Computer Security, Ethics, and Privacy
Computer Security,
Ethics, and PrivacyWhat is a computer security risk ?
- Event or action that causes loss of or damage to computer system
What are viruses , worms , and Trojan horses ? Virus Virus is a potentially damaging computer program Worm Worm copies itself repeatedly, using up resources and possibly shutting down computer or network Trojan horse Trojan horse hides within or looks like legitimate program until triggered
Can spread and damage Does not replicate itself on
How can a virus spread through an e-mail message?
Step 1. Unscrupulous Step 2. They use programmers create a virus the Internet to send program. They hide the virus in the e-mail message to a Word document and attach the thousands of users Word document to an e-mail around the world. message.
Step 3b. Other users do not recognize the name of the sender of the e-mail message. These users
Step 3a. Some do not open the users open the
How can you protect your system from a macro virus?
- Set macro security level in applications that allow you to write macros Set macro security level so that warning displays that
- document contains macro
Macros are instructions saved in an application, such as word processing or spreadsheet program
What is an antivirus program ?
- Identifies and removes computer viruses
- Most also protect against worms and Trojan horses
What is a virus signature ?
- Specific pattern of virus code
Also called virus definition
- look for virus signatures
Antivirus programs
What are some tips for preventing virus, worm, and Trojan horse infections?
Never open an Set the macro security in Install an antivirus e-mail attachment unless programs so you can program on all of your you are expecting it and enable or disable macros computers it is from a trusted source If the antivirus program Check all flags an downloaded Install a personal e-mail attachment programs for firewall program as infected, delete viruses, worms, the attachment or Trojan horses Attempts Attempts to remove to remove any detected any detected virus virus
Quarantines Quarantines infected infected files that it files that it cannot cannot remove remove
Keeps file in separate area of hard disk What happens if an antivirus program identifies an infected file?
Internet and Network Attacks
What are a denial of service attack , back door and spoofing ?
A denial of service attack is an assault which disrupts computer access to an Internet service such as the Web or e-mail A back door is a program or set of instructions in a program that allow users to bypass security controls when accessing a computer resource
What is spoofing ? Makes a Makes a network network or Internet or Internet Transmission appear legitimate Transmission appear legitimate
IP spoofing occurs when an intruder
IP spoofing occurs when an intruder computer fools a network into believing computer fools a network into believing its IP address is from a trusted source its IP address is from a trusted source Perpetrators of IP spoofing trick their
What is a firewall ?
- Security system consisting of hardware and/or software that prevents unauthorized network access
What is a personal firewall utility?
- Program that protects personal computer and its data from unauthorized intrusions >Monitors transmissions to and from computer Informs you of attempted intrusion
How can companies protect against hackers? Intrusion detection software Intrusion detection software analyzes network traffic, assesses analyzes network traffic, assesses system vulnerabilities, and identifies system vulnerabilities, and identifies intrusions and suspicious behavior intrusions and suspicious behavior
What is a user name ?
- Unique combination of characters that identifies user
- combination of characters associated with the user name that allows access to certain computer resources
Password is private
How can you make your password more secure?
- Longer passwords provide greater security
What is a possessed object?
- Item that you must carry to gain access to computer or facility
- Often used with numeric password called personal
identification number (PIN)
What is a biometric device ?
- Authenticates person’s identity using personal characteristic
Fingerprint, hand geometry, voice, signature, and iris
What are hardware theft and hardware vandalism ?
- computer equipment
Hardware theft is act of stealing
Cables sometimes used to lock equipment
Some notebook computers use passwords, possessed objects, and biometrics as security methods
For PDAs and smart phones, you can password-protect the device Hardware vandalism is act of defacing
- or destroying computer equipment
What is software theft ?
Software
software
software
of copyrighted
of copyrighted
is illegal duplication
is illegal duplication
piracy
piracy
Software
Act of stealing or
Act of stealing or
programs
erasing
erasing
intentionally
intentionally
software or
software or
illegally copying
illegally copying
programs
What is a license agreement ? Right to use software
Single-user license agreement allows user to install software on
- one computer, make backup copy, and sell software after removing from computer
What is product activation ? Product activation Product activation allows user to input product allows user to input product identification number online or by phone and receive identification number online or by phone and receive unique installation identification number unique installation identification number
What is encryption ?
- Safeguards against information theft Process of converting plaintext
- characters)
(readable data) into ciphertext (unreadable
- To read the data, the recipient must decrypt , or decipher, the data
Encryption key (formula) often uses more than one method
What are methods for securing e-mail messages?
Digital signatureis encrypted code attached to e-mail message
Pretty Good
to verify identity
Privacy (PGP)
of sender is popular e-mail encryption program
Freeware for personal,
How do Web browsers provide secure data transmission?
Secure site Secure site is Web site that uses encryption to secure data
Digital certificate Digital certificate is notice that guarantees Web site is legitimate Many Web browsers use encryption
What is a certificate authority (CA)?
- Authorized person or company that issues and verifies digital certificates Users apply for digital
- certificate from CA
What is a system failure ? Can cause loss of hardware
Can cause loss of hardware,
Prolonged malfunction
Prolonged malfunction
software, data, or
software, data, or
of computer
of computer
information
information
Caused by aging hardware,
Caused by aging hardware,
natural disasters, or electrical
natural disasters, or electrical
power disturbances
power disturbances
What is a surge protector ?
- Protects computer and equipment from electrical power disturbances
- is surge protector that provides power during power loss
Uninterruptible power supply (UPS)
Safeguard What is a backup ?
Duplicate of file, program, or disk Full backup Full backup all files in computer
Full backup Full backup all files in computer Selective backup
Selective backup select which files to back up
Selective backup Selective backup select which files to back up
Three-generation Three-generation backup backup preserves three copies of important files
Three-generation Three-generation backup backup preserves three copies of important files
How can I ensure my wireless communication is secure?
- WAP should not broadcast your network name
Secure your wireless access point (WAP)
- Enable Wired Equivalent Privacy (WEP) or Wi-Fi
- Protected Access (WPA) 802.11i conforms to the government’s security standards
- and uses more sophisticated encryption than both WPA and WEP
What are computer ethics ? Moral guidelines that govern use of computers and information systems Moral guidelines that govern use of computers and information systems Unauthorized use of Unauthorized use of Software theft Information accuracy Software theft Information accuracy computers and networks computers and networks Intellectual property Intellectual property rights—rights to which rights—rights to which Information privacy Information privacy creators are entitled for creators are entitled for their work their work
What is information privacy ?
Difficult to maintain today because data is stored online Employee monitoring is using computers to observe employee Right of individuals and companies to restrict collection and use of information about them
What are some ways to safeguard personal information? Fill in only the necessary information on rebate, warranty, and registration forms Avoid shopping club and buyers cards Install a cookie manager to filter cookies Inform merchants that you do not want them to distribute your personal information Clear your history file when you are finished browsing Set up a free e-mail account; use this e-mail address for merchant forms Turn off file and print sharing on your Internet connection Sign up for e-mail filtering through your Internet service provider or use an antispam program, such as Brightmail Do not reply to spam for any reason Surf the Web anonymously with a program such as
What is an electronic profile?
- Merchants sell your electronic profile
Data collected when you fill out form on Web
- Often you can specify whether you want personal
- information distributed
What is a cookie ?
Set browser to accept cookies, prompt you to accept cookies, or disable cookies Some Web sites sell or trade information stored in your cookies Small file on your computer that contains data about you
User preferences Interests and browsing How regularly you visit Web sites
How do cookies work?
What are spyware, adware, and spam ?
- Spyware is program placed on computer without user’s knowledge Adware is a program
- that displays online advertisements
Spam is unsolicited
How can you control spam? E-mail filtering
E-mail filtering
Service that Collects spam in blocks e-mail central location messages from that you can designated view any time sources Anti-spam program
Anti-spam program
What is phishing ?
Scam in which a perpetrator sends an official looking e-mail that attempts to obtain your personal information
What privacy laws have been enacted?
What privacy laws have been enacted? (cont’d)
What is content filtering ?
- Process of restricting access to certain material Internet Content Rating
- Association (ICRA) provides rating system of Web content
- Web filtering software
restricts access to specified sites
Computer vision syndrome (CVS) Computer vision syndrome (CVS) —eye and vision problems
—eye and vision problems
Computer vision syndrome (CVS) Computer vision syndrome (CVS) —eye and vision problems
—eye and vision problems What are some health concerns of computer use?
Repetitive strain injury (RSI)
Repetitive strain injury (RSI) Repetitive strain injury (RSI) Repetitive strain injury (RSI) Tendonitis Tendonitis —inflammation of —inflammation of tendon due to repeated motion tendon due to repeated motion Tendonitis Tendonitis —inflammation of —inflammation of tendon due to repeated motion tendon due to repeated motion Carpal tunnel syndrome (CTS) Carpal tunnel syndrome (CTS) — — inflammation of nerve that connects inflammation of nerve that connects forearm to palm forearm to palm Carpal tunnel syndrome (CTS) Carpal tunnel syndrome (CTS) — — inflammation of nerve that connects inflammation of nerve that connects forearm to palm forearm to palm
What precautions can prevent tendonitis or carpal tunnel
syndrome?- Use wrist rest
Take frequent breaks during computer session
- Exercise hands and arms
Minimize number of times you switch between mouse and keyboard
How can you ease eyestrain when working at the computer?
What is ergonomics?
- Applied science devoted to comfort, efficiency, and safety in workplace
elbows at 90° keyboard and arms and height: 23” hands parallel to 28” to floor
What is green computing ?
- Reducing electricity and environmental waste while using computer