Air-gapped: | keeping a computer or network physically isolated from any outside system. Harder than it seems in the era of miniaturisation, as any nearby electronic device can try to connect to the supposedly air-gapped computer. |
APT: | advanced persistent threat the kind of targeted and sophisticated cyber-attack launched by a nation-states intelligence agency against its opponents or rivals. |
Attack surface: | the points at which a malefactor can gain access to a target, for example if its computer or network is connected to the internet. |
Bitcoin: | a kind of crypto-currency or digital money, based on solving ever-more complicated sums, which can be used to make untraceable payments over the internet. |
Botnet: | a remotely controlled network of computers, whose owners are unaware anything is amiss. |
Browser: | the program used on most computers to visit websites on the internet. |
Captcha: | a simple test to tell humans and machines apart involving retyping a selection of distorted letters. Easy for people, hard for computers. |
Chips: | the microprocessors which are at the heart of any electronic device. If you imagine the data flowing like trains over a railway network, the microprocessors are the junctions. |
Cloud: | a big network of computers run by someone else useful for storage, until something goes wrong. |
Cryptography: | the branch of mathematics dealing with encryption. This typically involves the unique properties of prime numbers. Multiplying them is easy but the reverse process is hard. |
Cyber: | a prefix used to indicate a loose connection with computers and networks, as in cyber-warfare, cyber-guru, cyber-hype, cyber-nonsense. |
Data: | the information stored and processed by computers and networks. If the computer is the railway, the data are the trains that run on it. |
DDoS attack: | swamping a computer such as a server which runs a website so that legitimate users cannot get through to it. |
Download: | data or a program copied on to a computer from a network. |
Drive-by attack: | a way of infecting computers through the browsing habits of their users. |
Floppy disks: | old-fashioned portable storage devices a floppy disk of electromagnetic material in a plastic casing. |
Hard disks: | the way most computers store memory, on a rapidly rotating disk inside a rigid casing. |
HTTPS: | Hypertext Transfer Protocol Secure a way for a computer to communicate securely with a website. Usually indicated by the presence of a padlock next to the address. |
Hardware: | the chips, devices and circuitry which constitute a computer. Roughly equivalent to the tracks, stations and points in a railway system. |
Heartbleed: | an error in the software which allows secure SSL connections to be set up. |
IP address: | the label which provides an address, a name and a route for any computer or device connecting with the internet. |
Key-logger: | malware which records every keystroke made on the infected computer. Useful for stealing passwords. |
Links: | the directions to a page on the internet, such as http://www.edwardlucas.com/contact. These can be shortened using a link shortener, such as t.co or is.gd, so they become shorter and more memorable, like this: is.gd/elucas |
Malware: | programs used in attacks on computers and networks. |
Malvertising: | advertisements designed to infect a visiting computers with malware. |
Open-source: | software usually written and maintained by volunteers, with limited or no copyright. |
P2P: | Peer-to-peer a decentralised arrangement where users, not a central body, store data, take risk or provide processing power. Used to evade copyright restrictions in sharing files, in Skype messaging and in finance (Zopa, Lending Club, Bondora). |
Patch: | a repair to a flawed program (or hardware) which users can download in order to protect themselves from attack. Can be installed and downloaded automatically. |
Phishing: | sending e-mails with links or attachments which will infect the victims computer if opened. |
Secure Socket Layer (SSL): | a widely used way for computers to communicate securely by creating, in effect, an encrypted tunnel between them. |
Shellshock: | a mistake in the Bash shell a widely used piece of open-source software which allows outsiders to give instructions to a computers operating system. |
Ransomware: | malware which locks files on a computer unless a ransom is paid. |
Remote desktop software: | legitimately used by technicians fixing problems on a clients computer, this is a boon for thieves. It allows one computer user to see what is happening on the screen of another, and to take control of the machine. |
Rogueware: | malware masquerading as legitimate software. |
Root-kit: | stealthy malware which conceals its existence from anti-virus and other programs that might detect it. |
Rubber hose attack: | using physical force to extract password information. |
Scareware: | malware (q.v.) which pretends to be security software. |
Server: | a computer which runs a database, website or other resource and responds to requests from clients. |
Social engineering: | the use of human skills such as flattery, appeals for help, impersonation and intimidation to gain access to a computer or network. |
Software: | the sets of rules which govern how a computer works. Has the same relationship to hardware as a railway timetable does to the trains and track. |
SQL attack: | a way of infecting a computer through a website which it manages. |
Terabyte: | Storage on computers is measured in bytes. A byte is eight bits of information in effect 1s or 0s. A kilobyte is a thousand bytes, a megabyte a million, a gigabyte an (American) billion and a terabyte a trillion. It would take 50,000 trees to make enough paper to print out one terabyte. The same amount of data would fit on 150 DVDs. |
Tor: | a browser and network which conceal the identity of the user by bouncing the information around many different computers. Often used for those seeking anonymity from government agencies. |
Two-factor authentication: | a system which requires the user not just to type in a password, but also to provide some other information, such as a code sent to a mobile phone, or generated by some other device. |