Your quality source for all things technology! Technology info
Computer Startup Time – Current Problems, Future Advancements, and Solutions You Can Consider For Now
Computer Startup Time – Current Problems, Future Advancements, and Solutions You Can Consider For Now
By Neon Zidane – neon.zidane@gmail.com
Please report any errors or suggestions for improvement. Thank you!
Table of Contents
Introduction – Booting Process
Future Innovations and Advancements
Introduction – Booting Process
First of all let’s familiarize ourselves with how the computer boots up. It’s a very simple to understand process. When you first press out the power button, the computer goes through an initialization process. Firstly, it’s important to check if a CPU is present and functional. If there is an error related to the CPU, depending on your motherboard model, it your motherboard might make a beeping sound, flash the power light, start to smoke, or burst into flames (no biggie 
). Usually, after this, if you have a multiple CPU configuration system, one CPU (CPU 0) is selected to run the BIOS and initialize the kernel (a central component of your operating system which will “turn on” the remaining CPUs). At startup, a CPU can only address 1MB of memory, but some Intel processors have a special configuration where they use the last 16 bytes of the memory.
Then the computer starts executing the BIOS code, and starts checking for present hardware (Power on self test). Usually when there is a hardware error, it will display a message on the screen and make a beeping sound. Most motherboards make a beeping sound because if your video card turns out to be not functional, how else can they convey the message to you? Many of the modern (post 1996) BIOSs can use Advanced Power Configuration and Power Interface (ACPI) to list devices the computer has, and then the kernel uses this information.
After the POST, the BIOS wants to find an operating system to boot. It will search through a list of devices in a user-configurable order (CD, Hard Drive, Floppy, USB flash drives, memory cards, etc.) otherwise it will present you an error that says “Non System Disk or Disk Error” which could indicate that the disk could not be boot from. This could mean the disk is not functioning (broken hard drive, scratched/bad CD, etc.) or a configuration error you have made. If a bootable device is found though, the BIOS will read sector 0, the first 512 byte sector of the disk (remember that sector n-1 is the last sector of the hard drive where n is the total amount of sectors on the drive). Important data is in there: a boot sector. It also contains a partition table, 64 bytes – 16 bytes per partition (That’s why you can’t create more than 4 partitions on a hard drive, you will have to use a logical partition).
Since the boot sector is so small (460 bytes of usable space), it will either 1) launch another boot sector, 2) launch a second stage boot loader (could be DOS loader, NTLDR, BCD, GRUB, Lilo, maybe some strange virus you got off some website you shouldn’t be visiting anyways, etc.), or 3) Directly launch the kernel and start the operating system. Either way, if configured correctly, your computer will be told where an operating system is located and a file that will start the kernel. Your operating system splash screen will appear and in a few moments you are ready to use your computer system!
Current Startup Issues
How many things can you do in the time it takes your computer to start up? This means from turning on, operating system loading, then to a point where everything is ready, and you’re ready to start your favourite application (If your login is password protected, don’t count that!). Make a coffee? Make your entire breakfast? Go to school/work and then come home to find out your computer has FINALLY started up? Computers, unlike some other electronics, aren’t in a ready state the moment you turn them on. For example, a television would be ready within a few seconds of you turning it on, a phone would be ready the instant you turn it on. Even your CD player, DVD player, or Blu-ray player would be almost instantly ready when you turn it on. Usually you’re only waiting for it to spin up the disc. Read more…
WPA encryption hacked in under a minute!
Computer scientists in Japan say they’ve developed a way to break the WPA encryption system used in wireless routers in about one minute.
The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss further details at a technical conference set for Sept. 25 in Hiroshima. Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the attack to a new level, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack was demonstrated. “They took this stuff which was fairly theoretical and they’ve made it much more practical,” he said.
The Japanese researchers discuss their attack in a paper presented at the Joint Workshop on Information Security, held in Kaohsiung, Taiwan earlier this month.
The earlier attack, developed by researchers Martin Beck and Erik Tews, worked on a smaller range of WPA devices and took between 12 and 15 minutes to work. Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm.
The encryption systems used by wireless routers have a long history of security problems. The Wired Equivalent Privacy (WEP) system, introduced in 1997, was cracked just a few years later and is now considered to be completely insecure by security experts. WPA with TKIP “was developed as kind of an interim encryption method as Wi-Fi security was evolving several years ago,” said Kelly Davis-Felner, marketing director with the Wi-Fi Alliance, the industry group that certifies Wi-Fi devices. People should now use WPA 2, she said. Wi-Fi-certified products have had to support WPA 2 since March 2006. “There’s certainly a decent amount of WPA with TKIP out in the installed base today, but a better alternative has been out for a long time,” Davis-Felner said.
Enterprise Wi-Fi networks typically include security software that would detect the type of man-in-the-middle attack described by the Japanese researchers, said Robert Graham, CEO of Errata Security. But the development of the first really practical attack against WPA should give people a reason to dump WPA with TKIP, he said. “It’s not as bad as WEP, but it’s also certainly bad.”
Users can change from TKIP to AES encryption using the administrative interface on many WPA routers.
SQL injection tutorial by for3v3rforgott3n
Contents At A Glance:
LIMIT, What is it and why do I need to know how to use it?
First of all, if you find that I have written something that is wrong, please address it and I will fix it. I have written this tutorial solely for education purposes, do not contact me regarding anything along the lines of me publishing “full disclosure” information on internet security. I have written this in the hopes that it will not only help educate anyone who is interested in SQL injection, it may also help educate any website owners/coders who are unaware of the risks that they put their company/systems in when leaving a simple issue unattended. This tutorial was written by for3v3rforgott3n at http://for3v3rforgott3n.blogspot.com
First you need to know what makes a site vulnerable to SQL injection before you can find and inject vulnerable sites.
The most common reason that a site is vulnerable to SQL injection attacks is because the owner/coder didn’t use the built in MySQL feature ‘mysql_real_escape_string()‘. The purpose of this function is to sanitize or remove special characters from an SQL query. The most common side-effect is the simple username/password exploit ‘ or ‘1′=’1. Most website administrators today use this function along with stripslashes() or addslashes() to further sanitize the data.
Well since I gave you a very basic reason for why certain sites are vulnerable, we will move on to finding some vulnerable sites to play with.
When talking about finding sites to inject you will hear the term “dork” a lot, what this refers to is a google search term targeted at finding vulnerable websites. A “google dork” uses the built in google functions inurl:, or allinurl: to search for websites that have certain strings in their URL or website address, an example of a google dork is: inurl:index.php?id=1, entering this string into the google search engine would return all of the sites in google’s cache with the string index.php?id=1 in their URL, Ex: http://www.example.com/index.php?id=1
Here is a list of “dorks” to use:
http://sql-injection-tools.blogspot.com/2009/06/dork-sqli-by-shafiq.html
Now that we know what a google dork is we can start finding vulnerable sites. To be vulnerable the site has to have a GET parameter in the URL: index.php?id=1, id=1 being the GET parameter which ‘gets’ the 1 ‘id’ from the SQL database(Understand? Good.)
So you are going to go to http://www.google.com,http://www.blackle.com, or http://www.dogpile.com and search for your selected dork. When you get your list you can start checking for vulnerabilities. To do this the most common way is to add a back-tick after one of the integers in the URL
Example: http://www.example.com/index.php?id=1′
Now there are many ways for a site to show you that it is vulnerable the most common are errors:
You have an error in your SQL SyntaxWarning: mysql_fetch_array():Warning: mysql_fetch_assoc():Warning: mysql_numrows():Warning: mysql_num_rows():Warning: mysql_result():Warning: mysql_preg_match():
If you receive any of these errors when you enter the ‘ after the number then chances are the site is vulnerable to SQL injection attacks to some extent, but that isn’t the only way to see if a site is vulnerable, the biggest overlooked error is when a main part of the site just simply disappears, such as a news article or a body of text on the main site. If this happens then it is likely that the site is vulnerable also.
After you find your vulnerable site the first step you need to take is to find the number of columns in the table that is in use. Read more…
Can't find something?
Vancouver 2010 Winter Olympics-Current Medal Standings
Categories
Posts you must read
- Google Wave-Got your invitation yet?
- The average user’s introduction to SEO-by for3v3rforgott3n
- Computer Startup Time – Current Problems, Future Advancements, and Solutions You Can Consider For Now
- WPA encryption hacked in under a minute!
- Neobux-The best PTC site on the internet. By for3v3rforgott3n