Why Does RAM Have to be Volatile?

The Answer

 it’s due to physics.
Any non-volatile memory must store its bits in two states which have a large energy barrier between them, or else the smallest influence would change the bit. But when writing to that memory, we must actively overcome that energy barrier.
Designer have quite some freedom in setting those energy barriers. Set it low 0 . 1, and you get memory which can be rewritten a lot without generating a lot of heat: fast and volatile. Set the energy barrier high 0 | 1 and the bits will stay put almost forever, or until you expend serious energy.
DRAM uses small capacitors which leak. Bigger capacitors would leak less, be less volatile, but take longer to charge.
Flash uses electrons which are shot at high voltage into an isolator. The energy barrier is so high that you can’t get them out in a controlled way; the only way is to clean out an entire block of bits.

In other words, the only way to make the RAM as high speed as we need it for modern computer operations is to keep the resistance between state changes extremely low (and thus make the RAM volatile and susceptible to data erasure in the face of power loss).

RAM Is Cheap So Why Don’t We Run Everything From It?

The Answer

 

There are a few reasons RAM is not used that way:

1. Common desktop (DDR3) RAM is cheap, but not quite that cheap. Especially if you want to buy relatively large DIMMs.
2. RAM loses its contents when powered off. Thus you would need to reload the content at boot time. Say you use a SSD sized RAMDISK of 100GB, that means about two minutes delay while 100GB are copied from the disk.
3. RAM uses more power (say 2–3 Watt per DIMM, about the same as an idle SSD).
4. To use so much RAM, your motherboard will need a lot of DIMM sockets and the traces to them. Usually this is limited to six or less. (More board space means more costs, thus higher prices.)
5. Lastly, you will also need RAM to run your programs in, so you will need the normal RAM size to work in (e.g. 18GiB, and enough to store the data you expect to use).

Having said that: Yes, RAM disks do exist. Even as PCI board with DIMM sockets and as appliances for very high IOps. (Mostly used in corporate databases before SSD’s became an option). These things are not cheap though.

How to Browse the Web Anonymously On Your Android Smartphone

When you access a website on your smartphone, your cellular carrier, network operator, and government all know you accessed that website. If you’re in a country that blocks websites

, like China, you may not even be able to access certain websites. Tor allows you to browse anonymously and bypass web censorship on your desktop. Orbot brings Tor to Android, so you can do the same from your smartphone.

Whether you’re connected to a cellular data connection or Wi-Fi, Orbot works the same. Like the Tor browser bundle for PCs, it connects to the Tor network and allows you to browse the web anonymously.

Connect to Tor With Orbot

Bear in mind that Tor is significantly slower than a standard connection for browsing, as the routing process adds some overhead

[rexofcyber explain] ::What Is The Difference Between DDR2 & DDR3 RAM

RAM or Random Access Memory, is your computer’s short term memory. If your computer needs information and does not find the RAM, it then needs to journey to the hard drive to try and retrieve the data, which is far more time consuming. Many older computers that feel sluggish can be given new life if upgraded with additional RAM.
However, capacity is only one specification. RAM is also available in a variety of versions and speeds. A 2GB stick of DDR2 800 RAM is not the same thing as a 2GB stick of DDR3 1333 RAM. Understanding the difference is important because computers will generally accept only certain types of RAM.

Kali Linux

Kali Linux is a distribution based on the Debian GNU/Linux distribution aimed at digital forensics and penetration testing users maintained and funded by Offensive Security. It was developed by Offensive Security as the successor to BackTrack Linux.^[1]
Kali provides users with easy access to a comprehensive and large collection of security-related tools ranging from port scanners to password crackers. Support for Live CD and Live USB functionality allows users to boot BackTrack directly from portable media without requiring installation, though permanent installation to hard disk is also an option. It is a supported platform for the Metasploit Project's Metasploit Framework, a tool for developing and executing exploit code against a remote target machine.^[2] It also includes the security tools Wireshark, John the Ripper, Nmap and Aircrack-ng.^[2]
Kali is distributed in 32-bit and 64-images for use on hosts based on the x86 processor architecture, as well as an image for the ARM architecture for use on the Raspberry Pi computer and on Samsung's ARM Chromebook.^[3]

REXOFCYBER Explains: What Spear Phishing Attacks Are and Why They’re Taking Down Big Corporations

The news is full of reports of “spear-phishing attacks” being used against governments, large corporations, and political activists. Spear-phishing attacks are now the most common way corporate networks are compromised, according to many reports.
Spear-phishing is a newer and more dangerous form of phishing. Instead of a casting a wide net in hopes of catching anything at all, the spear-phisher crafts a careful attack and aims it at individual people or a specific department.

Phishing Explained

Phishing is the practice of impersonating someone trustworthy to try and acquire your information. For example, a phisher might sent out spam emails pretending to be from Bank of America asking you to click a link, visit a fake Bank of America website (a phishing site), and enter your banking details.
Phishing isn’t just limited to email, however. A phisher could register a chat name like “Skype Support” on Skype and contact you via Skype messages, saying that your account was compromised and they need your password or credit card number to verify your identity. This has also been done in online games, where scammers impersonate game administrators and send messages asking for your password, which they would use to steal your account. Phishing could also happen over the phone. In the past, you may have received phone calls claiming to be from Microsoft and saying you have a virus you must pay to remove.
Phishers generally cast a very wide net. A Bank of America phishing email may be sent to millions of people, even people who don’t have Bank of America accounts. Because of this, phishing is often fairly easy to spot. If you don’t have a relationship with Bank of America and get an email claiming to be from them, it should be very clear that the email is a scam. Phishers depend on the fact that, if they contact enough people, someone will eventually fall for their scam. This is the same reason we still have spam emails – someone out there must be falling for them or they wouldn’t be profitable.
Take a look at the anatomy of a phishing email for more information.

How Spear Phishing is Different

If traditional phishing is the act of casting a wide net in hopes of catching something, spear phishing is the act of carefully targeting a specific individual or organization and tailoring the attack to them personally.
While most phishing emails aren’t very specific, a spear-phishing attack uses personal information to make the scam seem real. For example, rather than reading “Dear Sir, please to click this link for fabulous wealth and riches” the email may say “Hi Bob, please read this business plan we drafted at Tuesday’s meeting and let us know what you think.” The email may appear to come from someone you know (possibly with a forged email address, but possibly with a real email address after the person was compromised in a phishing attack) rather than someone you don’t know. The request is more carefully crafted and looks like it could be legitimate. The email could refer to someone you know, a purchase you’ve made, or another piece of personal information.
Spear-phishing attacks on high-value targets can be combined with a zero-day exploit for maximum damage. For example, a scammer could email an individual at a particular business saying “Hi Bob, would you please take a look at this business report? Jane said you would give us some feedback.” with a legitimate-looking email address. The link could go to a web page with embedded Java or Flash content that takes advantage of the zero-day to compromise the computer. (Java is particularly dangerous, as most people have outdated and vulnerable Java plug-ins installed.) Once the computer is compromised, the attacker could access their corporate network or use their email address to launch targeted spear-phishing attacks against other individuals in the organization.
A scammer could also attach a dangerous file that’s disguised to look like a harmless file. For example, a spear-phishing email may have a PDF file that’s actually an .exe file attached.

Who Really Needs to Worry

Spear-phishing attacks are being used against large corporations and governments to access their internal networks. We don’t know about every corporation or government that has been compromised by successful spear-phishing attacks. Organizations often don’t disclose the exact type of attack that compromised them. They don’t even like to admit they’ve been hacked at all.
A quick search reveals that organizations including the White House, Facebook, Apple, the US Department of Defense, The New York Times, the Wall Street Journal, and Twitter have all likely been compromised by spear-phishing attacks. Those are just a few of the organizations we know have been compromised – the extent of the problem is likely much greater.
If an attacker really wants to compromise a high-value target, a spear-phishing attack – perhaps combined with a new zero-day exploit purchased on the black market – is often a very effective way to do so. Spear-phishing attacks are often mentioned as the cause when a high-value target is breached.

Protecting Yourself From Spear Phishing

As an individual, you’re less likely to be the target of such a sophisticated attack than governments and massive corporations are. However, attackers may still attempt to use spear-phishing tactics against you by incorporating personal information into phishing emails. It’s important to realize that phishing attacks are becoming more sophisticated.
When it comes to phishing, you should be vigilant. Keep your software up-to-date so you’re better protected against bring compromised if you click links in emails. Be extra cautious when opening files attached to emails. Beware of unusual requests for personal information, even ones that seem as if they could be legitimate. Don’t re-use passwords on different websites, just in case your password does get out.
Phishing attacks often try to do things that legitimate businesses would never do. Your bank will never email you and ask for your password, a business you’ve purchased goods from will never email you and ask for your credit card number, and you’ll never get an instant message from a legitimate organization asking you for your password or other sensitive information. Don’t click links in emails and give out sensitive personal information, no matter how convincing the phishing email and phishing site is.
dangerous file

---

Like all forms of phishing, spear-phishing is a form of social engineering attack that is particularly hard to defend against. All it takes is one person making a mistake and the attackers will have established a toehold in your network.

REXOFCYBER Explains: Why You Should Perform Clean Installs, Not Upgrades

Whether you’re installing the latest version of Windows or upgrading your Linux distribution, most geeks agree that you should probably perform a clean installation rather than try your luck with an upgrade.
New operating systems versions want to reduce the pain of upgrading and offer to bring your old files, settings, and programs along with you through an upgrade, but this can often cause problems.

Upgrade vs. Clean Installs on Windowsstartup program

To a less-experienced user, an upgrade seems like the best type of install. If you want to install Windows 8 on a PC with Windows 7 already on it, you can perform an upgrade installation to bring many of your programs, settings, and files with you rather than reinstalling your programs, changing your computer settings, and copying over your files when you’re done.
In theory, an upgrade will save you time because you can skip much of the set-up work afterwards. In practice, upgrades have often caused problems. When you perform a clean installation, you get a fresh copy of Windows without any clutter. When you upgrade, Windows must attempt to bring your programs and settings with you. You won’t end up with a clean copy of Windows – you’ll end up with the latest version of Windows with your old programs and settings copied over.  Files you haven’t used in years, registry entries created by long since-uninstalled programs, and other junk will remain on your fresh copy of Windows. Some applications may not be compatible and may be uninstalled during the upgrade process or may not work afterwards – you’ll have to reinstall some things anyway.
Some benchmarks have found that upgrade installs perform more slowly than clean installs, which isn’t surprising. An upgrade install might have old bloatware and startup program running in the background.
We don’t encourage running a registry cleaner and smart users shouldn’t have to reinstall Windows on a regular basis. However, when you’re switching to a new operating system, it’s the ideal time to start things out on the right foot with a fresh operating system.

How to Clean-Install Windows

To perform a clean installation of Windows, don’t select the Upgrade option when installing Windows. Select the Custom: Install Windows only (advanced) option and select the hard drive you want to install Windows on. You can even perform a clean install with an Upgrade license. The Upgrade license just requires that your computer must already have a valid license for a previous version of Windows; it doesn’t require that you perform an Upgrade installation.
Be sure that you have backup copies of all your important files before performing a clean installation, as a clean install will wipe your system partition.

Linux-Specific Problems

Clean installs are also useful on Linux distribution We’ll refer to Ubuntu in particular here, as it’s the most popular distribution, but much of this also applies to other distributions, such as Fedora.
Mark Shuttleworth, who created Ubuntu, recently wrote that “Upgrading today is possible, but to keep the system clean over multiple successive upgrades requires an uncommonly high level of skill with APT.”
In other words, problems can also occur when you upgrade your Linux distribution. A new version of Ubuntu may have dropped a particular package from the default system because it offers duplicate functionality, but such packages will not necessarily be removed from your system during an upgrade. If you have packages from third-party repositories installed, they may prevent you from upgrading. Various package dependency problems can occur and old configuration settings may not be overwritten properly with new default settings if you’ve customized them.
Just as old files, settings, and programs can persist on a Windows machine, the same thing can happen when you upgrade your Linux distribution.
There’s no doubt that Ubuntu’s upgrade process works much better than the upgrade process offered by many older Linux distributions, but it’s nowhere near perfect, as Mark Shuttleworth himself says.

How to Clean Install a Linux Distribution

When you see an upgrade notification, you don’t have to upgrade to the latest version of Ubuntu with the built-in too. You can download the Ubuntu installer from Ubuntu’s website and burn it to a disc (or put it on a USB drive) before installing the new version of Ubuntu over your previous version of Ubuntu.
As with Windows, you should ensure you have backup copies of your important files before installing the new Linux distribution over the previous Linux distribution.
startup program

The Previous Version Rule

Note that you can generally only upgrade from the previous version of an operating system. For example, you can upgrade to Windows 8 from Windows 7, but not from Windows XP. Likewise, you can upgrade to Ubuntu 12.10 from Ubuntu 12.04, but not Ubuntu 11.10 – although you could upgrade 11.10 to 12.04 and then upgrade it to 12.10, if you felt like living dangerously.

---

Upgrading is tempting, and upgrade installs are becoming more reliable with each new operating system version release. However, clean installs are still the way to go if you want a fresh system without clutter from previous versions of your operating system. A new operating system release is a good excuse to start fresh with a clean OS, anyway.