5¼-inch floppy disk

The situation was even more complex with 5¼-inch diskettes. The head gap of an 80-track high-density (1.2 MB in the MFM format) drive is shorter than that of a 40-track double-density (360 kB) drive, but will format, read and write 40 track diskettes with apparent success provided the controller supports double stepping (or the manufacturer fitted a switch to do double stepping in hardware). A blank 40 track disk formatted and written on an 80 track drive can be taken to a 40 track drive without problems, similarly a disk formatted on a 40 track drive can be used on an 80 track drive. But a disk written on a 40 track drive and updated on an 80 track drive becomes permanently unreadable on any 360 kB drive, owing to the incompatibility of the track widths (special, very slow programs could have been used to overcome this problem). There are several other bad scenarios. Sony VAIO VGN-NR11Z/T Battery<o:p>

Prior to the problems with head and track size, there was a period when just trying to figure out which side of a "single sided" diskette was the right side was a problem. Both Radio Shack and Apple used 180 kB single-sided 5¼-inch disks, and both sold disks labeled "single sided" that were certified for use on only one side, even though they in fact were coated in magnetic material on both sides. The irony was that the disks would work on both Radio Shack and Apple machines, yet the Radio Shack TRS-80 Model I computers used one side and the Apple II machines used the other, regardless of whether there was software available which could make sense of the other format. Sony VAIO VGN-NR11S/S Battery<o:p>

ed 5.25-inch diskettes to double-sided.<o:p>

In the 1980s, users could purchase a special tool called a disk notcher which would allow them to cut a second write-unprotect notch in these diskettes and thus use them as "flippies" (either inserted as intended or upside down): both sides could now be written on and thereby the data storage capacity was doubled. Other users made do with a steady hand and a hole punch or scissors. For re-protecting a disk side, one would simply place a piece of opaque tape over the notch or hole in question. Sony VAIO VGN-NR11Z/S Battery<o:p>

These "flippy disk procedures" were followed by owners of practically every home-computer with single sided disk drives. Proper disk labels became quite important for such users. Flippies were eventually adopted by some manufacturers, with a few programs being sold in this medium (they were also widely used for software distribution on systems that could be used with both 40 track and 80 track drives but lacked the software to read a 40 track disk in an 80 track drive). The practice eventually faded with the increased use of double-sided drives capable of accessing both sides of the disk without the need for flipping. Sony VAIO VGN-NR11Z/T Battery<o:p>

More on floppy disk formats<o:p>

Efficiency of disk space usage<o:p>

In general, data is written to floppy disks in a series of sectors, angular blocks of the disk, and in tracks, concentric rings at a constant radius, e.g. the HD format of 3½-inch floppy disks uses 512 bytes per sector, 18 sectors per track, 80 tracks per side and two sides, for a total of 1,474,560 bytes per disk. (Some disk controllers can vary these parameters at the user's request, increasing the amount of storage on the disk, although these formats may not be able to be read on machines with other controllers; e.g. Microsoft applications were often distributed onDistribution Media Format (DMF) disks, a hack that allowed 1.68 MB (1680 kB) to be stored on a 3½-inch floppy by formatting it with 21 sectors instead of 18, while these disks were still properly recognized by a standard controller.) Sony VAIO VGN-NR11Z/T BatteryOn the IBM PC and also on the MSX, Atari ST, Amstrad CPC, and most other microcomputer platforms, disks are written using a Constant Angular Velocity (CAV)—Constant Sector Capacity format.^{[citation needed]} This means that the disk spins at a constant speed, and the sectors on the disk all hold the same amount of information on each track regardless of radial location. Sony VAIO VGN-CR42Z Battery<o:p>

However, this is not the most efficient way to use the disk surface, even with available drive electronics.^{[citation needed]} Because the sectors have a constant angular size, the 512 bytes in each sector are packed into a smaller length near the disk's center than nearer the disk's edge. Sony VAIO VGN-CR42Z Battery<o:p>

 A better technique would be to increase the number of sectors/track toward the outer edge of the disk, from 18 to 30 for instance, thereby keeping constant the amount of physical disk space used for storing each 512 byte sector (see zone bit recording). Apple implemented this solution in the early Macintosh computers by spinning the disk slower when the head was at the edge while keeping the data rate the same, allowing them to store 400 kB per side, amounting to an extra 160 kB on a double-sided disk. Sony VAIO PCG-5G3L Battery<o:p>

 This higher capacity came with a serious disadvantage, however: the format required a special drive mechanism and control circuitry not used by other manufacturers, meaning that Mac disks could not be read on any other computers. Apple eventually gave up on the format and usedconstant angular velocity with HD floppy disks on their later machines; these drives were still unique to Apple as they still supported the older variable-speed formats. Sony VAIO PCG-5J2L Battery<o:p>

Commodore 64/128<o:p>

Commodore started its tradition of special disk formats with the 5¼-inch disk drives accompanying its PET/CBM, VIC-20 and Commodore 64 home computers, the same as the 1540and 1541 drives used with the later two machines. The standard Commodore Group Code Recording (GCR) scheme used in 1541 and compatibles employed four different data rates depending upon track position (see zone bit recording). Tracks 1 to 17 had 21 sectors, 18 to 24 had 19, 25 to 30 had 18, and 31 to 35 had 17, for a disk capacity of 170 kB (170.75 KB). Sony VAIO PCG-5K1L Battery<o:p>

Unique among personal computer architectures, the operating system on the computer itself was unaware of the details of the disk and filesystem; disk operations were handled byCommodore DOS instead, which was implemented with an extra MOS-6502 processor on the disk drive. Many programs such as GEOS removed Commodore's DOS completely, and replaced it with "fast loading" programs in the 1541 drive. Sony VAIO PCG-6S1L Battery<o:p>

Eventually Commodore gave in to disk format standardization, and made its last 5¼-inch drives, the 1570 and 1571, compatible with Modified Frequency Modulation (MFM), to enable theCommodore 128 to work with CP/M disks from several vendors. Equipped with one of these drives, the C128 was able to access both C64 and CP/M disks, as it needed to, as well as MS-DOS disks (using third-party software), which was a crucial feature for some office work. Sony VAIO PCG-6W2L Battery<o:p>

Commodore also offered its 8-bit machines a 3½-inch 800 kByte disk format with its 1581 disk drive, which used only MFM. Sony VAIO PCG-8Y1L Battery<o:p>

The GEOS operating system used a disk format that was largely identical to the Commodore DOS format with a few minor extensions; while generally compatible with standard Commodore disks, certain disk maintenance operations could corrupt the filesystem without proper supervision from the GEOS Kernel. Sony VGP-BPS13 Battery<o:p>

The combination of DOS and hardware (810, 1050 and XF551 disk drives) for Atari 8-bit floppy usage allowed sectors numbered from 1 to 720. The DOS' 2.0 disk bitmap provides information on sector allocation, counts from 0 to 719. As a result, sector 720 could not be written to by the DOS. Some companies used a copy protection scheme where "hidden" data was put in sector 720 that could not be copied through the DOS copy option. Another more-common early copy-protected scheme simply did not record important sectors as "used" in the FAT, so the DOS Utility Package (DUP) did not duplicate them. All of these early techniques were thwarted by the first program that simply duplicated all 720 sectors. Sony VAIO VGP-BPS13A/B Battery<o:p>

Later DOS versions (3.0 and later 2.5) and DOS systems by third parties (i.e. OSS) accepted (and formatted) disks with up to 960 and 1020 sectors, resulting in 127KB storage capacity per disk side on drives equipped with double-density heads (i.e. not the Atari 810) vs. previous 90KB. That unusual 127K format allowed sectors 1-720 to still be read on a single-density 810 disk drive, and was introduced by Atari with the 1050 drive with the introduction of DOS 3.0 in 1983. Sony VAIO VGP-BPS13A/B Battery<o:p>

A true 180K double-density Atari floppy format used 128 byte sectors for sectors 1-3, then 256 byte sectors for 4-720. The first three sectors typically contain boot code as used by the onboard ROM OS; it's up to the resulting boot program (such as SpartaDOS) to recognize the density of the formatted disk structure. While this 180K format was developed by Atari for their DOS 2.0D and their (canceled) Atari 815 Floppy Drive, that double-density DOS was never widely released and the format was generally used by third-party DOS products. Under the Atari DOS scheme, sector 360 was the FAT sector map, and sectors 361-367 contained the file listing. The Atari-brand DOS versions and compatible used three bytes per sector for housekeeping and to link-list to the next sector. Sony VAIO VGP-BPS13/S Battery<o:p>

Third-party DOS systems added features such as double-sided drives, subdirectories, and drive types such as 1.2 MByte and 8". Well-known 3rd party Atari DOS products included SmartDOS (distributed with the Rana disk drive), TopDos, MyDos and SpartaDOS. Sony VAIO VGP-BPS13A/S Battery<o:p>

The Commodore Amiga computers used an 880 kByte format (11×512-byte sectors per track) on a 3½-inch floppy. Because the entire track is written at once, inter-sector gaps could be eliminated, saving space. The Amiga floppy controller was basic but much more flexible than the one on the PC: it was free of arbitrary format restrictions, encoding such as MFM and GCR could be done in software, and developers were able to create their own proprietary disc formats. Because of this, foreign formats such as the IBM PC-compatible could be handled with ease (by use of CrossDOS, which was included with later versions of AmigaOS). Sony VAIO VGP-BPS13B/S Battery<o:p>

 With the correct filesystem driver, an Amiga could theoretically read any arbitrary format on the 3½-inch floppy, including those recorded at a slightly different rotation rate. On the PC, however, there is no way to read an Amiga disk without special hardware, such as a CatWeasel, or a second floppy drive,^[35]which is also a crucial reason for an emulator being technically unable to access real Amiga disks inserted in a standard PC floppy disk drive. Sony VAIO VGP-BPS13/Q Battery<o:p>

Commodore never upgraded the Amiga chip set to support high-density floppies, but sold a custom drive (made by Chinon) that spun at half speed (150 RPM) when a high-density floppy was inserted, enabling the existing floppy controller to be used. This drive was introduced with the launch of the Amiga 3000, although the later Amiga 1200 was only fitted with the standard DD drive. The Amiga HD disks could handle 1760 kByte, but using special software programs it could hold even more data. A company named Kolff Computer Supplies also made an external HD floppy drive (KCS Dual HD Drive) available which could handle HD format diskettes on all Amiga computer systems.^[36] Sony VAIO VGP-BPS13A/Q Battery<o:p>

Because of storage reasons, the use of emulators and preserving data, many disks were packed into disk-images. Currently popular formats are .ADF (Amiga Disk File), .DMS(DiskMasher) and .IPF (Interchangeable Preservation Format) files. The DiskMasher format is copyright-protected and has problems storing particular sequences of bits due to bugs in the compression algorithm, but was widely used in the pirate and demo scenes. ADF has been around for almost as long as the Amiga itself though it was not initially called by that name. Only with the advent of the Internet and Amiga emulators has it become a popular way of distributing disk images. The proprietary IPF files were created to allow preservation of commercial games which have copy protection, which is something that ADF and DMS unfortunately cannot do. Sony VAIO VGP-BPS13B/Q Battery<o:p>

Acorn Electron, BBC Micro, and Acorn Archimedes<o:p>

The British company Acorn used non-standard disk formats in their 8-bit BBC Micro and Acorn Electron, and their successor the 32-bit Acorn Archimedes. Acorn however used standard disk controllers — initially FM, though they quickly transitioned to MFM. The original disk implementation for the BBC Micro stored 100 KB (40 track) or 200 KB (80 track) per side on 5¼-inch disks in a custom format using the Disc Filing System (DFS). Sony VAIO VGN-FW21E Battery<o:p>

Because of the incompatibility between 40 and 80 track drives, much software was distributed on combined 40/80 track discs. These worked by writing the same data in pairs of consecutive tracks in 80 track format, and including a small loader program on track 1 (which is in the same physical position in either format). The loader program detected which type of drive was in use, and loaded the main software program straight from disc bypassing the DFS, double-stepping for 80 track drives and single-stepping for 40 track. Sony VAIO VGN-FW21I Battery<o:p>

This effectively achieved downgraded capacity to 100 KB from either disk format, but enabled distributed software to be effectively compatible with either drive. Sony VAIO VGN-FW21L Battery<o:p>

For their Electron floppy disk add-on added, Acorn picked 3½-inch disks and developed the Advanced Disc Filing System (ADFS). It used double-density recording and added the ability to treat both sides of the disk as a single drive. This offered three formats: S (small) — 160 KB, 40-track single-sided; M (medium) — 320 KB, 80-track single-sided; and L (large) — 640 KB, 80-track double-sided. ADFS provided hierarchical directory structure, rather than the flat model of DFS. ADFS also stored some metadata about each file, notably a load address, an execution address, owner and public privileges, and a "lock" bit. Even on the eight-bit machines, load addresses were stored in 32-bit format, since those machines supported 16 and 32-bit coprocessors. Sony VAIO VGN-FW21Z Battery<o:p>

<o:p> 

The ADFS format was later adopted into the BBC line upon release of the BBC Master. The BBC Master Compact marked the move to 3½-inch disks, using the same ADFS formats. Sony VAIO VGN-FW21M Battery<o:p>

The Acorn Archimedes added D format, which increased the number of objects per directory from 44 to 77 and increased the storage space to 800 KB. The extra space was obtained by using 1024 byte sectors instead of the usual 512 bytes, thus reducing the space needed for inter-sector gaps. As a further enhancement, successive tracks were offset by a sector, giving time for the head to advance to the next track without missing the first sector, thus increasing bulk throughput. The Archimedes used special values in the ADFS load/execute address metadata to store a 12-bit filetype field and a 40-bit timestamp. Sony VAIO VGN-FW31M Battery<o:p>

RISC OS 2 introduced E format, which retained the same physical layout as D format, but supported file fragmentation and auto-compaction. Post-1991 machines including the A5000 and Risc PC added support for high-density disks with F format, storing 1600 KB. However, the PC combo IO chips used were unable to format disks with sector skew, losing some performance. ADFS and the PC controllers also support extended-density disks as G format, storing 3200 KB, but ED drives were never fitted to production machines. Sony PCG-7131L Battery<o:p>

With RISC OS 3, the Archimedes could also read and write disk formats from other machines, for example the Atari ST and the IBM PC. With third party software it could even read the BBC Micro's original single density 5¼-inch DFS disks. The Amiga's disks could not be read as they used unusual sector gap markers. Sony PCG-7z1L Battery<o:p>

The Acorn filesystem design was interesting because all ADFS-based storage devices connected to a module called FileCore which provided almost all the features required to implement an ADFS-compatible filesystem. Because of this modular design, it was easy in RISC OS 3 to add support for so-called image filing systems. These were used to implement completely transparent support for IBM PC format floppy disks, including the slightly different Atari ST format. Computer Concepts released a package that implemented an image filing system to allow access to high density Macintosh format disks. Sony PCG-7133L Battery<o:p>

IBM DemiDiskette media and drive<o:p>

In the early 80s, IBM Rochester developed a 4-inch floppy diskette, the DemiDiskette. This program was driven by aggressive cost goals, but missed the pulse of the industry. The prospective users, both inside and outside IBM, preferred standardization to what by release time were small cost reductions, and were unwilling to retool packaging, interface chips and applications for a proprietary design. The product never appeared in the light of day, and IBM wrote off several hundred million dollars of development and manufacturing facility. IBM obtained patent number U.S. Patent 4,482,929 on the media and the drive for the DemiDiskette. At trade shows, the drive and media were labeled "Brown" and "Tabor"Sony VAIO PCG-5G3L Battery<o:p>

Auto-loaders<o:p>

IBM developed, and several companies copied, an autoloader mechanism that could load a stack of floppies one at a time into a drive unit. These were very bulky systems, and suffered from media hangups and chew-ups more than standard drives,^{[citation needed]} but they were a partial answer to replication and large removable storage needs. The smaller 5¼- and 3½-inch floppy made this a much easier technology to perfect. Sony VAIO PCG-5J2L Battery<o:p>

Floppy mass storage<o:p>

A number of companies, including IBM and Burroughs, experimented with using large numbers of unenclosed disks to create massive amounts of storage. The Burroughs system used a stack of 256 12-inch disks, spinning at a high speed. The disk to be accessed was selected by using air jets to part the stack, and then a pair of heads flew over the surface as in any standard hard disk drive. This approach in some ways anticipated the Bernoulli disk technology implemented in the Iomega Bernoulli Box, buthead crashes or air failures were spectacularly messy. The program did not reach production. Sony VAIO PCG-5K1L Battery<o:p>

2-inch floppy disks<o:p>

2-inch Video Floppy Disk from Canon.<o:p>

At least two mutually-incompatible floppy disks measuring two inches appeared in the 1980s.<o:p>

One of these, officially referred to as a Video Floppy (or VF for short) was used to store video information for still video cameras such as the original Sony Mavica (not to be confused with later Digital Mavica models) and the Ion and Xapshot cameras from Canon. VF was not a digital data format; each track on the disk stored one video field in the analog interlaced composite video format in either the North American NTSC or European PAL standard. This yielded a capacity of 25 images per disk in frame mode and 50 Sony VAIO PCG-5K1L Battery<o:p>

2-inch LT-1 floppy disk from Fuji.<o:p>

Another one, the LT-1, was digitally formatted - 720 kB, 245TPI, 80 tracks/side, double-sided, double-density. They were used exclusively in the Zenith Minisport laptop computer circa 1989. Although the media exhibited nearly identical performance to the 3½-inch disks of the time, they were not successful. This was due in part to the scarcity of other devices using this drive making it impractical for software transfer, and high media cost which was much more than 3½-inch and 5¼-inch disks of the time. Sony VAIO PCG-6W2L Battery<o:p>

Ultimate capacity and speed<o:p>

The formatted capacities of floppy disks is less than the unformatted capacity, which does not include the sector and track headings required for use of the disk. The amount of capacity lost to this overhead depends on the application of the drive and is beyond the manufacturer's control. Floppy disk drive and floppy media manufacturers specify an unformatted capacity, which is, for example, 2.0 MB for a standard 3½-inch HD floppy. Sony VAIO PCG-8Y1L Battery<o:p>

 It is implied that this data capacity should not be exceeded since exceeding such limitations will most likely degrade the design margins of the floppy system and could result in performance problems such as inability to interchange or even loss of data. However the Distribution Media Format (DMF) was later introduced permitting 1680 KB to fit onto an otherwise standard 3½-inch disk. Utilities then appeared allowing disks to be formatted to this capacity. Sony VAIO PCG-8Z2L Battery<o:p>

Mixtures of decimal SI-style prefixes and binary record lengths required care to properly calculate total capacity. Unlike semiconductor memory, which doubled in size each time an address pin was added to an integrated circuit package and so naturally favored counts that were powers of two, the capacity of a disk drive was the product of the sector size, number of sectors per track, number of tracks per side, (and in hard drives, the number of disk platters in the drive). Individual formatted sector lengths are arbitrarily set as powers of 2 (256 bytes, 512 bytes, etc.), and disk capacity is naturally calculated as multiples of the sector size. This lead to an impure combination of decimal multiples of sectors and binary sector sizes. Sony VAIO PCG-7112L Battery<o:p>

The "1.44 MB" value for the 3½-inch HD floppies is the most widely known example; where the "M" prefix is peculiar to the context of the disk drive and represents neither a decimal million nor a mebibyte 2 ^20. So, the IBM PC 3 1/2 inch diskette labelled "1.44 MB" holds 1.47 MB or 1.41 MiB. Sony VAIO PCG-7131L Battery<o:p>

User available data capacity is a function of the particular disk format used which in turn is determined by the FDD controller manufacturer and the settings applied to its controller. The differences between formats can result in user data capacities ranging from approximately 1300 KB up to 1760 KB (1.80 MB) on a "standard" 3½-inch High Density floppy (and even up to near 2 MB with utilities like 2MGUI). The highest capacity techniques require much tighter matching of drive head geometry between drives; this is not always possible and cannot be relied upon. The LS-240 drive supports a (rarely used) 32 MB capacity on standard 3½-inch HD floppiesSony VAIO PCG-7133L Battery<o:p>

^needed]—it is, however, a write-once technique, and cannot be used in a read/write/read mode. All the data must be read off, changed as needed and rewritten to the disk. The format also requires an LS-240 drive to read. Sony VAIO PCG-7Z2L Battery<o:p>

Double-sided Extended-density (DSED) 3½″ floppy disks, introduced by Toshiba in 1987 and adopted by IBM on the PS/2 in 1994,^[19] operate at twice the data rate and have twice the capacity of DSHD 3½″ FDDs.^[37] The only serious attempt to speed up a 3½” floppy drive beyond 2x was the X10 accelerated floppy drive. It used a combination of RAM and 4x spindle speed to read a floppy in less than six seconds versus the more than one minute of a conventional drive. Sony VAIO VGP-BPS13 Battery<o:p>

3½-inch HD floppy drives typically have a maximum transfer rate of 1000 kilobits/second (minus overhead such as error correction and file handling). (For comparison, a 1x CD transfers at 1200 kilobits per second (maximum), and a 1x DVD transfers at approximately 11,000 kilobits per second.) While the floppy's data rate cannot be easily changed, overall performance can be improved by optimizing drive access times, shortening some BIOS introduced delays (especially on the IBM PC and compatible platforms), and by changing the sector:shiftparameter of a disk. Because of overhead and these additional delays, the average sequential read speed is rather 30–70 KB/s than 125 KB/s. Sony VAIO VGP-BPS13A/B Battery<o:p>

Usability<o:p>

One of the chief usability problems of the floppy disk is its vulnerability. Even inside a closed plastic housing, the disk medium is still highly sensitive to dust, condensation and temperature extremes. As with any magnetic storage, it is also vulnerable to magnetic fields. Blank disks have usually been distributed with an extensive set of warnings, cautioning the user not to expose it to conditions which can endanger it. The disk must not be roughly treated, or removed from the drive if the access light is switched on and the magnetic media is still spinning, since doing so is likely to cause damage to the disk, to the drive head, or to the stored data (most likely the last of these). Sony VAIO VGP-BPS13B/B Battery<o:p>

Users damaging floppy disks (or their contents) were once a staple of "stupid user" folklore among computer technicians. These stories poked fun at users who stapled floppies to papers, made faxes or photocopies of them when asked to "copy a disk," or stored floppies by holding them with a magnet to a file cabinet. The flexible 5¼-inch disk could also (apocryphally) be abused by rolling it into a typewriter to type a label, or by removing the disk medium from the plastic enclosure, the same way a record is removed from its slipsleeve. Also, these same users were, conversely, often the victims of technicians' hoaxes. Stories of them being carried on Subway/Underground systems wrapped in tin-foil to protect them from the magnetic fields of the electric power supply were common (for an explanation of why this is plausible, see Faraday cage). Sony VAIO VGP-BPS13A/S Battery<o:p>

On the other hand, the 3½-inch floppy has also been lauded for its mechanical usability by HCI expert Donald Norman:<o:p>

A simple example of a good design is the 3½-inch magnetic diskette for computers, a small circle of "floppy" magnetic material encased in hard plastic. Earlier types of floppy disks did not have this plastic case, which protects the magnetic material from abuse and damage. A sliding metal cover protects the delicate magnetic surface when the diskette is not in use and automatically opens when the diskette is inserted into the computer. The diskette has a square shape: there are apparently eight possible ways to insert it into the machine, only one of which is correct. What happens if I do it wrong? Sony VAIO VGP-BSP13B/S Battery<o:p>

I try inserting the disk sideways. Ah, the designer thought of that. A little study shows that the case really isn't square: it's rectangular, so you can't insert a longer side. I try backward. The diskette goes in only part of the way. Small protrusions, indentations, and cutouts, prevent the diskette from being inserted backward or upside down: of the eight ways one might try to insert the diskette, only one is correct, and only that one will fit. An excellent design. Sony VAIO VGP-BPS13A/Q Battery<o:p>

^]Disk storage or disc storage is a general category of storage mechanisms, in which data are digitally recorded by various electronic, magnetic, optical, or mechanical methods on a surface layer deposited of one or more planar, round and rotating platters. A disk drive is a device implementing such a storage mechanism with fixed or removable media; with removable media the device is usually distinguished from the media as in compact disc drive and the compact disc. Notable types are the hard disk drive (which contain a non-removable disc), the floppy disk drive and its removable floppy disk, various optical disc drives and associated media. Sony VAIO VGP-BSP13B/Q Battery<o:p>

Musical and audio information was originally recorded by analog methods (see Sound recording and reproduction). Similarly the first video discused analog recording. Analog recording has been mostly replaced by digital optical technology where the data is recorded in a digital format as optical information. Sony VAIO VGP-BSP13Q Battery<o:p>

The first commercial disk storage device, that is the first commercial digital disk storage device, was the IBM RAMAC 350 shipped in 1956 as a part of the IBM 305 RAMAC computing system. Disk storage is now used in both computer storage and consumer electronic storage (e.g., audio CD and video DVD). Sony VAIO VGP-BPS21A Battery<o:p>

The random-access, low-density storage of disks was developed to complement the already used sequential-access high-density storage provided by magnetic tape. Vigorous innovation in disk storage technology, coupled with less vigorous innovation in tape storage, has reduced the density and cost per bit gap between disk and tape, reducing the importance of tape as a complement to disk. Sony VAIO VGP-BPS21A Battery<o:p>

Today disk storage devices typically have a single head that moves across a disk surface; earlier there were fixed head devices with multiple heads per surface but today they are no longer being manufactured. Movable head devices store more data per sensor and usually more per area of the medium. Fixed head devices avoid the seek time, while the head moves to the data.<o:p>

logical blocks (collection of sectors). Blocks are addressed using their logical block addresses (LBA). Read from or writing to disk happens at the granularity of blocks. Sony VAIO VGN-FW21M Battery<o:p>

Originally the disk capacity was quite low and has been improved in one of several ways. Improvements in mechanical design and manufacture allowed smaller and more accurate heads, meaning that more tracks could be used on each of the platters. Advancements in data compression methods created more information in each of the individual sectors, and this was instrumental in allowing drives to store smaller units of data. sectors of data, the smallest unit stored, were reduced and so less wasted space was created. Sony VAIO VGN-FW21I Battery<o:p>

The drive stores data onto cylinders, heads and sectors. The sectors unit is the smallest size of data to be stored in a Hard Disk Drive and each file will have many sectors units assigned to it. The smallest entity in a CD is called a frame, which consists of 33 bytes and contains six complete 16-bit stereo samples (two bytes × two channels × six samples = 24 bytes). The other nine bytes consist of eight CIRC error-correction bytes and one subcode byte used for control and display. Sony VAIO VGN-FW21L Battery<o:p>

The information is sent from the computer processor to the BIOS into a chip controlling the data transfer. This is then sent out to the hard drive via a multi-wire connector. Once the data is received onto the circuit board of the drive, it is translated and compressed into a format that the individual drive can use to store onto the disk itself. The data is then passed to a chip on the circuit board that controls the access to the drive. The drive is divided into sectors of data stored onto one of the sides of one of the internal disks. In the picture opposite we have two disk, this gives us 4 sides. Sony VAIO VGN-FW31M Battery  <o:p>

The hardware on the drive tells the actuator arm where it is to go for the relevant track and the compressed information is then sent down to the head which changes the physical properties, optically or magnetically for example, of each byte on the drive, thus storing the information. A file is not stored in a linear manner, rather, it is held in the best way for quickest retrieval. Sony VAIO VGN-FW31E Battery<o:p>

Mechanically, there are usually two types of motion: the constant rate rotation, which passes the data of a track sequentially under a read head, and the radial (side-to-side) head motion or seek, which selects the track. Rotation is faster than seek, so the logical blocks are related in simple ways to the physical tracks. Sony VAIO VGN-FW31J Battery<o:p>

Interfaces<o:p>

Disk drive interface is the mechanism/protocol of communication between the rest of the system and the disk drive itself. Different interface types include SCSI and SAS for enterprise or high-end disks, ATA (PATA), SATA for desktop disks. Sony VAIO VGN-FW31M Battery<o:p>

Basic terminology<o:p>

Rotation - how the disks spin. Two techniques are common:<o:p>

Constant angular velocity (CAV) keeps the disk spinning at a fixed rate, measured in revolutions per minute (RPM). This means the heads cover more distance per unit of time on the outer tracks than on the inner tracks. This method is typical with computer hard drives.<o:p>

Constant linear velocity (CLV) keeps the distance covered by the heads per unit time fixed. Thus the disk has to slow down as the arm moves to the outer tracks. This method is typical for CD drives. Sony VAIO VGN-FW21Z Battery<o:p>

Sector - an area of disk enclosed within a given central angle (a pie piece)<o:p>

Platter - an individual recording surface. In a hard disk drive we tend to find a set of platters and developments in optical technology have led to multiple recording layers on a singleDVD's.<o:p>

Low level formatting - establishing the tracks and sectors.<o:p>

Track - the circle of recorded data on a single recording surface for a single arm position.<o:p>

Head - the device that reads and writes the information - magnetic or optical - on the disk surface. Sony VGN-FW70DB battery<o:p>

Arm - the mechanical assembly that supports the head as it moves in and out.<o:p>

Seek time - average time needed to move the head to a new position(specific track).<o:p>

Rotational delay - average time, once the arm is on the right track, before a head is over a desired sector. Sony VGN-FW70DB battery<o:p>

Interleave - the spacing between sectors. Sequential sectors were spaced on the media to enable the next sector to be in the correct position under the head once the host was ready to read it. At an interleave factor of 3:1, three full rotations would be required to read an entire track. Due to technological advances almost all hard disk drives since Compaq andWestern Digital defined the AT Attachment standard have used an interleave factor of 1:1. Floppy disks are still usually interleaved. Sony VGN-FW73JGB battery<o:p>

<o:p> 

<o:p> 

 

 

A floppy disk is a data storage medium that is composed of a disk of thin, flexible ("floppy") magnetic storage medium sealed in a square or rectangular plastic carrier lined with fabric that removes dust particles. Sony VAIO VGN-FZ11E Battery<o:p>

Floppy disks are read and written by a floppy disk drive or FDD,^[1] Invented by the American information technology company IBM, floppy disks in 8 inch, 5¼ inch and 3½ inch forms enjoyed nearly three decades as a popular and ubiquitous form of data storage and exchange, from the mid-1970s to the late 1990s. While floppy disk drives still have some limited uses, especially with legacy industrial computer equipment, they have now been superseded by USB flash drives, external hard disk drives, optical discs, memory cards and computer networks. Sony VAIO VGN-FZ11L Battery<o:p>

Internal parts of a 3 1/2-inch floppy disk. 1 is a hole that indicates a high-capacity disk. 2 is the hub that drives. 3 is a shutter that protects the surface when removed from the drive. 4 is the plastic housing, 5 is a polyester sheet that allows the disk media to rotate within the housing. 6 is the magnetic coated plastic disk and 7 is a schematic representation of one sector of data on the disk; the tracks and sectors are not visible. Sony VAIO VGN-FZ11M Battery<o:p>

A small motor in the drive rotates the diskette at a regulated speed, while a second motor-operated mechanism moves the magnetic read–write head, (or heads, if a double-sided drive) along the surface of the disk. Both read and write operations require physically contacting the read–write head to the disk media, an action accomplished by a "disk load" solenoid.^[2] To write data onto the disk, current is sent through a coil in the head. The magnetic field of the coil magnetizes spots on the disk as it rotates; the change in magnetization encodes the digital data. To read data, the tiny voltages induced in the head coil by the magnetization on the disk are detected, amplified by the disk drive electronics, and sent to the Floppy disk controller. The controller separates the data from the stream of pulses coming from the drive, decodes the data, tests for errors, and sends the data on to the host computer system. Sony VAIO VGN-FZ11S Battery<o:p>

A blank diskette has a uniform featureless coating of magnetic oxide on it. A pattern of magnetized tracks, each broken up into sectors, is initially written to the diskette so that the diskette controller can find data on the disk. The tracks are concentric rings around the diskette, with spaces between the tracks where no data is written. Other gaps, where no user data is written, are provided between the sectors and at the end of the track to allow for slight speed variations in the disk drive. Sony VAIO VGN-FZ11Z Battery<o:p>

These gaps are filled with padding bytes that are discarded by the diskette controller. Each sector of data has a header that identifies the sector location on disk. An error checking cyclic redundancy check is written into the sector headers and at the end of the user data so that the diskette controller can detect errors when reading the data. Some errors (soft errors) can be handled by re-trying the read operation. Other errors are permanent and the disk controller will signal failure to the operating system if multiple tries cannot recover the data. Sony VAIO VGN-FZ11E Battery<o:p>

Formatting a blank diskette is usually done by a utility program supplied by the computer operating system manufacturer. Generally the disk formatting utility will also set up an empty file storage directory system on the diskette, as well as initializing the sectors and tracks on a blank diskette. Areas of the diskette that can't be used for storage due to some flaw can be locked out so that the operating system does not attempt to use the "bad sectors". This could be quite time consuming, so many environments had an option to "quick format" which would skip the error checking process. During the heyday of diskette usage, diskettes pre-formatted for popular computers were sold. Sony VAIO VGN-FZ11L Battery<o:p>

Usage<o:p>

The flexible magnetic disk, commonly called floppy disk, ^[3] revolutionized computer disk storage for small systems and became ubiquitous in the 1980s and 1990s in their use with personal computers and home computers to distribute software, transfer data, and create backups. Sony VAIO VGN-FZ11M Battery<o:p>

Before hard disks became affordable, floppy disks were often also used to store a computer's operating system (OS), in addition to application software and data. Most home computers had a primary OS (and often BASIC) stored permanently in on-board ROM, with the option of loading a more advanced disk operating system from a floppy, whether it be a proprietary system, CP/M, or later, DOS. Sony VAIO VGN-FZ11S Battery<o:p>

By the early 1990s, the increasing size of software meant that many programs demanded multiple diskettes; a large package like Windows orAdobe Photoshop could use a dozen disks or more. By 1996, there were an estimated five billion floppy disks in use.^[4] Throughout the 1990s, distribution of larger packages was gradually switched to CD-ROM (or online distribution for smaller programs). Sony VAIO VGN-FZ11Z Battery<o:p>

Mechanically incompatible higher-density media were introduced (e.g. the Iomega Zip disk) and were briefly popular, but adoption was limited by the competition between proprietary formats, and the need to buy expensive drives for computers where the media would be used. In some cases, such as with the Zip drive, the failure in market penetration was exacerbated by the release of newer higher-capacity versions of the drive and media that were not backward compatible with the original drives, thus fragmenting the user base between new users and early adopters who were unwilling to pay for an upgrade so soon. Sony VAIO VGN-FZ11E Battery<o:p>

A chicken or the egg scenario ensued, with consumers wary of making costly investments into unproven and rapidly changing technologies, with the result that none of the technologies were able to prove themselves and stabilize their market presence. Soon, inexpensive recordable CDs with even greater capacity, which were also compatible with an existing infrastructure of CD-ROM drives, made the new floppy technologies redundant. The last advantage of floppy disks, reusability, was diminished by the extremely low cost of CD-R media, and finally countered by re-writable CDs. Later, pervasive networking, as well as advancements in flash-based devices and widespread adoption of the USB interface provided another alternative that, in turn, made even optical storage obsolete for some purposes. Sony VAIO VGN-FZ11L Battery<o:p>

An attempt to continue the traditional diskette was the SuperDisk (LS-120) in the late 1990s, with a capacity of 120 MB,^[5] which was backward compatible with standard 3½-inch floppies. For some time, PC manufacturers were reluctant to remove the floppy drive because many IT departments appreciated a built-in file-transfer mechanism (dubbed Sneakernet) that always worked and required no device driver to operate properly. However, manufacturers and retailers have progressively reduced the availability of computers fitted with floppy drives and of the disks themselves. Widespread built-in operating system support for USB flash drives, and even BIOS boot support for such devices on most modern systems, has helped this process along.<o:p>

Imation USB floppy drive, model 01946. An external drive that accepts high-density disks. Sony VAIO VGN-FZ11L Battery<o:p>

External USB-based floppy disk drives are available for computers that support USB mass storage devices. Many modern systems provide firmware support for booting to a USB-mounted floppy drive. Sony VAIO VGN-FZ11S Battery<o:p>

Disk formats<o:p>

Floppy physical sizes are often referred to by the nominal size in inches, even in countries where metric is the standard, and even though the size is defined in metric. For example, the ANSI specification is entitled in part "90-mm (3.5-in)", even though 90 mm is more nearly 3.54 inches.^[6] Formatted capacities are generally set in terms of kilobytes (1024 bytes), written as "kB".Sony VAIO VGN-FZ11Z Battery<o:p>

History<o:p>

Main article: History of the floppy disk<o:p>

8-inch disk drive with diskette (3½-inch disk for comparison)<o:p>

The earliest floppy disks, invented at IBM, were 8 inches in diameter. They became commercially available in 1971.^[20][21] Disks in this form factor were produced and improved upon by IBM and other companies such as Memorex, Shugart Associates, and Burroughs Corporation.^[22] Sony VAIO VGN-FZ21E Battery<o:p>

F double-density 5¼-inch diskette.<o:p>

In 1976 Shugart Associates introduced the first 5¼-inch FDD and associated media. By 1978 there were more than 10 manufacturers producing 5¼-inch FDDs, in competing disk formats: hard or soft sectored with various encoding schemes such as FM, MFM and GCR. The 5¼-inch formats quickly displaced the 8-inch for most applications, and the 5¼-inch hard-sectored disk format eventually disappeared. Sony VAIO VGN-FZ21J Battery<o:p>

In 1984, IBM introduced the 1.2 megabyte dual sided floppy disk along with its AT model. Although often used as backup storage, the high density floppy was not often used by software manufacturers for interchangeability. In 1986, IBM began to use the 720 kB double density 3.5" microfloppy disk on its Convertible laptop computer. It introduced the so-called "1.44 MB" high density version with the PS/2 line. These disk drives could be added to existing older model PCs. In 1988 IBM introduced a drive for 2.88 MB "DSED" diskettes in its top-of-the-line PS/2 models; it was a commercial failure. Sony VAIO VGN-FZ21M Battery<o:p>

Throughout the early 1980s the limitations of the 5¼-inch format were starting to become clear. Originally designed to be smaller and more practical than the 8-inch format, the 5¼-inch system was itself too large, and as the quality of the recording media grew, the same amount of data could be placed on a smaller surfaceSony VAIO VGN-FZ21S Battery<o:p>

A number of solutions were developed, with drives at 2-inch, 2½-inch, 3-inch and 3½-inch (50, 60, 75 and 90 mm) all being offered by various companies.^{[citation needed]} They all shared a number of advantages over the older format, including a small form factor and a rigid case with a sliding write protection tab. The almost-universal use of the 5¼-inch format made it very difficult for any of these new formats to gain any significant market shareSony VAIO VGN-FZ21Z Battery<o:p>

3½-inch, high-density diskettes affixed with adhesive labels.<o:p>

Sony introduced its own small-format 90.0 mm × 94.0 mm disk.; however, this format suffered from a fate similar to the other new formats: the 5¼-inch format simply had too much market share. A variant on the Sony design, introduced in 1982 by a large number of manufacturers, was then rapidly adopted. By 1988 the 3½-inch was outselling the 5¼-inch.^[23] Sony VAIO VGN-FZ21E Battery<o:p>

By the end of the 1980s, the 5¼-inch disks had been superseded by the 3½-inch disks. Though 5¼-inch drives were still available, as were disks, they faded in popularity as the 1990s began. By the mid-1990s the 5¼-inch drives had virtually disappeared as the 3½-inch disk became the predominant floppy disk. One of the chief advantages of the 3½-inch disk, besides its smaller size which allows it to fit in a shirt pocket, is its plastic case, which gives it better protection from dust, liquids, fingerprints, scratches, sunlight, warping, and other environmental risks. Sony VAIO VGN-FZ21J Battery<o:p>

Standard floppy replacements<o:p>

Through the early 1990s a number of attempts were made by various companies to introduce newer floppy-like formats based on the now-universal 3½-inch physical format. Most of these systems provided the ability to read and write standard DD and HD disks, while at the same time introducing a much higher-capacity format as well. None of these ever reached the point where it could be assumed that every current PC would have one, and they have now largely been replaced by CD and DVD burners and USB flash drives. Nevertheless, the 5¼ and 3½-inch sizes remain to this day as the standard for drive bays in computer cases, the former used for CD and DVD (including Blu-ray), and the latter for hard disk drives. Sony VAIO VGN-FZ21M Battery<o:p>

The main technological change was the addition of tracking information on the disk surface to allow the read/write heads to be positioned more accurately. Normal disks have no such information, so the drives use the tracks themselves with a feedback loop in order to center themselves. The newer systems generally used marks burned onto the surface of the disk to find the tracks, allowing the track width to be greatly reduced. Sony VAIO VGN-FZ21S Battery<o:p>

Flextra<o:p>

As early as 1988, Brier Technology introduced the Flextra BR 3020, which boasted 21.4 MB (a value used for marketing, its true size was 21,040 KB,^[24] 25 MB unformatted). Later the same year it introduced the BR3225, which doubled the capacity. This model could also read standard 3½-inch disks. Sony VAIO VGN-FZ21Z Battery<o:p>

It used 3½-inch standard disks which had servo information embedded on them for use with the Twin Tier Tracking technology. Sony VAIO VGN-FZ21E Battery<o:p>

Original Floptical<o:p>

In 1991, Insite Peripherals introduced the "Floptical", which used an infra-red LED to position the heads over marks in the disk surface. The original drive stored 21 MB, while also reading and writing standard DD and HD floppies. In order to improve data transfer speeds and make the high-capacity drive usefully quick as well, the drives were attached to the system using aSCSI connector instead of the normal floppy controller. This made them appear to the operating system as a hard drive instead of a floppy, meaning that most PCs were unable to boot from them. This again adversely affected pickup rates. Sony VAIO VGN-FZ21J Battery<o:p>

Insite licensed their technology to a number of companies, who introduced compatible devices as well as even larger-capacity formats. The most popular of these, by far, was the LS-120, mentioned below. Sony VAIO VGN-FZ21M Battery<o:p>

Zip drive<o:p>

In 1994, Iomega introduced the Zip drive. Although it did not conform to the 3½-inch form factor and hence was not compatible with standard 1.44 MB drives, it still became the most popular of the "super floppies". It boasted 100 MB, later 250 MB, and then 750 MB of storage. Though Zip drives gained in popularity for several years they never reached the same market penetration as standard floppy drives, since only some new computers were sold with the drives. Eventually the falling prices of CD-R and CD-RW media and USB flash drives, along with notorious hardware failures (the so-called "click of death"), reduced the popularity of the Zip drive. Sony VAIO VGN-FZ21S Battery<o:p>

A major reason for the failure of the Zip Drives is also attributed to the higher pricing they carried (partly because of royalties that 3rd-party manufacturers of drives and disks had to pay). Zip drive media was primarily popular for the excellent storage density and drive speed they carried, but were always overshadowed by the price. Sony VAIO VGN-FZ21Z Battery<o:p>

LS-120<o:p>

Announced in 1995, the "SuperDisk" drive, often seen with the brand names Matsushita (Panasonic) and Imation, had an initial capacity of 120 MB (120.375 MB)^[25] using even higher density "LS-120" disks. Sony VAIO VGN-FZ31E Battery<o:p>

It was upgraded (as the "LS-240") to 240 MB (240.75 MB). Not only could the drive read and write 1440 kB disks, but the last versions of the drives could write 32 MB onto a normal 1440 kB disk (see note below). Unfortunately, popular opinion held the Super Disk disks to be quite unreliable,^{[citation needed]} though no more so than the Zip drives and SyQuest Technologyofferings of the same period and there were also many reported problems moving standard floppies between LS-120 drives and normal floppy drives.^{[citation needed]} This belief, true or otherwise, crippled adoption. The BIOS of many motherboards even to this day supports LS-120 drives as boot options. Sony VAIO VGN-FZ31J Battery<o:p>

LS-120 compatible drives were available as options on many computers, including desktop and notebook computers from Compaq Computer Corporation. In the case of the Compaq notebooks, the LS-120 drive replaced the standard floppy drive in a multibay configuration. Sony VAIO VGN-FZ31J Battery<o:p>

Sony HiFD<o:p>

Sony introduced its own floptical-like system in 1997 as the "150 MB Sony HiFD" which could hold 150 megabytes (157.3 actual megabytes) of data. Although by this time the LS-120 had already garnered some market penetration, industry observers nevertheless confidently predicted the HiFD would be the real standard-floppy-killer and finally replace standard floppies in all machines. Sony VAIO VGN-FZ31E Battery<o:p>

After only a short time on the market the product was pulled, as it was discovered there were a number of performance and reliability problems that made the system essentially unusable. Sony then re-engineered the device for a quick re-release, but then extended the delay well into 1998 instead, and increased the capacity to "200 MB" (approximately 210 megabytes) while they were at it. By this point the market was already saturated by the Zip disk, so it never gained much market share. Sony VAIO VGN-FZ31J Battery<o:p>

Caleb Technology’s UHD144<o:p>

The UHD144 drive surfaced early in 1998 as the it drive, and provided 144 MB of storage while also being compatible with the standard 1.44 MB floppies. The drive was slower than its competitors but the media were cheaper, running about 8 US$ at introduction and 5 US$ soon after. Sony VAIO VGN-FZ31M Battery<o:p>

Hardware emulators with USB interface<o:p>

A hardware emulator, same size as a 3½ drive<o:p>

Industrial automation equipment such as PCs, programmable machinery and industrial robots may not have a USB interface. Data and programs are still loaded from a floppy disk, which can be damaged in industrial environments. This outdated equipment may not be replaced due to cost, or requirement for continuous availability. Sony VAIO VGN-FZ31J Battery<o:p>

 Unlike general-purpose desktop personal computers, existing software emulation and virtualization tools can't solve this problem because of the lack of an operating system or use of a customized operating system that does not have drivers for USB devices. Sony VAIO VGN-FZ31E Battery<o:p>

A hardware floppy disk emulator can be made to interface a floppy disk controller to a USB port that can be used for flash drives. Several manufacturers make such emulators. Sony VAIO VGN-FZ31M Battery<o:p>

Uncovered 5¼-inch disk mechanism with disk inserted. The edge of the disk with the opening for the medium was inserted first, then the lever was turned to close the mechanism and engage the drive motor and heads. Sony VAIO VGN-FZ38M Battery<o:p>

The 5¼-inch disk had a large circular hole in the center for the spindle of the drive and a small oval aperture in both sides of the plastic to allow the heads of the drive to read and write the data. The magnetic medium could be spun by rotating it from the middle hole. A small notch on the right hand side of the disk would identify that the disk was writable, detected by a mechanical switch or photo transistor above it. If this notch was not present, the disk was treated as read-only. Punch devices were sold to convert read-only disks to writable ones, and to enable writing on the unused side of single sided disks, which became informally known as flippy disks. Tape could be used over the notch to protect writable disks from unwanted writing. Sony VAIO VGN-FZ Battery<o:p>

Another LED/photo-transistor pair located near the center of the disk could detect a small hole once per rotation, called the index hole, in the magnetic disk. It was used to detect the angular start of each track, and whether or not the disk rotated at the correct speed. Very early 8-inch and 5¼-inch disks also had physical holes for each sector, and were termed hard sectored disks. Sony VAIO VGN-FZ38M Battery<o:p>

 Most later disks had only one index hole, and the positioning of individual sectors on a track was determined by the disk controller (or by low level software) from special recorded patterns marking the start of a sector. Disks of this type were said to be soft sector disks. Generally, the same drives were used to read and write both soft sectored and hard sectored disks; only the disks and disk controllers differed; however, some operating systems, such as Apple DOS, that used soft sectors did not use the index hole at all, and often the drives designed for such systems lacked the index hole sensor. This was mainly a hardware cost saving measure. Sony VAIO FW Battery<o:p>

Inside the disk were two layers of fabric, with the medium sandwiched in the middle. The fabric was designed to reduce friction between the medium and the outer casing, and to catch particles of debris abraded off the disk, to keep them from accumulating on the heads. The outer casing was usually a one-part sheet, folded double with flaps glued or spot-welded together. Sony VAIO VGN-FW11 Battery<o:p>

After a disk was inserted, a catch on the front of the drive was lowered into position to prevent the disk from emerging, as well as to raise or lower the spindle clamping hub (and, in two-sided drives, the upper read/write head). Sony VAIO VGN-FW11M Battery<o:p>

The 8-inch disk was very similar in structure to the 5¼-inch disk, with the exception that the read-only logic was in reverse: the slot on the side had to be taped over to allow writing. Sony VAIO VGN-FW11S Battery<o:p>

The 3½-inch disk cartridge consists of a magnetic disk contained in two pieces of rigid plastic, with the fabric-medium-fabric sandwich in the middle to remove dust and dirt. The front has only a label and a small aperture for reading and writing data, protected by a spring-loaded metal or plastic cover (the "slider"), which is pushed to the side on entry into the drive. Rather than just a hole in the center of the disk as in prior floppy diskettes, 3½-inch disk has is a metal hub which mates to the spindle of the drive. Typical 3½-inch disk magnetic coating materials are:^[26] Sony VAIO FW Battery<o:p>

DD: 2µm magnetic iron oxide (Coercivity approx. 300 OE Oersted)<o:p>

HD: 1.2µm cobalt doped iron oxide (Coercivity approx. 600 OE)<o:p>

ED: 3µm Barium ferrite (Coercivity approx. 750 OE) Sony VAIO VGN-FW11 Battery<o:p>

Newer 5¼-inch drives and all 3½-inch drives automatically engage when the user inserts a disk, and disengage and eject with the press of the eject button. On Apple Macintosh computers with built-in floppy drives, the disk is ejected by a motor instead of manually; there is no eject button, and ejection is under software control. Sony VAIO VGN-FW11M Battery<o:p>

The reverse side of the 3½-inch disk has a similar covered aperture, as well as a hole to allow the spindle to connect into a metal plate glued to the medium. Two holes, bottom left and right, indicate the write-protect status and high-density disk correspondingly, an open hole meaning that the disk is protected or high density, and a covered gap meaning that the disk is write-enabled or low density. (Incidentally, the write-protect and high-density holes on a 3½-inch disk are spaced exactly as far apart as the holes in punched A4 paper (8 cm), allowing write-protected floppies to be clipped into standard ring binders.) Sony VAIO VGN-FW11S Battery<o:p>

A notch top right ensures that the disk is inserted in the correct orientation, and an arrow top left indicates the direction of insertion. The drive usually has a button that, when pressed, will spring the disk out, at varying degrees of force among different disks. Some disks will barely make it out of the disk drive; others will shoot out at a fairly high speed. In a majority of drives, the ejection force is provided by the spring of the slider cover in the disk itself, and therefore the ejection speed is dependent on the disk. In PC-type machines, a floppy disk can be inserted or ejected manually at any time. As the drive's status is not continuously monitored, software can make assumptions that do not match the actual state of the drive, leading to error messages or lost data in some cases. Sony VAIO VGN-FW11 Battery<o:p>

A 3″ floppy disk used on Amstrad CPC machines<o:p>

With Apple Macintosh computers, disk drives are continuously monitored by the OS; a disk inserted is automatically searched for content, and one is ejected only when the software agrees the disk should be ejected. This kind of disk drive (starting with the slim "Twiggy" drives of the late Apple "Lisa") does not have an eject button, but uses a motorized mechanism to eject disks; this action is triggered by the OS software (e.g., the user dragged the "disk" icon to the "trash can" icon). Should this not work (as in the case of a power failure or drive malfunction), one can insert a straightened paper clip into a small hole at the drive's front, thereby forcing the disk to eject (similar to that found on CD–DVD drives). Sony VAIO FW Battery<o:p>

External 3.5" floppy drives from Apple were equipped with eject buttons. The button was ignored when the drive was plugged into a Mac, but would eject the disk if the drive was used with an Apple II, as ProDOS did not support or implement software-controlled eject. Some other computer designs (such as the Commodore Amiga) monitor for a new disk continuously but still have push-button eject mechanisms. Sony VAIO VGN-FW11 Battery<o:p>

The 3-inch disk, widely used on Amstrad CPC machines, bears much similarity to the 3½-inch type, with some unique and somewhat curious features. One example is the rectangular-shaped plastic casing, almost taller than a 3½-inch disk, but narrower, and more than twice as thick, almost the size of a standard compact audio cassette. Sony VAIO VGN-FW11M Battery<o:p>

This made the disk look more like a greatly oversized present day memory card or a standard PC card notebook expansion card rather than a floppy disk. Despite the size, the actual 3-inch magnetic-coated disk occupied less than 50% of the space inside the casing, the rest being used by the complex protection and sealing mechanisms implemented on the disks. Such mechanisms were largely responsible for the thickness, length and high costs of the 3-inch disks. On the Amstrad machines the disks were typically flipped over to use both sides, as opposed to being truly double-sided. Double-sided mechanisms were available but rare. Sony VAIO VGN-FW11S Battery<o:p>

Legacy<o:p>

The advent of other portable storage options, such as USB storage devices, SD Cards, recordable CDs and DVDs, and the rise of file sharing and multi-megapixel digital photographyencouraged the acquisition, creation and use of files larger than most 3½-inch disks could hold. Sony VGN-FW72JGB battery<o:p>

Floppy disks were commonly used to transfer files between computers (humorously called sneakernet), but the broad availability of Local area networks and fast Internet connections, often provides a simpler and faster method of transferring floppy-disk sized files. Other removable storage devices (flash drives, CDs, etc.) typically have advantages in both capacity and performance when network connections are unavailable or a very large file needs to be transferred. Sony VGN-FW73JGB battery<o:p>

In 1991, Commodore introduced the CDTV, which used a CD-ROM drive in place of the floppy drive. The majority of AmigaOS was stored in read-only memory, making it easier to boot from a CD-ROM rather than floppy.^[ Sony VGP-BPS13 Akku<o:p>

In 1998, Apple introduced the iMac, which had a CD-ROM drive but no floppy drive. This made USB-connected floppy drives a popular accessory for the early iMacs as it came without any writable removable media device. This transition away from standard floppies was relatively easy for Apple, since all Macintosh models that were originally designed to use a CD-ROM drive were able to boot and install their operating system from CD-ROM early on. Sony VGP-BPS13A/B Battery<o:p>

In February 2003, Dell, Inc. announced that they would no longer include standard floppy drives on their Dell Dimension home computers as standard equipment, although they are available as a selectable option^[27][28] for around US$20 and can be purchased as an aftermarket OEM add-on anywhere from US$5–25. Sony VAIO VGP-BPS13B/B Battery<o:p>

On 29 January 2007 the British computer retail chain PC World issued a statement saying that only 2% of the computers that they sold contained a built-in floppy disk drive and, once present stocks were exhausted, no more standard floppies would be sold.^[29][30][31]<o:p>

In 2009, Hewlett-Packard stopped supplying standard floppy drives on business desktops.^{[citation needed]} Sony VAIO VGP-BSP13/S Battery<o:p>

Floppies are still used for emergency boots in aging systems which lack support for other bootable media. They can also be used for BIOS updates since most BIOS and firmwareprograms can still be executed from bootable floppy disks. Furthermore, if a BIOS update fails or becomes corrupted somehow, floppy drives can be used to perform a recovery. The music and theatre industries still use equipment (i.e. synthesizers, samplers, drum machines, sequencers, and lighting consoles) that requires standard floppy disks as a storage medium. Sony VAIO VGP-BSP13B/S Battery<o:p>

Use as icon for saving<o:p>

Screenshot of the toolbar in OpenOffice.org, highlighting the Save icon, representing a floppy disk.<o:p>

For more than two decades, the floppy disk was the primary external writable storage device in use. Also, in a non-networked environment (which was most computing environments before the 1990s), floppies were the primary means of transferring data between computers. Floppy disks are also, unlike hard disks, handled and seen; even a novice user can identify a floppy disk. Because of all these factors, the image of the floppy disk has become a metaphor for saving data, and the floppy disk symbol is (as of 2011) still used by software on buttons and other user interface elements related to saving files, even though such disks are obsolete. In the release of Microsoft Office 2010, the floppy disk is still used as the symbol for saving files.^[32] Sony VAIO VGP-BSP13A/S Battery<o:p>

Compatibility<o:p>

Different physical sizes of floppy disks are fundamentally incompatible, and disks can be loaded only on the correct size of drive. Drives with both 3½-inch and 5¼-inch slots were available during the transition period between the sizes but these drive units actually contained two separate drive mechanisms and most of them operated as two separate drives. Sony VGP-BPS11 Battery<o:p>

However, there are many more subtle, usually software-driven, incompatibilities within each form factor. 5¼-inch disks formatted for use with Apple II computers were unreadable on a Commodore and would be treated as unformatted if inserted. As computer platforms began to take root, attempts were made at interoperability. For example, the "Superdrive" included in Macintosh models from the Macintosh SE until the introduction of the iMac could read, write and format IBM PC-format 3½-inch diskettes. However, few IBM-compatible computers use floppy disk drives that can read or write disks in Apple's variable speed format. For details on this, see the section More on floppy disk formats. Sony VGP-BPS9 Battery<o:p>

3½-inch floppy disk<o:p>

Within the world of IBM-compatible computers, the three densities of 3½-inch floppy disks are partially compatible. Higher density drives are built to read, write and even format lower density media without problems, provided the correct media are used for the density selected. However, if by whatever means a diskette is formatted at the wrong density, the result is a substantial risk of data loss due to magnetic mismatch between oxide and the drive head's writing attempts. Sony VGP-BPS9A Battery<o:p>

 Still, a fresh diskette that has been manufactured for high density use can theoretically be formatted as double density, but only if no information has ever been written on the disk using high density mode (for example, HD diskettes that are pre-formatted at the factory are out of the question), or if the disks have been thoroughly demagnetized with a bulk eraser. The magnetic strength of a high density record is stronger and will "overrule" the weaker lower density, remaining on the diskette and causing problems. Sony VGP-BPS9B Battery<o:p>

 However, in practice there are people who use downformatted (ED to HD, HD to DD) or even overformatted (DD to HD, HD to ED) without apparent problems. Doing so always constitutes a data risk, so one should weigh out the benefits (e.g. increased space or interoperability) versus the risks (data loss, permanent disk damage). Sony VGP-BPL11 Battery<o:p>

The holes on the right side of a 3½-inch disk can be altered as to 'fool' some disk drives or operating systems (others such as the Acorn Archimedes simply do not care about the holes) into treating the disk as a higher or lower density one, for backward compatibility or economical reasons^{[citation needed]}. Possible modifications includeSony VAIO VGN-NR11M/S Battery<o:p>

Taping or otherwise covering the excessive right holes on a HD and ED 3½-inch disks enables them to be 'downgraded' to DD format. This may be done for reasons such as compatibility issues with older computers, drives or devices that use DD floppies, like some electronic keyboard instruments and samplers, where a 'downgraded' disk can be useful, as factory-made DD disks have become hard to find after the mid-1990s. See the section "Compatibility" above. Sony VAIO VGN-NR11Z/S Battery<o:p>

Note: By default, many older HD drives will recognize ED disks as DD ones, since they lack the HD-specific holes and the drives lack the sensors to detect the ED-specific hole. Most DD drives will also handle ED (and some even HD) disks as DD ones. Sony VAIO VGN-NR11S/S Battery<o:p>

Drilling or burning an HD-like hole into the right-lower side of a 3½-inch DD disk (symmetrical to the write-protect hole) in order to format the DD disk into a HD one. This was a popular practice during the early 1990s, as most people switched to HD from DD during those days and some of them "converted" some or all of their DD disks into HD ones, for gaining an extra "free" 720 KB of disk space. There even was a special hole punch that was made to easily make this extra (square) hole in a floppy. Sony VAIO VGN-NR11M/S Battery<o:p>

Drilling or burning an HD-like hole (under the ED one) into an ED (2880 kB) disk for 'downgrading' it to HD (1440 kB) format if there are many unusable ED disks due to the lack of a specific ED drive, which can now be used as normal HD disks. Sony VAIO VGN-NR11S/S Battery<o:p>

Drilling or burning an ED-like hole (over the HD one, while taping or otherwise covering the HD hole) into an HD (1440 kB) disk for 'upgrading' it to ED (2880 kB) format if there are many unusable HD disks due to the lack of a specific ED disks, which can now be used as normal ED disks. Sony VAIO VGN-NR11Z/S Battery<o:p>

Even if such a format was hardly officially supported on any system, it is possible to "force" a 3½-inch floppy disk drive to be recognized by the system as a 5¼-inch 360 kB or 1200 kB one (on PCs and compatibles). This can be done by simply changing the CMOS BIOS settings and thus format and read non-standard disk formats, such as a double sided 360 kB 3½-inch disk. Possible applications include data exchange with obsolete CP/M systems, for example with an Amstrad CPCSony VAIO VGN-NR11Z/T Battery<o:p>

 Security practices

To detect spyware, computer users have found several practices useful in addition to installing anti-spyware programs.<o:p>

Many system operators install a web browser other than IE, such as Opera, Google Chrome or Mozilla Firefox. Though no browser is completely safe, Internet Explorer is at a greater risk for spyware infection due to its large user base as well as vulnerabilities such as ActiveX. Sony VAIO VGN-FZ31J Battery<o:p>

Some ISPs—particularly colleges and universities—have taken a different approach to blocking spyware: they use their network firewalls and web proxies to block access to Web sites known to install spyware. On March 31, 2005, Cornell University's Information Technology department released a report detailing the behavior of one particular piece of proxy-based spyware, Marketscore, and the steps the university took to intercept it.^[58] Many other educational institutions have taken similar steps. Spyware programs which redirect network traffic cause greater technical-support problems than programs which merely display ads or monitor users' behavior, and so may more readily attract institutional attention.^{[citation needed}Sony VAIO VGN-FZ38M Battery^]<o:p>

Some users install a large hosts file which prevents the user's computer from connecting to known spyware-related web addresses. However, by connecting to the numeric IP address, rather than the domain name, spyware may bypass this sort of protection. Sony VAIO VGN-FZ Battery<o:p>

Spyware may get installed via certain shareware programs offered for download. Downloading programs only from reputable sources can provide some protection from this source of attack. Recently, CNet revamped its download directory: it has stated that it will only keep files that pass inspection by Ad-Aware and Spyware Doctor.^{[citation needed]} Sony VAIO FW Battery<o:p>

The first step to removing spyware is to put a computer on "lockdown". This can be done in various ways, such as using anti-virus software or simply disconnecting the computer from the internet. Disconnecting the internet prevents controllers of the spyware from being able to remotely control or access the computer. The second step to removing the spyware is to locate it and remove it, manually or through use of credible anti-spyware software. During and after lockdown, potentially threatening websites should be avoided. Sony VAIO FW Battery<o:p>

In computing, a hacker is a person in one of several distinct (but not completely disjoint) communities and subcultures:^[1] Sony VAIO VGN-FW11 Battery<o:p>

The hobbyist home computing community, focusing on hardware in the late 1970s (e.g. the Homebrew Computer Club^[2]) and on software (computer games,^[3] software cracking, thedemoscene) in the 1980s/1990s. The community included Steve Jobs, Steve Wozniak and Bill Gates and created the personal computing industry.^[4] See Hacker (hobbyist)^[5]. Sony VAIO VGN-FW11M Battery<o:p>

A community of enthusiast computer programmers and systems designers, originated in the 1960s around the Massachusetts Institute of Technology (MIT)'s Tech Model Railroad Club (TMRC) and MIT Artificial Intelligence Laboratory.^[6] This community is notable for launching the free software movement. The World Wide Web and the Internet itself are also hacker artifacts.^[7] The Request for Comments RFC 1392 amplifies this meaning as "[a] person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." See Hacker (programmer subculture). Sony VAIO VGN-FW11M Battery<o:p>

People committed to circumvention of computer security. This primarily concerns unauthorized remote computer break-ins via a communication networks such as the Internet (Black hats), but also includes those who debug or fix security problems (White hats), and the morally ambiguous Grey hats. See Hacker (computer security). HP Pavilion DM4T BATTERY<o:p>

Today, mainstream usage of “hacker” mostly refers to computer criminals, due to the mass media usage of the word since the 1980s. This includes what hacker slang calls “script kiddies,” people breaking into computers using programs written by others, with very little knowledge about the way they work. This usage has become so predominant that the general public is unaware that different meanings exist. While the self-designation of hobbyists as hackers is acknowledged by all three kinds of hackers, and the computer security hackers accept all uses of the word, people from the programmer subculture consider the computer intrusion related usage incorrect, and emphasize the difference between the two by calling to security breakers “crackers” (analogous to a safecracker). HP Pavilion DM4-1000 battery <o:p>

Hacker definition controversy<o:p>

Currently, "hacker" is used in two main conflicting ways, one pejorative and one complimentary. The controversy is usually based on the assumption that the term originally meant someone messing about with something in a positive sense, that is, using playful cleverness to achieve a goal. But then, it is supposed, the meaning of the term shifted over the decades since it first came into use in a computer context and became to refer to computer criminals. As usage has spread more widely, the primary meaning of newer users conflicts with the original primary emphasis. Sony VAIO VGP-BPS13B/B Battery<o:p>

In popular usage and in the media, computer intruders or criminals is the exclusive meaning today, with associated pejorative connotations. (For example, "An Internet 'hacker' broke through state government security systems in March.") In the computing community, the primary meaning is a complimentary description for a particularly brilliant programmer or technical expert. (For example, "Linus Torvalds, the creator of Linux, is considered by some to be a hacker.") A large segment of the technical community insist the latter is the "correct" usage of the word (see the Jargon File definition below). Sony VAIO VGP-BPS13/S Battery<o:p>

The mainstream media's current usage of the term may be traced back to the early 1980s. When the term was introduced to wider society by the mainstream media in 1983, even those in the computer community referred to computer intrusion as "hacking", although not as the exclusive use of that word. In reaction to the increasing media use of the term exclusively with the criminal connotation, the computer community began to differentiate their terminology. Alternative terms such as "cracker" were coined in an effort to distinguish between those adhering to the historical use of the term "hack" within the programmer community and those performing computer break-ins. Sony VAIO VGP-BPS13A/S Battery<o:p>

Further terms such as "black hat", "white hats" and "gray hats" developed when laws against breaking into computers came into effect, to distinguish criminal activities and those whose activities were legal. However, since network news use of the term pertained primarily to the criminal activities despite this attempt by the technical community to preserve and distinguish the original meaning, the mainstream media and general public continue to describe computer criminals with all levels of technical sophistication as "hackers" and does not generally make use of the word in any of its non-criminal connotations. Sony VAIO VGP-BPS13B/S Battery<o:p>

As a result of this difference, the definition is the subject of heated controversy. The wider dominance of the pejorative connotation is resented by many who object to the term being taken from their cultural jargon and used negatively, Sony VAIO VGP-BPS13/Q Battery<o:p>

including those who have historically preferred to self-identify as hackers. Many advocate using the more recent and nuanced alternate terms when describing criminals and others who negatively take advantage of security flaws in software and hardware. Others prefer to follow common popular usage, arguing that the positive form is confusing and unlikely to become widespread in the general public. Sony VAIO VGP-BPS13A/Q Battery<o:p>

A minority still stubbornly use the term in both original senses despite the controversy, leaving context to clarify (or leave ambiguous) which meaning is intended. It is noteworthy, however, that the positive definition of hacker was widely used as the predominant form for many years before the negative definition was popularized. "Hacker" can therefore be seen as a shibboleth, identifying those who use the technically-oriented sense (as opposed to the exclusively intrusion-oriented sense) as members of the computing community. Sony VAIO VGP-BPS13B/Q Battery<o:p>

A possible middle ground position has been suggested, based on the observation that "hacking" describes a collection of skills which are used by hackers of both descriptions for differing reasons. The analogy is made to locksmithing, specifically picking locks, which — aside from its being a skill with a fairly high tropism to 'classic' hacking — is a skill which can be used for good or evil. The primary weakness of this analogy is the inclusion of script kiddies in the popular usage of "hacker", despite the lack of an underlying skill and knowledge base. Sometimes, hacker also is simply used synonymous to geek: "Sony VAIO VGN-FW32J Battery<o:p>

A true hacker is not a group person. He's a person who loves to stay up all night, he and the machine in a love-hate relationship... They're kids who tended to be brilliant but not very interested in conventional goals[...] It's a term of derision and also the ultimate compliment."^[9]
Sony VAIO VGN-FW31ZJ Battery<o:p>

Fred Shapiro thinks that "the common theory that 'hacker' originally was a benign term and the malicious connotations of the word were a later perversion is untrue." He found out that the malicious connotations were present at MIT in 1963 already (quoting The Tech, a MIT Student Magazine) and then referred to unauthorized users of the telephone network,^[10][11] that is, the phreaker movement that developed into the computer security hacker subculture of today.<o:p>

Sony VAIO VGN-FW36TJ/B Battery<o:p>

Bruce Sterling, author of The Hacker Crackdown<o:p>

In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. While including those who endeavor to strengthen such mechanisms, it is more often used by the mass media and popular culture to refer to those who seek access despite these security measures. That is, the media portrays the 'hacker' as a villain. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. Sony VAIO VGN-FW37J Battery<o:p>

 They operate under a code, which acknowledges that breaking into other people's computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context. Sony VAIO VGN-FW51B/W Battery<o:p>

The subculture around such hackers is termed network hacker subculture, hacker scene or computer underground. It initially developed in the context of phreaking during the 1960s and the microcomputer BBS scene of the 1980s. It is implicated with 2600: The Hacker Quarterly and thealt.2600 newsgroup. Sony VAIO VGN-FW51B/W Battery<o:p>

In 1980, an article in the August issue of Psychology Today (with commentary by Philip Zimbardo) used the term “hacker” in its title: "The Hacker Papers". It was an excerpt from a Stanford Bulletin Board discussion on the addictive nature of computer use. In the 1982 film TRON, Kevin Flynn (Jeff Bridges) describes his intentions to break into ENCOM's computer system, saying "I've been doing a little hacking here". Sony VAIO VGN-FW70DB Battery<o:p>

CLU is the software he uses for this. By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon,^[12] but there was no public awareness about such activities.^[13] However, the release of the movie WarGames that year, featuring a computer intrusion into NORAD, raised the public belief that computer security hackers (especially teenagers) could be a threat to national security. Sony VAIO VGN-FW71DB/W Battery<o:p>

This concern became real when, in the same year, a gang of teenage hackers in Milwaukee, Wisconsin, known as The 414s, broke into computer systems throughout the United States and Canada, including those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank.^[14] The case quickly grew media attention,^[14][15] and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story in Newsweek entitled "Beware: Hackers at play", with Patrick's photograph on the cover.^[16]The Newsweek article appears to be the first use of the word hacker by the mainstream media in the pejorative sense. Sony VAIO VGN-FW71DB/W Battery<o:p>

Pressured by media coverage, congressman Dan Glickman called for an investigation and began work on new laws against computer hacking.^[17][18] Neal Patrick testified before the U.S. House of Representatives on September 26, 1983 about the dangers of computer hacking, and six bills concerning computer crime were introduced in the House that year.^[19] As a result of these laws against computer criminality, white hat, grey hat and black hat hackers try to distinguish themselves from each other, depending on the legality of their activities. These moral conflicts are expressed inThe Mentor's "The Hacker Manifesto", published 1986 in Phrack. Sony VAIO VGN-FW73JGB Battery<o:p>

Use of the term hacker meaning computer criminal was also advanced by the title "Stalking the Wily Hacker", an article by Clifford Stoll in the May 1988 issue of the Communications of the ACM. Later that year, the release by Robert Tappan Morris, Jr. of the so-called Morris worm provoked the popular media to spread this usage. Sony VAIO VGN-FW81HS Battery<o:p>

 The popularity of Stoll's book The Cuckoo's Egg, published one year later, further entrenched the term in the public's consciousness. Sony VAIO PCG-5G3L Battery<o:p>

Programmer subculture of hackers<o:p>

Main article: Hacker (programmer subculture)<o:p>

The computer security use is contrasted by the different understanding of hacker as a person who follows a spirit of playful cleverness and loves programming. It is found in an originally academic movement unrelated to computer security and most visibly associated with free software and open source. It also has a hacker ethic, based on the idea that writing software and sharing the result on a voluntary basis is a good idea, and that information should be free, but that it's not up to the hacker to make it free by breaking into private computer systems. This hacker ethic was publicized and perhaps originated in Steven Levy's Hackers: Heroes of the Computer Revolution (1984). It contains a codification of its principles. Sony VAIO PCG-5J1L Battery<o:p>

The programmer subculture of hackers disassociates from the mass media's pejorative use of the word 'hacker' referring to computer security, and usually prefer the term 'cracker' for that meaning. Complaints about supposed mainstream misuse started as early as 1983, when media used “hacker” to refer to the computer criminals involved in the 414s case.^[20] Sony VAIO PCG-5J1L Battery<o:p>

In the programmer subculture of hackers, a computer hacker is a person who enjoys designing software and building programs with a sense for aesthetics and playful cleverness. The term hack in this sense can be traced back to "describe the elaborate college pranks that...students would regularly devise" (Levy, 1984 p. 10). Sony VAIO PCG-5J1L Battery<o:p>

To be considered a 'hack' was an honour among like-minded peers as "to qualify as a hack, the feat must be imbued with innovation, style and technical virtuosity" (Levy, 1984 p. 10) The MIT's Tech Model Railroad ClubDictionary defined hack in 1959 (not yet in a computer context) as "1) an article or project without constructive end; 2) a project undertaken on bad self-advice; 3) an entropy booster; 4) to produce, or attempt to produce, a hack(3)." “hacker” was defined as "one who hacks, or makes them." Sony VAIO PCG-6W1L Battery<o:p>

Much of the TMRC's jargon was later imported into early computing culture, because the club started using a DEC PDP-1 and applied its local model railroad slang in this computing context. Despite being incomprehensible to outsiders, the slang became popular in MIT's computing environments outside the club. Other examples of jargon imported from the club are 'losing' "when a piece of equipment is not working"^[21] and 'munged' "when a piece of equipment is ruined".^[21] Sony VAIO PCG-6W1L Battery<o:p>

A Hacker Emblemproposed by Eric S. Raymond.<o:p>

According to Eric S. Raymond,^[22] the Open source and Free Software hacker subculture developed in the 1960s among ‘academic hackers’^[23] working on early minicomputers in computer science environments in the United States. Sony VAIO PCG-6W1L Battery<o:p>

Hackers were influenced by and absorbed many ideas of key technological developments and the people associated with them. Most notable is the technical culture of the pioneers of the Arpanet, starting in 1969. The PDP-10 machine AI at MIT, which was running the ITS operating system and which was connected to the Arpanet, provided an early hacker meeting point. After 1980 the subculture coalesced with the culture of Unix. Since the mid-1990s, it has been largely coincident with what is now called the free software and open source movement. Sony VAIO PCG-8Z2L Battery<o:p>

Many programmers have been labeled "great hackers,"^[24] but the specifics of who that label applies to is a matter of opinion. Certainly major contributors tocomputer science such as Edsger Dijkstra and Donald Knuth, as well as the inventors of popular software such as Linus Torvalds (Linux), and Dennis Ritchieand Ken Thompson (the C programming language) are likely to be included in any such list; see also List of programmers. People primarily known for their contributions to the consciousness of the programmer subculture of hackers include Richard Stallman, the founder of the free software movement and theGNU project, president of the Free Software Foundation and author of the famous Emacs text editor as well as the GNU Compiler Collection (GCC), and Eric S. Raymond, one of the founders of the Open Source Initiative and writer of the famous text The Cathedral and the Bazaar and many other essays, maintainer of the Jargon File (which was previously maintained by Guy L. Steele, Jr.). Sony VAIO PCG-7112L Battery<o:p>

Within the computer programmer subculture of hackers, the term hacker is also used for a programmer who reaches a goal by employing a series of modifications to extend existingcode or resources. In this sense, it can have a negative connotation of using inelegant kludges to accomplish programming tasks that are ugly, inelegant, and inefficient. This derogatory form of the noun "hack" derives from the everyday English sense "to cut or shape by or as if by crude or ruthless strokes" [Merriam-Webster] and is even used among users of the positive sense of "hacker". Sony VAIO PCG-7131L Battery<o:p>

In other words to "hack" at an original creation, as if with an axe, is to force-fit it into being usable for a task not intended by the original creator, and a "hacker" would be someone who does this habitually. (The original creator and the hacker may be the same person.) This usage is common in both programming and engineering. In programming, hacking in this sense appears to be tolerated and seen as a necessary compromise in many situations. Sony VAIO PCG-7133L Battery<o:p>

Some argue that it should not be, due to this negative meaning; others argue that some kludges can, for all their ugliness and imperfection, still have "hack value". In non-software engineering, the culture is less tolerant of unmaintainable solutions, even when intended to be temporary, and describing someone as a "hacker" might imply that they lack professionalism. In this sense, the term has no real positive connotations, except for the idea that the hacker is capable of doing modifications that allow a system to work in the short term, and so has some sort of marketable skills. Sony VAIO PCG-7Z2L Battery<o:p>

There is always, however, the understanding that a more skillful, or technical, logician could have produced successful modifications that would not be considered a "hack-job". The definition is similar to other, non-computer based, uses of the term "hack-job". For instance, a professional modification of a production sports car into a racing machine would not be considered a hack-job, but a cobbled together backyard mechanic's result could be. Even though the outcome of a race of the two machines could not be assumed, a quick inspection would instantly reveal the difference in the level of professionalism of the designers. Sony VAIO PCG-5G2L Battery<o:p>

In a very universal sense, hacker also means someone who makes things work beyond perceived limits in a clever way in general, without necessarily referring to computers, especially at the MIT.^[7] That is, people who apply the creative attitude of software hackers in fields other than computing. Sony VAIO FW Battery<o:p>

This includes even activities that predate computer hacking, for examplereality hackers or urban spelunkers (exploring undocumented or unauthorized areas in buildings). One specific example are clever pranks^[25] traditionally perpetrated by MIT students, with the perpetrator being called hacker. For example, when MIT students surreptitiously put a fake police car [1] atop the dome on MIT's Building 10, that was a hack in this sense, and the students involved were therefore hackers. Sony VAIO PCG-5J1L Battery<o:p>

Another type of hacker — one who  — is now called a reality hacker . More recent examples of usage for almost any type of playful cleverness are wetware hackers ("hack your brain"), media hackers and "hack your reputation".Sony VAIO PCG-5K2L Battery<o:p>

Home computer hackers<o:p>

Main article: Hacker (hobbyist)<o:p>

In a third meaning, hacker refers to computer hobbyists who push the limits of their software or hardware. The home computer hacking subculture relates to the hobbyist home computing of the late 1970s, beginning with the availability of MITS Altair. An influential organization was the Homebrew Computer Club. However, its roots go back further to amateur radioenthusiasts. The amateur radio slang referred to creatively tinkering to improve performance as “hacking” already in the 1950s.^[26] Sony VAIO PCG-6S1L Battery<o:p>

A large overlaps between hobbyist hackers and the programmer subculture hackers existed during the Homebrew Club's days, but the interests of both communities developed into different directions. Today, the hobbyists focus on commercial computer and video games, software cracking and exceptional computer programming (demo scene). Also of interest to some members of this group is the modification of computer hardware and other electronic devices, see modding. Sony VAIO PCG-6W1L Battery<o:p>

Overlaps and differences<o:p>

The main basic difference between programmer subculture and computer security hackers is their mostly separate historical origin and development. However, the Jargon File reports that considerable overlap existed for the early phreaking at the beginning of the 1970s. An article from MIT's student paper The Tech used the term hacker in this context already in 1963 in its pejorative meaning for someone messing with the phone system.^[10] The overlap quickly started to break when people joined in the activity who did it in a less responsible way.^[27] This was the case after the publication of an article exposing the activities of Draper and Engressias. Sony VAIO PCG-6W3L Battery<o:p>

According to Raymond, hackers from the programmer subculture usually work openly and use their real name, while computer security hackers prefer secretive groups and identity-concealing aliases.^[28] Also, their activities in practice are largely distinct. The former focus on creating new and improving existing infrastructure (especially the software environment they work with), while the latter primarily and strongly emphasize the general act of circumvention of security measures, with the effective use of the knowledge (which can be to report and help fixing the security bugs, or exploitation for criminal purpose) being only rather secondary. The most visible difference in these views was in the design of the MIT hackers'Incompatible Timesharing System, which deliberately didn't have any security measures. Sony VAIO PCG-8Y2L Battery<o:p>

There are some subtle overlaps, however, since basic knowledge about computer security is also common within the programmer subculture of hackers. For example, Ken Thompson noted during his 1983 Turing Award lecture that it is possible to add code to the UNIX "login" command that would accept either the intended encrypted password or a particular known password, allowing a back door into the system with the latter password. He named his invention the "Trojan horse".Sony VAIO PCG-8Z2L Battery<o:p>

 Furthermore, Thompson argued, the C compiler itself could be modified to automatically generate the rogue code, to make detecting the modification even harder. Because the compiler is itself a program generated from a compiler, the Trojan horse could also be automatically installed in a new compiler program, without any detectable modification to the source of the new compiler. However, Thompson disassociated himself strictly from the computer security hackers: "I would like to criticize the press in its handling of the 'hackers,' the 414 gang, the Dalton gang, etc. The acts performed by these kids are vandalism at best and probably trespass and theft at worst. ... I have watched kids testifying before Congress. It is clear that they are completely unaware of the seriousness of their acts."^[29] Sony VGP-BPS13A/B Battery<o:p>

The programmer subculture of hackers sees secondary circumvention of security mechanisms as legitimate if it is done to get practical barriers out of the way for doing actual work. In special forms, that can even be an expression of playful cleverness.^[30] However, the systematic and primary engagement in such activities is not one of the actual interests of the programmer subculture of hackers and it doesn't have significance in its actual activities, either.^[28] A further difference is that, historically, members of the programmer subculture of hackers were working at academic institutions and used the computing environment there. In contrast, the prototypical computer security hacker had access exclusively to a home computer and a modem. However since the mid-1990s, with home computers that could run Unix-like operating systems and with inexpensive internet home access being available for the first time, many people from outside of the academic world started to take part in the programmer subculture of hacking. Sony VAIO VGP-BPS13B/B Battery<o:p>

Since the mid-1980s, there are some overlaps in ideas and members with the computer security hacking community. The most prominent case is Robert T. Morris, who was a user of MIT-AI, yet wrote the Morris worm. The Jargon File hence calls him "a true hacker who blundered".^[31] Nevertheless, members of the programmer subculture have a tendency to look down on and disassociate from these overlaps. Sony VAIO VGP-BSP13/S Battery<o:p>

 They commonly refer disparagingly to people in the computer security subculture as crackers, and refuse to accept any definition of hacker that encompasses such activities. The computer security hacking subculture on the other hand tends not to distinguish between the two subcultures as harshly, instead acknowledging that they have much in common including many members, political and social goals, and a love of learning about technology. They restrict the use of the term cracker to their categories of script kiddies and black hat hackers instead. Sony VAIO VGP-BSP13B/S Battery<o:p>

All three subcultures have relations to hardware modifications. In the early days of network hacking, phreaks were building blue boxes and various variants. The programmer subculture of hackers has stories about several hardware hacks in its folklore, such as a mysterious 'magic' switch attached to a PDP-10 computer in MIT's AI lab, that, when turned off, crashed the computer.^[32] The early hobbyist hackers built their home computers themselves, from construction kits. Sony VAIO VGP-BPL11 Battery<o:p>

However, all these activities have died out during the 1980s, when the phone network switched to digitally controlled switchboards, causing network hacking to shift to dialing remote computers with modems, when pre-assembled inexpensive home computers were available, and when academic institutions started to give individual mass-produced workstation computers to scientists instead of using a central timesharing system. The only kind of widespread hardware modification nowadays is case modding. Sony VAIO VGP-BSP13A/S Battery<o:p>

An encounter of the programmer and the computer security hacker subculture occurred at the end of the 1980s, when a group of computer security hackers, sympathizing with the Chaos Computer Club (who disclaimed any knowledge in these activities), broke into computers of American military organizations and academic institutions. They sold data from these machines to the Soviet secret service, one of them in order to fund his drug addiction. The case could be solved when Clifford Stoll, a scientist working as a system administrator, found ways to log the attacks and to trace them back (with the help of many others). Sony VAIO VGN-FW11M Battery<o:p>

23, a German film adaption with fictional elements, shows the events from the attackers' perspective. Stoll described the case in his book The Cuckoo's Egg and in the TV documentary The KGB, the Computer, and Me from the other perspective. According to Eric S. Raymond, it "nicely illustrates the difference between 'hacker' and 'cracker'. Stoll's portrait of himself, his lady Martha, and his friends at Berkeley and on the Internet paints a marvelously vivid picture of how hackers and the people around them like to live and how they think." Sony VAIO VGN-FW11M Battery<o:p>

<o:p> 

<o:p> 

"Arial","sans-serif";color:black;mso-themecolor:text1">Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggersare installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users. Sony VAIO VGN-FZ11S Battery<o:p>

 

While the term spyware suggests software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet connection or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is provided by the term privacy-invasive software. Sony VAIO VGN-FZ11Z Battery <o:p>

In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element ofcomputer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer. Sony VAIO VGN-FZ21E Battery <o:p>

History and development<o:p>

The first recorded use of the term spyware occurred on 16 October 1995 in a Usenet post that poked fun at Microsoft's business model.^[1] Spyware at first denoted software meant forespionage purposes. However, in early 2000 the founder of Zone Labs, Gregor Freund, used the term in a press release for the ZoneAlarm Personal Firewall.^[2] Since then, "spyware" has taken on its present sense.^[2] According to a 2005 study by AOL and the National Cyber-Security Alliance, 61 percent of surveyed users' computers were infected with form of spyware. 92 percent of surveyed users with spyware reported that they did not know of its presence, and 91 percent reported that they had not given permission for the installation of the spyware. Sony VAIO VGN-FZ21J Battery<o:p>

 As of 2006, spyware has become one of the preeminent security threats to computer systems running Microsoft Windows operating systems. Computers on which Internet Explorer (IE) is the primary browser are particularly vulnerable to such attacks, not only because IE is the most widely-used,^[4] but because its tight integration with Windows allows spyware access to crucial parts of the operating system.^[4][5] Sony VAIO VGN-FZ21M Battery<o:p>

Before Internet Explorer 6 SP2 was released as part of Windows XP Service Pack 2, the browser would automatically display an installation window for any ActiveX component that a website wanted to install. The combination of user naivety concerning malware, and the assumption by Internet Explorer that all ActiveX components are benign, led, in part, to the massive spread of spyware. Many spyware components would also make use of exploits in Javascript, Internet Explorer and Windows to install without user knowledge or permission. Sony VAIO VGN-FZ21S Battery<o:p>

The Windows Registry contains multiple sections where modification of key values allows software to be executed automatically when the operating system boots. Spyware can exploit this design to circumvent attempts at removal. The spyware typically will link itself from each location in the registry that allows execution. Once running, the spyware will periodically check if any of these links are removed. If so, they will be automatically restored. This ensures that the spyware will execute when the operating system is booted, even if some (or most) of the registry links are removed. Sony VAIO VGN-FZ21Z Battery <o:p>

Comparison<o:p>

Spyware, adware and tracking<o:p>

The term adware frequently refers to any software which displays advertisements, whether or not the user has consented. Programs such as the Eudora mail client display advertisements as an alternative to shareware registration fees. These may be classified as "adware", in the sense of advertising-supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and provides the user with a specific service. Sony VAIO VGN-FZ31E Battery <o:p>

Most adware is spyware in a different sense than "advertising-supported software": it displays advertisements related to what it finds from spying on users. Gator Software from Claria Corporation (formerly GATOR) and Exact Advertising's BargainBuddy are examples. Visited Web sites frequently install Gator on client machines in a surreptitious manner, and it directs revenue to the installing site and to Claria by displaying advertisements to the user. The user is shown many pop-up advertisements. Sony VAIO VGN-FZ31B Battery <o:p>

Other spyware behavior, such as reporting on websites the user visits, occurs in the background. The data is used for "targeted" advertisement impressions. The prevalence of spyware has cast suspicion on other programs that track Web browsing, even for statistical or research purposes. Some observers describe the Alexa Toolbar, an Internet Explorer plug-in published by Amazon.com, as spyware, and some anti-spyware programs such as Ad-Aware report it as such. Many of these adware-distributing companies are backed by millions of dollars of adware-generating revenues. Adware and spyware are similar to viruses in that they can be considered malicious in nature. People are profiting from misleading adware, sometimes known as scareware, such as Antivirus 2009. Sony VAIO VGN-FZ31J Battery<o:p>

Similarly, software bundled with free, advertising-supported programs such as P2P acts as spyware (and, if removed, disables the 'parent' program), yet people are willing to download it. This presents a dilemma for proprietors of anti-spyware products whose removal tools may inadvertently disable wanted programs. For example, WhenUSave is ignored by popular anti-spyware program Ad-Aware (but removed as spyware by most scanners) because it is part of the popular (but recently decommissioned) eDonkey client.^[6] To address this dilemma, theAnti-Spyware Coalition was formed to establish and document best practices regarding acceptable software behavior.^{[citation needed]} Sony VAIO VGN-FZ31J Battery<o:p>

Spyware, viruses and worms<o:p>

Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses, however, spyware—by design—exploits infected computers for commercial gain. Typical tactics include delivery of unsolicited pop-up advertisements, theft of personal information (including financial information such as credit card numbers), monitoring of Web-browsing activity for marketing purposes, and routing of HTTP requests to advertising sites.<o:p>

However, spyware can be dropped as a payload by a worm. Sony VAIO VGN-FZ38M Battery <o:p>

Malicious websites attempt to install spyware on readers' computers.<o:p>

Spyware does not directly spread in the manner of a computer virus or worm: generally, an infected system does not attempt to transmit the infection to other computers. Instead, spyware gets on a system through deception of the user or through exploitation of software vulnerabilities. Sony VAIO VGN-FZ Battery<o:p>

Most spyware is installed without users' knowledge. Since they tend not to install software if they know that it will disrupt their working environment and compromise their privacy, spyware deceives users, either by piggybacking on a piece of desirable software such as Kazaa, or by tricking them into installing it (the Trojan horse method). Some "rogue" spyware programs masquerade as security software. Sony VAIO VGN-FZ Battery<o:p>

The distributor of spyware usually presents the program as a useful utility—for instance as a "Web accelerator" or as a helpfulsoftware agent. Users download and install the software without immediately suspecting that it could cause harm. For example,Bonzi Buddy, a program bundled with spyware^[7] and targeted at children, claims that: Sony VGP-BPS8 Battery<o:p>

He will explore the Internet with you as your very own friend and sidekick! He can talk, walk, joke, browse, search, e-mail, and download like no other friend you've ever had! He even has the ability to compare prices on the products you love and help you save money! Best of all, he's FREE!^[8] Sony VGP-BPS8A Battery<o:p>

Spyware can also come bundled with other software. The user downloads a program and installs it, and the installer additionally installs the spyware. Although the desirable software itself may do no harm, the bundled spyware does. In some cases, spyware authors have paid shareware authors to bundle spyware with their software. In other cases, spyware authors have repackaged desirable freeware with installers that slipstream spyware. Sony VGP-BPS8B Battery<o:p>

Some spyware authors infect a system through security holes in the Web browser or in other software. When the user navigates to a Web page controlled by the spyware author, the page contains code which attacks the browser and forces the download and installation of spyware. The spyware author would also have some extensive knowledge of commercially-available anti-virus and firewall software. This has become known as a "drive-by download", which leaves the user a hapless bystander to the attack. Common browser exploits target security vulnerabilities in Internet Explorer and in the Sun Microsystems Java runtime. Sony VAIO VGP-BPS13 Battery<o:p>

The installation of spyware frequently involves Internet Explorer. Its popularity and history of security issues have made it the most frequent target. Its deep integration with the Windows environment and scriptability make it an obvious point of attack into Windows. Internet Explorer also serves as a point of attachment for spyware in the form of Browser Helper Objects, which modify the browser's behavior to add toolbars or to redirect traffic. Sony VAIO VGP-BPS13A/B Battery<o:p>

In a few cases, a worm or virus has delivered a spyware payload. Some attackers used the Spybot worm to install spyware that put pornographic pop-ups on the infected system's screen.^[9] By directing traffic to ads set up to channel funds to the spyware authors, they profit personally. Sony VAIO VGP-BPS13A/B Battery<o:p>

Effects and behaviors<o:p>

A spyware program is rarely alone on a computer: an affected machine usually has multiple infections. Users frequently notice unwanted behavior and degradation of system performance. A spyware infestation can create significant unwanted CPU activity, disk usage, and network traffic. Stability issues, such as applications freezing, failure to boot, and system-wide crashes, are also common. Spyware, which interferes with networking software, commonly causes difficulty connecting to the Internet. Sony VAIO VGP-BPS13A/B Battery<o:p>

In some infections, the spyware is not even evident. Users assume in those situations that the performance issues relate to faulty hardware, Windows installation problems, or anotherinfection. Some owners of badly infected systems resort to contacting technical support experts, or even buying a new computer because the existing system "has become too slow". Badly infected systems may require a clean reinstallation of all their software in order to return to full functionality. Sony VAIO VGP-BSP13B/S Battery<o:p>

Only rarely does a single piece of software render a computer unusable. Rather, a computer is likely to have multiple infections. The cumulative effect, and the interactions between spyware components, causes the symptoms commonly reported by users: a computer, which slows to a crawl, overwhelmed by the many parasitic processes running on it. Moreover, some types of spyware disable software firewalls and anti-virus software, and/or reduce browser security settings, thus opening the system to further opportunistic infections, much like an immune deficiency disease. Sony VAIO VGP-BSP13B/Q Battery<o:p>

Some spyware disables or even removes competing spyware programs, on the grounds that more spyware-related annoyances make it even more likely that users will take action to remove the programs. One spyware maker, Avenue Media, even sued a competitor, Direct Revenue, over this; the two later settled with an agreement not to disable each others' products.^[10] Sony VAIO VGP-BSP13Q Battery<o:p>

Some other types of spyware use rootkit like techniques to prevent detection, and thus removal. Targetsoft, for instance, modifies the "Winsock" Windows Sockets files. The deletion of the spyware-infected file "inetadpt.dll" will interrupt normal networking usage. Sony VAIO VGP-BPS21 Battery<o:p>

A typical Windows user has administrative privileges, mostly for convenience. Because of this, any program the user runs (intentionally or not) has unrestricted access to the system. As with other operating systems, Windows users too are able to follow the principle of least privilege and use non-administrator least user access accounts, or to reduce the privileges of specific vulnerable Internet-facing processes such as Internet Explorer (through the use of tools such as DropMyRights). However, as this is not a default configuration, few users do this.<o:p>

In Windows Vista, by default, a computer administrator runs everything under limited user privileges. When a program requires administrative privileges, Vista will prompt the user with an allow/deny pop-up (see User Account Control). This improves on the design used by previous versions of Windows. Sony VAIO VGP-BPS21B Battery<o:p>

Advertisements<o:p>

Many spyware programs display advertisements. Some programs simply display pop-up ads on a regular basis; for instance, one every several minutes, or one when the user opens a new browser window. Others display ads in response to the user visiting specific sites. Spyware operators present this feature as desirable to advertisers, who may buy ad placement in pop-ups displayed when the user visits a particular site. It is also one of the purposes for which spyware programs gather information on user behavior. Sony VAIO VGP-BPS21A/B Battery<o:p>

Many users complain about irritating or offensive advertisements as well. As with many banner ads, spyware advertisements often use animation or flickering banners, which can be visually distracting and annoying to users. Pop-up ads for pornography often display indiscriminately. Links to these sites may be added to the browser window, history or search function. When children are the users, this could possibly violate anti-pornography laws in some jurisdictions.<o:p>

A number of spyware programs break the boundaries of illegality; variations of “Zlob.Trojan” and “Trojan-Downloader.Win32.INService” have been known to show undesirable child pornography, key gens, cracks and illegal software pop-up ads, which violate child pornography and copyright laws. Sony VAIO VGP-BPS21/S Battery<o:p>

A further issue in the case of some spyware programs concerns the replacement of banner ads on viewed web sites. Spyware that acts as a web proxy or a Browser Helper Object can replace references to a site's own advertisements (which fund the site) with advertisements that instead fund the spyware operator. This cuts into the margins of advertising-funded Web sites. Sony VAIO VGP-BPS9/B Battery<o:p>

"Stealware" and affiliate fraud<o:p>

A few spyware vendors, notably 180 Solutions, have written what the New York Times has dubbed "stealware", and what spyware researcher Ben Edelman terms affiliate fraud, a form ofclick fraud. Stealware diverts the payment of affiliate marketing revenues from the legitimate affiliate to the spyware vendor. Sony VAIO VGP-BPS9/B Battery<o:p>

Spyware which attacks affiliate networks places the spyware operator's affiliate tag on the user's activity — replacing any other tag, if there is one. The spyware operator is the only party that gains from this. The user has their choices thwarted, a legitimate affiliate loses revenue, networks' reputations are injured, and vendors are harmed by having to pay out affiliate revenues to an "affiliate" who is not party to a contract.^[15] Sony VAIO VGP-BPS9A/B Battery<o:p>

Affiliate fraud is a violation of the terms of service of most affiliate marketing networks. As a result, spyware operators such as 180 Solutions have been terminated from affiliate networks including LinkShare and ShareSalSony VAIO VGP-BPS9A Battery<o:p>

Identity theft and fraud<o:p>

In one case, spyware has been closely associated with identity theft.^[16] In August 2005, researchers from security software firm Sunbelt Software suspected the creators of the commonCoolWebSearch spyware had used it to transmit "chat sessions, user names, passwords, bank information, etc.";^[17] however it turned out that "it actually (was) its own sophisticated criminal little trojan that's independent of CWS."^[18] This case is currently under investigation by the FBI. Sony VAIO VGP-BPL9 Battery <o:p>

The Federal Trade Commission estimates that 27.3 million Americans have been victims of identity theft, and that financial losses from identity theft totaled nearly $48 billion for businesses and financial institutions and at least $5 billion in out-of-pocket expenses for individuals.^[19] Sony VAIO PCG-7111L Battery<o:p>

Spyware-makers may commit wire fraud with dialer program spyware. These can reset a modem to dial up a premium-rate telephone number instead of the usual ISP. Connecting to these suspicious numbers involves long-distance or overseas charges which invariably result in high call costs. Dialers are ineffective on computers that do not have a modem, or are not connected to a telephone line, and are now very rare due to the decline in use of dial-up internet access. Sony VAIO PCG-7112L Battery<o:p>

Digital rights management<o:p>

Some copy-protection technologies have borrowed from spyware. In 2005, Sony BMG Music Entertainment was found to be using rootkits in its XCP digital rights managementtechnology^[20] Like spyware, not only was it difficult to detect and uninstall, it was so poorly written that most efforts to remove it could have rendered computers unable to function.Texas Attorney General Greg Abbott filed suit,^[21] and three separate class-action suits were filed.^[22] Sony BMG later provided a workaround on its website to help users remove it.^[23] Sony VAIO PCG-7112L Battery<o:p>

Beginning on 25 April 2006, Microsoft's Windows Genuine Advantage Notifications application^[24] was installed on most Windows PCs as a "critical security update". While the main purpose of this deliberately uninstallable application is to ensure the copy of Windows on the machine was lawfully purchased and installed, it also installs software that has been accused of "phoning home" on a daily basis, like spyware.^[25][26] It can be removed with the RemoveWGA tool. Sony VAIO PCG-7131L Battery<o:p>

Personal relationships<o:p>

Spyware has been used to surreptitiously monitor electronic activities of partners in intimate relationships, generally to uncover evidence of infidelity. At least one software package, Loverspy, was specifically marketed for this purpose. Depending on local laws regarding communal/marital property, observing a partner's online activity without their consent may be illegal; the author of Loverspy and several users of the product were indicted in California in 2005 on charges of wiretapping and various computer crimes.^[27] Sony VAIO PCG-7131L Battery<o:p>

Browser cookies<o:p>

Anti-spyware programs often report Web advertisers' HTTP cookies, the small text files that track browsing activity, as spyware. While they are not always inherently malicious, many users object to third parties using space on their personal computers for their business purposes, and many anti-spyware programs offer to remove them.^[28] Sony VAIO PCG-7131L Battery<o:p>

Examples<o:p>

These common spyware programs illustrate the diversity of behaviors found in these attacks. Note that as with computer viruses, researchers give names to spyware programs which may not be used by their creators. Programs may be grouped into "families" based not on shared program code, but on common behaviors, or by "following the money" of apparent financial or business connections. For instance, a number of the spyware programs distributed by Claria are collectively known as "Gator". Likewise, programs that are frequently installed together may be described as parts of the same spyware package, even if they function separately. Sony VAIO PCG-7z1L Battery<o:p>

CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites.^[29] Sony VAIO VGN-FW11M Battery<o:p>

Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.^[30] Sony VAIO VGN-FW11S Battery<o:p>

HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs—an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements.^[31][32] Sony VAIO VGN-FW21E  Battery<o:p>

Movieland, also known as Moviepass.tv and Popcorn.net, is a movie download service that has been the subject of thousands of complaints to the Federal Trade Commission(FTC), the Washington State Attorney General's Office, the Better Business Bureau, and other agencies. Consumers complained they were held hostage by a cycle of oversized pop-up windows demanding payment of at least $29.95, claiming that they had signed up for a three-day free trial but had not cancelled before the trial period was over, and were thus obligated to pay.^[33][34] The FTC filed a complaint, since settled, against Movieland and eleven other defendants charging them with having "engaged in a nationwide scheme to usedeception and coercion to extract payments from consumers."^[35] Sony VAIO VGN-FW21M Battery<o:p>

WeatherStudio has a plugin that displays a window-panel near the bottom of a browser window. The official website notes that it is easy to remove (uninstall) WeatherStudio from a computer, using its own uninstall-program, such as under C:\Program Files\WeatherStudio.^[36] Once WeatherStudio is removed, a browser returns to the prior display appearance, without the need to modify the browser settings. Sony VAIO VGN-FW21I Battery<o:p>

Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies (as seen in their [Zango End User License Agreement]).^[15] Sony VAIO VGN-FW21L Battery<o:p>

Zlob trojan, or just Zlob, downloads itself to a computer via an ActiveX codec and reports information back to Control Server^{[citation needed]}. Some information can be the search-history, the Websites visited, and even keystrokes.^{[citation needed]} More recently, Zlob has been known to hijack routers set to defaults.^[37] Sony VAIO VGN-FW31M Battery  <o:p>

Legal issues<o:p>

Criminal law<o:p>

Unauthorized access to a computer is illegal under computer crime laws, such as the U.S. Computer Fraud and Abuse Act, the U.K.'s Computer Misuse Act, and similar laws in other countries. Since owners of computers infected with spyware generally claim that they never authorized the installation, a prima facie reading would suggest that the promulgation of spyware would count as a criminal act. Law enforcement has often pursued the authors of other malware, particularly viruses. However, few spyware developers have been prosecuted, and many operate openly as strictly legitimate businesses, though some have faced lawsuits.^[38][39] Sony VAIO VGN-FW31E Battery<o:p>

<o:p> 

Spyware producers argue that, contrary to the users' claims, users do in fact give consent to installations. Spyware that comes bundled with shareware applications may be described in the legalese text of an end-user license agreement (EULA). Many users habitually ignore these purported contracts, but spyware companies such as Claria say these demonstrate that users have consented. Sony VAIO VGN-FW31J Battery<o:p>

Despite the ubiquity of EULAs and of "clickwrap" agreements, under which a single click can be taken as consent to the entire text, relatively little caselaw has resulted from their use. It has been established in most common law jurisdictions that a clickwrap agreement can be a binding contract in certain circumstances.^[40] This does not, however, mean that every such agreement is a contract, or that every term in one is enforceable. Sony VAIO VGN-FW31M Battery<o:p>

Some jurisdictions, including the U.S. states of Iowa^[41] and Washington,^[42] have passed laws criminalizing some forms of spyware. Such laws make it illegal for anyone other than the owner or operator of a computer to install software that alters Web-browser settings, monitors keystrokes, or disables computer-security software. Sony VAIO VGN-FW21Z Battery<o:p>

In the United States, lawmakers introduced a bill in 2005 entitled the Internet Spyware Prevention Act, which would imprison creators of spyware.^[43Sony VGN-FW31ZJ battery^]<o:p>

Administrative sanctions<o:p>

US FTC actions<o:p>

The US Federal Trade Commission has sued Internet marketing organizations under the "unfairness doctrine" ^[44] to make them stop infecting consumers’ PCs with spyware. In one case, that against Seismic Entertainment Productions, the FTC accused the defendants of developing a program that seized control of PCs nationwide, infected them with spyware and other malicious software, bombarded them with a barrage of pop-up advertising for Seismic’s clients, exposed the PCs to security risks, and caused them to malfunction, slow down, and, at times, crash. Sony VGN-FW32J battery<o:p>

 Seismic then offered to sell the victims an “antispyware” program to fix the computers, and stop the popups and other problems that Seismic had caused. On November 21, 2006, a settlement was entered in federal court under which a $1.75 million judgment was imposed in one case and $1.86 million in another, but the defendants were insolvent^[45] Sony VGN-FW37J battery<o:p>

In a second case, brought against CyberSpy Software LLC, the FTC charged that CyberSpy marketed and sold "RemoteSpy" keylogger spyware to clients who would then secretly monitor unsuspecting consumers’ computers. According to the FTC, Cyberspy touted RemoteSpy as a “100% undetectable” way to “Spy on Anyone. From Anywhere.” The FTC has obtained a temporary order prohibiting the defendants from selling the software and disconnecting from the Internet any of their servers that collect, store, or provide access to information that this software has gathered. The case is still in its preliminary stages. A complaint filed by the Electronic Privacy Information Center (EPIC) brought the RemoteSpy software to the FTC’s attention.^[46] Sony VGN-FW70DB battery<o:p>

Netherlands OPTA<o:p>

An administrative fine, the first of its kind in Europe, has been issued by the Independent Authority of Posts and Telecommunications (OPTA) from the Netherlands. It applied fines in total value of Euro 1,000,000 for infecting 22 million computers. The spyware concerned is called DollarRevenue. Sony VGN-FW72JGB battery<o:p>

 The law articles that have been violated are art. 4.1 of the Decision on universal service providers and on the interests of end users; the fines have been issued based on art. 15.4 taken together with art. 15.10 of the Dutch telecommunications law. A part of these fines has to be paid personally by the directors of these companies, i.e. not from the accounts of their companies, but from their personal fortunes.^[47] Since an appeal has been lodged, the fines will have to be paid only after a Dutch law court makes a decision in this case. The culprits maintain that the evidence for violating the two law articles has been obtained illegally. The names of the directors and the names of the companies have not been revealed, since it is not clear that OPTA is allowed to make such information public.^[48] Sony VGN-FW73JGB battery<o:p>

Civil law<o:p>

Former New York State Attorney General and former Governor of New York Eliot Spitzer has pursued spyware companies for fraudulent installation of software.^[49] In a suit brought in 2005 by Spitzer, the California firm Intermix Media, Inc. ended up settling, by agreeing to pay US$7.5 million and to stop distributing spyware.^[50] Sony VGN-FW73JGB battery<o:p>

The hijacking of Web advertisements has also led to litigation. In June 2002, a number of large Web publishers sued Claria for replacing advertisements, but settled out of court.<o:p>

Courts have not yet had to decide whether advertisers can be held liable for spyware that displays their ads. In many cases, the companies whose advertisements appear in spyware pop-ups do not directly do business with the spyware firm. Rather, they have contracted with an advertising agency, which in turn contracts with an online subcontractor who gets paid by the number of "impressions" or appearances of the advertisement. Some major firms such as Dell Computer and Mercedes-Benz have sacked advertising agencies that have run their ads in spyware.^{[51] Sony VAIO VGN-FW21E Battery}<o:p>

Libel suits by spyware developers<o:p>

Litigation has gone both ways. Since "spyware" has become a common pejorative, some makers have filed libel and defamation actions when their products have been so described. In 2003, Gator (now known as Claria) filed suit against the website PC Pitstop for describing its program as "spyware".^[52] PC Pitstop settled, agreeing not to use the word "spyware", but continues to describe harm caused by the Gator/Claria software.^[53] As a result, other anti-spyware and anti-virus companies have also used other terms such as "potentially unwanted programs" or greyware to denote these products. Sony VAIO VGN-FW21I Battery<o:p>

WebcamGate<o:p>

Main article: Robbins v. Lower Merion School District<o:p>

In the 2010 WebcamGate case, plaintiffs charged two suburban Philadelphia high schools secretly spied on students by surreptitiously and remotely activating webcams embedded in school-issued laptops the students were using at home, and therefore infringed on their privacy rights. The school loaded each student's computer with LANrev's remote activation tracking software. This included the now-discontinued "TheftTrack". Sony VAIO VGN-FW21L Battery<o:p>

While TheftTrack was not enabled by default on the software, the program allowed the school district to elect to activate it, and to choose which of the Theft Track surveillance options the school wanted to enable.^[54] Sony VAIO VGN-FW21Z Battery<o:p>

TheftTrack allowed school district employees to secretly remotely activate a tiny webcam embedded in the student's laptop, above the laptop's screen. That allowed school officials to secretly take photos through the webcam, of whatever was in front of it and in its line of sight, and send the photos to the school's server. The LANrev software disabled the webcams for all other uses (e.g., students were unable to use Photo Booth or video chat), so most students mistakenly believed their webcams did not work at all. In addition to webcam surveillance, TheftTrack allowed school officials to take screenshots, and send them to the school's server. In addition, LANrev allowed school officials to take snapshots of instant messages, web browsing, music playlists, and written compositions. The schools admitted to secretly snapping over 66,000 webshots and screenshots, including webcam shots of students in their bedrooms.^[54][55] Sony VAIO VGN-FW21M Battery<o:p>

Remedies and prevention<o:p>

As the spyware threat has worsened, a number of techniques have emerged to counteract it. These include programs designed to remove or to block spyware, as well as various user practices which reduce the chance of getting spyware on a system. Sony VAIO VGN-FW21M Battery<o:p>

Nonetheless, spyware remains a costly problem. When a large number of pieces of spyware have infected a Windows computer, the only remedy may involve backing up user data, and fully reinstalling the operating system. For instance, some versions of Vundo cannot be completely removed by Symantec, Microsoft, PC Tools, and others because it infects rootkit, Internet Explorer, and Windows' lsass.exe (Local Security Authority Subsystem Service) with a randomly-filenamed dll (dynamic link library). Sony VAIO VGN-FW21M Battery<o:p>

Anti-spyware programs<o:p>

See also: Category:Spyware removal<o:p>

Many programmers and some commercial firms have released products dedicated to remove or block spyware. Steve Gibson's OptOut pioneered a growing category. Programs such as PC Tools' Spyware Doctor, Lavasoft's Ad-Aware SE (free scans for non-commercial users, must pay for other features) and Patrick Kolla's Spybot - Search & Destroy (all features free for non-commercial use) rapidly gained popularity as effective tools to remove, and in some cases intercept, spyware programs. On December 16, 2004, Microsoft acquired the GIANT AntiSpyware software,^[56] rebranding it as Windows AntiSpyware beta and releasing it as a free download for Genuine Windows XP and Windows 2003 users. In 2006, Microsoft renamed the beta software to Windows Defender (free), and it was released as a free download in October 2006 and is included as standard with Windows Vista as well as Windows 7. Sony VAIO VGN-FW31E Battery<o:p>

Major anti-virus firms such as Symantec, PC Tools, McAfee and Sophos have come later to the table, adding anti-spyware features to their existing anti-virus products. Early on, anti-virus firms expressed reluctance to add anti-spyware functions, citing lawsuits brought by spyware authors against the authors of web sites and programs which described their products as "spyware". However, recent versions of these major firms' home and business anti-virus products do include anti-spyware functions, albeit treated differently from viruses. Symantec Anti-Virus, for instance, categorizes spyware programs as "extended threats" and now offers real-time protection from them (as it does for viruses). Sony VAIO VGN-FZ11E Battery<o:p>

Recently^[when?], the anti-virus company Grisoft, creator of AVG Anti-Virus, acquired anti-spyware firm Ewido Networks, re-labeling their Ewido anti-spyware program as AVG Anti-Spyware Professional Edition. AVG also used this product to add an integrated anti-spyware solution to some versions of the AVG Anti-Virus family of products, and a freeware AVG Anti-Spyware Free Edition available for private and non-commercial use. This shows a trend by anti virus companies to launch a dedicated solution to spyware and malware. Zone Labs, creator of Zone Alarm firewall have also released an anti-spyware program. Sony VAIO VGN-FZ11L Battery<o:p>

Anti-spyware programs can combat spyware in two ways:<o:p>

They can provide real time protection against the installation of spyware software on the computer. This type of spyware protection works the same way as that of anti-virus protection in that the anti-spyware software scans all incoming network data for spyware software and blocks any threats it comes across. Sony VAIO VGN-FZ11M Battery<o:p>

Anti-spyware software programs can be used solely for detection and removal of spyware software that has already been installed onto the computer. This type of spyware protection is normally much easier to use and more popular. With this spyware protection software the user can schedule weekly, daily, or monthly scans of the computer to detect and remove any spyware software that have been installed on the computer. This type of anti-spyware software scans the contents of the windows registry, operating system files, and installed programs on the computer and will provide a list of any threats found, allowing the user to choose what to delete and what to keep. Sony VAIO VGN-FZ11S Battery<o:p>

Such programs inspect the contents of the Windows registry, the operating system files, and installed programs, and remove files and entries which match a list of known spyware components. Real-time protection from spyware works identically to real-time anti-virus protection: the software scans disk files at download time, and blocks the activity of components known to represent spyware. In some cases, it may also intercept attempts to install start-up items or to modify browser settings. Because many spyware and adware are installed as a result of browser exploits or user error, using security software (some of which are antispyware, though many are not) to sandbox browsers can also be effective to help restrict any damage done. Sony VAIO VGN-FZ11Z Battery<o:p>

<o:p> 

Earlier versions of anti-spyware programs focused chiefly on detection and removal. Javacool Software's SpywareBlaster, one of the first to offer real-time protection, blocked the installation of ActiveX-based and other spyware programs. Sony VAIO VGN-FZ11Z Battery<o:p>

Like most anti-virus software, many anti-spyware/adware tools require a frequently-updated database of threats. As new spyware programs are released, anti-spyware developers discover and evaluate them, making "signatures" or "definitions" which allow the software to detect and remove the spyware. As a result, anti-spyware software is of limited usefulness without a regular source of updates. Some vendors provide a subscription-based update service, while others provide updates free. Updates may be installed automatically on a schedule or before doing a scan, or may be done manually. Sony VAIO VGN-FZ21J Battery<o:p>

Not all programs rely on updated definitions. Some programs rely partly (for instance many antispyware programs such as Windows Defender, Spybot's TeaTimer and Spysweeper) or fully (programs falling under the class of HIPS such as BillP's WinPatrol) on historical observation. They watch certain configuration parameters (such as certain portions of the Windows registry or browser configuration) and report any change to the user, without judgment or recommendation. While they do not rely on updated definitions, which may allow them to spot newer spyware, they can offer no guidance. The user is left to determine "what did I just do, and is this configuration change appropriate?" Sony VAIO VGN-FZ21M Battery<o:p>

Windows Defender's SpyNet attempts to alleviate this through offering a community to share information, which helps guide both users, who can look at decisions made by others, and analysts, who can spot fast-spreading spyware. Sony VAIO VGN-FZ21S Battery<o:p>

A popular generic spyware removal tool used by those with a certain degree of expertise is HijackThis, which scans certain areas of the Windows OS where spyware often resides and presents a list with items to delete manually. As most of the items are legitimate windows files/registry entries it is advised for those who are less knowledgeable on this subject to post a HijackThis log on the numerous antispyware sites and let the experts decide what to delete. Sony VAIO VGN-FZ21Z Battery<o:p>

istent spyware. Killing the process tree may also work. Sony VAIO VGN-FZ21Z Battery<o:p>

 

 

Computer security<o:p>

Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Sony VAIO VGN-FZ11E Battery<o:p>

The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. The strategies and methodologies of computer security often differ from most other computer technologies because of its somewhat elusive objective of preventing unwanted computer behavior instead of enabling wanted computer behavior. Sony VAIO VGN-FZ11L Battery<o:p>

Security by design<o:p>

Main article: Security by design<o:p>

The technologies of computer security are based on logic. As security is not necessarily the primary goal of most computer applications, designing a program with security in mind often imposes restrictions on that program's behavior. Sony VAIO VGN-FZ11M Battery<o:p>

There are 4 approaches to security in computing, sometimes a combination of approaches is valid:<o:p>

Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity). Sony VAIO VGN-FZ11S Battery<o:p>

Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious branch and path analysis for example).<o:p>

Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity). Sony VAIO VGN-FZ11Z Battery<o:p>

Trust no software but enforce a security policy with trustworthy hardware mechanisms.<o:p>

Many systems have unintentionally resulted in the first possibility. Since approach two is expensive and non-deterministic, its use is very limited. Approaches one and three lead to failure. Because approach number four is often based on hardware mechanisms and avoids abstractions and a multiplicity of degrees of freedom, it is more practical. Combinations of approaches two and four are often used in a layered architecture with thin layers of two and thick layers of four. Sony VAIO VGN-FZ21E Battery<o:p>

There are various strategies and techniques used to design security systems. However there are few, if any, effective strategies to enhance security after design. One technique enforces the principle of least privilege to great extent, where an entity has only the privileges that are needed for its function. That way even if an attacker gains access to one part of the system, fine-grained security ensures that it is just as difficult for them to access the rest. Sony VAIO VGN-FZ21E Battery<o:p>

Furthermore, by breaking the system up into smaller components, the complexity of individual components is reduced, opening up the possibility of using techniques such as automated theorem proving to prove the correctness of crucial software subsystems. This enables a closed form solution to security that works well when only a single well-characterized property can be isolated as critical, and that property is also assessible to math. Not surprisingly, it is impractical for generalized correctness, which probably cannot even be defined, much less proven. Where formal correctness proofs are not possible, rigorous use of code review and unit testing represent a best-effort approach to make modules secure. Sony VAIO VGN-FZ21E Battery<o:p>

The design should use "defense in depth", where more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds. Defense in depth works when the breaching of one security measure does not provide a platform to facilitate subverting another. Also, the cascading principle acknowledges that several low hurdles does not make a high hurdle. So cascading several weak mechanisms does not provide the safety of a single stronger mechanism. Sony VAIO VGN-FZ21S Battery<o:p>

Subsystems should default to secure settings, and wherever possible should be designed to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure. Sony VAIO VGN-FZ21Z Battery<o:p>

In addition, security should not be an all or nothing issue. The designers and operators of systems should assume that security breaches are inevitable. Full audit trails should be kept of system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks. Finally, full disclosure helps to ensure that when bugs are found the "window of vulnerability" is kept as short as possible. Sony VAIO VGN-FZ31E Battery<o:p>

Security architecture<o:p>

Main article: Security architecture<o:p>

Security Architecture can be defined as the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall information technology architecture. These controls serve the purpose to maintain the system's quality attributes, among them confidentiality, integrity, availability, accountability andassurance."^[1]. Sony VAIO VGN-FZ31J Battery<o:p>

Hardware mechanisms that protect computers and data<o:p>

Hardware based or assisted computer security offers an alternative to software-only computer security. Devices such as dongles may be considered more secure due to the physical access required in order to be compromisedSony VAIO VGN-FZ31J Battery<o:p>

Secure operating systems<o:p>

Main article: Secure operating systems<o:p>

One use of the term computer security refers to technology to implement a secure operating system. Much of this technology is based on science developed in the 1980s and used to produce what may be some of the most impenetrable operating systems ever. Though still valid, the technology is in limited use today, primarily because it imposes some changes to system management and also because it is not widely understood. Sony VAIO VGN-FZ38M Battery<o:p>

Such ultra-strong secure operating systems are based on operating system kernel technology that can guarantee that certain security policies are absolutely enforced in an operating environment. An example of such a Computer security policy is the Bell-LaPadula model. The strategy is based on a coupling of special microprocessor hardware features, often involving the memory management unit, to a special correctly implemented operating system kernel. Sony VAIO FW Battery<o:p>

 This forms the foundation for a secure operating system which, if certain critical parts are designed and implemented correctly, can ensure the absolute impossibility of penetration by hostile elements. This capability is enabled because the configuration not only imposes a security policy, but in theory completely protects itself from corruption. Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. The design methodology to produce such secure systems is precise, deterministic and logical. Sony VAIO FW Battery<o:p>

Systems designed with such methodology represent the state of the art^{[clarification needed]} of computer security although products using such security are not widely known. In sharp contrast to most kinds of software, they meet specifications with verifiable certainty comparable to specifications for size, weight and power. Secure operating systems designed this way are used primarily to protect national security information, military secrets, and the data of international financial institutions. Sony VAIO VGN-FW11M Battery<o:p>

These are very powerful security tools and very few secure operating systems have been certified at the highest level (Orange Book A-1) to operate over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only on the soundness of the design strategy, but also on the assurance of correctness of the implementation, and therefore there are degrees of security strength defined for COMPUSEC. Sony VAIO VGN-FW11S Battery<o:p>

The Common Criteria quantifies security strength of products in terms of two components, security functionality and assurance level (such as EAL levels), and these are specified in a Protection Profile for requirements and a Security Target for product descriptions. None of these ultra-high assurance secure general purpose operating systems have been produced for decades or certified under the Common Criteria. Sony VAIO VGN-FW139E/H Battery<o:p>

In USA parlance, the term High Assurance usually suggests the system has the right security functions that are implemented robustly enough to protect DoD and DoE classified information. Medium assurance suggests it can protect less valuable information, such as income tax information. Secure operating systems designed to meet medium robustness levels of security functionality and assurance have seen wider use within both government and commercial markets. Sony VAIO VGN-FW17T/H Battery<o:p>

 Medium robust systems may provide the same security functions as high assurance secure operating systems but do so at a lower assurance level (such as Common Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security functions are implemented flawlessly, and therefore less dependable. These systems are found in use on web servers, guards, database servers, and management hosts and are used not only to protect the data stored on these systems but also to provide a high level of protection for network connections and routing services. Sony VAIO VGN-FW17W Battery<o:p>

Secure coding<o:p>

Main article: Secure coding<o:p>

If the operating environment is not based on a secure operating system capable of maintaining a domain for its own execution, and capable of protecting application code from malicious subversion, and capable of protecting the system from subverted code, then high degrees of security are understandably not possible. While such secure operating systems are possible and have been implemented, most commercial systems fall in a 'low security' category because they rely on features not supported by secure operating systems (like portability, et al.). In low security operating environments, applications must be relied on to participate in their own protection. There are 'best effort' secure coding practices that can be followed to make an application more resistant to malicious subversion. Sony VAIO VGN-FW17W Battery<o:p>

In commercial environments, the majority of software subversion vulnerabilities result from a few known kinds of coding defects. Common software defects include buffer overflows, format string vulnerabilities, integer overflow, and code/command injection. It is to be immediately noted that all of the foregoing are specific instances of a general class of attacks, where situations in which putative "data" actually contains implicit or explicit, executable instructions are cleverly exploited. Sony VGN TX Battery<o:p>

Some common languages such as C and C++ are vulnerable to all of these defects (see Seacord, "Secure Coding in C and C++"). Other languages, such as Java, are more resistant to some of these defects, but are still prone to code/command injection and other software defects which facilitate subversion. Sony VGP-BPS13 Battery<o:p>

Recently another bad coding practice has come under scrutiny; dangling pointers. The first known exploit for this particular problem was presented in July 2007. Before this publication the problem was known but considered to be academic and not practically exploitable.^[2] Sony VAIO VGP-BPS13A/B Battery<o:p>

Unfortunately, there is no theoretical model of "secure coding" practices, nor is one practically achievable, insofar as the variety of mechanisms are too wide and the manners in which they can be exploited are too variegated. It is interesting to note, however, that such vulnerabilities often arise from archaic philosophies in which computers were assumed to be narrowly disseminated entities used by a chosen few, all of whom were likely highly educated, solidly trained academics with naught but the goodness of mankind in mind. Sony VAIO VGP-BPS13B/B Battery<o:p>

Thus, it was considered quite harmless if, for (fictitious) example, a FORMAT string in a FORTRAN program could contain the J format specifier to mean "shut down system after printing." After all, who would use such a feature but a well-intentioned system programmer? It was simply beyond conception that software could be deployed in a destructive fashion. Sony VAIO VGP-BPS13/S Battery<o:p>

It is worth noting that, in some languages, the distinction between code (ideally, read-only) and data (generally read/write) is blurred. In LISP, particularly, there is no distinction whatsoever between code and data, both taking the same form: an S-expression can be code, or data, or both, and the "user" of a LISP program who manages to insert an executable LAMBDA segment into putative "data" can achieve arbitrarily general and dangerous functionality. Even something as "modern" as Perl offers the eval() function, which enables one to generate Perl code and submit it to the interpreter, disguised as string data. Sony VAIO VGP-BPS13A/S Battery<o:p>

Capabilities and access control lists<o:p>

Main articles: Access control list and Capability (computers)<o:p>

Within computer systems, two security models capable of enforcing privilege separation are access control lists (ACLs) and capability-based security. The semantics of ACLs have been proven to be insecure in many situations, e.g., the confused deputy problem. It has also been shown that the promise of ACLs of giving access to an object to only one person can never be guaranteed in practice. Both of these problems are resolved by capabilities. This does not mean practical flaws exist in all ACL-based systems, but only that the designers of certain utilities must take responsibility to ensure that they do not introduce flaws. Sony VAIO VGP-BPS13B/S Battery<o:p>

Capabilities have been mostly restricted to research operating systems and commercial OSs still use ACLs. Capabilities can, however, also be implemented at the language level, leading to a style of programming that is essentially a refinement of standard object-oriented design. An open source project in the area is the E language. Sony VAIO VGP-BPS13B/S Battery<o:p>

First the Plessey System 250 and then Cambridge CAP computer demonstrated the use of capabilities, both in hardware and software, in the 1970s. A reason for the lack of adoption of capabilities may be that ACLs appeared to offer a 'quick fix' for security without pervasive redesign of the operating system and hardware. Sony VAIO VGP-BPS13A/Q Battery<o:p>

The most secure computers are those not connected to the Internet and shielded from any interference. In the real world, the most security comes from operating systems where securityis not an add-on. Sony VAIO VGP-BPS13B/Q Battery<o:p>

Applications<o:p>

Computer security is critical in almost any technology-driven industry which operates on computer systems. Computer security can also be referred to as computer safety. The issues of computer based systems and addressing their countless vulnerabilities are an integral part of maintaining an operational industry.^[3] Sony VAIO VGN-FW21E Battery<o:p>

Cloud computing Security<o:p>

Security in the cloud is challenging^{[citation needed]}, due to varied degree of security features and management schemes within the cloud entitites. In this connection one logical protocol base need to evolve so that the entire gamet of components operate synchronously and securelySony VAIO VGN-FW21I Battery<o:p>

In aviation<o:p>

The aviation industry is especially important when analyzing computer security because the involved risks include human life, expensive equipment, cargo, and transportation infrastructure. Security can be compromised by hardware and software malpractice, human error, and faulty operating environments. Threats that exploit computer vulnerabilities can stem from sabotage, espionage, industrial competition, terrorist attack, mechanical malfunction, and human error.^[4]<o:p>

The consequences of a successful deliberate or inadvertent misuse of a computer system in the aviation industry range from loss of confidentiality to loss of system integrity, which may lead to more serious concerns such as data theft or loss, network and air traffic control outages, which in turn can lead to airport closures, loss of aircraft, loss of passenger life. Militarysystems that control munitions can pose an even greater risk. Sony VAIO VGN-FW21L Battery<o:p>

A proper attack does not need to be very high tech or well funded; for a power outage at an airport alone can cause repercussions worldwide.^[5]. One of the easiest and, arguably, the most difficult to trace security vulnerabilities is achievable by transmitting unauthorized communications over specific radio frequencies. These transmissions may spoof air traffic controllers or simply disrupt communications altogether. These incidents are very common, having altered flight courses of commercial aircraft and caused panic and confusion in the past.^{[citation needed]} Controlling aircraft over oceans is especially dangerous because radar surveillance only extends 175 to 225 miles offshore. Beyond the radar's sight controllers must periodic radio communications with a third party. Sony VAIO VGN-FW21L Battery<o:p>

Lightning, power fluctuations, surges, brown-outs, blown fuses, and various other power outages instantly disable all computer systems, since they are dependent on an electrical source. Other accidental and intentional faults have caused significant disruption of safety critical systems throughout the last few decades and dependence on reliable communication and electrical powr only jeopardizes computer safetySony VAIO VGN-FW21M Battery<o:p>

Notable system accidents<o:p>

In 1994, over a hundred intrusions were made by unidentified crackers into the Rome Laboratory, the US Air Force's main command and research facility. Using trojan horse viruses, hackers were able to obtain unrestricted access to Rome's networking systems and remove traces of their activities. The intruders were able to obtain classified files, such as air tasking order systems data and furthermore able to penetrate connected networks of National Aeronautics and Space Administration's Goddard Space Flight Center, Wright-Patterson Air Force Base, some Defense contractors, and other private sector organizations, by posing as a trusted Rome center userSony VAIO VGN-FW31M Battery<o:p>

Computer security policy<o:p>

 Cybersecurity Act of 2010<o:p>

On April 1, 2009, Senator Jay Rockefeller (D-WV) introduced the "Cybersecurity Act of 2009 - S. 773" (full text) in the Senate; the bill, co-written with Senators Evan Bayh (D-IN),Barbara Mikulski (D-MD), Bill Nelson (D-FL), and Olympia Snowe (R-ME), was referred to the Committee on Commerce, Science, and Transportation, which approved a revised version of the same bill (the "Cybersecurity Act of 2010") on March 24, 2010^[7]. Sony VAIO VGN-FW31M Battery<o:p>

The bill seeks to increase collaboration between the public and the private sector on cybersecurity issues, especially those private entities that own infrastructures that are critical to national security interests (the bill quotes John Brennan, the Assistant to the President for Homeland Security and Counterterrorism: "our nation’s security and economic prosperity depend on the security, stability, and integrity of communications and information infrastructure that are largely privately-owned and globally-operated" and talks about the country's response to a "cyber-Katrina"^[8].), Sony Vaio VGN-FW32J Battery<o:p>

 increase public awareness on cybersecurity issues, and foster and fund cybersecurity research. Some of the most controversial parts of the bill include Paragraph 315, which grants the President the right to "order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network^[8]." The Electronic Frontier Foundation, an international non-profitdigital rights advocacy and legal organization based in the United States, characterized the bill as promoting a "potentially dangerous approach that favors the dramatic over the sober response"^[9] Sony Vaio VGN-FW36TJ/B Battery<o:p>

International Cybercrime Reporting and Cooperation Act<o:p>

On March 25, 2010, Representative Yvette Clarke (D-NY) introduced the "International Cybercrime Reporting and Cooperation Act - H.R.4962" (full text) in the House of Representatives; the bill, co-sponsored by seven other representatives (among whom only one Republican), was referred to three House committees^[10]. The bill seeks to make sure that the administration keeps Congress informed on information infrastructure, cybercrime, and end-user protection worldwide. It also "directs the President to give priority for assistance to improve legal, judicial, and enforcement capabilities with respect to cybercrime to countries with low information and communications technology levels of development or utilization in their critical infrastructure, telecommunications systems, and financial industries"^[10] as well as to develop an action plan and an annual compliance assessment for countries of "cyber concern"^[10]. Sony Vaio VGN-FW37J Battery<o:p>

Protecting Cyberspace as a National Asset Act of 2010 ("Kill switch bill")<o:p>

On June 19, 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010 - S.3480" (full text in pdf), which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the President emergency powers over the Internet. However, all three co-authors of the bill issued a statement claiming that instead, the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks"^[11]. Sony Vaio VGN-FW41M/H Battery<o:p>

Terminology<o:p>

The following terms used in engineering secure systems are explained below.<o:p>

Authentication techniques can be used to ensure that communication end-points are who they say they are.<o:p>

Automated theorem proving and other verification tools can enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications. Sony Vaio VGN-FW52JB Battery<o:p>

Capability and access control list techniques can be used to ensure privilege separation and mandatory access control. This section discusses their use.<o:p>

Chain of trust techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system's designers. Sony Vaio VGN-FW52JB Battery<o:p>

Cryptographic techniques can be used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified.<o:p>

Firewalls can provide some protection from online intrusion. Sony Vaio VGN-FW52JB Battery<o:p>

A microkernel is a carefully crafted, deliberately small corpus of software that underlies the operating system per se and is used solely to provide very low-level, very precisely defined primitives upon which an operating system can be developed. A simple example with considerable didactic value is the early '90s GEMSOS (Gemini Computers), which provided extremely low-level primitives, such as "segment" management, atop which an operating system could be built. The theory (in the case of "segments") was that—rather than have the operating system itself worry about mandatory access separation by means of military-style labeling—it is safer if a low-level, Sony Vaio VGN-FW72JGB Battery<o:p>

 independently scrutinized module can be charged solelywith the management of individually labeled segments, be they memory "segments" or file system "segments" or executable text "segments." If software below the visibility of the operating system is (as in this case) charged with labeling, there is no theoretically viable means for a clever hacker to subvert the labeling scheme, since the operating system per sedoes not provide mechanisms for interfering with labeling: the operating system is, essentially, a client (an "application," arguably) atop the microkernel and, as such, subject to its restrictions. Sony Vaio VGN-FW73JGB Battery<o:p>

Endpoint Security software helps networks to prevent data theft and virus infection through portable storage devices, such as USB drives.<o:p>

Some of the following items may belong to the computer insecurity article:<o:p>

Access authorization restricts access to a computer to group of users through the use of authentication systems. These systems can protect either the whole computer – such as through an interactive logon screen – or individual services, such as an FTP server. There are many methods for identifying and authenticating users, such as passwords, identification cards, more recently, smart cards and biometric systems. Sony Vaio VGN-FW73JGB Battery<o:p>

Anti-virus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).<o:p>

Applications with known security flaws should not be run. Either leave it turned off until it can be patched or otherwise fixed, or delete it and replace it with some other application. Publicly known flaws are the main entry used by worms to automatically break into a system and then spread to other systems connected to it. The security website Secuniaprovides a search tool for unpatched known flaws in popular products. Sony VAIO PCG-5G3L Battery<o:p>

Backups are a way of securing information; they are another copy of all the important computer files kept in another location. These files are kept on hard disks, CD-Rs, CD-RWs, andtapes. Suggested locations for backups are a fireproof, waterproof, and heat proof safe, or in a separate, offsite location than that in which the original files are contained. Some individuals and companies also keep their backups in safe deposit boxes inside bank vaults. There is also a fourth option, which involves using one of the file hosting services that backs up files over the Internet for both business and individuals. Sony VAIO PCG-5J2L Battery<o:p>

Backups are also important for reasons other than security. Natural disasters, such as earthquakes, hurricanes, or tornadoes, may strike the building where the computer is located. The building can be on fire, or an explosion may occur. There needs to be a recent backup at an alternate secure location, in case of such kind of disaster. Further, it is recommended that the alternate location be placed where the same disaster would not affect both locations. Sony VAIO PCG-5K1L Battery<o:p>

Examples of alternate disaster recovery sites being compromised by the same disaster that affected the primary site include having had a primary site in World Trade Center I and the recovery site in 7 World Trade Center, both of which were destroyed in the 9/11 attack, and having one's primary site and recovery site in the same coastal region, which leads to both being vulnerable to hurricane damage (e.g. primary site in New Orleans and recovery site in Jefferson Parish, both of which were hit by Hurricane Katrina in 2005). The backup media should be moved between the geographic sites in a secure manner, in order to Cryptographic techniques involve transforming information, scrambling it so it becomes unreadable during transmission. The intended recipient can unscramble the message, but eavesdroppers cannot. Sony VAIO PCG-6S1L Battery<o:p>

Encryption is used to protect the message from the eyes of others. Cryptographically secure ciphers are designed to make any practical attempt of breaking infeasible. Symmetric-key ciphers are suitable for bulk encryption using shared keys, andpublic-key encryption using digital certificates can provide a practical solution for the problem of securely communicating when no key is shared in advance. Sony VAIO PCG-8Z1L Battery<o:p>

Firewalls are systems which help protect computers and computer networks from attack and subsequent intrusion by restricting the network traffic which can pass through them, based on a set of system administrator defined rules.<o:p>

Honey pots are computers that are either intentionally or unintentionally left vulnerable to attack by crackers. They can be used to catch crackers or fix vulnerabilities. Sony VAIO PCG-8Z1L Battery<o:p>

Intrusion-detection systems can scan a network for people that are on the network but who should not be there or are doing things that they should not be doing, for example trying a lot of passwords to gain access to the network.<o:p>

Pinging The ping application can be used by potential crackers to find if an IP address is reachable. If a cracker finds a computer, they can try a port scan to detect and attack services on that computer. Sony VAIO PCG-7112L Battery<o:p>

Social engineering awareness keeps employees aware of the dangers of social engineering and/or having a policy in place to prevent social engineering can reduce successful breaches of the network and servers.<o:p>

File Integrity Monitors are tools used to detect changes in the integrity of systems and files<o:p>

Many current computer systems have only limited security precautions in place. This computer insecurity article describes the current battlefield of computer security exploits and defenses. Please see the computer security article for an alternative approach, based onsecurity engineering principles. Sony VAIO PCG-7131L Battery<o:p>

Security and systems design<o:p>

Many current real-world computer security efforts focus on external threats, and generally treat the computer system itself as a trusted system. Some knowledgeable observers consider this to be a disastrous mistake, and point out that this distinction is the cause of much of the insecurity of current computer systems — once an attacker has subverted one part of a system without fine-grained security, he or she usually has access to most or all of the features of that system.^{[citation needed]} Because computer systems can be very complex, and cannot be guaranteed to be free of defects, this security stance tends to produce insecure systems. Sony VAIO PCG-7Z2L Battery<o:p>

Financial cost<o:p>

Serious financial damage has been caused by computer security breaches, but reliably estimating costs is quite difficult. Figures in the billions of dollars have been quoted in relation to the damage caused by malware such as computer worms like the Code Red worm, but such estimates may be exaggerated. However, other losses, such as those caused by the compromise of credit card information, can be more easily determined, and they have been substantial, as measured by millions of individual victims of identity theft each year in each of several nations, and the severe hardship imposed on each victim, that can wipe out all of their finances, prevent them from getting a job, plus be treated as if they were the criminal. Volumes of victims of phishing and other scams may not be known. Sony PCG-7z1L Battery<o:p>

Individuals who have been infected with spyware or malware likely go through a costly and time-consuming process of having their computer cleaned. Spyware is considered to be a problem specific to the various Microsoft Windows operating systems^{[citation needed]}, however this can be partially explained by the fact that Microsoft controls a major share of the PC market and thus represents the most prominent target. Sony PCG-7133L Battery<o:p>

Reasons<o:p>

There are many similarities (yet many fundamental differences) between computer and physical security. Just like real-world security, the motivations for breaches of computer security vary between attackers, sometimes called hackers or crackers. Some are thrill-seekers or vandals (the kind often responsible for defacing web sites); similarly, some web site defacements are done to make political statements. However, some attackers are highly skilled and motivated with the goal of compromising computers for financial gain or espionage. Sony PCG-7133L Battery<o:p>

 An example of the latter is Markus Hess (more diligent than skilled), who spied for the KGB and was ultimately caught because of the efforts of Clifford Stoll, who wrote a memoir, The Cuckoo's Egg, about his experiences. For those seeking to prevent security breaches, the first step is usually to attempt to identify what might motivate an attack on the system, how much the continued operation and information security of the system are worth, and who might be motivated to breach it. The precautions required for a home PC are very different for those of banks' Internet banking system, and different again for a classified military network. Other computer security writers suggest that, since an attacker using a network need know nothing about you or what you have on your computer, attacker motivation is inherently impossible to determine beyond guessing. If true, blocking all possible attacks is the only plausible action to take. Sony PCG-7133L Battery<o:p>

Vulnerabilities<o:p>

Main article: Vulnerability (computing)<o:p>

To understand the techniques for securing a computer system, it is important to first understand the various types of "attacks" that can be made against it. These threats can typically be classified into one of these seven categories: Sony VAIO PCG-8Z2L Battery<o:p>

Exploits<o:p>

Main article: Exploit (computer security)<o:p>

An exploit (from the same word in the French language, meaning "achievement", or "accomplishment") is a piece of software, a chunk of data, or sequence of commands that take advantage of a software 'bug' or 'glitch' in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as gaining control of a computer system or allowing privilege escalation or a denial of service attack. Sony VAIO PCG-8Y2L Battery<o:p>

Many development methodologies rely ontesting to ensure the quality of any code released; this process often fails to discover unusual potential exploits. The term "exploit" generally refers to small programs designed to take advantage of a software flaw that has been discovered, either remote or local. The code from the exploit program is frequently reused in trojan horses and computer viruses. In some cases, a vulnerability can lie in certain programs' processing of a specific file type, such as a non-executable media file. Some security web sites maintain lists of currently known unpatched vulnerabilities found in common programs (see "External links" below). Sony VAIO PCG-8Y2L Battery<o:p>

Eavesdropping<o:p>

Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network. Even machines that operate as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware such as TEMPEST. The FBI's proposed Carnivore program was intended to act as a system of eavesdropping protocols built into the systems of internet service providers. Sony VAIO PCG-8Y2L Battery<o:p>

Social engineering and human error<o:p>

Main article: Social engineering (security)<o:p>

A computer system is no more secure than the human systems responsible for its operation. Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them, for example sending messages that they are the system administrator and asking for passwords. This deception is known as Social engineering. Sony VAIO PCG-5J2L Battery<o:p>

Denial-of-service attack<o:p>

Main article: Denial-of-service attack<o:p>

Unlike other exploits, denial of service attacks are not used to gain unauthorized access or control of a system. They are instead designed to render it unusable. Attackers can deny service to individual victims, such as by deliberately entering a wrong password 3 consecutive times and thus causing the victim account to be locked, or they may overload the capabilities of a machine or network and block all users at once. Sony VAIO PCG-5G3L Battery<o:p>

 These types of attack are, in practice, very hard to prevent, because the behavior of whole networks needs to be analyzed, not only the behaviour of small pieces of code. Distributed denial of service (DDoS) attacks are common, where a large number of compromised hosts (commonly referred to as "zombie computers", used as part of a botnet with, for example; a worm, trojan horse, or backdoor exploit to control them.) are used to flood a target system with network requests, thus attempting to render it unusable through resource exhaustion. Another technique to exhaust victim resources is through the use of an attack amplifier — where the attacker takes advantage of poorly designed protocols on 3rd party machines, such as FTP or DNS, in order to instruct these hosts to launch the flood. There are also commonly found vulnerabilities in applications that cannot be used to take control over a computer, but merely make the target application malfunction or crash. This is known as a denial-of-service exploit. Sony VAIO VGN-CR42Z Battery<o:p>

Indirect attacks<o:p>

An indirect attack is an attack launched by a third party computer. By using someone else's computer to launch an attack, it becomes far more difficult to track down the actual attacker. There have also been cases where attackers took advantage of public anonymizing systems, such as the tor onion router system. Sony VAIO VGN-CR42S Battery<o:p>

Backdoors<o:p>

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A specific form of backdoors are rootkits, which replaces system binaries and/or hooks into the function calls of the operating system to hide the presence of other programs, users, services and open ports. It may also fake information about disk and memory usage. Sony VAIO VGN-CR41SR Battery<o:p>

Direct access attacks<o:p>

Common consumer devices that can be used to transfer data surreptitiously.<o:p>

Someone who has gained access to a computer can install any type of devices to compromise security, including operating systemmodifications, software worms, key loggers, and covert listening devices. The attacker can also easily download large quantities of data onto backup media, for instance CD-R/DVD-R, tape; or portable devices such as keydrives, digital cameras or digital audio players. Another common technique is to boot an operating system contained on a CD-ROM or other bootable media and read the data from the harddrive(s) this way. The only way to defeat this is to encrypt the storage media and store the key separate from the system. Sony VAIO VGN-CR31Z Battery<o:p>

See also: Category:Cryptographic attacks<o:p>

 Reasons

There are many similarities (yet many fundamental differences) between computer and physical security. Just like real-world security, the motivations for breaches of computer security vary between attackers, sometimes called hackers or crackers. Some are thrill-seekers or vandals (the kind often responsible for defacing web sites); similarly, some web site defacements are done to make political statements. However, some attackers are highly skilled and motivated with the goal of compromising computers for financial gain or espionage. Sony PCG-7133L Battery<o:p>

 An example of the latter is Markus Hess (more diligent than skilled), who spied for the KGB and was ultimately caught because of the efforts of Clifford Stoll, who wrote a memoir, The Cuckoo's Egg, about his experiences. For those seeking to prevent security breaches, the first step is usually to attempt to identify what might motivate an attack on the system, how much the continued operation and information security of the system are worth, and who might be motivated to breach it. The precautions required for a home PC are very different for those of banks' Internet banking system, and different again for a classified military network. Other computer security writers suggest that, since an attacker using a network need know nothing about you or what you have on your computer, attacker motivation is inherently impossible to determine beyond guessing. If true, blocking all possible attacks is the only plausible action to take. Sony PCG-7133L Battery<o:p>

Vulnerabilities<o:p>

Main article: Vulnerability (computing)<o:p>

To understand the techniques for securing a computer system, it is important to first understand the various types of "attacks" that can be made against it. These threats can typically be classified into one of these seven categories: Sony VAIO PCG-8Z2L Battery<o:p>

Exploits<o:p>

Main article: Exploit (computer security)<o:p>

An exploit (from the same word in the French language, meaning "achievement", or "accomplishment") is a piece of software, a chunk of data, or sequence of commands that take advantage of a software 'bug' or 'glitch' in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as gaining control of a computer system or allowing privilege escalation or a denial of service attack. Sony VAIO PCG-8Y2L Battery<o:p>

Many development methodologies rely ontesting to ensure the quality of any code released; this process often fails to discover unusual potential exploits. The term "exploit" generally refers to small programs designed to take advantage of a software flaw that has been discovered, either remote or local. The code from the exploit program is frequently reused in trojan horses and computer viruses. In some cases, a vulnerability can lie in certain programs' processing of a specific file type, such as a non-executable media file. Some security web sites maintain lists of currently known unpatched vulnerabilities found in common programs (see "External links" below). Sony VAIO PCG-8Y2L Battery<o:p>

Eavesdropping<o:p>

Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network. Even machines that operate as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware such as TEMPEST. The FBI's proposed Carnivore program was intended to act as a system of eavesdropping protocols built into the systems of internet service providers. Sony VAIO PCG-8Y2L Battery<o:p>

Social engineering and human error<o:p>

Main article: Social engineering (security)<o:p>

A computer system is no more secure than the human systems responsible for its operation. Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them, for example sending messages that they are the system administrator and asking for passwords. This deception is known as Social engineering. Sony VAIO PCG-5J2L Battery<o:p>

Denial-of-service attack<o:p>

Main article: Denial-of-service attack<o:p>

Unlike other exploits, denial of service attacks are not used to gain unauthorized access or control of a system. They are instead designed to render it unusable. Attackers can deny service to individual victims, such as by deliberately entering a wrong password 3 consecutive times and thus causing the victim account to be locked, or they may overload the capabilities of a machine or network and block all users at once. Sony VAIO PCG-5G3L Battery<o:p>

 These types of attack are, in practice, very hard to prevent, because the behavior of whole networks needs to be analyzed, not only the behaviour of small pieces of code. Distributed denial of service (DDoS) attacks are common, where a large number of compromised hosts (commonly referred to as "zombie computers", used as part of a botnet with, for example; a worm, trojan horse, or backdoor exploit to control them.) are used to flood a target system with network requests, thus attempting to render it unusable through resource exhaustion. Another technique to exhaust victim resources is through the use of an attack amplifier — where the attacker takes advantage of poorly designed protocols on 3rd party machines, such as FTP or DNS, in order to instruct these hosts to launch the flood. There are also commonly found vulnerabilities in applications that cannot be used to take control over a computer, but merely make the target application malfunction or crash. This is known as a denial-of-service exploit. Sony VAIO VGN-CR42Z Battery<o:p>

Indirect attacks<o:p>

An indirect attack is an attack launched by a third party computer. By using someone else's computer to launch an attack, it becomes far more difficult to track down the actual attacker. There have also been cases where attackers took advantage of public anonymizing systems, such as the tor onion router system. Sony VAIO VGN-CR42S Battery<o:p>

Backdoors<o:p>

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A specific form of backdoors are rootkits, which replaces system binaries and/or hooks into the function calls of the operating system to hide the presence of other programs, users, services and open ports. It may also fake information about disk and memory usage. Sony VAIO VGN-CR41SR Battery<o:p>

Direct access attacks<o:p>

Common consumer devices that can be used to transfer data surreptitiously.<o:p>

Someone who has gained access to a computer can install any type of devices to compromise security, including operating systemmodifications, software worms, key loggers, and covert listening devices. The attacker can also easily download large quantities of data onto backup media, for instance CD-R/DVD-R, tape; or portable devices such as keydrives, digital cameras or digital audio players. Another common technique is to boot an operating system contained on a CD-ROM or other bootable media and read the data from the harddrive(s) this way. The only way to defeat this is to encrypt the storage media and store the key separate from the system. Sony VAIO VGN-CR31Z Battery<o:p>

See also: Category:Cryptographic attacks<o:p>

Reducing vulnerabilities<o:p>

Computer code is regarded by some as a form of mathematics. It is theoretically possible to prove the correctness of certain classes of computer programs, though the feasibility of actually achieving this in large-scale practical systems is regarded as small by some with practical experience in the industry — see Bruce Schneier et al. Sony VAIO VGN-CR31E Battery<o:p>

It's also possible to protect messages in transit (i.e., communications) by means of cryptography. One method of encryption — the one-time pad — is unbreakable when correctly used. This method was used by the Soviet Union during the Cold War, though flaws in their implementation allowed some cryptanalysis (SeeVenona Project). The method uses a matching pair of key-codes, securely distributed, which are used once-and-only-once to encode and decode a single message. For transmitted computer encryption this method is difficult to use properly (securely), and highly inconvenient as well. Sony VAIO VGN-NR11Z/T Battery<o:p>

Other methods of encryption, while breakable in theory, are often virtually impossible to directly break by any means publicly known today. Breaking them requires some non-cryptographic input, such as a stolen key, stolen plaintext (at either end of the transmission), or some other extra cryptanalytic information. Sony VAIO VGN-NR11Z/S Battery<o:p>

Social engineering and direct computer access (physical) attacks can only be prevented by non-computer means, which can be difficult to enforce, relative to the sensitivity of the information. Even in a highly disciplined environment, such as in military organizations, social engineering attacks can still be difficult to foresee and prevent. Sony VAIO VGN-NR11S/S Battery<o:p>

In practice, only a small fraction of computer program code is mathematically proven, or even goes through comprehensive information technology audits or inexpensive but extremely valuable computer security audits, so it's usually possible for a determined hacker to read, copy, alter or destroy data in well secured computers, albeit at the cost of great time and resources. Few attackers would audit applications for vulnerabilities just to attack a single specific system. It is possible to reduce an attacker's chances by keeping systems up to date, using a security scanner or/and hiring competent people responsible for security. The effects of data loss/damage can be reduced by careful backing up and insurance. Sony VAIO VGN-NR11M/S Battery<o:p>

Security measures<o:p>

 

Firewalls are by far the most common prevention systems from a network security perspective as they can (if properly configured) shield access to internal network services, and block certain kinds of attacks through packet filtering. Sony VAIO VGN-NR11Z/T Battery<o:p>

Intrusion Detection Systems (IDS's) are designed to detect network attacks in progress and assist in post-attack forensics, while audit trails and logs serve a similar function for individual systems.<o:p>

"Response" is necessarily defined by the assessed security requirements of an individual system and may cover the range from simple upgrade of protections to notification of legalauthorities, counter-attacks, and the like. In some special cases, a complete destruction of the compromised system is favored, as it may happen that not all the compromised resources are detected. Sony VAIO VGN-NR11Z/S Battery<o:p>

Today, computer security comprises mainly "preventive" measures, like firewalls or an Exit Procedure. A firewall can be defined as a way of filtering network data between a host or a network and another network, such as the Internet, and can be implemented as software running on the machine, hooking into the network stack (or, in the case of most UNIX-based operating systems such as Linux, built into the operating system kernel) to provide realtime filtering and blocking. Another implementation is a so called physical firewall which consists of a separate machine filtering network traffic. Firewalls are common amongst machines that are permanently connected to the Internet. However, relatively few organisations maintain computer systems with effective detection systems, and fewer still have organised response mechanisms in place. Sony VAIO VGN-NR11S/S Battery<o:p>

Difficulty with response<o:p>

Responding forcefully to attempted security breaches (in the manner that one would for attempted physical security breaches) is often very difficult for a variety of reasons:<o:p>

Identifying attackers is difficult, as they are often in a different jurisdiction to the systems they attempt to breach, and operate through proxies, temporary anonymous dial-up accounts, wireless connections, and other anonymising procedures which make backtracing difficult and are often located in yet another jurisdiction. If they successfully breach security, they are often able to delete logs to cover their tracks. Sony VAIO VGN-NR11M/S Battery<o:p>

The sheer number of attempted attacks is so large that organisations cannot spend time pursuing each attacker (a typical home user with a permanent (e.g., cable modem) connection will be attacked at least several times per day, so more attractive targets could be presumed to see many more). Note however, that most of the sheer bulk of these attacks are made by automated vulnerability scanners and computer worms. Sony VAIO VGN-NR11Z/T Battery<o:p>

Law enforcement officers are often unfamiliar with information technology, and so lack the skills and interest in pursuing attackers. There are also budgetary constraints. It has been argued that the high cost of technology, such as DNA testing, and improved forensics mean less money for other kinds of law enforcement, so the overall rate of criminals not getting dealt with goes up as the cost of the technology increases. In addition, the identification of attackers across a network may require logs from various points in the network and in many countries, the release of these records to law enforcement (with the exception of being voluntarily surrendered by a network administrator or a system administrator) requires asearch warrant and, depending on the circumstances, the legal proceedings required can be drawn out to the point where the records are either regularly destroyed, or the information is no longer relevant. Sony VAIO VGN-NR11Z/S Battery<o:p>

A computer virus is a computer program that can copy itself^[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executablecode) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD,DVD, or USB drive.^[2] Sony VAIO VGN-NR11S/S Battery<o:p>

Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.^[3][4] Sony VAIO VGN-NR11M/S Battery<o:p>

As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, even those that do not have the reproductive ability. Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan horse is a program that appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves. Sony VAIO VGN-FZ Battery<o:p>

History<o:p>

Academic work<o:p>

The first academic work on the theory of computer viruses (although the term "computer virus" was not invented at that time) was done by John von Neumann in 1949 who held lectures at the University of Illinois about the "Theory and Organization of Complicated Automata". The work of von Neumann was later published as the "Theory of self-reproducing automata".^[5] In his essay von Neumann postulated that a computer program could reproduce. Sony VAIO VGN-FZ11E Battery<o:p>

In 1972 Veith Risak published his article "Selbstreproduzierende Automaten mit minimaler Informationsübertragung" (Self-reproducing automata with minimal information exchange).^[6]The article describes a fully functional virus written in assembler language for a SIEMENS 4004/35 computer system. Sony VAIO VGN-FZ11L Battery <o:p>

In 1980 Jürgen Kraus wrote his diplom thesis "Selbstreproduktion bei Programmen" (Self-reproduction of programs) at the University of Dortmund.^[7] In his work Kraus postulated that computer programs can behave in a way similar to biological viruses. Sony VAIO VGN-FZ11M Battery<o:p>

In 1984 Fred Cohen from the University of Southern California wrote his paper "Computer Viruses - Theory and Experiments".^[8] It was the first paper to explicitly call a self-reproducing program a "virus"; a term introduced by his mentor Leonard Adleman. Sony VAIO VGN-FZ11S Battery<o:p>

An article that describes "useful virus functionalities" was published by J. B. Gunn under the title "Use of virus functions to provide a virtual APL interpreter under user control" in 1984.^[9] Sony VAIO VGN-FZ11Z Battery <o:p>

Science Fiction<o:p>

The Terminal Man, a science fiction novel by Michael Crichton (1972), told (as a sideline story) of a computer with telephone modem dialing capability, which had been programmed to randomly dial phone numbers until it hit a modem that is answered by another computer. It then attempted to program the answering computer with its own program, so that the second computer would also begin dialing random numbers, in search of yet another computer to program. The program is assumed to spread exponentially through susceptible computers. Sony VAIO VGN-FZ21E Battery <o:p>

The actual term 'virus' was first used in David Gerrold's 1972 novel, When HARLIE Was One. In that novel, a sentient computer named HARLIE writes viral software to retrieve damaging personal information from other computers to blackmail the man who wants to turn him off. Sony VAIO VGN-FZ21J Battery<o:p>

Virus programs<o:p>

The Creeper virus was first detected on ARPANET, the forerunner of the Internet, in the early 1970s.^[10] Creeper was an experimental self-replicating program written by Bob Thomas atBBN Technologies in 1971.^[11] Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system.^[12] Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.^[13] Sony VAIO VGN-FZ21J Battery<o:p>

A program called "Elk Cloner" was the first computer virus to appear "in the wild" — that is, outside the single computer or lab where it was created.^[14] Written in 1981 by Richard Skrenta, it attached itself to the Apple DOS 3.3 operating system and spread via floppy disk.^[14][15] This virus, created as a practical joke when Skrenta was still in high school, was injected in a game on a floppy disk. On its 50th use the Elk Cloner virus would be activated, infecting the computer and displaying a short poem beginning "Elk Cloner: The program with a personality." Sony VAIO VGN-FZ21S Battery<o:p>

The first PC virus in the wild was a boot sector virus dubbed (c)Brain,^[16] created in 1986 by the Farooq Alvi Brothers in Lahore, Pakistan, reportedly to deter piracy of the software they had written.^[17] Sony VAIO VGN-FZ21Z Battery <o:p>

Before computer networks became widespread, most viruses spread on removable media, particularly floppy disks. In the early days of the personal computer, many users regularly exchanged information and programs on floppies. Some viruses spread by infecting programs stored on these disks, while others installed themselves into the disk boot sector, ensuring that they would be run when the user booted the computer from the disk, usually inadvertently. PCs of the era would attempt to boot first from a floppy if one had been left in the drive. Until floppy disks fell out of use, this was the most successful infection strategy and boot sector viruses were the most common in the wild for many years.^[1] Sony VAIO VGN-FZ31E Battery <o:p>

Traditional computer viruses emerged in the 1980s, driven by the spread of personal computers and the resultant increase in BBS, modem use, and software sharing. Bulletin board-driven software sharing contributed directly to the spread of Trojan horse programs, and viruses were written to infect popularly traded software. Shareware and bootleg software were equally common vectors for viruses on BBS'sSony VAIO VGN-FZ31E Battery <o:p>

Macro viruses have become common since the mid-1990s. Most of these viruses are written in the scripting languages for Microsoft programs such as Word and Excel and spread throughout Microsoft Office by infecting documents and spreadsheets. Since Word and Excel were also available for Mac OS, most could also spread to Macintosh computers. Although most of these viruses did not have the ability to send infected e-mail, those viruses which did take advantage of the Microsoft Outlook COM interface. Sony VAIO VGN-FZ31M Battery<o:p>

Some old versions of Microsoft Word allow macros to replicate themselves with additional blank lines. If two macro viruses simultaneously infect a document, the combination of the two, if also self-replicating, can appear as a "mating" of the two and would likely be detected as a virus unique from the "parents".^[18] Sony VAIO VGN-FZ38M Battery <o:p>

A virus may also send a web address link as an instant message to all the contacts on an infected machine. If the recipient, thinking the link is from a friend (a trusted source) follows the link to the website, the virus hosted at the site may be able to infect this new computer and continue propagating. Sony VGP-BPL8A Battery<o:p>

<o:p> 

Viruses that spread using cross-site scripting were first reported in 2002,^[19] and were academically demonstrated in 2005.^[20] There have been multiple instances of the cross-site scripting viruses in the wild, exploiting websites such as MySpace and Yahoo. Sony VGP-BPS8 Battery<o:p>

Infection strategies<o:p>

In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs. If a user attempts to launch an infected program, the virus' code may be executed simultaneously. Viruses can be divided into two types based on their behavior when they are executed. Sony VGP-BPS8B Battery<o:p>

 Nonresident viruses immediately search for other hosts that can be infected, infect those targets, and finally transfer control to the application program they infected. Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into memory on execution and transfers control to the host program. The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system itself. Sony VGP-BPS8A Battery<o:p>

Nonresident viruses<o:p>

Nonresident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file. Sony VAIO VGP-BPS13 Battery<o:p>

Resident viruses contain a replication module that is similar to the one that is employed by nonresident viruses. This module, however, is not called by a finder module. The virus loads the replication module into memory when it is executed instead and ensures that this module is executed each time the operating system is called to perform a certain operation. The replication module can be called, for example, each time the operating system executes a file. In this case the virus infects every suitable program that is executed on the computer. Sony VAIO VGP-BPS13A/B Battery<o:p>

Resident viruses are sometimes subdivided into a category of fast infectors and a category of slow infectors. Fast infectors are designed to infect as many files as possible. A fast infector, for instance, can infect every potential host file that is accessed. This poses a special problem when using anti-virus software, since a virus scanner will access every potential host file on a computer when it performs a system-wide scan. If the virus scanner fails to notice that such a virus is present in memory the virus can "piggy-back" on the virus scanner and in this way infect all files that are scanned. Fast infectors rely on their fast infection rate to spread. Sony VAIO VGP-BPS13B/B Battery<o:p>

The disadvantage of this method is that infecting many files may make detection more likely, because the virus may slow down a computer or perform many suspicious actions that can be noticed by anti-virus software. Slow infectors, on the other hand, are designed to infect hosts infrequently. Some slow infectors, for instance, only infect files when they are copied. Slow infectors are designed to avoid detection by limiting their actions: they are less likely to slow down a computer noticeably and will, at most, infrequently trigger anti-virus software that detects suspicious behavior by programs. The slow infector approach, however, does not seem very successful. Sony VAIO VGP-BPS13A/S Battery<o:p>

Vectors and hosts<o:p>

Viruses have targeted various types of transmission media or hosts. This list is not exhaustive:<o:p>

Binary executable files (such as COM files and EXE files in MS-DOS, Portable Executable files in Microsoft Windows, the Mach-O format in OSX, and ELF files in Linux)<o:p>

Volume Boot Records of floppy disks and hard disk partitionsSony VAIO VGP-BSP13B/S Battery<o:p>

The master boot record (MBR) of a hard disk<o:p>

General-purpose script files (such as batch files in MS-DOS and Microsoft Windows, VBScript files, and shell script files on Unix-like platforms).<o:p>

Application-specific script files (such as Telix-scripts)<o:p>

System specific autorun script files (such as Autorun.inf file needed by Windows to automatically run software stored on USB Memory Storage Devices). Sony VAIO VGP-BSP13B/S Battery<o:p>

Documents that can contain macros (such as Microsoft Word documents, Microsoft Excel spreadsheets, AmiPro documents, and Microsoft Access database files)<o:p>

Cross-site scripting vulnerabilities in web applications (see XSS Worm)<o:p>

Arbitrary computer files. An exploitable buffer overflow, format string, race condition or other exploitable bug in a program which reads the file could be used to trigger the execution of code hidden within it. Most bugs of this type can be made more difficult to exploit in computer architectures with protection features such as an execute disable bit and/or address space layout randomization. Sony VAIO VGP-BSP13B/Q Battery<o:p>

PDFs, like HTML, may link to malicious code. PDFs can also be infected with malicious code.<o:p>

In operating systems that use file extensions to determine program associations (such as Microsoft Windows), the extensions may be hidden from the user by default. This makes it possible to create a file that is of a different type than it appears to the user. For example, an executable may be created named "picture.png.exe", in which the user sees only "picture.png" and therefore assumes that this file is an image and most likely is safe, yet when opened runs the executable on the client machine. Sony VAIO VGP-BSP13B/Q Battery<o:p>

An additional method is to generate the virus code from parts of existing operating system files by using the CRC16/CRC32 data. The initial code can be quite small (tens of bytes) and unpack a fairly large virus. This is analogous to a biological "prion" in the way it works but is vulnerable to signature based detection. This attack has not yet been seen "in the wild".Sony VAIO VGP-BPS21 Battery<o:p>

Methods to avoid detection<o:p>

In order to avoid detection by users, some viruses employ different kinds of deception. Some old viruses, especially on the MS-DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. This approach does not fool anti-virus software, however, especially those which maintain and date Cyclic redundancy checks on file changes. Sony VAIO VGP-BPS21A Battery<o:p>

Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this by overwriting unused areas of executable files. These are called cavity viruses. For example, the CIH virus, or Chernobyl Virus, infects Portable Executable files. Because those files have many empty gaps, the virus, which was 1 KB in length, did not add to the size of the file.<o:p>

Some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them. Sony VAIO VGP-BPS21B Battery<o:p>

As computers and operating systems grow larger and more complex, old hiding techniques need to be updated or replaced. Defending a computer against viruses may demand that a file system migrate towards detailed and explicit permission for every kind of file access. Sony VAIO VGP-BPS21A/B Battery<o:p>

Avoiding bait files and other undesirable hosts<o:p>

A virus needs to infect hosts in order to spread further. In some cases, it might be a bad idea to infect a host program. For example, many anti-virus programs perform an integrity check of their own code. Infecting such programs will therefore increase the likelihood that the virus is detected. For this reason, some viruses are programmed not to infect programs that are known to be part of anti-virus software. Another type of host that viruses sometimes avoid are bait files. Bait files (or goat files) are files that are specially created by anti-virus software, or by anti-virus professionals themselves, to be infected by a virus. These files can be created for various reasons, all of which are related to the detection of the virus: Sony VAIO VGP-BPS21/S Battery<o:p>

Anti-virus professionals can use bait files to take a sample of a virus (i.e. a copy of a program file that is infected by the virus). It is more practical to store and exchange a small, infected bait file, than to exchange a large application program that has been infected by the virus. Sony VAIO VGP-BPS9/B Battery<o:p>

Anti-virus professionals can use bait files to study the behavior of a virus and evaluate detection methods. This is especially useful when the virus is polymorphic. In this case, the virus can be made to infect a large number of bait files. The infected files can be used to test whether a virus scanner detects all versions of the virus. Sony VAIO VGP-BPS9/B Battery<o:p>

Some anti-virus software employs bait files that are accessed regularly. When these files are modified, the anti-virus software warns the user that a virus is probably active on the system.<o:p>

Since bait files are used to detect the virus, or to make detection possible, a virus can benefit from not infecting them. Viruses typically do this by avoiding suspicious programs, such as small program files or programs that contain certain patterns of 'garbage instructions'.<o:p>

A related strategy to make baiting difficult is sparse infection. Sometimes, sparse infectors do not infect a host file that would be a suitable candidate for infection in other circumstances. For example, a virus can decide on a random basis whether to infect a file or not, or a virus can only infect host files on particular days of the week. Sony VAIO VGP-BPS9/B Battery<o:p>

Stealth<o:p>

Some viruses try to trick antivirus software by intercepting its requests to the operating system. A virus can hide itself by intercepting the antivirus software’s request to read the file and passing the request to the virus, instead of the OS. The virus can then return an uninfected version of the file to the antivirus software, so that it seems that the file is "clean". Modern antivirus software employs various techniques to counter stealth mechanisms of viruses. The only completely reliable method to avoid stealth is to boot from a medium that is known to be clean. Sony VAIO VGP-BPS9A Battery<o:p>

Self-modification<o:p>

Most modern antivirus programs try to find virus-patterns inside ordinary programs by scanning them for so-called virus signatures. A signature is a characteristic byte-pattern that is part of a certain virus or family of viruses. If a virus scanner finds such a pattern in a file, it notifies the user that the file is infected. The user can then delete, or (in some cases) "clean" or "heal" the infected file. Some viruses employ techniques that make detection by means of signatures difficult but probably not impossible. These viruses modify their code on each infection. That is, each infected file contains a different variant of the virus. Sony VAIO VGP-BPL9 Battery <o:p>

Encryption with a variable key<o:p>

A more advanced method is the use of simple encryption to encipher the virus. In this case, the virus consists of a small decrypting module and an encrypted copy of the virus code. If the virus is encrypted with a different key for each infected file, the only part of the virus that remains constant is the decrypting module, which would (for example) be appended to the end. In this case, a virus scanner cannot directly detect the virus using signatures, but it can still detect the decrypting module, which still makes indirect detection of the virus possible. Since these would be symmetric keys, stored on the infected host, it is in fact entirely possible to decrypt the final virus, but this is probably not required, since self-modifying code is such a rarity that it may be reason for virus scanners to at least flag the file as suspicious. Sony VAIO VGN-NR11M/S Battery<o:p>

An old, but compact, encryption involves XORing each byte in a virus with a constant, so that the exclusive-or operation had only to be repeated for decryption. It is suspicious for a code to modify itself, so the code to do the encryption/decryption may be part of the signature in many virus definitions. Sony VAIO VGN-NR11S/S Battery<o:p>

Polymorphic code<o:p>

Polymorphic code was the first technique that posed a serious threat to virus scanners. Just like regular encrypted viruses, a polymorphic virus infects files with an encrypted copy of itself, which is decoded by a decryption module. In the case of polymorphic viruses, however, this decryption module is also modified on each infection. A well-written polymorphic virus therefore has no parts which remain identical between infections, making it very difficult to detect directly using signatures. Antivirus software can detect it by decrypting the viruses using an emulator, or by statistical pattern analysis of the encrypted virus body. Sony VAIO VGN-NR11Z/S Battery<o:p>

To enable polymorphic code, the virus has to have a polymorphic engine (also called mutating engine or mutation engine) somewhere in its encrypted body. See Polymorphic code for technical detail on how such engines operate.^[21] Sony VAIO VGN-NR11Z/T Battery<o:p>

Some viruses employ polymorphic code in a way that constrains the mutation rate of the virus significantly. For example, a virus can be programmed to mutate only slightly over time, or it can be programmed to refrain from mutating when it infects a file on a computer that already contains copies of the virus. The advantage of using such slow polymorphic code is that it makes it more difficult for antivirus professionals to obtain representative samples of the virus, because bait files that are infected in one run will typically contain identical or similar samples of the virus. This will make it more likely that the detection by the virus scanner will be unreliable, and that some instances of the virus may be able to avoid detection. Sony VAIO VGN-FW21E  Battery<o:p>

Metamorphic code<o:p>

To avoid being detected by emulation, some viruses rewrite themselves completely each time they are to infect new executables. Viruses that utilize this technique are said to bemetamorphic. To enable metamorphism, a metamorphic engine is needed. A metamorphic virus is usually very large and complex. For example, W32/Simile consisted of over 14000 lines of Assembly language code, 90% of which is part of the metamorphic engine.^[22][23] Sony VAIO VGN-FW21M Battery<o:p>

Vulnerability and countermeasures<o:p>

The vulnerability of operating systems to viruses<o:p>

Just as genetic diversity in a population decreases the chance of a single disease wiping out a population, the diversity of software systems on a network similarly limits the destructive potential of viruses. This became a particular concern in the 1990s, when Microsoft gained market dominance in desktop operating systems and office suites. The users of Microsoft software (especially networking software such as Microsoft Outlook and Internet Explorer) are especially vulnerable to the spread of viruses. Microsoft software is targeted by virus writers due to their desktop dominance, and is often criticized for including many errors and holes for virus writers to exploit. Sony VAIO VGN-FW21I Battery<o:p>

Integrated and non-integrated Microsoft applications (such asMicrosoft Office) and applications with scripting languages with access to the file system (for example Visual Basic Script (VBS), and applications with networking features) are also particularly vulnerable. Sony VAIO VGN-FW21I Battery<o:p>

Although Windows is by far the most popular target operating system for virus writers, viruses also exist on other platforms. Any operating system that allows third-party programs to run can theoretically run viruses. Some operating systems are more secure than others. Unix-based operating systems (and NTFS-aware applications on Windows NT based platforms) only allow their users to run executables within their own protected memory space. Sony VAIO VGN-FW31M Battery  <o:p>

An Internet based experiment revealed that there were cases when people willingly pressed a particular button to download a virus. Security analyst Didier Stevens ran a half year advertising campaign on Google AdWords which said "Is your PC virus-free? Get it infected here!". The result was 409 clicks.^[24][25] Sony VAIO VGN-FW31E Battery<o:p>

As of 2006, there are relatively few security exploits targeting Mac OS X (with a Unix-based file system and kernel).^[26] The number of viruses for the older Apple operating systems, known as Mac OS Classic, varies greatly from source to source, with Apple stating that there are only four known viruses, and independent sources stating there are as many as 63 viruses. Many Mac OS Classic viruses targeted the HyperCard authoring environment. The difference in virus vulnerability between Macs and Windows is a chief selling point, one thatApple uses in their Get a Mac advertising.^[27] In January 2009, Symantec announced the discovery of a trojan that targets Macs.^[28] This discovery did not gain much coverage until April 2009.^[28] Sony VAIO VGN-FW31J Battery<o:p>

While Linux, and Unix in general, has always natively blocked normal users from having access to make changes to the operating system environment, Windows users are generally not. This difference has continued partly due to the widespread use of administrator accounts in contemporary versions like XP. In 1997, when a virus for Linux was released – known as "Bliss" – leading antivirus vendors issued warnings that Unix-like systems could fall prey to viruses just like Windows.^[29] The Bliss virus may be considered characteristic of viruses – as opposed to worms – on Unix systems. Bliss requires that the user run it explicitly, and it can only infect programs that the user has the access to modify. Unlike Windows users, most Unix users do not log in as an administrator user except to install or configure software; as a result, even if a user ran the virus, it could not harm their operating system. The Bliss virus never became widespread, and remains chiefly a research curiosity. Its creator later posted the source code to Usenet, allowing researchers to see how it worked.^[30] Sony VAIO VGN-FW31J Battery<o:p>

The role of software development<o:p>

Because software is often designed with security features to prevent unauthorized use of system resources, many viruses must exploit software bugs in a system or application to spread. Software development strategies that produce large numbers of bugs will generally also produce potential exploits. Sony VAIO VGN-FW31M Battery<o:p>

Anti-virus software and other preventive measures<o:p>

Many users install anti-virus software that can detect and eliminate known viruses after the computer downloads or runs the executable. There are two common methods that an anti-virus software application uses to detect viruses. The first, and by far the most common method of virus detection is using a list of virus signature definitions. This works by examining the content of the computer's memory (its RAM, and boot sectors) and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a databaseof known virus "signatures". Sony VGN-FW31ZJ battery<o:p>

The disadvantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update. The second method is to use a heuristic algorithm to find viruses based on common behaviors. This method has the ability to detect novel viruses that anti-virus security firms have yet to create a signature for. Sony VGN-FW32J battery<o:p>

Some anti-virus programs are able to scan opened files in addition to sent and received e-mails "on the fly" in a similar manner. This practice is known as "on-access scanning". Anti-virus software does not change the underlying capability of host software to transmit viruses. Users must update their software regularly to patch security holes. Anti-virus software also needs to be regularly updated in order to recognize the latest threats. Sony VGN-FW37J battery<o:p>

One may also minimize the damage done by viruses by making regular backups of data (and the operating systems) on different media, that are either kept unconnected to the system (most of the time), read-only or not accessible for other reasons, such as using different file systems. This way, if data is lost through a virus, one can start again using the backup (which should preferably be recent). Sony VGN-FW41M/H battery<o:p>

If a backup session on optical media like CD and DVD is closed, it becomes read-only and can no longer be affected by a virus (so long as a virus or infected file was not copied onto the CD/DVD). Likewise, an operating system on a bootable CD can be used to start the computer if the installed operating systems become unusable. Backups on removable media must be carefully inspected before restoration. The Gammima virus, for example, propagates via removable flash drives.^[31][32] Sony VGN-FW52JB battery<o:p>

Recovery methods<o:p>

Once a computer has been compromised by a virus, it is usually unsafe to continue using the same computer without completely reinstalling the operating system. However, there are a number of recovery options that exist after a computer has a virus. These actions depend on severity of the type of virus. Sony VGN-FW72JGB battery<o:p>

Virus removal<o:p>

One possibility on Windows Me, Windows XP, Windows Vista and Windows 7 is a tool known as System Restore, which restores the registry and critical system files to a previous checkpoint. Often a virus will cause a system to hang, and a subsequent hard reboot will render a system restore point from the same day corrupt. Restore points from previous days should work provided the virus is not designed to corrupt the restore files or also exists in previous restore points.^[33] Some viruses, however, disable System Restore and other important tools such as Task Manager and Command Prompt. An example of a virus that does this is CiaDoor. However, many such viruses can be removed by rebooting the computer, entering Windows safe mode, and then using system tools. Sony VGN-FW72JGB battery<o:p>

Administrators have the option to disable such tools from limited users for various reasons (for example, to reduce potential damage from and the spread of viruses). A virus can modify the registry to do the same even if the Administrator is controlling the computer; it blocks all users including the administrator from accessing the tools. The message "Task Manager has been disabled by your administrator" may be displayed, even to the administratorSony VAIO VGN-FZ31B Battery<o:p>

Users running a Microsoft operating system can access Microsoft's website to run a free scan, provided they have their 20-digit registration number. Many websites run by anti-virus software companies provide free online virus scanning, with limited cleaning facilities (the purpose of the sites is to sell anti-virus products). Some websites allow a single suspicious file to be checked by many antivirus programs in one operation. Sony VAIO VGN-FZ31E Battery<o:p>

Operating system reinstallation<o:p>

Reinstalling the operating system is another approach to virus removal. It involves either reformatting the computer's hard drive and installing the OS and all programs from original media, or restoring the entire partition with a clean backup image. User data can be restored by booting from a Live CD, or putting the hard drive into another computer and booting from its operating system with great care not to infect the second computer by executing any infected programs on the original drive; and once the system has been restored precautions must be taken to avoid reinfection from a restored executable file. Sony VAIO VGN-FZ31J Battery<o:p>

These methods are simple to do, may be faster than disinfecting a computer, and are guaranteed to remove any malware. If the operating system and programs must be reinstalled from scratch, the time and effort to reinstall, reconfigure, and restore user preferences must be taken into account. Restoring from an image is much faster, totally safe, and restores the exact configuration to the state it was in when the image was made, with no further trouble. Sony VAIO VGN-FZ31M Battery<o:p>

<o:p>