Categories
information technology

Binary Data: Why 256 Is a Magic Number in Computing

Everything that computers work with: images, sound, and text, are data. The information has been broken down into bits of data, represented by electrical signals that travel close to the speed of light inside the hardware. But the electrical signals computers use can only be on or off. “On” means there is a signal, and “off “means there isn’t a signal. At the most basic level, this is how all computers work. A computer sees an electrical signal as “on,” “true,” or 1. And it sees the lack of a signal as “off,” “false,” or 0.

Having everything represented by either a 0 or a 1 is called binary. To understand binary, you need to understand numbering systems. So, let’s start with the system most people are familiar with, the decimal system.

Decimal System or the Numbers Everybody Knows

The decimal system has ten single digits to work with, 0 through 9. The “dec-“ in decimal stands for 10. Let’s count.

0
1
2
3
4
5
6
7
8
9

What comes next?

When you’re counting in the decimal system and you reach 9, to represent a larger number, you must add another place or digit. Each digit in the “10s” place represents how many groups of 10 are in the number. Once the 10s and the 1s digits both reach 9, the largest digit, you must again add another place. Every additional place represents a “power of 10.”

This is what each place in the number 52,345,230 represents, below.

10 million 1 million 100,000 10,000 1,000 100 10 1
5 2 3 4 5 2 3 0

The number represented in the table above is:

  • 5 groups of ten million each +
  • 2 groups of one million each +
  • 3 groups of one hundred thousand each +
  • 4 groups of ten thousand each +
  • 5 groups of one thousand each +
  • 2 groups of one hundred each +
  • 3 groups of ten each +
  • 0 ones.

If you had a limit of 8 places, the highest number you could represent would be 99,999,999. Fortunately, the decimal system doesn’t have that limitation.

Binary or Base-2

But what if your numbering system only had two digits, instead of 10? Instead of 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9, what if you only had 0 or 1 to put into each position? This is binary, or base-2, because there are only two values that can exist in each place. The “bi-“ in binary stands for 2. Each position can have either a 1 or a 0, and nothing else. So, the positions in binary represent the powers of 2.

Counting in binary starts with 0 and goes to 1. If you need to represent a larger number, you must add another place or digit, just like in the decimal system. Except in binary, the next place represents how many groups of multiples of 2 are in the number, unlike decimal system places which represent groups of multiples of 10.

So, instead of 1, 10, 100, 1000, 10000, etc., the places in binary represent groups of 2, because you can have only 2 values.

128 64 32 16 8 4 2 1
0 0 0 0 0 0 0 0

The number in the table above is how you represent 0 in 8-bit binary. Each place in the table is called a bit, and 8 bits make a byte.

0 in a bit represents no value, and 1 in a bit represents the value of the place it holds. So, a byte representing the decimal number 9 would be represented like this in binary: 00001001. Here it is in the binary table.

128 64 32 16 8 4 2 1
0 0 0 0 1 0 0 1

The number represented in the table above is:

  • 0 groups of 128 +
  • 0 groups of 64 +
  • 0 groups of 32 +
  • 0 groups of 16 +
  • 1 group of 8 +
  • 0 groups of 4 +
  • 0 groups of 2 +
  • 1 group of 1.

The only two places that have a value in the number above are the 8 place and the 1 place. 8 + 1 = 9.
With a limit of 8 places, you can represent 256 numbers: 0-255, and 255 looks like this: 11111111.

Categories
information technology

How do data breaches occur? Explaining infosec concepts.

As one of many people whose personal data has been involved in multiple corporate and governmental data breaches, I get tired of finding out my data’s been stolen again. But I understand how difficult it can be to keep data secure in an environment where just about everything is connected.

If someone has data on their unencrypted laptop, and that laptop gets stolen or hacked, that’s one way data breaches occur. Someone else has physical access to your unencrypted computer. They now have access to everything on your computer AND everything online that your computer knows how to access.

But generally, criminals don’t need to get physical access. All they need is virtual access, and they get that through social engineering. Forget most of the movie hacking you’ve seen. It’s not that exciting.

Social engineering means manipulating people’s trust so that they volunteer the information the criminal needs. Social engineering is the same as a con, short for confidence game.

The Target data breach from 2013 happened when criminals gained access to Target’s systems by sending phishing emails to a third-party contractor. The contractor had access to Target’s heating, ventilation, and air conditioning (HVAC) systems. An employee of the contractor fell for the phishing email, clicked on a link that installed malware, and that was the only opening the criminals needed. The malware on the contractor’s systems then revealed logins and passwords to Target’s HVAC system.

“That’s just their HVAC system. What’s the big deal? Are they going to crank up the heat?”

Almost every system is connected to other systems now. Access to one system can lead to accessing all the systems, if they’re connected and vulnerable. The perpetrators eventually were able to access the point-of-sale terminals, allowing them to steal credit card data.

For more details on the Target breach, check out this article: Anatomy of the Target data breach: Missed opportunities and lessons learned | ZDNet.

Other times there’s no social engineering involved. If there’s a vulnerability discovered either by researchers or criminals, and system administrators (sysadmin) either can’t or don’t patch the vulnerability fast enough, criminals can continue to take advantage of it with no one the wiser. Exploits like this can go on for months until someone happens to notice what’s going on.

The truth is, the odds are in favor of a breach, rather than against, because there are so many ways for a breach to happen. Whereas those defending against breaches only need one weak link to leave their data vulnerable.