Image for post
Image for post
Photo by Franck V. on Unsplash

Any student or professional in the domain of cyber security is well aware of the CIA Triad. Confidentiality, Integrity and Availability are thought to be the infinity stones of the cyber-sec universe and that organizations should consider them from an information security design, implementation and assurance standpoint. In this ever evolving domain that is stuck in a loop of rise-fall-rise (Develop — Get-hacked — Upgrade) there are few more things to focus on in addition to the CIA triad.

I am referring to one of the Information Assurance & Security (IA&S) model known as the Reference Model of Information Assurance and Security (RMIAS Model) which was proposed by Yulia Cherdantseva and Jeremy Hilton. …


1971, The year when the first email was exchanged between two computers. Since then, the world of email has seen drastic developments. The definition, syntax, and architecture of the email systems was standardized and used across multiple platforms eventually. And it was not until 25 years later, on the 4th of July, 1996 the first HTML(web) based emailing service was made available to the world.

Every email has certain identifying information such as The Sender’s email address, The Recipient’s email address, The Email subject, The Sender’s IP address, etc., that help to maintain the integrity and reliance of an email. However, there are also cases where anonymous emailing is required. Privacy, though not known to be widely prioritized in any service (back in the day) is very essential in email communication. The introduction of anonymous re-mailers has triggered a massive increase in netizen’s approval of privacy and has lead to most modern-day anonymous email services and anonymizers such as TOR Guard E-mailer, Guerrilla email, Hush email, etc. …


Image for post
Image for post
How random can it get?

Security testing is one of the most important phase of the software development life cycle. It lets the developers examine and know the various bugs, evaluate the operational efficiency and data security of an application. Considering the case of a web application under development; developers perform code reviews, penetration testers test the overall security of the application and make sure that the application is hardened enough for their customers. One such method of testing applications used is Fuzzing.

Fuzzing is the act of sending invalid, unexpected arbitrary code to an application and then examining the response to determine its efficiency. It’s the combination of systematic and non-systematic approaches derived out of feeding random input and output testing. It adds an extra layer of proactive approach to the preexisting code review, penetration testing and debugging mechanisms. At times its also referred as Monkey or Random Testing. Fuzzing can be done by a using a software or even piece of randomization code written by the testers. Fuzzing helps in finding bugs in the code, detecting undefined behavior, testing against certain cases of denial of service (DoS), memory leak finding, detecting deadlocks in the code etc. …


Ever thought of having a free, decentralized service or network implementation with no single point of failure ? If yes, then ZeroNet is your answer. Using ZeroNet, anyone can hosts resources without having to handle the mess of interacting with hosting providers, encryption services etc.

Image for post
Image for post
The ZeroNet Project

ZeroNet is a decentralized, P2P resource sharing implementation which utilizes the cryptographic algorithms used in Bitcoin cryptocurrency. The complete module of ZeroNet is built on python framework. Instead of using IP addresses, this network tags its each node with a public key (just like a bitcoin wallet address) that is used for routing purposes. ZeroNet uses trackers of peer to peer file sharing protocol i.e. Bit Torrent for building connections and sharing resources. Each node can seed any resource of their choice and can access them even when they’re not connected to the internet. P2P DAT files are used to create, host and serve resources without having a centralized server infrastructure. Taking down a resource isn’t quite possible in ZeroNet because even if a single node is hosting the resource it will be available throughout the network (a kick in the nuts to DMCA regulation). …


Image for post
Image for post

Block it, Track it or Use it. But first, know it!

The Internet is a vast, exponentially increasing and never to cease invention in our lives. Nearly half of the world’s population is always connected to the internet. Collecting and spreading each device on the floor may end up covering a city or who knows maybe even a small state. But figuring out who is using what and who is where is just a matter of seconds for almost everybody. Now, how is that possible? It is because of the way the Internet is structured. Each query or search is done in a very orderly manner. …


Daily we keep visiting hundreds of web pages over the internet. But have you ever wondered what is the limit of the internet? How big is the internet? How much of the total internet is known to us? Or At least, how much have you accessed till now? Our small google search can end up giving us similar suggestions, adds and pop ups on Social Media and at times it gets quite annoying. What worries me is the level of privacy maintained when it comes to one’s personal data stored over the internet. Now just imagine using a network that is completely free of privacy issues. …

About

Raja Srivathsav

CHFI, ECIH and CEH || Security Analyst by profession || Admirer and practitioner of lucid writing!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store