LESSON 22

“GETTING INSIDE” A COMPUTER SYSTEM [2]

Task 1. Read and translate the text:

Задание 1. Прочитайте и переведите текст:

Essentially, hackers get inside a computer system by taking advantage of software or hardware weaknesses that exist in every system. Before explaining how they do this, a few definitions are in order. The term “hacker” is fairly controversial: some use this word to describe those whose intrusions into computer systems push the boundaries of knowledge without causing intentional harm, whereas “crackers” want to wreak havoc. So, the term “unauthorized user” (UU) seems more preferable for anyone who engages in unsanctioned computer access. “Getting inside” can mean one of three things: accessing the information stored on a computer, surreptitiously using a machine’s processing capabilities (to send spam, for instance) or capturing information being sent between systems.

So how does a UU get inside a computer? The easiest weakness to exploit is a poorly conceived password. Password cracking programs can identify dictionary words, names and even common phrases within a matter of minutes. Many of these programs perform a “dictionary attack”: they take the encryption code used by the password system and encrypt every word in the dictionary. Then the UU plugs in the encrypted words until the password match is found. If a system has complex password, the UU could try a “technical exploit”, which means using technical knowledge to break into computer system (as opposed to nontechnical options such as stealing documentation about a system). This is more challenging, because the UU must learn what kind of system the target is and what the system can do. A proficient UU can do this remotely by utilizing a hypertext transfer protocol (http) that gains World Wide Web access. Web pages usually record the browser being used. The UU could write a program that takes advantage of this procedure, making the Web page ask for even more information. With this knowledge in hand, the UU then writes a program that circumvents the protections in place in the system.

Although you cannot eliminate all possible weakness, you can take steps to protect against unauthorized access. Make sure you have the latest patches for your operating system and applications. Create a complex password with letters, numbers and symbolic characters. Consider installing a firewall program, which blocks unwanted Internet traffic. Make sure your antivirus software is up-to-date and check frequently for new virus definitions. Finally, back up your data, so you can recover important material if anything does happen.