What Security Professionals Can Learn From The 5-Year Old Xbox Hacker

Sometimes news of poor security hits and it sends the whole web-o-sphere into panic. Heartbleed was an example of one such story. Other times, one can't help but to get a laugh out of weak security. A story that hit last week worth a laugh involved an Xbox account being hacked not by a teenager with a lot of time on his hands, not by a world class hacker or cyber criminals, but by a five year old kid who wanted to play some games he didn't have access to.

Shortly after Christmas last year, the child's parents caught him playing games on the Xbox that he shouldn't have been able to play, having somehow hacked his father's account to buy any game he pleased.

When asked how he broke into the account, the method used turned out to be... well, kind of ridiculous. He had tried guessing a password to his father's account. When that didn't work, he was taken to a password verification screen where... he hit the space-bar a bunch of times and logged in.

Interestingly, Microsoft actually offers a $10,000 bounty to hackers who can crack their system. Given that this seems to have been more of a fluke than a targeted hack, the family didn't get to reap the rewards, but it's kind of funny that educated, technical-minded hackers looking for backdoors and weak points have nothing on a little kid who really wants to play Minecraft.

Microsoft has fixed the hack, so don't bother trying to score some free games. In the future, a few tips that security professionals might want to keep in mind:

• Don't Just Rely on Professionals

A professional coder is thinking from a professional perspective. They're not looking for dumb hacks that any five year old kid could employ, they're looking for, well, a challenge. When you put a $10,000 bounty on finding security flaws, hackers are looking for a ten thousand dollar hack.

• Keep a Five Year Old on the Payroll

Child labor laws probably won't allow this, but rewarding children and casual gamers who can hack the system with free games or whatever prizes are appropriate to your website or gaming service wouldn't be a bad idea. You never know who's going to discover your weak points, so extending bounties to anyone who can find them can help to bring these weaknesses to light in the future.

• Double Verification Can be Annoying, but Necessary

We might not like typing our credit card number in for every single purchase, but adding an extra security wall after login, at least where money is involved, can help to prevent unauthorized payments, so that even if someone can hack your Xbox Live or Steam account, they won't necessarily be able to make purchases in your name.

"Sometimes security science may seem like it's more, well, art than science," said Jason Hope, tech expert (https://medium.com/@jasonhope) "but with a rigorous approach to developing and testing systems for passwords, verification and online signatures, it's not impossible to build a rock-solid security setup." The five year old hacker doesn't get to keep all the games he bought, but if he keeps at it, he may one day land a job as a professional White Hat hacker. Companies like Sony and Facebook are known to hire professional hackers on a part time and full time basis in order to explore their security systems' flaws and offer tips to improve their verification processes.

Fortunately, it doesn't seem as if the hack has been discovered prior to now, as nobody seems to be coming forward with stories of having their accounts hijacked with the spacebar hack. Most of all, the whole affair has just been a little embarrassing for Microsoft, who generally has a better track record than this when it comes to online security.

In the aftermath of this, it's easy to imagine hundreds of gamers trying similar hacks on the PlayStation Network, Steam and Xbox Live in hopes of scoring a bounty, or at least a few games.

Read more

Microsoft's year of change

On Feb 04, 2014, Satya Nadella was appointed as the new CEO of Microsoft, changing the future direction of Microsoft. The organization had to change, the technology industry itself changes everyday, technology is upgrade, reinvented or simply created from scratch. If an organisation is to thrive in the field of technology, it must adapt and most importantly, it must innovate staying constantly ahead of all it's competitors.

Microsoft's past success has been built on that ability to innovate. For 30 years they have led the creation of new technology, creating products that met consumer demand. Their technology facilitated better business, a trait that has seen them corner the enterprise technology market. That innovation is core to Nadella's appointment and is crucial for Microsoft as the company enters the next chapter in product innovation and growth. The forseeable future of technology will be cloud led, putting Microsoft in a strong position. Nadella was ultimately responsible for the companies strategic and technical shift to cloud, overseeing the development of one of the worlds largest cloud infrastructures, Windows Azure.

The future for Microsoft looks exciting, if not yet certain, but before we dream of flying DeLoreans and robot butlers, lets take a closer look at that past history that has taken Microsoft to where they stand today. Using the follow infographic developed by Firebrand Training, let us go on a whistle-stop tour looking at the history of Microsoft Technology. Take a look at the first desktop operating system, discover email management products you didn't know existed, and puzzle at what exactly a relation database management product is.

This article was written by Edward Jones, Technical Writer for Firebrand Training. Edward is tasked with servicing the information needs of the technology industry, and spends his days writing how-to guides, news and opinion articles.

Read more

A Complete Guide To Microsoft's Enterprise Technology in 2014

Technology giant Microsoft has been dominating the enterprise technology market, for a long as there has been one. From humble beginnings to their 2013 Annual Report, announcing revenues of $77 billion, Microsoft have lead the way for innovation in creating market leading enterprise technology.

If you haven’t already, you should take a look at ‘Microsoft by the Numbers’ where you will find an exciting collection of visual statistics about their portfolio of products and services. Here’s some exciting figures to whet the appetite:

• Xbox live has more than 48 million members in 41 countries
• Microsoft contains 16 businesses that turn over more than $1 billion  
• The Windows Store has seen more than 250 million app downloads since its launch

But it doesn’t stop there, if you take a close look at Microsoft’s enterprise technology market, that’s where the magic lies. So as we head into 2014, let’s take a look at the extensive portfolio of exciting products developed by Microsoft in its thirty year history. From server and email management, right through to CRM systems and enterprise social networks, Microsoft has the market cornered. Before we dive into the infographic below, let’s take a look at some of the headline figures:

• Microsoft Exchange Server and Office 365 account for roughly 51% of the world’s mailboxes in the business email market.
• Windows 8 has sold more than 100 million licences sold.
• Windows Server is the world’s most popular operating system holding 73% of market share as of Q4 2012.
• More than a billion people use Microsoft Office worldwide, that’s a almost a sixth of the world’s population.

Edward Jones works for Firebrand Training, where he is responsible for Community Engagement and Technical Writing. Edward has been in the IT Industry for 3 years and has experience with SharePoint, Windows Server and Exhcnage Server.

Read more

10 Misconceptions of Microsoft SharePoint

Microsoft SharePoint has been around since 2001 and is currently being used by almost 80 percent of Fortune 500 companies, but there are still a lot of misconceptions going around about how it works. It's time to clear those up. In the following infographic which can also be found here, are 10 misconceptions about SharePoint and the truth behind them.

1. "SharePoint doesn't run on Macs and iPads." Actually it works just fine with Office for Macs. Alternatively, with Office Web Apps, you can use your iPad browser to view and edit documents with no extra installations.
2. "SharePoint should be managed by IT." While, yes, IT should monitor SharePoint, it is made to be managed by the business and driven by the users. It's not just a tool for techies.
3. "SharePoint is easy, just install it and see the benefits." While it's not difficult to learn to use it, you and your team will need a plan and training to get the most out of it.
4. "SharePoint is only a glorified file store." That is a part of what SharePoint has to offer, but it does more than just store and manage files. Investigate further to see what else you can do with it.
5. "SharePoint is for collaboration, not for running critical LOB systems." You can absolutely integrate your LOB systems on SharePoint's network. It even has the architecture to allow you to host third-party applications.
6. "It always looks like SharePoint." If you're worried about getting stuck with an unoriginal design, don't be. SharePoint 2013 makes it even easier to incorporate your corporate style into different-looking websites. Many websites use SharePoint and you can't even tell just by looking at it.
7. "Our IT department can install it." Your IT department could handle the default installation, but for a full scale deployment, you'll want a team of experts to figure out the best method.
8. "SharePoint shouldn't need custom development." There is a lot of functionality built right into SharePoint, but you'll want to add small custom developments to bring out the biggest benefits.
9. "Everyone's using it so we should." Don't just jump on the bandwagon before determining if it's right for your team. Sometimes specialist products are actually the best option to save money long-term.
10. "SharePoint is a one-off project." It may start out as a project, but it's intended to be used consistently with your business, growing and adapting along with your business needs. The more you keep working with it, the more you find it really pays off.
With a clearer understanding of SharePoint and its benefits, you can now use it more confidently and efficiently. If you hear any of these misconceptions being shared as truth, you now also have the knowledge to correct them.

Brought to you by Evokeit.com.

Read more