Free Essay

Security Summarized

In:

Submitted By rogereccles
Words 2232
Pages 9
Security summarized
1. First of all: there is no 100 % security. Not in real life and not in the digital world. Not even when your computer is running Linux. You should always use your common sense. And even then it can go wrong. A certain amount of risk, however small, is unavoidable. A Frenchman would say: c'est la vie.

About viruses, firewalls and exploits I can be brief:

Antivirus software
1.1. You don't need antivirus software in Ubuntu, Linux Mint and Debian. Because a virus can't do anything in Linux. Mainly because of this: in order to install on your computer, a virus needs your password. And that it doesn't have.

Furthermore, you generally only install software from the secured "software store" (repositories) of your Linux distribution. This is a very effective barrier against malware.

Therefore there are no Linux viruses "in the wild" (with the exception of web servers, but securing web servers is quite a different cup of tea).

The best protection against viruses is this:
- install a well-supported Linux, like Ubuntu or Linux Mint;
- check daily for updates;
- don't use antivirus, as antivirus in Linux gives only a false sense of security, but simply use your common sense.

For the full story, read on (item 2 and further).

Firewall
1.2. A firewall is already installed by default. It's called IPtables. IPtables can be managed through the application Uncomplicated Firewall (ufw), which is also installed by default.

By default the firewall isn't activated, because behind the ports that are exposed to the internet, there aren't any listening services. At least not in a standard installation. An attacker can't do anything without a listening service.

However, in certain cases you do need a firewall. For instance when you share an unprotected wireless network, or when you've activated some services on your computer. So in order to be on the safe side, I advise to turn on the firewall in all cases.

You can turn on the firewall by means of the terminal (yikes!). This is how you do it:

Launch a terminal window.
(You can launch a terminal window like this: *Click*)

type (copy/paste): sudo ufw enable

Press Enter. Type your password when prompted; this will remain entirely invisible, not even asterisks will show, which is normal.

Uncomplicated Firewall (ufw) has a sensible set of default settings (profile), which are fine for the vast majority of home users. So unless you have special wishes: you're done!

Check the status of the firewall: sudo ufw status verbose

Press Enter.

When enabled, the output should be like this:

pjotr@netbook:~$ sudo ufw status verbose
[sudo] password for pjotr:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip pjotr@netbook:~$ I've printed the most important message in red: this output basically means that all incoming is denied and all outgoing allowed. There are sensible exceptions in the default settings: for example, with the default profile the use of Samba should be no problem. Also downloading torrents (fetch) should be possible; but seeding torrents (serve), might require a temporal disabling of ufw.

It's easy to disable the firewall (should you wish to do so) with this terminal command: sudo ufw disable

Press Enter.

If you're interested in the full set of rules, see the output of: sudo ufw show raw

You can also read the rules files in /etc/ufw (the files whose names end with .rules).

Vulnerabilities
1.3. Exploitable security vulnerabilities can appear in any operating system and in every application. Also in Linux. From these you'll be protected by the updates. Ubuntu automatically performs a daily check for available security updates. It's important to install the proposed security updates immediately, if you want to keep your system as safe as possible.

As long as it's discovered quickly and repaired speedily, a vulnerability is no big problem.

The full story
2. The full story is as follows.

Because of the growth of Linux, most antivirus companies want to tap this new market. Many new Linux users think that they need an antivirus solution in Linux, because of the clever marketing of these companies.

The opposite is true, however. Unlike other operating systems, it's almost impossible to write an effective virus for Linux. How can this be, you might wonder. I'll try to explain why.

Linux computers are just as well a target as computers that run on another operating system. Many popular (and therefore valuable) websites run on Linux, so there is no lack of motivation to infect Linux.

Some people suggest that the Linux community is conceited or lagging behind when it comes to viruses or other security issues. This suggestion is not true.

The developers of Linux haven't ignored viruses, they have structured Linux in such a way that it has good resistance to viruses. And because the code is open, there are literally thousands of people who check the code for errors and propose fixes.

Virus scanners mainly work "reactively", which means that they almost only provide protection against viruses that are already known to the creators of the scanner. Antivirus applications can only protect against a new virus after that virus has been created, not before.

More importantly still, the best protection against any virus will consist of repairing those leaks in the software, which the virus attacks. These repairs happen by means of security updates (which in Linux are issued sooner and more often than in Windows and Mac OS).

Few antivirus companies have a faster response time than the Ubuntu security team. The time frame between public disclosure of a security problem and the making of an antivirus solution or a repair, is obviously the most dangerous period.

As I've said before: a vulnerability is no big problem, as long as it's discovered quickly and repaired speedily.

It's difficult to install a virus on a Linux computer, but it's certainly not impossible. The greatest danger lies in unreliable software repositories and in unsafe code that a careless administrator executes.

It's wise to keep that in mind, and install your software preferably only from the controlled software repositories of your Linux. Be very careful with software from elsewhere, like standalone installation packages (with the extension .deb). Only install those when the source is above all doubt, like Google Chrome and Oracle (Sun) Java JRE.

At present there are in any case no Linux viruses "in the wild."

My advice: do NOT install antivirus software
3. My advice is therefore not to install a virus scanner if you run Linux on your computer.

A summary of the reasons:

a. In Linux, the executability of a file is not determined by an extension (like for example .exe in Windows), but by the permissions adhering to this file. Each newly created file is by default not executable under Linux, and the user will first need to make this file executable by an explicit action.

b. In Linux a normal user has but very limited permissions. For example, a normal user can't perform administrative tasks. And so the scope of this user is actually limited to his own home folder. For installing software you always need to be root (or to have temporary root rights, which is the way of Ubuntu and Linux Mint).

In Ubuntu and Linux Mint, by default, even the administrator logs in with limited user permissions. Should he wish to perform an administrative task, then he has to type his password again, to obtain temporary root permissions. This will give him 15 minutes of root authority.

c. Many Linux users tweak their system according to their own taste. Because of the variety of Linux distributions, applications and kernel versions, it's difficult to write an exploit by which enough systems can be taken over to make the effort of creating that exploit worthwhile.

d. Virus scanners scan mainly for Windows viruses. These viruses don't work in Linux, most of them not even in a Windows emulator like Wine.

e. Virus scanners often issue false warnings. Possibly intentionally, to make the user feel good about the presence of the scanner.

f. There are currently no known active Linux viruses.

Misconception: protection of Windows users
4. Occasionally somebody proclaims the following misconception: "I use antivirus in Linux, so that I can't accidentally pass on a Windows virus to a Windows user. For example by e-mail attachments".

This is a misconception because of the following reasons:

a. Running antivirus in Linux is a useless waste of system resources. Resources that can be put to better use, for example making your system more responsive.

One of the advantages of running Linux is not having to weigh down your system with antivirus. It would be rather counterproductive to move to a virus-free operating system, if we end up running all of the antivirus crud anyway.

And it adds insult to injury, to do so for the sake of an operating system that actually chooses to be security-deficient. If a Windows user can't be bothered to guard his own system against threats that are the result of shortcomings in his own operating system, then the efforts of the comparatively small base of Linux users isn't going to make a shred of difference. Such Windows users will unavoidably get infected from somewhere else.

In fact, I believe that Windows has to lie in the bed it makes for itself. I'm not trying to be harsh here: it's more the principle that consequences must fall to the appropriate party, or else there is no incentive for change.

Therefore, unless a Linux user is running a public web/mail/file server (clearly not your average user), I strongly discourage the installation of antivirus, because doing so continues to silently endorse one of the worst aspects of operating system design.

(With thanks to DuckHook from Ubuntuforums.org, for kindly allowing the use of this text)

b. If you want to reduce the chance of passing on a Windows virus by e-mail, than you can achieve that by sending e-mails with attachments by means of Gmail. Then Google automatically scans the attachments for viruses, trojans and other malware. With a professional up to date virus scanner, on the servers of Gmail itself. A Gmail account is free, so you need to have no worries about costs....

When you enable POP3 support in Gmail, you can even use Thunderbird or Evolution for it.

Note: nowadays every good e-mail service (so not only Gmail) scans automatically for Windows viruses, on the servers of the e-mail provider.

Another possibility is the use of this free web service, which is the property of Google:VirusTotal.com. It'll scan every file that you feed to it, for viruses and other malicious software.

You'll find that the "protection of Windows users" fallacy is often used as an excuse, by people who irrationally can't believe that Linux really doesn't need antivirus....

The things that are dangerous
5. These are the things that do endanger Linux, which you therefore will want to avoid:10 fatal mistakes.

Wireless security
6. The security of your wireless network isn't operating system specific, but it's an important issue. Read here how to secure your wireless network properly.

Disable Universal Plug and Play (UPnP) in your router
7. Not related to your operating system, but important nevertheless: disable Universal Plug and Play (UPnP) in your router. UPnP in your router, enables network devices to communicate with each other, both in your personal network and by means of the internet.

Easy, but dangerous: UPnP opens a huge security hole, which is not really manageable. It's better to disable it permanently, because UPnP is inherently insecure.

First, find the user manual of your router; if you no longer have it, then you'll probably be able to download a copy from the website of the router manufacturer.

Then access the configuration of your router and disable the UPnP feature, and also the accompanying feature, usually called something like "Allow user to configure".

Note: this might require you to take some extra measures for enabling VPN, P2P file sharing and the like (namely opening some ports manually). This isn't always necessary though, and depends on how your router manufacturer has configured the firmware defaults.

Handle with care: Java and openJDK
8. Java (both Oracle Java and openJDK) are frequently under attack. That's why it's best, to disable Java by default in your web browser (if you have installed it at all). Then you can enable Java only for a short while whenever you need it.

This advice is not only for Windows, but also for Linux. Because on this aspect, Linux is vulnerable too! Java is namely platform independent, which means that it works independently from the underlying operating system.

In Firefox you can disable Java like this, and in Google Chrome or Chromium you can do it as described here.

Note: this only applies to Java. There's also Javascript, which is much more secure than Java. So there's usually no need to disable Javascript as well.

Create and remember a secure password easily
9. Contrary to what many people think, creating and remembering a secure password is not hard.

Want more?
Do you want more tips and tweaks for Ubuntu? There's a lot more of them on this website! Like this one: replace Windows XP by an easy free Linux.

Similar Documents

Premium Essay

Is308 Discussion 4

...Stupendous Idea or Security Incident Waiting to Happen?” The idea of having this social networking platform may seem like a good idea and it can be; however, the security risks it has with the current settings could really hurt the company’s reputation in the future. It makes it easy for people to link together in groups setting but in reality it is sharing too much unnecessary information with third parties applications. The current settings could lead to malicious users to exploit the vulnerabilities. The reasons to exploit the vulnerabilities in this platform setting are summarized to obtaining personal information which can be later used to exploit the vulnerabilities from the targeted individuals. In this case with all the contacts’ email addresses being out there for everybody to see, than a hacker could use it to obtain information from their employers or personal information such as financial information. Also, by using HTML and JavaScript a hacker could do command injections which could lead to limited accessibility. The JavaScript programming language could allow standard API’s to bypass access control or security checks and also a tainted input allows code to apply its own permission during the security management check. This idea could lead to serious security issues which could impact the revenue of the company. This is idea has a lot of merit because it would allow individuals to socialize in group settings. However, there need to be better security policies in...

Words: 302 - Pages: 2

Premium Essay

Pre-Sept 11 Vs 9/11

...conjunction which requires two responses; somewhat safer from the terrorists; and not significantly safer from natural disasters. The supposition of the question is that man-made terrorist attacks are the same as the act-of-God created natural disasters. I take the position that they are both the same, each an act-of-God, one expressed through a person and the second through a typhoon, earthquake, or climate change. I agree with Peter Katel, the U.S. is experiencing a false sense of security through two unrelated views of terrorist attacks. The first is the threat from terrorist attacks from foreign nations or non-state actors. The the U.S. population readily identifies with al Qaeda, Boko Haram, or the Islamic State; groups with notional identities recognized through dress, language, or religions affiliation. The U.S perception of these groups is negative and all collective efforts should be undertaken to prevent their access to the...

Words: 1713 - Pages: 7

Premium Essay

Chapter 15 Investments

...E15-3 E15-4 E15-5 E15-6 Content Trading Securities. (Easy) Journal entries. Unrealized holding gain. Balance sheet disclosure. Trading Securities. (Moderate) Journal entries. Income statement and balance sheet disclosures. Long-Term Investments. (Easy) Securities available for sale. Purchase and adjusting entries. Available-for-Sale Securities. (Easy) Journal entries. Compute unrealized increase/decrease balance. Available-for-Sale Securities. (Easy) Journal entries. Balance sheet disclosure. Held-to-Maturity Bond Investment. (Easy) Premium, straight-line amortization, journal entries. Error in recording interest at acquisition. Held-to-Maturity Bond Investment. (Easy) Discount, semiannual interest receipts, straight-line and effective interest methods of amortization, journal entries. Held-to-Maturity Bond Investment. (Moderate) Discount, semiannual interest receipts, sale at gain. Effective interest method. Journal entries. Bond Investment. (Moderate) Discount, semiannual interest receipts, amortization schedule using effective interest method, journal entries. Bond Investment. (Moderate) Premium, semiannual interest receipts, amortization schedule using effective interest method, journal entries. Bond Investment. (Moderate) Premium, semiannual interest receipts, sale at loss. Effective interest method. Journal entries. Transfer Between Categories. (Easy) Reclassification from "held-to-maturity" to "available-for-sale securities." Journal entries for interest and reclassification...

Words: 17388 - Pages: 70

Free Essay

Time

...Health Insurance Portability and Accountability Act Compliance Guide US Department of Health and Human Services Information Security Program Health Insurance Portability and Accountability Act (HIPAA) Compliance Guide September 14, 2005 Page i Health Insurance Portability and Accountability Act Compliance Guide US Department of Health and Human Services Table of Contents Table of Contents .......................................................................................... i Preface.........................................................................................................iii Document Change History ............................................................................iv 1. Introduction ....................................................................................... 1 1.1 1.2 1.3 1.4 2. 2.1 Purpose ........................................................................................... 1 Background...................................................................................... 1 Scope.............................................................................................. 2 Document Organization ..................................................................... 4 HIPAA Administrative Simplification Requirements ........................... 5 General Overview ............................................................................. 5 2.1.1 HIPAA Administrative Simplification Goals and Objectives ............. 5...

Words: 12363 - Pages: 50

Premium Essay

Stock

...1 CONTENTS 1. INVESTMENT BASICS.......................................................................................................7 What is Investment?...................................................................................................................7 Why should one invest? .............................................................................................................7 When to start Investing?...........................................................................................................7 What care should one take while investing?......................................................................8 What is meant by Interest?......................................................................................................8 What factors determine interest rates?...............................................................................8 What are various options available for investment?......................................................9 What are various Short-term financial options available for investment?.............9 What are various Long-term financial o ptions available for investment?............10 What is meant by a Stock Exchange?................................................................................11 What is an ‘Equity’/Share?......................................................................................................11 What is a ‘Debt Instrument’?.................................

Words: 26421 - Pages: 106

Premium Essay

Chapter 17 a Derivsativr Solution

...Questions Brief Exercises Exercises Problems Concepts for Analysis 1. Debt securities. 1, 2, 3, 13 1 4, 7 (a) Held-to-maturity. 4, 5, 7, 8, 10, 13, 21 1, 3 1, 2, 3, 5 1, 7 4 (b) Trading. 4, 6, 7, 8, 10, 21 4 1, 4 (c) Available-for-sale. 4, 7, 8, 9, 10, 11, 21 2, 10 4 1, 2, 3, 4, 7 1, 4 2. Bond amortization. 8, 9 1, 2, 3 3, 4, 5 1, 2, 3 3. Equity securities. 1, 12, 13, 16 4, 7 (a) Available-for-sale. 7, 10, 11, 15, 21 5, 8 6, 8, 9, 11, 12, 16 5, 6, 8, 9, 10, 11, 12 1, 2, 3 (b) Trading. 6, 7, 8, 14, 15, 21 6 6, 7, 14, 15 6, 8 1, 3 (c) Equity method. 16, 17, 18, 19, 20 7 12, 13, 16, 17 8 5, 6 4. Comprehensive income. 22 9 10 10, 12 5. Disclosures of investments. 21 8, 9 5, 9, 10, 11, 12 6. Impairments. 24 10 18 3 7. Transfers between categories. 23 1, 3, 7 *8. Derivatives 25, 26, 27, 28, 29, 30, 31, 32 19, 20, 21, 22, 23, 24 13, 14, 15, 16, 17, 18 *9. Variable Interest Entities 33, 34 *This material is dealt with in an Appendix to the chapter. 17-2 ASSIGNMENT CLASSIFICATION TABLE (BY LEARNING OBJECTIVE) Learning Objectives Brief Exercises Exercises Problems 1. Identify the three categories of debt securities and describe the accounting and reporting treatment for each category. 1 2. Understand the procedures for discount and premium amortization on bond investments. 1, 2, 3, 4 2, 3, 4, 5 1, 2, 3, 4, 7 3. Identify the categories of equity securities and describe the accounting and reporting treatment for each category. 5...

Words: 16945 - Pages: 68

Premium Essay

Financial Management: Theory & Practice

...Study Guide Financial Management: Theory & Practice Fourteenth Edition Eugene F. Brigham University of Florida Michael C. Ehrhardt University of Tennessee ________________________________________________________________________________ Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. This is an electronic version of the print textbook. Due to electronic rights restrictions, some third party content may be suppressed. Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. The publisher reserves the right to remove content from this title at any time if subsequent rights restrictions require it. For valuable information on pricing, previous editions, changes to current editions, and alternate formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for materials in your areas of interest. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied...

Words: 197028 - Pages: 789

Premium Essay

Dont Read

...Balancing between national security and individual privacy is seemingly a daunting task that does not promise an amicable solution in the near future. There are so many controversies surrounding this issue where people with opposing opinions are striving to ensure that their views dominate. The question about which between the two should be prioritized is not relevant compared to the effects either of the alternatives will have in the lives of citizens. The issue is complicated further by the sensitive nature of both national security and individual privacy. There is a close association between the two, thus making it hard for policy makers to alter either of them without touching the other. However, it is a fact that as much as many people want to have full right to individual privacy, they will also be keen to ensure that their security is guaranteed. In other words, the two must be provided without necessarily causing collusion between the two. National security is prioritized compared to individual privacy given the fact that people universally value national security. Legal status of the Individual Privacy vs. National Security issue Controversies surrounding national security and individual privacy came at the limelight after the September 11, 2001 terrorist attacks in the United States. However, this issue has been in existence for a longer time although it has had minimal effect on individual privacy. This paper will focus on recent events since little was heard...

Words: 1286 - Pages: 6

Premium Essay

Questionaire

...Part 2: System Hardening DUE Wednesday, October 29,@11:59pm Scenario After the productive team meeting, Fullsoft’s CTO engages in further analysis and establishes a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will configure baseline security on all workstations. You will ensure that the antivirus software is running properly, remove unnecessary software and services, and implement a control related to password hacking attempts. You have been asked to train a new employee by demonstrating how to implement system hardening on a local workstation. Tasks Ensure that you are logged in as an administrator. Using a computer that has Windows 7* installed: * Review the antivirus program and ensure it is up to date and running a full scan of the system. * Disable at least five unnecessary services from the default installation of Windows 7. * Configure audit logging to identify all failed password attempts into the system. * If possible, complete these tasks using a personal computer with the default installation of Windows 7. If you do not own the necessary hardware and software, consult with your Instructor about alternatives. After your work on this project is complete, you may need to return the settings to the previous configuration. Then, for the employee you are training, write a summary of what you did and explain why system hardening is important. Include the following: Summary * Explain how...

Words: 525 - Pages: 3

Premium Essay

The Greed Cycle

...Article Review: - The Greed Cycle, by John Cassidy The article by Thomas Cassidy, points out the instrumental role that greed plays in the modern corporation. Modern Economists have always seen greed as not only a necessary element in the corporate environment, but as also a vital part of the successful evolution of a public company. As the article points out, “Economists from Adam Smith to Milton Friedman have seen greed as an inevitable and, in some ways, desirable feature of capitalism. In a well regulated and well balanced economy, greed helps to keep the system expanding”. In the early public companies, greed was not seen as a danger, as the implicit trust that managers would not slack off, and would run the company in the interest of the stockholders and stakeholders was not undermined. Economist was the first to identify the issue of managers not acting in the interest of the shareholders, and instead being motivated by greed, and “self-enrichment”. Public Companies, evolved as a way to create financing for large industry, where in the owners agreed to relinquish day to day control and operation of a company to mangers, who in turn would act in their interest, and maximize revenues. As the article points out, in the beginning, “most of the professional managers were content to collect generous salaries and pensions rather than habitually attempt to rob the stockholders and bondholders. It is a strong proof of the marvelous growth in recent times of a spirit...

Words: 824 - Pages: 4

Premium Essay

Tony

...Implications Three constraints:    Scope for increasing aggregate size of public sector limited Scope for raising debt levels limited Contingent liabilities will need careful management Some implications:  PPP may help but are unlikely to be a panacea (PPP should be driven by VfM not fiscal constraints) Raising savings (revenue), improving efficiency of investment, and equitization will all have to play a role. 4  Debt Management I: Definition of Public Debt Vietnam - Gross Public and Publicly Guaranteed Debt - 2005-2009 2005 2006 2007 2008 2009 (In percent of GDP) A. Gross public and publicly guaranteed debt (B+C) B. Gross domestic public and publicly guaranteed debt (B1+B2) B1. Gross domestic public debt Securities Loans and advances B2. Gross domestic publicly guaranteed debt VDB domestic debt Other entities (Social Policy Bank, VEC, Vinashin bonds etc.) C. Gross external public and publicly guaranteed debt (C1+C2) C1. Gross external public debt Multilateral Bilateral...

Words: 1589 - Pages: 7

Free Essay

Ethics of Compensation

...The issue of ethics in the corporate world has been widely talked about over the last decade. Corporate scandals almost seem like a part of everyday life. The nation’s response is to inform students of ethical conduct and hold organizations to a higher standard. This will hold CEOs and management responsible for all fraudulent acts committed by an organization. The ethical spotlight has now turned to CEO compensation due to the recent decline in the economy. The focus point of those public discussions has been to try and get a better position to influence CEO compensation packages. Determining a CEO compensation package and commitment that does not place undue pressure on the CEO to taint financial statements, provide excessive perks, approve stock option scandals to occur, and let outrageous severance packages could be a giant step in the right direction toward an ethical foundation in the business community. Perhaps CEO compensation packages are not the cause of corporate scandals, but sometimes they do push CEOs into making improper and unethical decisions. The relationship between CEO compensation is parallel to being an ethical company, and having long term success Executive compensation has risen significantly in past ten years. These increases are difficult to comprehend considering profits and stock prices of the only increased by 11% and 23% respectively as of 2008. Although the increase in market value created an environment for increasing compensation without much...

Words: 668 - Pages: 3

Free Essay

Food-Lion Mvp Program

...Food-Lion MVP Program Charles A. Kennedy BUS_120 February 7, 2009 Mr. Belflowers Fayetteville Technical Community College Located throughout different parts of the eastern seaboard, there is a popular food store called Food-Lion. The main goal for the store is to provide quality food products at reasonable affordable prices that other stores cannot compete with. With this as their main goal, the store believes it will greatly gain profit and exposure leading to the company growing. Food-Lion is seeking to expand its operations by improving their quality and providing enough quantity. Food-Lion is seeking to take their business in a whole new direction with a Most Valued Product (MVP) program. The proposed system requirements are the system shall have three tiers of users; customers, users, and managers. Users in the “customers” tier represent customers of Food-Lion and account holders. They will be able to view their MVP savings and instantly get other coupon rewards. Users in the “Users” tier represent employees of Food-Lion. They will be able to view their MVP savings from each customer in their area. This would allow them to track pacific items. Every customer will specifically be assigned one account number that will identify the customer within the Food-Lion MVP Program. Whenever a purchase has been made and the customer uses the MVP Card account number, the savings will automatically be credited to customer purchase. When customers want to use their MVP...

Words: 1205 - Pages: 5

Premium Essay

Steel Majors

...MajoA review of financing instruments by Steel majors: Innovations Tata Steel 2011 In March 2011, Tata Steel became the first company to issue Perpetual bonds (Perps) in India. A Perp has no maturity date. The investor gets income from the bond forever. The company, however, has a Call option after the end of the 10th year. The company can therefore, pay off the bond holders and extinguish the bond. The investor cannot redeem the bond ever, but can trade the bond in the secondary market. The coupon rate for the first 10 years is 11.8 percent, paid semi-annually. From the 11th year the coupon rate will be stepped up to 14.80. The coupon rate will be capped at 14.80%. The promoter stake in the company had been diluted by 2.4% in the FPO of January 2011(described below). This is cited as a reason why the company chose to issue bonds rather than equity. Similarly, taking on more debt would have negatively affected its Debt Equity ratios. The company intends to include the instrument as a separate class of capital under schedule 6 of Indian GAAP. This will not increase the interest burden of the company since the interest as and when paid will be recorded as a change in equity on its balance sheet. It can be counted as debt for tax purposes and as equity for ratings. The cost of capital through this instrument is also lower. Cost of equity for markets such as India is 16-24% and cost of debt is around...

Words: 263 - Pages: 2

Premium Essay

What Make an Army Leader

...1. Clearly define the ethical problem. Ans: The ethical problem is that SGT Day willingness to be dishonest and not report the security breach. 2. Employ applicable laws and regulations. Ans: . I would inform my supervisor of the findings and situation and while adhering to JER and Army regulations for dealing such issues. 3. Reflect on ethical values and their ramifications. Ans: I would counsel SGT Day for just wanting to cover up the findings, reminding him that not reporting the finding of the pages immediately could jeopardize our own career. 4. Consider other applicable moral principles. Ans:  I would to talk SFC Sharp and ask him why the pages weren’t destroyed two week ago and find out how to destroy them at this time. 5. Commit to and implement the best ethical solution. Ans:  I would then come up with a plan so that we can put in place a tracking system so that this situation doesn’t happen again. 6. Assess results and modify plan as required. Ans: Even though the civilian cleaning team doesn’t even clean our area and only our people ever come in here and the pages are from an alternate communications security book and were never used it’s still a Security risk.  After talking with SGT Day and having him check the inventory and destruction certificates and he discovered that SFC Sharp certified the destruction of the book these pages came from two weeks ago and also that there were no more pages. I would to talk SFC Sharp and ask him why the pages weren’t...

Words: 380 - Pages: 2