basics of software and security
DESCRIPTION
This slide contains basic concepts of Software Development and basic concepts of System Security.TRANSCRIPT
![Page 1: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/1.jpg)
Software & SecurityPiTechnologies
![Page 2: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/2.jpg)
www.pitechnologies.net
PiTechnologies is an Egyptian company
PiTechnologies is specialized in:
Mobile Applications Development
Web Applications Development
Security Services
Professional Training Services
About PiTechnologies
![Page 3: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/3.jpg)
www.pitechnologies.net
Agenda
Software Technical Point of View
Basic Security Concepts
Security is a must
![Page 4: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/4.jpg)
www.pitechnologies.net
Technical Point of View
![Page 5: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/5.jpg)
www.pitechnologies.net
Programming Concepts
www.pitechnologies.net
![Page 6: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/6.jpg)
www.pitechnologies.net
Code Life Cycle
Source Codes Compiler Object
Files Linker Exe File
Compiler Based
Run
www.pitechnologies.net
![Page 7: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/7.jpg)
www.pitechnologies.net
Code Life Cycle
Source Codes
Interpreter
Interpreter Based
Run
www.pitechnologies.net
![Page 8: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/8.jpg)
www.pitechnologies.net
Source Code
It is human readable code written on a normal text file
www.pitechnologies.net
![Page 9: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/9.jpg)
www.pitechnologies.net
Compiler
It is the program that transfers the human like code into a machine code
Compiler targets certain machine (processor architecture)
Input is source file, output is object file
www.pitechnologies.net
![Page 10: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/10.jpg)
www.pitechnologies.net
Linker
It is a program that gathers all the object files (compiler output) into a single exe file
Gathering object files into a single exe file is called static linking, while linking object file with an external lib is called dynamic linking
www.pitechnologies.net
![Page 11: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/11.jpg)
www.pitechnologies.net
EXE file
It is the final product (runnable file) in the compiler based languages
www.pitechnologies.net
![Page 12: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/12.jpg)
www.pitechnologies.net
Compiler Example
GCC
GNU C Compiler
www.pitechnologies.net
![Page 13: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/13.jpg)
www.pitechnologies.net
Interpreter
It is an application that runs the source code without compiling
A programming language is either interpreter based or compiler based
www.pitechnologies.net
![Page 14: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/14.jpg)
www.pitechnologies.net
Interpreter Example
Python
Perl
Shell scripting
PHP
www.pitechnologies.net
![Page 15: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/15.jpg)
www.pitechnologies.net
Compiler VS Interpreter
Which is better ?
Wrong Question
www.pitechnologies.net
![Page 16: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/16.jpg)
www.pitechnologies.net
UsageCompiler Interpreter
Size Large Projects Small Projects
Reuse High reusability Low reusability
Output Application Script
Functions Multi Function Single Function
www.pitechnologies.net
![Page 17: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/17.jpg)
www.pitechnologies.net
Portability Concept
www.pitechnologies.net
![Page 18: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/18.jpg)
www.pitechnologies.net
Why Java ?
Portability
www.pitechnologies.net
![Page 19: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/19.jpg)
www.pitechnologies.net
Portability
It means that you can run the same executable file on different platforms
Operating System + Processor Architecture
www.pitechnologies.net
![Page 20: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/20.jpg)
www.pitechnologies.net
Illustration
Platform 1Platform 2
Bin 2 Bin 1
www.pitechnologies.net
![Page 21: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/21.jpg)
www.pitechnologies.net
Illustration
Platform 1Platform 2
Bin 2 Bin 1
Bin 0
JVM
JVM
Bin 0
JVM
JVM
www.pitechnologies.net
![Page 22: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/22.jpg)
www.pitechnologies.net
Benefits
We will change only one app for each new platform, the JVM
We don’t need to change all the apps for each new platform
www.pitechnologies.net
![Page 23: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/23.jpg)
www.pitechnologies.net
Security is a Must
![Page 24: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/24.jpg)
www.pitechnologies.net
Laptops Phones Employees
Secure the following …
![Page 25: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/25.jpg)
www.pitechnologies.net
Security Concepts
![Page 26: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/26.jpg)
www.pitechnologies.net
CIA Triangle
![Page 27: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/27.jpg)
www.pitechnologies.net
Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and
proprietary information
![Page 28: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/28.jpg)
www.pitechnologies.net
Integrity
Guarding against improper information modification or destruction, including
ensuring information nonrepudiation and authenticity
![Page 29: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/29.jpg)
www.pitechnologies.net
Availability
Ensuring timely and reliable access to and use of information
![Page 30: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/30.jpg)
www.pitechnologies.net
Common Attacks
![Page 31: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/31.jpg)
www.pitechnologies.net
Phishing Session HiJacking
Password Reuse Sniffing
1 2
3 4
![Page 32: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/32.jpg)
www.pitechnologies.net
Phishing
![Page 33: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/33.jpg)
www.pitechnologies.net
Session HiJacking
S E R V E R
Client
Username + Password + remember me
Cookie
Cookie
![Page 34: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/34.jpg)
www.pitechnologies.net
Session HijackingS E R V E R
Attacker
Victim Machine
Text + JavaScript
XSSText + JavaScript
Text: Display JS: Run
Cook
ie
![Page 35: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/35.jpg)
www.pitechnologies.net
Password Reuse
Q?Do you reuse your password
for many sites ?
![Page 36: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/36.jpg)
www.pitechnologies.net
Don’t Do this !
![Page 37: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/37.jpg)
www.pitechnologies.net
Sniffing
Local Network
Who ?Public/Cafe/Free Wifi
CookiesUnencrypted Traffic
![Page 38: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/38.jpg)
www.pitechnologies.net
Security Facts
![Page 39: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/39.jpg)
www.pitechnologies.net
Do you know ..
![Page 40: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/40.jpg)
www.pitechnologies.net
100 Billion $ Cost of Cyber Crimes / Year
100,000,000,000
![Page 41: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/41.jpg)
www.pitechnologies.net
556 Million Victims / Year of Cyber Crimes
~ 18 Victim / Second
556,000,000
![Page 42: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/42.jpg)
www.pitechnologies.net
216,000 FB Accounts hacked / Year
~ 600 Account / Day
216,000
![Page 43: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/43.jpg)
www.pitechnologies.net
36 % of Cyber attacks target Companies’ networks
and websites
36 %
![Page 44: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/44.jpg)
www.pitechnologies.net
Does not sound serious yet ..
![Page 45: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/45.jpg)
www.pitechnologies.net
Think of ..
![Page 46: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/46.jpg)
www.pitechnologies.net
Losing all business/personal
data
1
![Page 47: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/47.jpg)
www.pitechnologies.net
A competitor getting an access to your
computer
2
![Page 48: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/48.jpg)
www.pitechnologies.net
Employees getting access to confidential
documents
3
![Page 49: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/49.jpg)
www.pitechnologies.net
A virus halts your office/home computers
for a week
4
![Page 50: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/50.jpg)
www.pitechnologies.net
A customer see your website/blog/Facebook page down, or hacked
5
![Page 51: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/51.jpg)
www.pitechnologies.net
Some one is reading and sending messages from
your inbox
6
![Page 52: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/52.jpg)
www.pitechnologies.net
It is not an easy job for an attacker to do the previous issues, however Don’t worry much ..
YOUHelp him doing this
![Page 53: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/53.jpg)
www.pitechnologies.net
Do you want to know how you are helping the
attacker ?
![Page 54: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/54.jpg)
www.pitechnologies.net
Finally
![Page 55: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/55.jpg)
www.pitechnologies.net
Learn .. Think .. Code ..
![Page 56: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/56.jpg)
www.pitechnologies.net
Change Passwords .. Dont trust Public Networks ..
Stay Secure ..
![Page 57: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/57.jpg)
www.pitechnologies.net
Easy to Remember Hard to Guess
• word site number
• ahmedfb21@!
• aHMeDFB21@!
• zHMdDRG21@!
!
• Pass for gmail: using gm can be: zHMdDTJ21@!
ahmedfb2121
use shift with second 21
use shift with non vowel letters
use the key below the vowel letter in the keyboard
use the key above the letter in the keyboard for the site letters f,b
![Page 58: Basics of Software and Security](https://reader038.vdocuments.mx/reader038/viewer/2022103113/553a96ef5503463a458b4590/html5/thumbnails/58.jpg)
www.pitechnologies.net
Thanks for listening :)[email protected] skype: ahmedyossef.21
facebook.com/PiTechnologies.page