Like 100 million other Quora users, I awoke this morning to find an ominous email waiting for me that began: “We are writing to let you know that we recently discovered that some user data was compromised as a result of unauthorized access to our systems by a malicious third party.” Hot on the heels of the Marriott International hotel group breach that impacted half a billion users, the question and answer site has confirmed that its systems have been hacked leaving account and user information potentially compromised.
How this happens?
As per the post, a third-party app was able to gain unauthorized access to sensitive personal information for about 100 million of its users. Here are the more details on how & what happens
You might be surprised to know how critical etc host file could be. I learned the importance of it and thought about sharing some of the details.
Use of etc Host File
We all are familiar with host file & information in it. Most basic use of the etc host is to map to a hostname to IP (i.e 127.0.0.1 ) like localhost. There are other uses as well, let’s understand by an example.
Let’s see how things work when you type google.com in any web browser.
Browser as a client would make a DNS request that is what we know. But, In reality, Operating System (OS) checks host file entry first before making a DNS request to resolve IP of the domain. If local DNS found in the local host file then OS picks the local DNS. Then OS uses ARP (Address Resolution Protocol ) to find out destination MAC (media access control) or Physical address.
Then OS handshake begins with destination host through TCP/IP Protocol & start sending the data. Will explain working knowledge of data packets & OSI model in some other posts. For now, just for host file.
Security Aspect of etc Host File
Used by Hackers: Hackers use this file when they wish to redirect traffic of the application to the proxy server. Hackers set up the proxy server before they modify host file. This technique called active network traffic capturing. Basically, Hackers get all the network traffic from your server or machine. It helps hackers to run an analysis & understand insights of application. Even they can decode the actual application logs. And, server network traffic helps hackers a lot in breaking the application further.
Used by Anti-virus & Security Products: Some antivirus & security products track changes to the system’s hosts because changes are a sign of malware. You might need to disable the product’s protection if you want to change the host file.
Note: A suggestion would be have proper privilege on host file.
Since social media has become a media platform & news streams, Crooks & Politician, criminals etc started to exploit that. Some people argue that main stream media is so unfair & biased and social media is a way to contact their followers.
To go with this logic, Crooks started to buying trolls & trollers. These trollers are the human & they create fake agenda. If you closely see how facebook, twitter etc are full of trolls & fake news or funny cartoons, vedios. In Reality, Crooks set the agenda whom they wish to target in social media today. Political parties are having IT cell as department to spread their message whether that is true or false does not matter.
There are IT companies who have a department to serve these crooks & politicians. They create thousands of fake accounts & dominate the real conversation going between few people. These fake accounts are created smartly & have local language or message as well. And, They just flood the bunch of messages & confuse people on every topic. It is done by every political party in large nowadays.
Buying trollers are costly & it is an ongoing investment for all the crooks & politicians. So, In the coming days, It would not be wrong to say that People would look for cheaper & effective options & that could be a Chatbots.
Read full opinion about Chatbots & how it could be a dangerous
Chatbots are software programs that are capable of conversing with human beings on social media using natural language. Increasingly, they take the form of machine learning systems that are not painstakingly “taught” vocabulary, grammar and syntax but rather “learn” to respond appropriately using probabilistic inference from large datasets, together with some human guidance.
Most political bots these days are similarly crude, limited to the repetition of slogans like “#LockHerUp” or “#MAGA.” But a glance at recent political history suggests that chatbots have already begun to have an appreciable impact on political discourse. In the buildup to the midterms, for instance, an estimated 60 percent of the online chatter relating to “the caravan” of Central American migrants was initiated by chatbots.
Moving Content in AEM is a big task regularly. In my personal opinion, it is big task for everybody. Let me try to explain in details. Let’s consider a scenario where you want to move content from one AEM environment to another. The easy thing is to do to use AEM Package manager. That is good. And just build a package from one AEM, download it & install somewhere else. Easy process? You may think it is but it is not. From the Business perspective, the Package Manager tool totally sucks & for the following reasons:
Lack of basic features in Package Manager: There are many basic features missing. Some of them are:
No way you can schedule the content package as a whole. And, if 100 pages to be scheduled then Each individual pages must be scheduled to replicate them.
No way you could upload the individual pages content from one environment to another if individual pages are the parent pages in the content hierarchy. All the content has to be overridden.
Not easy to revert the certain content if installed by the package manager. either whole content or nothing can be reverted.
Not easy to use by the Non-Technical Person: Authoring team must have a working knowledge of package manager tool. I know you might think working knowledge? My answer would be YES. Someone needs to know how to upload, build, install, download & uninstall etc. And needs access to the packages when someone can misuse it.
Time-consuming & does not work in most of the cases: Downloading from one environment & uploading in another is very old fashion & time-consuming. For heavy content like size GB’s, It does not even work.
So, Here are the list of possible Solutions:
TWC Grabbit is one of them. It was developed by one of our team members however not sure if it is working in all the AEM versions. It has so many dependencies & Needs to install & managed in source & destination. But it was a quite good one.
AEM Package Manager Out of the box.
Copy whole source CRX-QUICKSTART folder & override the destination: Not a feasible option if the content has to be moved to production from stage or from stage to prod. Also not a solution if you want to move the only fewer pages or images. However, Not bad solution for Dev & QA but comes with lots of maintenance once the content is overridden.
The most easiest way move content regularly
You need to have just two things: Have a servlet in source code & Configure destination replication agent. You can see below it.
Pros/Cons of this solution:
First, a good thing is that it is pretty easy & you can replication any JCR path. Include a content package, one page/child pages, one image/set of images. if you replicate a content package then no need to install in the destination environment. And, Helpful when you just need some pages in your QA or dev from the stage. Not whole content.
No dependency. No installation. Just one servlet, replication agent. And, using out of the box solutions.
Pretty extensible. You can build fancy UI out of it & make it a tool out of it.
Cross-environment replication & replication only for content movement. Any environment can be a source or destination. Having a separate replication agent just for copying content does not cause any replication queue issue.
Cons is it is still using replication API & not any fancy third-party solution.
NOTE: I have tool build around which solves all the issue a content package has. But, not yet sure if I could simply provide source code here. However, let me know if you need some help or idea to understand the full solution.
The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.
Reference is here for the full details & fix vulnerabilities.