Open source gaming platform..

Posted: October 16, 2014 in Uncategorized

Adopting a project to focus my study on was a difficult task I had to ensure it was something I had a clear interest in therefore I looked into open source gaming. Amongst the list of games that are built on open source I came across one called Simutrans.

topbarlogo

Simutrans, it seems, was inspired by a game within the Tycoon franchise that was published by a company called MicroProse. The format of the game is to create a transport network within a city, be it by road, rail or by sea. Simutrans was first created in 1997 by a man called Hansjörg Malthaner, also known as Hajo, who started the game as a hobby project. From a quote directly taken from the forum, one community member states ” as far as I know Hajo was appalled by the quality of the AI in Railroad Tycoon and decided to make a better one. He then created this game from scratch.” Simutrans has gone through some drastic evolutionary changes since its birth in 1997 and is currently up to version 112.3 (released march 2013).

Early versions of Simutran.

Early versions of Simutran.

Simutrans was created first as closed source. According to a community member it only became open source once the creator, Hansjörg Malthaner, did not want to develop the game anymore. Step in, Dr. Markus Pristovsek, also known as “Prissi”. He took over leadership of the project in 2005 and it wasn’t long after this that the project became Open Source. Simutrans has an Artistic license which is approved by the OSI and a copy of it can be found here. With the game being open source the development of the game is down to a community of volunteers. Simutrans has an active community forum page where developers can share ideas and discuss future developments of the game.
The community forum page has many different sections that are all individually titled to assist people in whatever their needs may be, it also has own dedicated section specifically tailored to assisting development of the project. within this section you can find,extension requests, bug reports, patches & projects, Technical documents and Translation and help topics

Any tools you may need to assist you in the development of the game can also be found on the community forum page, they are found under the section General Resources & tools.

This area of open source directly appeals to me because i have a huge interest in gaming, i play games on both consoles and PC with my favorite genre being sandbox/strategy type simulation games. I have previously played titles such as The Sims, Sim City, Roller-Coster Tycoon, Zoo Tycoon also Transport Tycoon & Railroad Tyccon which are very similar style to Simutrans.

Transport Tycoon

Transport Tycoon

for further information on how you can contribute to this amazing project you can find more information by viewing the contribute page at simutrans.com.

Open source Celebrity….

Posted: October 9, 2014 in Uncategorized

gold_stars_png_by_melissa_tm-d4h82ye

Facebook, Twitter, Chrome, Firefox, iOS, Linux…… the list goes on, most platforms used over the internet or in society these days were built on open source software (OSS). The good thing about open source is its made by the people for the people. Looking at the current technology moguls we already have we look towards the likes of Mark Zuckerberg who created Facebook and Linus Torvalds who created the Linux OS. Zuckerberg is one of the biggest technology superstars out there, he created Facebook using PHP and named it Facemash, from this he built it up to what we’ve got today and he is now worth billions.

Tux

To follow in the footsteps of people like Zuckerberg, use and knowledge of open source is a godsend. Not only do you put your own work into open source projects but you can harness the knowledge of the rest of the world. This is highly beneficial if you are looking to develop a globally used platform like Facebook. As stated earlier in this blog, open source is made by the people for the people and if you have a global input into your project it can only serve to make the end product a better one.

Facebook isn’t the only success story to come from open source, Linux was created and still operates on open source. Linux has many people that contribute to how Linux is developed. Although Linux is not the only such operating system that uses open source, it is by far the most widely used.

So……. although people see the likes of David Beckham as celebrity stars, if you look a little deeper there are people that have used open source to become just as important if not more.

gold_stars_png_by_melissa_tm-d4h82ye

To be a pentester……

Posted: September 25, 2014 in Uncategorized

At the young age of 32 I decided to move my career path from the hospitality sector but couldn’t decide on which direction to take it, in the end I decided on going back into full time education and to study something I had a real interest in. I knew I loved computers and how they operate so opted to study a degree in computing & web development. Mid-way through my foundation year I quickly learned about computer vulnerabilities and exploits. I took a real interest in this field and decided that maybe I wanted my education to lead me in the direction of becoming a penetration tester. I looked into the career prospects and salary of the job and made the decision that is what I wanted from my university education.

A Penetration tester is basically an ethical hacker, a pentester would attack a system to find vulnerabilities in the software, once the vulnerability was found this would then be exploited. The fundamental difference here between a penetration tester and a hacker here is the ‘colour of the hat’. There is three different colours of hat in this particular world:

  • Black Hat
  • Grey Hat
  • White Hat

A black hat would find the vulnerability, exploit it and then either use the exploit to his/her own means or expose the vulnerability world wide. Black hat  serves to use his/her skills in an illegal manor be it monetary gain or personal gain. They use their skills in most to damage companies and their systems.

pentest_licensed

A white hat works legally and is whats known as an ethical hacker (pentester). White hat would test a system to find any vulnerabilities in the security system, rather than exploit this vulnerability, a white hat would inform the owner of the system of the flaw in its software, white hat would  usually be employed by the company to help avoid hole in their systems.

Grey hats are the group in between, the operate on both sides of the law, sometimes they will inform companies of the flaws found and at other times they will exploit and damaged the servers then gain access to valuable information.

Penetration testing jobs can be found all over the globe. the salary varies massively, a job in the middle east can pay up to £50,000 for a 5 month contract but the average salary in the UK is around £56,000 per annum.

This career is of great interest to myself and numerous skills are needed to advance in this field, most employers request a candidate has the following:

  • Able to conduct PenTests and Vulnerability Assessments using Automated and Manual TTPs
  • Have an understanding of common Web and Systems Application vulnerabilities
  • Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit
  • Must have solid working experience and knowledge of Windows and Unix/Linux operating system
  • A familiarity of Network and System architecture analysis. Fundamentals of network routing & switching and assessing network device configurations
  • Scripting (Windowsnix), Java, Bash, Python, Perl or Ruby, Systems Programming

Becoming a pen tester is no easy feat as many of the tactics used are illegal and self teaching can be quite tricky. A potential pen tester needs to be of strong character to know where the line between legal and illegal activities lie, the person has to know themselves very well to know they can stay on the right side of the law.

Logo Exploit

Many of the ethical hackers of the world will hang around known forums or chat rooms to pick up on new exploits. They will assume a legend and operate under a false identity to fit in. This task in itself can pose a huge risk as the people the pen tester are socializing around can be very dangerous people. When doing research for the job, the role of a pen tester can relate to an under cover police officer.

 

who has the real power?

Posted: September 25, 2014 in Uncategorized

anonymous_logo_with_slogan_transparent_by_anondesign-d6rv2qa

After reading the book we are legion, I began to question just how powerful the people behind the Anonymous Guy Fawkes masks really are. These individuals harness a great power to control or exploit some of the biggest organisations in the world. The group showed this when they flexed their muscles in 2008 with the ‘project chanology’. posts started to show in on the controversial website 4chan.com, rallying people to take on the church of scientology and expose them as frauds. Members were encouraged (no matter where in the world they were) to attend a demo outside a scientologist church local to them. In the February of that year thousands of people all over the world simultaneously appeared outside scientology church’s all wearing the anonymous Guy Fawkes masks to join the protest. Aside from the physical demonstrations the anonymous group performed exploits on the church’s websites and published material the church wanted to keep under wraps, they crashed the church’s website and posted a calling card on the opening page.

 

 

The LulzSec logo

The LulzSec logo

 

 

This all started from one single person having an idea to target a certain sect/cult and the idea just snowballed, I began to thought if one persons idea can become so large scale what else are they capable of?

Religious sects haven’t been the groups only victim, members of the FBI and the CIA have fallen fowl to this criminal organisation. Probably the most famous one performed by an off-shoot of Anonymous called LulzSec. they tagetted an employee of HBGary.