Top 5 Linux WiFi Hacking Tools

In this Top 5 Wifi Hacking Tools we will be talking about a very popular subject: hacking wireless networks and how to prevent it from being hacked. Wifi is often a vulnerable side of the network when it comes to hacking because WiFi signals can be picked up everywhere and by anyone. Also a lot of routers contain vulnerabilities which can be easily exploited with the right equipment and software such as the tools included with Kali Linux. A lot of router manufacturers and ISPs still turn on WPS by default on their routers which makes wireless security and penetration testing even more important. With the following Top 5 Wifi Hacking Tools you are able to test our own wireless networks for potential security issues. For most tools we’ve supplied a link to a tutorial which will help you get started with the tools. Let’s start off the Top 5 Wifi Hacking Tools with the first tool:

1 Aircrack-ng

Aircrack is one of the most popular tools for WEP/WPA/WPA2 cracking. The Aircrack-ng suite contains tools to capture packets and handshakes, de-authenticate connected clients and generate traffic and tools to perform brute force and dictionary attacks. Aicrack-ng is an all-in-one suite containing the following tools (among others):

– Aircrack-ng for wireless password cracking
– Aireplay-ng to generate traffic and client de-authentication
– Airodump-ng for packet capturing
– Airbase-ng to configure fake access points

The Aicrack-ng suite is available for Linux and comes standard with Kali Linux. If you plan to use this tool you have to make sure your Wifi card is capable of packet injection.



Website: https://www.aircrack-ng.org/

Tutorial: https://www.hackingtutorials.org/wifi-hacking/how-to-hack-upc-wireless-networks/

 2 Reaver

Number 2 in the Top 5 Wifi Hacking Tools is Reaver. Reaver is another popular tool for hacking wireless networks and targets specifically WPS vulnerabilities. Reaver performs brute force attacks against Wifi Protected Setup (WPS) registrar PINs to recover the WPA/WPA2 passphrase. Since many router manufacturers and ISPs turn on WPS by default a lot of routers are vulnerable to this attack out of the box.

In order to use Reaver you need a good signal strength to the wireless router together with the right configuration. On average Reaver can recover the passphrase from vulnerable routers in 4-10 hours, depending on the access point, signal strength and the PIN itself off course. Statistically you have a 50% chance of cracking the WPS PIN in half of the time.



Website: https://code.google.com/p/reaver-wps/
Tutorial: https://www.hackingtutorials.org/wifi-hacking/pixie-dust-attack-wps-in-kali-linux-with-reaver/

3 Pixiewps

 

PixieWPS is a relatively new tool included with Kali Linux and also targets a WPS vulnerability. PixieWPS is written in C and is used to brute force the WPS PIN offline exploiting the low or non-existing entropy of vulnerable access points. This is called a pixie dust attack. PixieWPS requires a modified version of Reaver or Wifite to work with. Since this tools has become quite popular in little time, it earns the number 3 in our Top 5 Wifi Hacking Tools list.




Website: https://github.com/wiire/pixiewps/

Modified Reaver: https://github.com/t6x/reaver-wps-fork-t6x

Tutorial: https://www.hackingtutorials.org/wifi-hacking/pixie-dust-attack-wps-in-kali-linux-with-reaver/

 

4 Wifite

Wifite is an automated tool to attack multiple wireless networks encrypted with WEP/WPA/WPA2 and WPS. On start-up Wifite requires a few parameters to work with and Wifite will do all the hard work. It will capture WPA handshakes, automatically de-authenticate connected clients, spoof your MAC address and safe the cracked passwords.

Website: https://code.google.com/p/wifite/

5 Wireshark

Wireshark is one of the best network protocal analyzer tools available, if not the best. With Wireshark you can analyse a network to the greatest detail to see what’s happening. Wireshark can be used for live packet capturing, deep inspection of hundreds of protocols, browse and filter packets and is multiplatform.
Wireshark is included with Kali Linux but also available for Windows and Mac. For certain features you do need a Wifi adapter which is supports promiscuous and monitoring mode.

Website: https://www.wireshark.org

Tutorial: https://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-inspect-packets/

Or follow one of these online courses:
– Wireshark Crash Course
– Wireshark Tutorial – Get Wireshark Certification

So for more queries you can comment us below..

And you can also join us on Instagram and Facebook

 

Facebook :- Computer Science and Programming Solutions

Instagram:- @computerscience321 

Google Plus :- Computer Science and Programming Solution

Read More

Setting Up Your Own Virtual Private Network

VPN i.e  Virtual Private Network  is  a network that helps you to creates a virtual tunnel between your computer and a server to exchange data. It is private because it is supposed to require a username and a password to be accessed and it is a network because it links more devices to one or more servers all over different locations. A VPN helps you surf the web anonymously for two reasons:

• the websites you visit, see the VPN server’s ip, not yours.
• VPN basically encrypts all the traffic before ISP (internet service provider) can intercept it.

There are free versions and paid ones. But still the VPN provider can read your traffic. So you have to trust someone one way or another. What if you could set up your own VPN instead ? It would be totally free and totally (really ?) secure.

 There are many ways to setup a private virtual private network . Some softwares are also available that provide you to create your own network some of them are mentioned below :-

1. ExpressVPN

 

PROS:

• Self-installing, easy-to-use app
  
• Versions for Windows, Mac OS X, iOS, Android, and Linux
  
• Software for routers and set-top boxes
  
• Kill switch
  
• IP leak protection
  

CONS:

• Only three simultaneous connections allowed
  

 Try the best VPN software around!

Visit ExpressVPN »30-day money-back guarantee

 

2. CyberGhost

 

PROS:

• 77% off 3-year plans!
• Cool app
  
• Fast network speeds
  
• Automatic settings to suit activities
  
• System-wide and per-app kill switch
  
• Apps for Windows, Mac OS X, iOS, and Android
  

CONS:

• Can't get into Netflix
  

Visit CyberGhost »

 

3. TunnelBear

 

PROS:

• Animated interface
  
• Free version
  
• Good speeds
  
• Cloaking technology
  
• Kill switch
  

CONS:

• Doesn't allow peer-to-peer (P2P) downloading
  

Visit TunnelBear »

 

4. Windscribe

 

PROS:

• App for Windows, Mac OS X, iOS, Android, and Linux
  
• Manual installation for routers
  
• Browser extension for Chrome, Firefox, and Opera
  
• Free version with 10 GB data per month
  
• Ad and tracker blocker
  

CONS:

• Account sharing not allowed
  

Visit Windscribe »

 

5. NordVPN

 

PROS:

• Easy-to-use app for Windows, Mac OS X, iOS, and Android
  
• Manual setup for Linux, Blackberry, set-top boxes, routers, and game consoles
  
• Kill switch
  
• Private DNS servers
  
• Gets around detection at streaming services
  

CONS:

• Customer support can be slow
  

Visit NordVPN »

Concluding, always remember: if you do something stupid enough to anger people with enough 
resources, there’s no hope for you to remain anonymous. Anonymity is a fact of not carrying out a stupid action, more than worrying about how to hide that action.

So for more queries you can comment us below..

And you can also join us on Instagram and Facebook

 

Facebook :- Computer Science and Programming Solutions

Instagram:- @computerscience321

Google Plus :- Computer Science and Programming Solution

Read More

How does WannaCry, Petya and Other Ransomware spread so fast.

For thousands of people, the first time they heard of “ransomware” was as they were turned away from hospitals in May 2017.

The WannaCry outbreak had shut down computers in more than 80 NHS organisations in England alone, resulting in almost 20,000 cancelled appointments, 600 GP surgeries having to return to pen and paper, and five hospitals simply diverting ambulances, unable to handle any more emergency cases.

But the outbreak wasn’t the birth of ransomware, a type of computer crime which sees computers or data hijacked and a fee demanded to give them back to their owners.

Some of the earliest ransomware claimed to be a warning from the FBI demanding a “fine”, simply tricking users into paying up, or blackmailing them with accusations of trafficking in child abuse imagery.

Their tactics didn’t work for long. Bank transfers were easily tracked, cash payments were difficult to pull off, and if any variant got successful, people would trade tips on how to defeat it rather than pay the bill.

The modern ransomware attack was born from two innovations in the early part of this decade: encryption and bitcoin.

The modern ransomware attack was born from encryption and bitcoin.

• Ransomware such as Cryptolocker, which first appeared in the wild in 2013, didn’t just lock up the screen – it encrypted all the data on the computer.
• The only way to get it back was to pay the toll in return for the unlock key.
• Even if you managed to uninstall the ransomware itself, the data was still locked up.

Bitcoin suddenly meant ransomware authors could take payment without involving the trappings of the conventional banking system such as pre-paid credit cards.

For almost five years, so-called “cryptoransomware” bubbled below the surface, struggling to spread. Generally it was centrally controlled, attacking new victims through direct mail campaigns, tricking users into downloading it, or through botnets of computers infected with other malware– going in through the front door, so to speak, rather than using weaknesses in computer systems to spread.

WannaCry changed that.

Ransomworms

May’s ransomware outbreak was notable for a number of reasons: the scale of the damage; the unusual way in which it came to an end, with the discovery of a badly hidden “kill switch”; and the growing belief that its architects were not cybercriminals, but state-sponsored actors, most likely working for or with the North Korean government.

But the most important aspect is why it managed to go from unknown to taking out a significant chunk of the NHS in a matter of days.

WannaCry was the first “ransomworm” the world had ever seen.

A “worm”, in computing parlance, is a piece of malware able to spread itself to be far more damaging than your typical computer virus.

They self-replicate, bouncing from host to host, and obeying all the epidemiological rules that real diseases do, growing exponentially and taking off when they infect well-connected nodes.

• As computer security techniques have improved, worldwide worm outbreaks have become rare.
• It is hard to engineer a piece of malware that will automatically execute on a remote machine without any user involvement.
• Before WannaCry, the last major worm to hit the wild was Conficker.
• One variant spread to almost 20m machines in one month in January 2009, infecting the French Navy, the UK Ministry of Defence and Greater Manchester Police.

But since Conficker, major worms had been rare other than the Mirai worm and botnet infecting badly-designed Internet of Things devices such as webcams.

WannaCry had a helping hand to break through. In April 2017, a mysterious hacking group called The Shadow Brokers released details of a weakness in Microsoft’s Windows operating systems that could be used to automatically run programs on other computers on the same network.

• That weakness, it is believed, had been stolen in turn from the NSA, which had discovered it an unknown period of time before, code-naming it EternalBlue.
• EternalBlue was part of the NSA’s toolbox of hacking techniques, used to attack the machines of US enemies – before one of them turned the tables.
• The true identity of the Shadow Brokers is still unknown, although every piece of evidence points strongly to them being affiliated with the Russian state.

The Shadow Brokers first made themselves known in public in August 2016, auctioning a job-lot of cyber weapons which it said were stolen from the “Equation Group” – code-name for the NSA’s hacking operation.

Four more leaks followed including EternalBlue in April.

Microsoft fixed the EternalBlue weakness in March, before it was released by the Shadow Brokers, tipped off by the NSA that it was likely to be made public. But two months later, many organisations had yet to install the patch.

Outbreaks

A message demanding money on a computer hacked by a virus known as Petya in June 2017.

• Ultimately, WannaCry was too successful for its own good, spreading so fast that security researchers were tearing it apart within hours of it appearing in the wild.
• One of them, a young Briton called Marcus Hutchins, discovered that affected computers tried to access a particular web address after infection.
• Curiously, the address wasn’t registered to anyone, so he bought the domain – and just like that, the malware stopped spreading.

It’s still unclear why WannaCry included this kill switch. Some researchers think it was because the authors had watched the progression of Conficker, which attracted undue attention.

Others speculate the version of WannaCry “accidentally” escaped the network it was being tested on.

Even with the kill switch active, the outbreak caused enormous damage. A report released in October focusing just on the effects on the NHS concluded that “the WannaCry cyber-attack had potentially serious implications for the NHS and its ability to provide care to patients”.

It said that WannaCry “was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice” such as installing the fixes that had been released in March.

“There are more sophisticated cyber-threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”

A month later, one of those attacks arrived dubbed NotPetya, due to an initial, erroneous, belief that it was an earlier variant of ransomware called Petyna.

The malware was clearly built on the lessons of WannaCry, using the same EternalBlue weakness to spread within corporate networks, but without being able to jump from one network to another.

Instead, NotPetya was seeded to victims through a hacked version of a major accounting program widely used in Ukraine.

It still took out companies far and wide, from shipping firm Maersk to pharmaceutical company Merck – multinationals whose internal networks were large enough that the infection could travel quite far from Ukraine.

NotPetya had another oddity: it didn’t actually seem created to make money.

The “ransomware” was coded in such a way that, even if users did pay up, their data could never be recovered. “

I’m willing to say with at least moderate confidence that this was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware,” UC Berkley academic Nicholas Weaver told the infosec blog Krebs on Security.

That realisation meant the focus on Ukraine took on a new light. The country has long been at the forefront of cyberwarfare, constantly trading digital blows with its neighbour Russia even while the two countries trade actual blows over the Crimea.

If a nation state were to write malware with the aim of crippling the economy of its target, it might look a lot like NotPetya.

More to come

With Eternalblue slowly being patched, the age of the ransomworm might be over until a new, equally damaging vulnerability is found.

Instead, it looks like old-school ransomware will begin to take back the limelight – with a twist.

• “People have become desensitised to common ransomware, where it just encrypts your files,” says Marcin Kleczynski, the chief executive of information security firm Malwarebytes.
• Widespread backing up of data means fewer are willing to pay up.
• So instead of just locking data away, attackers are threatening the exact opposite: publish it for all the world to see.
• Such attacks, known as “doxware”, have already been seen in the wild, but currently just at a small scale or carried out manually, as when a Lithuanian plastic surgery clinic saw its files published for ransoms of up to €2,000 (£1762).

Read More

Top 10 Hottest Artificial Intelligence technologies till yet.

Now in today's fast growing technologies where people want more outcome in less duration of time Artificial Intelligence is playing an important role. Now today I am going to tell you about some high tech advance technologies till yet in Artificial Intelligence.


Natural Language Generation: Producing text from computer data. Currently used in customer service, report generation, and summarizing business intelligence insights. Sample vendors: Attivio, Automated Insights, Cambridge Semantics, Digital Reasoning, Lucidworks, Narrative Science, SAS, Yseop.

Speech Recognition: Transcribe and transform human speech into format useful for computer applications. Currently used in interactive voice response systems and mobile applications. Sample vendors: NICE, Nuance Communications, OpenText, Verint Systems.

Virtual Agents: “The current darling of the media,” says Forrester (I believe they refer to my evolving relationships with Alexa), from simple chatbots to advanced systems that can network with humans. Currently used in customer service and support and as a smart home manager. Sample vendors: Amazon, Apple, Artificial Solutions, Assist AI, Creative Virtual, Google, IBM, IPsoft, Microsoft.

Machine Learning Platforms: Providing algorithms, APIs, development and training toolkits, data, as well as computing power to design, train, and deploy models into applications, processes, and other machines. Currently used in a wide range of enterprise applications, mostly `involving prediction or classification. Sample vendors: Amazon, Fractal Analytics, Google, H2O.ai, Microsoft, SAS, Skytree.

AI-optimized Hardware: Graphics processing units (GPU) and appliances specifically designed and architected to efficiently run AI-oriented computational jobs. Currently primarily making a difference in deep learning applications. Sample vendors: Alluviate, Cray, Google, IBM, Intel, Nvidia.

Decision Management: Engines that insert rules and logic into AI systems and used for initial setup/training and ongoing maintenance and tuning. A mature technology, it is used in a wide variety of enterprise applications, assisting in or performing automated decision-making. Sample vendors: Advanced Systems Concepts, Informatica, Maana, Pegasystems, UiPath.

Deep Learning Platforms: A special type of machine learning consisting of artificial neural networks with multiple abstraction layers. Currently primarily used in pattern recognition and classification applications supported by very large data sets. Sample vendors: Deep Instinct, Ersatz Labs, Fluid AI, MathWorks, Peltarion, Saffron Technology, Sentient Technologies.

Biometrics: Enable more natural interactions between humans and machines, including but not limited to image and touch recognition, speech, and body language. Currently used primarily in market research. Sample vendors: 3VR, Affectiva, Agnitio, FaceFirst, Sensory, Synqera, Tahzoo.

Robotic Process Automation: Using scripts and other methods to automate human action to support efficient business processes. Currently used where it’s too expensive or inefficient for humans to execute a task or a process. Sample vendors: Advanced Systems Concepts, Automation Anywhere, Blue Prism, UiPath, WorkFusion.

Text Analytics and NLP: Natural language processing (NLP) uses and supports text analytics by facilitating the understanding of sentence structure and meaning, sentiment, and intent through statistical and machine learning methods. Currently used in fraud detection and security, a wide range of automated assistants, and applications for mining unstructured data. Sample vendors: Basis Technology, Coveo, Expert System, Indico, Knime, Lexalytics, Linguamatics, Mindbreeze, Sinequa, Stratifyd, Synapsify.

So today I have today you something about some hottest technologies .

For any queries you can comment us below.

And you can also join us on Facebook and Instagram.

Facebook :- https://www.facebook.com/the programmer.harshit

Instagram:- @computerscience321

Read More

What is MD5 or Message Digest 5 Algorithm

We are getting many requests  through emails, messages and on social media people are very much confused asking about how there passwords gets encrypted , and how does this encryption works, what are the algorithms used behind this encryption. So here i am going to tell you about one of the most widely used algorithm used for encryption known as MD5 or Message Digest Algorithm 
      Before we proceed to MD5 i want to tell you something about Cryptographic Hashing.

Cryptographic Hashing

MD5 stands for Message Digest algorithm 5, and was invented by celebrated US cryptographer Professor Ronald Rivest in 1991 to replace the old MD4 standard. MD5 is simply the name for a type of cryptographic hashing function Ron came up with, way back in ’91.
The idea behind cryptographic hashing is to take an arbitrary block of data and return a fixed-size “hash” value. It can be any data, of any size but the hash value will always be fixed.

 Cryptographic hashing has a number of uses, and there are a vast number of algorithms (other than MD5) designed to do a similar job. One of the main uses for cryptographic hashing is for verifying the contents of a message or file after transfer.

If you’ve ever downloaded a particularly large file (Linux distributions, that sort of thing) you’ll probably have noticed the hash value that accompanies it. Once this file has been downloaded, you can use the hash to verify that the file you downloaded is in no way different to the file advertised.
The same method works for messages, with the hash verifying that the message received matches the message sent. On a very basic level, if you and a friend have a large file each and wish to verify they’re exactly the same without the hefty transfer, the hash code will do it for you.
Hashing algorithms also play a part in data or file identification. A good example for this is peer to peer file sharing networks, such as eDonkey2000. The system used a variant of the MD4 algorithm (below) which also combined file’s size into a hash to quickly point to files on the network.

A signature example of this is in the ability to quickly find data in hash tables, a method commonly used by search engines.

Another use for hashes is in the storage of passwords. Storing passwords as clear text is a bad idea, for obvious reasons so instead they are converted to hash values. When a user inputs a password it is converted to a hash value, and checked against the known stored hash. As hashing is a one-way process, provided the algorithm is sound then there is theoretically little chance of the original password being deciphered from the hash.

Cryptographic hashing is also often used in the generation of passwords, and derivative passwords from a single phrase.

Message Digest Algorithm 5

The MD5 function provides a 32 digit hexadecimal number. If we were to turn ‘abc.com’ into into an MD5 hash value then it would look like: 64399513b7d734ca90181b27a62134dc. It was built upon a method called the Merkle”“DamgÃ¥rd structure (below), which is used to build what are known as “collision-proof” hash functions.

 No security is everything-proof, however and in 1996 potential flaws were found within the MD5 hashing algorithm. At the time these were not seen as fatal, and MD5 continued to be used. In 2004 a far more serious problem was discovered after a group of researchers described how to make two separate files share the same MD5 hash value. This was the first instance of a collision attack being used against the MD5 hashing algorithm. A collision attack attempts to find two arbritary outputs which produce the same hash value – hence, a collision (two files existing with the same value).

 For more queries you can comment us below. or you can visit our social media links.

Facebook Group : - https://www.facebook.com/groups/232442010510294/?ref=bookmarks
Facebook Page:- https://www.facebook.com/theprogrammer.harshit
Instagram :- @computerscience321   

Read More

Everything you Should Know About an IP-Addresses

                                         
You have heard of this term IP Address many times in day-to day life if you belong to IT sector, yes as soon as you heard about the term IP only one thing that stucks in your mind is the IP of a computer which you people might have seen. But what this IP actually is….??
IP address, or “internet protocol address”, is a unique identifying number given to every single computer on the Internet. Like a car license plate, an IP address is a special serial number used for identification.
NOTE:- An IP Address is different from a MAC Address or an Domain Name address

Any machine connected to the Internet has an IP address  Xbox games, cell phones, fax machines, and even soda pop dispensers have IP addresses. In every case, the IP address acts both like a car license plate and like a telephone number: it shows ownership, allows the machine to be located by other machines, and empowers authorities to track and protect people’s safety, if need be.

How IP addresses look:

IP addresses have two common formats. IP version 4 addresses are comprised of four numbers-only segments separated by dots:

• e.g. 127.0.0.1
• e.g. 253.16.44.22
• e.g. 72.48.108.101

IP version 6 addresses are more complex. IPv6 addresses are comprised of 8 segments:

• e.g. 3ffe:1900:4545:3:200:f8ff:fe21:67cf
• e.g. 21DA:D3:0:2F3B:2AA:FF:FE28:9C5A

Related: Read more about how IPv6 is different from IPv4.

IP address is not the same as www domain name addresses:

For nearly every web server, the IP address is invisibly translated into a natural English “domain name” for ease of use. But technically speaking, the IP address is the true identifier of a web server…the domain name is simply a redirector pointer to help people find the web server.
Here are three IP addresses, with their corresponding domain names. Both the IP address and domain name URL can be used to connect to the same web server:

• • e.g. 72.246.51.15 = http://www.nasa.gov
  • e.g. 152.91.56.138 = http://www.gov.au
  • e.g. 208.185.127.40 = http://www.about.com

Your ISP has a block of IP addresses to lend:
Internet authorities allot large bundles of IP address numbers to regional internet service providers. Those ISP’s, in turn, assign the IP addresses to every server and every internet user who logs on. Yes, there are millions of IP addresses active at any instant.

More about IP addresses:

• Trivia point 1: before the World Wide Web became popular in the 1990’s, every computer was assigned a fixed (“static” IP address). But with so many millions of internet users today, ISP’s now choose to “lend” IP addresses from a pool of numbers. This is much like dealer license plates being shared amongst test drive vehicles at a car dealership. This loaning of IP addresses is called “dynamic IP addressing”, and is proven to work better for individual users.
• Trivia point 2: often, it is possible to identify where a user is in the world by their IP address. Web sites like www.whatismyipaddress.com/ can read your computer’s IP address, compare it to its database of ISP’s, and attempt to guess your location on the planet.

• Trivia point 3: it is possible to mask or digitally alter the appearance of your computer’s IP address. You would do this for the sake of privacy or to avoid authorities tracking your online habits.
• Trivia point 4: within office networks, each office computer is given an “internal IP address”. As soon as an office computer accesses the internet, it then borrows the office’s main IP address. This works much like office telephone numbers: a unique internal extension number is assigned to every user, but as soon as any person dials out of the office, call display will only show the office’s main phone number. This is known as internal vs. external IP addressing, and is a necessary technique to reduce the number of IP addresses on the internet.

• Trivia point 5: as of April 2013, the internet is switching from IP addressing standard Version 4 (aka “IPv4”) to a new generation of addresses called IPv6. The biggest change is in the number of available addresses. Instead of 4.3 billion possible IP addresses, IPv6 will bring us 34,000,000,000,000,000,000 billion possible IP addresses.

Read More

How Cloud Computing Works.

                              

Let’s say you’re an executive at a large corporation. Your particular responsibilities include making sure that all of your employees have the right hardware and software they need to do their jobs. Buying computers for everyone isn’t enough — you also have to purchase software or software licenses to give employees the tools they require. Whenever you have a new hire, you have to buy more software or make sure your current software license allows another user. It’s so stressful that you find it difficult to go to sleep on your huge pile of money every night.

Soon, there may be an alternative for executives like you. Instead of installing a suite of software for each computer, you’d only have to load one application. That application would allow workers to log into a Web-based service which hosts all the programs the user would need for his or her job. Remote machines owned by another company would run everything from e-mail to word processing to complex data analysis programs. It’s called cloud computing, and it could change the entire computer industry.

In a cloud computing system, there’s a significant workload shift. Local computers no longer have to do all the heavy lifting when it comes to running applications. The network of computers that make up the cloud handles them instead. Hardware and software demands on the user’s side decrease. The only thing the user’s computer needs to be able to run is the cloud computing system’sinterface software, which can be as simple as a Web browser, and the cloud’s network takes care of the rest.

There’s a good chance you’ve already used some form of cloud computing. If you have an e-mail account with a Web-based e-mail service like Hotmail, Yahoo! Mail or Gmail, then you’ve had some experience with cloud computing. Instead of running an e-mail program on your computer, you log in to aWeb e-mail account remotely. The software and storage for your account doesn’t exist on your computer — it’s on the service’s computer cloud.

Cloud Computing Architecture

When talking about a cloud computing system, it’s helpful to divide it into two sections: the front end and the back end. They connect to each other through a network, usually the internet. The front end is the side the computer user, or client, sees. The back end is the “cloud” section of the system.

The front end includes the client’s computer(or computer network) and the application required to access the cloud computing system. Not all cloud computing systems have the same user interface. Services like Web-based e-mail programs leverage existing Web browsers like Internet Explorer or Firefox. Other systems have unique applications that provide network access to clients.On the back end of the system are the various computers, servers and data storage systems that create the “cloud” of computing services. In theory, a cloud computing system could include practically any computer program you can imagine, from data processing to video games. Usually, each application will have its own dedicated server.

A central server administers the system, monitoring traffic and client demands to ensure everything runs smoothly. It follows a set of rules called protocols and uses a special kind of software called middleware. Middleware allows networked computers to communicate with each other. Most of the time, servers don’t run at full capacity. That means there’s unused processing power going to waste. It’s possible to fool a physical server into thinking it’s actually multiple servers, each running with its own independent operating system. The technique is called server virtualization. By maximizing the output of individual servers, server virtualization reduces the need for more physical machines.

If a cloud computing company has a lot of clients, there’s likely to be a high demand for a lot of storage space. Some companies require hundreds of digital storage devices. Cloud computing systems need at least twice the number of storage devices it requires to keep all its clients’ information stored. That’s because these devices, like all computers, occasionally break down. A cloud computing system must make a copy of all its clients’ information and store it on other devices. The copies enable the central server to access backup machines to retrieve data that otherwise would be unreachable. Making copies of data as a backup is called redundancy.

Cloud Computing Applications

The applications of cloud computing are practically limitless. With the right middleware, a cloud computing system could execute all the programs a normal computer could run. Potentially, everything from generic word processing software to customized computer programs designed for a specific company could work on a cloud computing system.

Why would anyone want to rely on another computer system to run programs and store data?

• Clients would be able to access their applications and data from anywhere at any time. They could access the cloud computing system using any computer linked to the Internet. Data wouldn’t be confined to a hard drive on one user’s computer or even a corporation’s internal network.
• It could bring hardware costs down. Cloud computing systems would reduce the need for advanced hardware on the client side. You wouldn’t need to buy the fastest computer with the most memory, because the cloud system would take care of those needs for you. Instead, you could buy an inexpensive computer terminal. The terminal could include a monitor, input devices like a keyboard and mouse and just enough processing power to run the middleware necessary to connect to the cloud system. You wouldn’t need a large hard drive because you’d store all your information on a remote computer.
• Corporations that rely on computers have to make sure they have the right software in place to achieve goals. Cloud computing systems give these organizations company-wide access to computer applications. The companies don’t have to buy a set of software or software licenses for every employee. Instead, the company could pay a metered fee to a cloud computing company.
• Servers and digital storage devices take up space. Some companies rent physical space to store servers and databases because they don’t have it available on site. Cloud computing gives these companies the option of storing data on someone else’s hardware, removing the need for physical space on the front end.
• Corporations might save money on IT support. Streamlined hardware would, in theory, have fewer problems than a network of heterogeneousmachines and operating systems.
• If the cloud computing system’s back end is a grid computing system, then the client could take advantage of the entire network’s processing power. Often, scientists and researchers work with calculations so complex that it would take years for individual computers to complete them. On a grid computing system, the client could send the calculation to the cloud for processing. The cloud system would tap into the processing power of all available computers on the back end, significantly speeding up the calculation. 

Cloud Computing Concerns

Perhaps the biggest concerns about cloud computing are security and privacy. The idea of handing over important data to another company worries some people. Corporate executives might hesitate to take advantage of a cloud computing system because they can’t keep their company’s information underlock and key.

The counterargument to this position is that the companies offering cloud computing services live and die by their reputations. It benefits these companies to have reliable security measures in place. Otherwise, the service would lose all its clients. It’s in their interest to employ the most advanced techniques to protect their clients’ data.

Privacy is another matter. If a client can log in from any location to access data and applications, it’s possible the client’s privacy could be compromised. Cloud computing companies will need to find ways to protect client privacy. One way is to useauthentication techniques such as user names and passwords. Another is to employ an authorization format — each user can access only the data and applications relevant to his or her job.

Some questions regarding cloud computing are more philosophical. Does the user or company subscribing to the cloud computing service own the data? Does the cloud computing system, which provides the actual storage space, own it? Is it possible for a cloud computing company to deny a client access to that client’s data? Several companies, law firms and universities are debating these and other questions about the nature of cloud computing.

How will cloud computing affect other industries? There’s a growing concern in the IT industry about how cloud computing could impact the business of computer maintenance and repair. If companies switch to using streamlined computer systems, they’ll have fewer IT needs. Some industry experts believe that the need for IT jobs will migrate to the back end of the cloud computing system.

Another area of research in the computer science community is autonomic computing. An autonomic computing system is self-managing, which means the system monitors itself and takes measures to prevent or repair problems. Currently, autonomic computing is mostly theoretical. But, if autonomic computing becomes a reality, it could eliminate the need for many IT maintenance jobs.

Read More