With stiff penalties for being caught and the whiff of secretive underground or even nefarious acts, computer hacking can be seen as a somewhat dubious pursuit. Not all hackers operate with the motive of emptying your Paypal account, however; there are many hackers who utilize their skills to aid companies in locating security flaws ("penetration testing") or engage in hacking with the goal of becoming cyber-freedom-fighters that champion simple human freedoms, such as the right to free speech.

Computer hacking is as much an art as it is a skill. At its simplest distillation, hacking is the systematic search for chinks in programming armor. While advanced problem-solving, intuition and sophisticated understanding of programming languages are a distinct advantage, there does exist a number of push-button programs that computing wizards have written allowing those less sophisticated in the art of hacking to break into remote computers in a variety of ways. Because of this new ubiquity, today's hackers no longer need to be a programming Wunderkind; they simply need to know where to download software and be able to turn on a computer. It really is that simple and the implications can be disturbing.

Phishing, Push-Button Programs and Brute Force Tactics

There's no need to crack a company's firewall if you have direct physical access to their computers. One aspect of hacking is the impersonation of an employee or service worker with the goal of gaining access to a company's database, where the hacker can then unleash whatever havoc he or she has planned into the system. Another is to engage in simple phishing techniques, such as impersonating an employee who forgot their password and needs help logging into the system.

Because such impersonations often fail thanks to companies becoming more security-conscious, taking over operations of a computer remotely is often the preferred method of gaining access. Such attempts can be facilitated in a variety of ways. One is the brute-force method, in which a program such as SQLmap, Nmap or Burpsuite is used; running one of these programs is analogous to trying every doorknob in a neighborhood to see which house is unlocked. Using a variety of different parameters, these programs can find access to a vulnerable computer or network in less than a minute.

Hackers can also attempt to gain access with a program like Metasploit. With literally a few clicks of a mouse, access to a remote and vulnerable computer can be achieved by a relative newbie. With a related hacking aid, called Meterpreter, a backdoor is created that allows access into an operating system. It does not install itself onto the remote computer, running instead using the computer's memory; in fact, Meterpreter can hide itself inside the operations of a perfectly valid program, so it cannot be detected even by sophisticated programmers. Once engaged, it allows a remote user carte blanche access to the system in question.

Where to Learn the Art of Hacking

Of course, for those who wish to learn the actual skills rather than download someone else's hack, there are a number of practice sites that pose an increasingly difficult set of challenges intended to train neophytes in the art of hacking. For example, Hack This Site starts beginners with the goal of cracking simple flaws in coding scripts or software such as HTML, Unix, Javascript and Apache. Their structured series of tests increase in complexity, incorporating real-word scenarios and even old-fashioned "phone phreaking" challenges that recall the bygone golden age of hacking skills displayed by Matthew Broderick in "WarGames."

Using just these simple tools and free practice sites, beginners have a powerful array of hacking resources just a simple mouse click away.

A project manager acts as the primary link between business and technical teams. A project manager is responsible for maintaining the project schedule, developing project estimates, working with external teams and tracking project issues. The project manager belongs to either the technical team or the project management office (PMO). The project manager works with business teams, technical teams, business counterparts, testing resources, vendors and infrastructure teams.

A project manager is often challenged with diagonally opposite views from the business side and technical side. A project manager’s success depends on balancing the needs and emotions of both sides.

Understanding the Requirements
A project manager must familiarize with the project’s requirements as defined by the business or product managers. This will help you understand the business vision behind the project. You will need this knowledge while negotiating with the technical teams.

Understanding the Technical Landscape
A project manager must also understand the technical systems, resource skills and infrastructure capabilities available for the project. Business teams come up with expectations that are sometimes beyond the capabilities of the technology team. It is the responsibility of the project manager to understand the technical capabilities available to the project.

Walkthrough of Business Requirements
This is a critical step in the project delivery process. The project manager must invite members from the business team, technical team, testing team, infrastructure team and vendors. The project manager must encourage the various stakeholders to ask questions about the requirements. Any prototypes available must be demonstrated in this meeting. The project manager must find answers to all questions resulting from the requirements walkthrough. The project manager must get the final version of the requirements approved by all stakeholders.

Managing Conflicts in Timelines and Budgets
All project managers will face the conflicts arising from shortened timelines and limited budgets. Business teams typically demand many features that are nearly impossible to deliver within short timeframes. The project manager must work with business and technical teams to prioritize the requirements. If the project is executed in a product development organization, then the project manager could utilize agile methodologies to deliver projects incrementally. In this case, the project manager may be required to act as a scrum master to facilitate scrum meetings between various stakeholders.

The Art of Saying “No”
As a project manager, you may be forced to say “no” to demands from both business and technology teams. However, it is important to create a win-win situation for all parties when you are faced with conflicting demands. You can work with the stakeholders individually before bringing all parties together. Most stakeholders prefer to work together. The success of a project manager depends on how effectively he or she can bring out the best in everyone, driving everyone towards a common goal.

Finally, the job of a project manager is not to satisfy the demands from all corners. The project manager must identify the essential deliverables that will meet the business needs, with a solid understanding of what is possible within the limits of technology.

Related:

Smart Project Management: Best Practices of Good Managers

Is Agism an Issue in IT?

As much as we love to assume free Wi-Fi is secure, this is far from the truth. Because you are attaching to a service many others are connected to as well, without security measures, your device can be hacked, especially if the network is unencrypted. Because this encryption involves handing out a 26-character hexadecimal key to every individual wanting to use that network, most places opt for ease of access over security. And even with a secure network, your information is vulnerable to everyone else who has the password and is on the network.

This may not seem like such a big deal and many people don’t believe they have anything to hide on their personal devices, but remember what you use on those devices. Chances are your e-mail is attached as well as all other social media sites. You may have apps that track your finances or private messages to certain others that you would never want anyone else to see. Luckily, there are steps that can be taken to reduce and prevent any unwanted information grabbers from accessing your personal information.

To start, go through your computer’s settings in order to verify your operating system’s security functions are all set to offer the highest protection. Open up the Control Panel and double check that your Firewall is enabled for both private and public networks. Then, go to Network and Sharing to open Change advanced sharing settings. In here, you can turn off file and printer sharing and network discovery for public networks.

One of the most important things to watch for is HTTPS. Hypertext Transfer Protocol Secure ensures secure communication across the web. Many of the major email systems use this when you log in (as another layer of password protection) but drop the security as soon as the login is complete. To keep this going, HTTPS Everywhere is a browser extension that gives you a secure connection when browsing some of the more popular sites. It can also be programmed for other sites you like to visit that don’t use HTTPS.

Not every place on the internet provides the choice of HTTPS, and VPNs are there to fill in the security gap. Virtual Private Networks allows data to be sent and received through public access points as if it were directly connected to a secure network. Many businesses offer this for company devices, but if you are an individual looking for that kind of security, ProXPN is a free version that can be upgraded. Unfortunately, it limits your speed, but other choices include VPNBook, OpenVPN Shield Exchange, and OkayFreedom.

With these three steps implemented, secure public Wi-Fi can be achieved. No longer will you have to worry about connecting in an unsure environment with strangers, never knowing if your information is being stolen. With all of the options free of charge, it is also an affordable means of protecting yourself that only takes a little time and effort to implement and guarantee safety.

In Demand IT Skills

Password Management Tools

Net Neutrality for the Layperson

What are a few unique pieces of career advice that nobody ever mentions?

The original article was posted by Michael Veksler on Quora

A very well known fact is that code is written once, but it is read many times. This means that a good developer, in any language, writes understandable code. Writing understandable code is not always easy, and takes practice. The difficult part, is that you read what you have just written and it makes perfect sense to you, but a year later you curse the idiot who wrote that code, without realizing it was you.

The best way to learn how to write readable code, is to collaborate with others. Other people will spot badly written code, faster than the author. There are plenty of open source projects, which you can start working on and learn from more experienced programmers.

Readability is a tricky thing, and involves several aspects:

1. Never surprise the reader of your code, even if it will be you a year from now. For example, don’t call a function max() when sometimes it returns the minimum().
2. Be consistent, and use the same conventions throughout your code. Not only the same naming conventions, and the same indentation, but also the same semantics. If, for example, most of your functions return a negative value for failure and a positive for success, then avoid writing functions that return false on failure.
3. Write short functions, so that they fit your screen. I hate strict rules, since there are always exceptions, but from my experience you can almost always write functions short enough to fit your screen. Throughout my carrier I had only a few cases when writing short function was either impossible, or resulted in much worse code.
4. Use descriptive names, unless this is one of those standard names, such as i or it in a loop. Don’t make the name too long, on one hand, but don’t make it cryptic on the other.
5. Define function names by what they do, not by what they are used for or how they are implemented. If you name functions by what they do, then code will be much more readable, and much more reusable.
6. Avoid global state as much as you can. Global variables, and sometimes attributes in an object, are difficult to reason about. It is difficult to understand why such global state changes, when it does, and requires a lot of debugging.
7. As Donald Knuth wrote in one of his papers: “Early optimization is the root of all evil”. Meaning, write for readability first, optimize later.
8. The opposite of the previous rule: if you have an alternative which has similar readability, but lower complexity, use it. Also, if you have a polynomial alternative to your exponential algorithm (when N > 10), you should use that.

Use standard library whenever it makes your code shorter; don’t implement everything yourself. External libraries are more problematic, and are both good and bad. With external libraries, such as boost, you can save a lot of work. You should really learn boost, with the added benefit that the c++ standard gets more and more form boost. The negative with boost is that it changes over time, and code that works today may break tomorrow. Also, if you try to combine a third-party library, which uses a specific version of boost, it may break with your current version of boost. This does not happen often, but it may.

Don’t blindly use C++ standard library without understanding what it does - learn it. You look at std::vector::push_back() documentation at it tells you that its complexity is O(1), amortized. What does that mean? How does it work? What are benefits and what are the costs? Same with std::map, and with std::unordered_map. Knowing the difference between these two maps, you’d know when to use each one of them.

Never call new or delete directly, use std::make_unique and [cost c++]std::make_shared[/code] instead. Try to implement usique_ptr, shared_ptr, weak_ptr yourself, in order to understand what they actually do. People do dumb things with these types, since they don’t understand what these pointers are.

Every time you look at a new class or function, in boost or in std, ask yourself “why is it done this way and not another?”. It will help you understand trade-offs in software development, and will help you use the right tool for your job. Don’t be afraid to peek into the source of boost and the std, and try to understand how it works. It will not be easy, at first, but you will learn a lot.

Know what complexity is, and how to calculate it. Avoid exponential and cubic complexity, unless you know your N is very low, and will always stay low.

Learn data-structures and algorithms, and know them. Many people think that it is simply a wasted time, since all data-structures are implemented in standard libraries, but this is not as simple as that. By understanding data-structures, you’d find it easier to pick the right library. Also, believe it or now, after 25 years since I learned data-structures, I still use this knowledge. Half a year ago I had to implemented a hash table, since I needed fast serialization capability which the available libraries did not provide. Now I am writing some sort of interval-btree, since using std::map, for the same purpose, turned up to be very very slow, and the performance bottleneck of my code.

Notice that you can’t just find interval-btree on Wikipedia, or stack-overflow. The closest thing you can find is Interval tree, but it has some performance drawbacks. So how can you implement an interval-btree, unless you know what a btree is and what an interval-tree is? I strongly suggest, again, that you learn and remember data-structures.

These are the most important things, which will make you a better programmer. The other things will follow.