Skip to main content

Enhancing Indoor Air Quality: A Guide to Better Health and Comfort

In today's world, where we spend a significant amount of our time indoors, the quality of the air we breathe inside our homes and workplaces is crucial for our health and well-being. Poor indoor air quality (IAQ) can lead to various health issues, including allergies, respiratory problems, and even long-term conditions. This blog post explores effective strategies for managing and improving indoor air quality. Understanding Indoor Air Pollutants Indoor air pollutants can originate from various sources: Biological Pollutants: Mold, dust mites, and pet dander. Chemical Pollutants: Volatile organic compounds (VOCs) from paints, cleaners, and furnishings. Particulate Matter: Dust, pollen, and smoke particles. Strategies for Improving Indoor Air Quality Ventilation: Natural Ventilation: Open windows and doors regularly to allow fresh air circulation. Mechanical Ventilation: Use exhaust fans in kitchens and bathrooms to remove pollutants directly at the source. Air Purifiers: HEPA Filt

User Authentication

User Authentication
* Protection, dealt with making sure that only certain users were allowed to perform certain tasks, i.e. that a users privileges were dependent on his or her identity. But how does one verify that identity to begin with?

Passwords
* Passwords are the most common form of user authentication. If the user is in 
possession of the correct password, then they are considered to have identified 
themselves.
* In theory separate passwords could be implemented for separate activities, such as reading this file, writing that file, etc. In practice most systems use one password to confirm user identity, and then authorization is based upon that identification. This is a result of the classic trade-off between security and convenience.

Password Vulnerabilities
* Passwords can be guessed.
• Intelligent guessing requires knowing something about the intended target in specific, or about people and commonly used passwords in general.
• Brute-force guessing involves trying every word in the dictionary, or every valid combination of characters. For this reason good passwords should not be in any dictionary ( in any language ), should be reasonably lengthy, and should use the full range of allowable characters by including 
upper and lower case characters,numbers, and special symbols.
* "Shoulder surfing" involves looking over people's shoulders while they are typing in their password.
• Even if the lurker does not get the entire password, they may get enough clues to narrow it down, especially if they watch on repeated occasions.
• Common courtesy dictates that you look away from the keyboard while someone is typing their password.
• Passwords echoed as stars or dots still give clues, because an observer can 
determine how many characters are in the password.
* "Packet sniffing" involves putting a monitor on a network connection and reading data contained in those packets.
• SSH encrypts all packets, reducing the effectiveness of packet sniffing.
• However you should still never e-mail a password, particularly not with the word "password" in the same message or worse yet the subject header.
• Beware of any system that transmits passwords in clear text. (“Thank you 
for signing up for XYZ. Your new account and password information are shown below". ) You probably want to have a spare throw-away password to give these entities, instead of using the same high-security password that you use for banking or other confidential uses.
* Long hard to remember passwords are often written down, particularly if they are used seldom or must be changed frequently. Hence a security trade-off of passwords that are easily divined versus those that get written down. 
* Passwords can be given away to friends or co-workers, destroying the integrity of the entire user-identification system.
* Most systems have configurable parameters controlling password generation and what constitutes acceptable passwords.
• They may be user chosen or machine generated.
• They may have minimum and/or maximum length requirements.
• They may need to be changed with a given frequency. (In extreme cases for every session.)
• A variable length history can prevent repeating passwords.
• More or less stringent checks can be made against password dictionaries.

Encrypted Passwords
* Modern systems do not store passwords in clear-text form, and hence there is no 
mechanism to look up an existing password.
* Rather they are encrypted and stored in that form. When a user enters their password, that too is encrypted, and if the encrypted version matches, then user authentication passes.
* The encryption scheme was once considered safe enough that the encrypted versions were stored in the publicly readable file "/etc/passwd".
• They always encrypted to a 13 character string, so an account could be disabled by putting a string of any other length into the password field.
• Modern computers can try every possible password combination in a reasonably short time, so now the encrypted passwords are stored in files that are only readable by the super user. Any password-related programs run as setuid root to get access to these files. ( /etc/shadow )
• A random seed is included as part of the password generation process, and stored as part of the encrypted password. This ensures that if two accounts have the same plain-text password that they will not have the same encrypted password. However cutting and pasting encrypted passwords from one account to another will give them the same plain-text passwords.

One-Time Passwords
* One-time passwords resist shoulder surfing and other attacks where an observer is able to capture a password typed in by a user.
• These are often based on a challenge and a response. Because the challenge is different each time, the old response will not be valid for future challenges.
   -> For example, The user may be in possession of a secret function f(x). The system challenges with some given value for x, and the user responds with f(x), which the system can then verify. Since 
the challenger gives a different (random) x each time, the answer is constantly changing.
   -> A variation uses a map (e.g. a road map) as the key. Today's question might be "On what corner is SEO located?", and 
tomorrow's question might be "How far is it from Navy Pier to Wrigley Field?" Obviously "Taylor and Morgan" would not be accepted as a valid answer for the second question!
• Another option is to have some sort of electronic card with a series of constantly changing numbers, based on the current time. The user enters the current number on the card, which will only be valid for a few seconds. A two-factor authorization also requires a traditional password 
in addition to the number on the card, so others may not use it if it were ever lost or stolen.
• A third variation is a code book, or one-time pad. In this scheme a long list of passwords is generated and each one is crossed off and cancelled as it is used. Obviously it is important to keep the pad secure.

Biometrics
* Biometrics involve a physical characteristic of the user that is not easily forged or duplicated and not likely to be identical between multiple users.
• Fingerprint scanners are getting faster, more accurate, and more economical.
• Palm readers can check thermal properties, finger length, etc.
• Retinal scanners examine the back of the users' eyes.
• Voiceprint analyzers distinguish particular voices.
• Difficulties may arise in the event of colds, injuries, or other physiological changes

Labels:

Popular posts from this blog

FIRM

          A firm is an organisation which converts inputs into outputs and it sells. Input includes the factors of production (FOP). Such as land, labour, capital and organisation. The output of the firm consists of goods and services they produce.           The firm's are also classified into categories like private sector firms, public sector firms, joint sector firms and not for profit firms. Group of firms include Universities, public libraries, hospitals, museums, churches, voluntary organisations, labour unions, professional societies etc. Firm's Objectives:            The objectives of the firm includes the following 1. Profit Maximization:           The traditional theory of firms objective is to maximize the amount of shortrun profits. The public and business community define profit as an accounting concept, it is the difference between total receipts and total profit. 2. Firm's value Maximization:           Firm's are expected to operate for a long period, the
Read more

Human Factors in Designing User-Centric Engineering Solutions

Human factors play a pivotal role in the design and development of user-centric engineering solutions. The integration of human-centered design principles ensures that technology not only meets functional requirements but also aligns seamlessly with users' needs, abilities, and preferences. This approach recognizes the diversity among users and aims to create products and systems that are intuitive, efficient, and enjoyable to use. In this exploration, we will delve into the key aspects of human factors in designing user-centric engineering solutions, examining the importance of user research, usability, accessibility, and the overall user experience. User Research: Unveiling User Needs and Behaviors At the core of human-centered design lies comprehensive user research. Understanding the target audience is fundamental to creating solutions that resonate with users. This involves studying user needs, behaviors, and preferences through various methodologies such as surveys, interview
Read more

Introduction to C Programs

INTRODUCTION The programming language ‘C’ was developed by Dennis Ritchie in the early 1970s at Bell Laboratories. Although C was first developed for writing system software, today it has become such a famous language that a various of software programs are written using this language. The main advantage of using C for programming is that it can be easily used on different types of computers. Many other programming languages such as C++ and Java are also based on C which means that you will be able to learn them easily in the future. Today, C is mostly used with the UNIX operating system. Structure of a C program A C program contains one or more functions, where a function is defined as a group of statements that perform a well-defined task.The program defines the structure of a C program. The statements in a function are written in a logical series to perform a particular task. The most important function is the main() function and is a part of every C program. Rather, the execution o
Read more