whether an image contains hidden message, images can be classified into two classes: the image with no hidden message and the corresponding stego-image (the very image but with message hidden in it). Steganalysis can thus be considered as a pattern recognition process to decide which class a test image belongs to. The key issue for steganalysis just like for pattern recognition is feature extraction. The features should be sensitive to the data hiding process. In other words, the features should be rather different for the image without hidden message and for the stego-image. Compiled By : Shikhar Kohli, IT 16 Winhacks Hack Your BIOS for Faster Startups problems, however, you can turn it back on. BIOS stands for Basic Input/Output System, its a procedure that ensures that your hardware is in order as your PC boots. It is the first piece of code that runs when your machine boots up. When you turn on your PC, it goes through a set of startup procedures in its BIOS before it gets to starting Windows. So, if you speed up those initial startup procedures, you‘ll make your system start faster. You can speed up your startup procedures by changing the BIOS with the built-in setup utility. How you run this utility varies from PC to PC, but you typically get to it by pressing either the Delete, F1, or F10 key during startup. You‘ll come to a menu with a variety of Speeding Up Your Desktop Alright, so far, so good. Your PC loads faster than before. But you realize that the desktop is taking time to load various icons in the taskbar and hourglass with the cursor won‘t go away. Fret not, help is at hand. Startup Programs 1. In the start menu, hit run and type msconfig. 2. In the general tab, select Selective Startup. 3. Now, go to the Startup tab. You‘ll see a list of start up items. You‘ll probably not be familiar with the names listed under ‗Startup Item‘ so it‘s a great idea to Google the names and find out what they do. Then you uncheck some of the programs that you don‘t need to execute as soon as you load the desktop. For example, it‘s a great idea to stop messengers and printer services to load with the desktop. A word of advice. Don‘t stop many programs at a time. Do it one by one so that you can pinpoint if a stopping particular program causes system problems. So stop one, restart your PC and keep at it until you‘ve stopped all unnecessary programs. choices. Here are the choices to make for faster system startups: Quick Power On Self Test (POST) When you choose this option, your system runs an abbreviated POST rather than the normal, lengthy one. Change Your Boot Order If you change the boot order so that your BIOS checks the hard disk first for booting, it won‘t check any other devices, and will speed up your startup time. Boot Up Floppy Seek Disable this option. When it‘s enabled, your system spends a few extra seconds looking for your fl oppy drive—a relatively pointless procedure, especially considering how infrequently you use your fl oppy drive. Boot Delay Some systems let you delay booting after you turn on your PC so that your hard drive gets a chance to start spinning before bootup. Most likely, you don‘t need to have this boot delay, so turn it off. If you run into 16 15 Scheduled Tasks Some tasks are scheduled to run as soon as your computer loads like Google update. Some of these tasks maybe important to help your secure your computer. Go to C:\WINDOWS\Tasks, and delete the shortcuts of any programs that you don‘t want to run. Hacking the Interface Your machine might not look as cool as a Mac. Don‘t worry, there are lots of hacks and programs to get you out of your Windows into a Macintosh (almost). When you start your machine, you'll see a 17 vendor-specific welcome screen, which provides access to BIOS settings. Depending on your setup, after that you might see a menu that lets you boot from one of multiple operating systems. But if you run only one instance of Windows XP, you will be greeted immediately by the Windows splash screen. To get an almost complete Mac experience, we are going to replace the default Windows logo with something more Mac-like. To do this, we use BootSkin by Stardock , which is free for noncommercial use. After downloading and installing the program we need to obtain a Mac-like boot skin. A particularly nice one is called G5, available at http:// www.wincustomize.com/skins.asp? library=32&SkinID=740. Once you have downloaded it, you need to import it into BootSkin. From BootSkin, choose File -> Import from file. After you import it, it will show up in BootSkin tion directory of LogonStudio, which has the default of C:\Program Files\WinCustomize\LogonStudio. Changing The Appearance of Windows and Menus The next step is to change Windows' overall visual appearance so that it's more Mac-like. Use WindowBlinds from Stardock (http://www.stardock.com/products/ windowblinds). It's shareware, and you can use a free version that has nag screens and some features disabled. Download the program and a visual style called Brushed Panther (http://www.wincustomize.com/skins.aspx? skinid=3476&libid=1). After launching WindowBlinds, choose "Install skin from disk" to load the skin. Changing the Logon screen The next step in transforming your PC into a Mac is to replace the default Logon screen with a more Mac-like version. Use the free program LogonStudio by Stardock program output takes place in the Dock. What makes the Mac OS X version so outstanding is its visual appearance, with lots of nice animations. Just download RocketDock from http://rocketdock.com/. It‘s a free download, any RocketDock comes with a lot of customizable skins and features. Many addons are also available, free! (http://www.stardock.com/products/logonstudio). Download the main program as well as a logon screen called Mac OS X Panther at http:// www.wincustomize.com/skins.aspx? skinid=2371&libid=65 The Dock Another eye-catching feature of Mac OS X is called the Dock. The basic idea is to have some drop zone where you drag files and programs you need frequently. Accessing them is as simple as clicking the corresponding icon, which remains visible all the time. Additionally, the Dock shows all currently running programs. If you minimize an application window, After you install LogonStudio, unzip the zip file into a directory nameMac_OSX_Panther_LogonXP.logonxp. Now, move the newly created folder into the installa17 16 18 fault. However if you are installing Windows XP over other operating system like Windows 98, you may have installed FAT32 as your file system. The only benefit of FAT32 is that you can simultaneously use FAT32 formatted disks with older operating systems like Windows 95 Service Pack 2 and Windows 98 in a machine with multiple operating systems. Other Hacks How to Send Any File to Any Place By One Click This can be done by providing more locations to Send To option that comes when you right click on a particular file. To do that, 1. G o to C:\Documents and Settings\User_name\SendTo (where User_Name is your user name) 2. The folder will be filled with shortcuts to all the locations you find on your Send To context menu. 3. To remove an item from the Send To menu, delete the shortcut from the folder. AND Converting FAT32 to NTFS: 1. Open Command Prompt. 2. Click Start, point to All Programs, 3. Point to Accessories 4. Click Command Prompt In the command prompt window, type: convert drive_letter: /fs:ntfs 1. To add an item to the menu, add a shortcut to the folder by highlighting the folder, 2. Choose File → New → Shortcut, and follow the subsequent instructions for creating a shortcut. The new setting will take effect immediately; you don't have to exit Windows Explorer for it to go into effect. For example, typing convert D: /fs:ntfs would format drive D: from FAT to NTFS. Removing “Uninstallable” Programs How To Prioritize Your Important Applications We do multitasking all the time with our PC right? How unfair it would be to lose a CD while burning your favorite songs just because you were gaming and the processor couldn't take the load? The solution is: 1. Press CTRL-SHIFT-ESC. 2. Go to the second tab called Processes 3. Right click on one of the active processes, you will see the Set Priority option For e.g., Run your CD writer program, set the priority higher, and no more wasted cd from now on. Happy? 1. Use Notepad to open sysoc.inf, generally found in the C:\WINDOWS\INF folder. Have a backup of this file and setup a System Restore point before proceeding. To setup a system restore point, choose Control Panel ->Performance and Maintainance->System Restore and follow the instructions. C:\WINDOWS\ is a hidden folder. Enable viewing of hidden folders by choosing Tool>Folder Options->View->Show Hidden files and folders. 2. When you open the file, look the line of the program you want to uninstall. Lines have the format: P r o gram=program.dll,0cEntry,program.inf,<numeral > 3. Programs that are uninstallable have HIDE written just after program.inf. The Pinball game entry, which doesn‘t show up in install/uninstall folder in control panel looks like Pinball=ocgen.dll,0cEntry,pinball.inf,HIDE,7 4. To force it to show, remove HIDE from the string and save the sysoc.inf file. 5. Open the Add Programs window, you should now see the program in the list. How to Convert between FAT32 & NTFS in Windows FAT32 & NTFS, for those its greek, are two popular file systems available in windows. For those who are curious let me give a simple overview of both of them: NTFS provides: advanced security using access control lists Provides file & directory compression for storing more data Encryption Quotas Robustness Compiled By : Shikhar Kohli, IT NTFS is highly recommended for sensitive data. A clean installed of Windows XP installs NTFS by de18 17 19 CSI NSIT MEMBERSHIP CSI-NSIT Membership is open to all NSIT students. In order to become a CSI Member, follow these steps… Download the Membership form from http://societies.nsitonline.in/csi/membership/csi_form.pdf Since you are an Undergraduate student, make a tick infront of Student. For Item nos. 1-5, write in your complete details and postal address. This is the address where you will be mailed the CSI Magazines, so do ensure it is foolproof. In Item no. 6, write B.E. under the Degree field and leave others blank. In Item no. 7, write Netaji Subhas Institute of Technology, Azad Hind Fauj Marg, Sector 3, Dwarka. City: New Delhi. Pin: 110078 In Item no. 8, tick either Information Technology or Others or both. In Item no. 9, check Others. Leave Item nos. 10 and 12 blank. Chapter: DELHI Student Branch: NSIT If you want your name to be included in membership lists for commercial purposes, then tick Yes otherwise No in Item no. 14. Attach a photograph in the space provided and give another photograph along with the filled-up form. Membership Fee is Rs. 500 for two years membership. Forms are also available with the 2nd year Executive Board Members, CSI-NSIT. Contact your class/branch CSI representative and hand over the form along with the membership fees and photograph to him/her. 19 18 20 Faculty Members Dr. MPS Bhatia PhD (Software Engineering) Assistant Professor, COE/IT Department Dr. Ritu Sibal PhD (Software Engineering) Lecturer, COE/IT Department Student Board Director - Bits ‘n’ Bytes Ashish Kapoor Pavit Laul Director—e-Operations Pavit Laul Director - Marketing Nitin Garg Director - Event Management Swarandeep Singh Newsletter Team Design Ekansh Preet Singh Nikhil Gupta Editorial Board Members Abhinav Arora Dipankar Patro Shikhar Kohli CSI NSIT Student’s Branch 20