- Prologue
- Security: Heartbleed bug
- Security: Bash / Shellshock bug
- Security: IoE-Internet of Everything
- Security: Vishing- Voice Phishing
- Security: COWL
- Chip: Raspberry Pi
- Chip: System on Chip (SoC)
- Soc.Service: Facebook’s Internet Drones
- Soc.Service: Facebook Safety Check App
- Soc.Service: Google ILIA
- Soc.Service: Saransh tool by CBSE
Prologue
- Collection of IT related topics from Sept. to Nov Week1 in Hindu.
- Relevance: Mains GS3- Awareness in the field of IT.
- I believe maximum “aukaat” of any of these topics = 100 words question. Hence not going very deep.
Security: Heartbleed bug
Heartbleed bug Mechanism
- When? Reported in April 2014
- OpenSSL: Open Secure Sockets Layer- is a security standard encrypting communications between user and server.
- OpenSSL sends “signal” from user computer to sever, at regular interval, to ensure that server is online. This mechanism is called “Heartbeat”.
- But there was a coding-mistake in it. Hacker could send a “malicious” heartbeat (signal) to server, and server would responds back by sending him your username, password and other sensitive information.
- Hence called “heart-bleed” bug.
- Solution : servers need to patch their openSSL system and users need to change their passwords.
- Danger level: Heartbleed bug considered less dangerous than Shellshock bug, because it allows hackers to only ‘spy’ on the data transfer between user and server.but he cannot control the user’s system.
Security: Bash / Shellshock bug
- When? Reported in September 2014
- Linux, Android and Mac-OS are Unix based operating systems.
- Bash is a shell-command software in Unix computers and servers.
- Using a security vulnerability in this software, hacker can control entire system.
- Solution: Companies have released software patches but experts believe they’re incomplete.
Why Shellshock more dangerous than Heartbleed?
- Doesn’t require professional hacking expertise. Even a “script-kiddie” can copy paste a few codes and hack the system via internet.
- Any internet connected device is vulnerable- even the linux system used in cars, cameras, android phones, iphones and even the Raspberry Pi.
- Using Hearbleed, hacker could only “spy” on your computer but he couldnot “control” your system. But shellshock permits both spying and system-control. So, hacker can even commit “first online murder” via “internet of everything”.
Security: IoE-Internet of Everything
- At present, We are living in “Internet of Things”. But 99% of the things are not connected to Internet.
- CISCO research predicts by 2020, we’ll evolve to next stage-“Internet of everything” (IoE).
- IoE concept: Using micro sensors and internet, everyday objects will become connected and intelligent.
- For example- lights, Air-conditions, doorlocks, wearable heart monitors that are controlled via internet.
| 2007 | Ex-US Vice President Dick Cheney asked doctors to disable “wireless” facility in his pacemaker. He feared terrorists could hack and stop the pace-maker to assassinate him. |
| 2014, Oct |
|
- Directly: via hacking Pacemakers, insulin pumps, hospital ventilators etc.
- Indirectly: via spying on your personal data or framing you for a cybercrime=>extortion =>suicide.
Security: Vishing- Voice Phishing
- When? Going on since a long time but Hindu column in Oct 2014.
- Vishing means Voice Phishing. In phishing: you’re misdirected to a fake bank website. In Vishing: you’re misdirected to a fake helpline. Modus Operandi is following:
- Fraudster obtains your profile picture, date of birth, education, residential information from your social media profile.
- He call you claiming “I’m from bank. I need to verify your details.” He mentions your DoB, education etc. to gain trust.
- Then he says “there is a security problem, your account is deactivated because of unauthorized transaction, please call the call this xyz emergency number.”
- But he has created a fake helpline number, with automated voice messages. Customer believes it to be authentic bank helplines, and gives credit card PIN, CVV; netbanking username, password etc.
- Another trick- he says you’ve won i-phone but need to transfer xyz sum to xyz account as courier charges.
Security: COWL
- Confinement with Origin Web Labels (COWL) launched in 2014, October.
- Works with Mozilla’s Firefox Google’s Chrome web browsers.
Yes but what’s its function?
- Nowadays, website aggregate content from multiple sites and display information. For example, a blogpage with embedded youtube video and picasa/flickr slideshow.
- Hackers design such innocent looking webpages with malicious JavaScript code hidden in them.
- COWL confines the JavaScript only to the given browser tab and prevents malicious codes from information to unauthorised third party website.
Chip: Raspberry Pi
Raspberry Pi compuer
| When? | This device launched in 2012 but making news again in Hindu September 2014. hence important. |
| Who? | UK based Raspberry Pi foundation. |
| What? |
|
| CPU |
|
| Max RAM | 512 MB |
| Storage | 6 to 32GB SD cards. |
| OS |
|
| Cost |
|
- They’re Planning to add touch-screen to it next year to make a dirt cheap tablet.
- Will help bringing down digital divide in South Asian and African countries.
- Lot more can be written about its potential uses, but max. aukaat of such gadget topic is 100 words. For that, above content sufficient.
Chip: System on Chip (SoC)
| When? | Been in news since 2010-11. But again appeared in Hindu Nov 2014. Hence important. |
| Who? | DRDO- Defence Research & Development Organisation |
| What? |
|
Purpose
- At present, missiles have on-board computer (OBC).
- With separate components like CPU, memory, IO-devices weighting ~4-5 kilos.
- Together, they launch and guide the missile towards its direction.
Now, DRDO combined all those components into a single chip called “System on Chip” (SoC). Benefits of SoC?
- Processing speed increased by 6-7 times.
- 50% cheaper in cost.
- Hardly 200 gms weight. Means more space for fuel and warheads.
- Reduced power consumption.
- Will be used in Astra missile (Air to Air), Tejas, Mig-29 and Su-30 MKI.
- SoC is not a completely new invention. USA, Israel, China already have such chips. But this one is indigenously developed in India= just like Nirbhay we got “experience building”, will help in future inventions, will make us self-reliant.
Soc.Service: Facebook’s Internet Drones
- Today only 1/3rd of world population has internet connectivity.
- Mark Zuckerberg and internet.org aim to provide affordable internet to remaining 2/3rd of world population.
- They plan to launch Internet-carrying solar-powered drones by 2015.
- They’ll beam wireless internet using laser. Thus those drones will act as ‘wifi-hotspots’.
- Size: big as Boeing 747 commercial aircraft.
Challenges in regulation:
- These drones will have to fly above weather at 65,000 feet. But no international regulations exist for that range.
- Present rule is “One pilot per plane”. Need new rules to permit 1 (ground based) pilot/operator to manage multiple drones.
Competition from google:
- Google already acquired Titan Aerospace- start company making such solar-powered drones. Facebook had to buy another British company.
- Google already working on “Project Loon” to give net connectivity via balloons in stratosphere. Although facebook brags that drones tougher and long-lasting than ballons.
Soc.Service: Facebook Safety Check App
Facebook Safety app for Disaster Management
- 2011: Japan Tsunami, Facebook had created a separate message board to help Japanese members tell their friends they’re ok.
- 2014, Oct: Based on that model, Facebook launched the “Safety check app”
- During an earthquake and other disasters, user can tick “I’m ok or I’m not in the area”. User can also mark his friends as ‘safe’.
- His friends will be notified, so they can stop worrying.
- Will benefit facebook’s 1.3 billion users
- Will work even on basic phones in third world countries.
Soc.Service: Google ILIA
| When? | Nov 2014 |
| What? | Indian Language Internet alliance (ILIA) |
| Who? | Google, CDAC, NDTV, Network 18 & other content providers. |
| Objective? |
|
But why?
- ~200 million Indians know English.
- 5 million net users added every months, Most of them via mobile devices and don’t know English.
- Google has implemented voice search in Hindi, and launched a website, www.hindiweb.com, to help users get Hindi webpages.
Soc.Service: Saransh tool by CBSE
Saransh CBSE tool for Class9 to 12-school & student performance
- CBSE: central board of secondary education.
- Since 2009 they were conducting two tests on class 9 to 12 students.
- Continuous and Comprehensive evaluation (CCE)
- Problem Solving Assessments (PSA).
- Now those statistics loaded into CBSE’s Online tool “Saransh”. (2014, November)
- At present, only teachers given username and passwords. Later facility will be given to parents as well. So they can check performance of their kids and even decide which school is better for admission.
- Schools can compare performance of their students at state, regional and all India level. And make corrective steps accordingly.
![[Public Health] Drug Menace in India, National Policy for Drug Demand Reduction 2014](https://mrunal.org/wp-content/uploads/2015/01/Cover-Charas-500x383.gif)
![[IT-Security] White-Fi Internet, Digital Locker, Antikythera Computer, Detekt-Regin, Nanodot Charger, Ezhil Language, Logbar Ring](https://mrunal.org/wp-content/uploads/2015/01/Cover-White-Fi-500x383.jpg)
thanks a ton bhai..you are helping student like me who can’t afford coaching..God bless you
bhai ye sare topics is sal ke mains keliye hai
ya agle sal ke
pls reply
for this year’s mains exam (2014)
Sir can we please have an option to remove the images while printing the articles. It will reduce the number of sheets required.
thanks a lot…
Dear sir i m serving and i can not afford to go to any coaching institutios. I appeared in 2013 and 2014 prelims but could not pass. Can u tell me exactly what all topics should i prepare as i m going through each n every topic of all d subjects which is time consuming moreover mind starts saying no more space soon .pls give me the gurumantra i want to just triump over this exam in 2015.
sir if possible pls upload
topic list
of science and
tech current affairs for mains……I mean June July Aug….as we did
concentrate on paper much….due to prelims….
sorry we* didn’t*
any article coming on IR- Ukraine or ISIS. Please tell sir
Absolutely amazing!! Was aware of Vishing only.
Thanks alot sir … your articles make us to analyse the news properly.
Very Nice Article-i was aware of only few things in space tech from hindu,but this one is Comprehensive one Mrunal Ji+ Shivram.good work THANKS.
Very Nice Article Mrunal………..Thanks
very nice article….thanx alot
Very good article…
What is Shell. (Not going to be asked by UPSC cause they discriminate towards Computer walas :-( )
Kernel is the inner machine level core of O.S, which cannot be programmed so easily, works in machine code & we don’t want everyone to have access to it for security purpose. Shell is the intermediate b/w Kernel and user. In the end, all commands goto Kernel which is the real boss of hardware and all CPU process. Bash is one of many commands that are used to program/control/command Kernel. A flaw in shell gives access to Kernel and if anyone reached a Kernel, then he has access to all computer resources, in other words he is the Super user working at level 0.
Another Trivial fact.
When Playstation 2 was first introduced, Sony Japan was afraid that it could be used by countries in their missle programs who still did not access to computers under MTCR and hence the delay in Global launch. That’s what an “On board Computer ” is. It’s that simple
Its really very helpful sight for student
thanks Mrunanl Bhai for giving us such valuable articles. thanks sir,
gud article
thank you sir ….
but ye saare topics aap laate kahan se ho? ne 1 source?
Hi Sir,
I read your articles but I feel I should keep them for my future reading as well for 2015 UPSC. I save all the articles after reading but I feel I should take the print outs as I am much comfortable in reading from hardcopy . But they are so many and till next year it will be a huge bunch. I am confused. Plz suggest what could be the right strategy?
Hi Anurag,
I’m preparing for 2015 as well. If i may suggest, try to make more concise hand-written notes with flowcharts, etc from Mrunal sir’s notes. That way you will remember more and you can deal with the topic the day sir publishes it, instead of having a pile of stuff to read next year. :-)
That’s what I am doing and it helps me a lot!
Do I need to read current series for next years mains?
But, Internet of Everything (IoE) is just marketing term of CISCO. Internet of Things (IoT) is the only real term coined by Computer Scientists and Researchers..
@Mrunal Sir
Could you please elaborate Botnet ?
Sir i am to focus CAPF-2015,Please with every topic give importance in context of CAPF….will b so helpfull for us
Hii.. Has anyone who has submitted DAF by hand got back any mail from upsc ??
If not, any idea by when do they send it usually.
I posted the DAF on 5 Nov 2014 and received the confirmation email on 17 Nov 2014 that UPSC has received the same.
Keep Bringing these Articles… Thanks a lot Mrunal … :)
Thanks a lot mtunal ji…
Can anyone plz explain me what is visa on arriving facility??
sir i am not able to save as pdf whats the process…and thanks for all the articles
use google chrome browser…click on the print option at the bottom of article..the (ctrl +P) ..there will be option of save as pdf…
thanku so much mrunal sir…..
GREAT WORK BY YOU
By sharing these points you are just fetching out the pearls from the ocean for us.
Sir, as there are too many things to be covered up and of course to be retained, revision is becoming the matter of black hole. What can be done so as to concise the retention at the same time covering all the topics
Your effort and help is much appreciated. Its wonderful!