Cyber Security in India : Role of CERT-In

CERT-In is a low-profile (Indian) government organization.

The Government of India established the Computer Emergency Response Team  (“CERT-IN”) to ensure Internet security. Many institutions, including the Ministry of Home Affairs, courts, the intelligence services, the police, and the National Human Rights Commission, may call on it for specialist expertise. CERT-IN’s stated mission is “to enhance the security of India’s Communications and Information Infrastructure through proactive action and effective collaboration” [Source]

I had a chance to visit CERT-In last week. The experience was overall good, unlike the typical dirty government office with laid-back employees, I saw employees enthusiastic about their work (and a colorful office).
Read More

A preliminary analysis of “Bom Sabado” orkut worm

So, today morning I received an email saying I recieved an orkut scrap from a friend with contents “Bom Sabado”.
Within a minute,  I received same scrap from another friend. Now getting the feel that this must be some sort of worm, I decided to open Orkut with firebug logging enabled to see what’s going on.
It turns out that its a typical case of Cross-Site Scripting (XSS), the attacked is able to include and execute its own script from hxxp://tptools.org/worm.js and the contents of scrap are able to by-pass orkut sanitization.
Read More

Is HTTPS secure?

We all use HTTPS and vaguely understands it as a more secure form of communication. This article is aimed at better understanding of HTTPS and how secure it is.
Read More

BlackBerry Controversy in India

Indian Govt. has asked RIM (maker of BlackBerry smart phone) to provide access to the data going through its servers for intelligence purposes and it appears that BlackBerry has accepted the demands. Due to the lack of understanding of encryption on the part of Indian media, misleading and ambiguous reports have been published on the same. This blog post is an effort to clarify the same.
Read More

Animation in diagrams (presentations in Latex)

While most people draw diagrams in Xfig (or GIMP) and include them in LaTeX, they can be drawn directly in LaTeX (using tikz package).
A major advantage of doing that is animation (\pause) is possible when using these diagrams in presentations(based on beamer)

Following is an example demonstrating that (code released under BSD license)
Read More

Basic GDB Tutorial

So, you believe there are bugs in your C/C++ code or you have encountered SEGFAULT while executing your code. What will you do?

  1. write a lot of printf statements at various places in your code under suspicion
    OR
  2. use gdb (GNU code debugger)

This article is about Approach 2
Read More

Programming in Linux for newbies

This is meant to be a small guide (though not exhaustive) for students beginning to program on Linux system. Particularly for those, who have done extensive C/C++ programming in Windows, using the Borland/Turbo interface or the Visual C++ interface, and are greatly intimidated by the Linux platform.
Read More