Computer Security, Ethics, and Privacy

(1)

(2)

Computer Security Risks

What is a

computer security risk

?

 _{Event or action that causes loss of or damage to}

(3)

Internet and Network Attacks

What are

viruses

,

worms

, and

Trojan horses

?

Virus

Virus is a potentially damaging

computer program

Worm

Worm copies itself repeatedly,

using up resources and possibly shutting down

computer or network

Trojan horse

Trojan horse hides within

or looks like legitimate program

until triggered

Can spread and damage

(4)

Internet and Network Attacks

How can a virus spread through an e-mail message?

Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.

Step 2. They use the Internet to send the e-mail message to thousands of users around the world.

Step 3b. Other users do not recognize the name of the sender of the e-mail message. These users do not open the

e-mail message -- instead they immediately delete the e-mail message. These users’ computers are not infected with the virus.

Step 3a. Some users open the

(5)

Internet and Network Attacks

How can you protect your system from a macro virus?

 _{Set macro security level in applications that allow you to}

write macros

 _{Set macro security level so that warning displays that}

document contains macro

(6)

Internet and Network Attacks

What is an

antivirus program

?

 _{Identifies and removes computer viruses}

(7)

Internet and Network Attacks

What is a

virus signature

?

 _{Specific pattern of virus code}

 Also called virus definition

 _{Antivirus programs}

(8)

Internet and Network Attacks

What are some tips for preventing virus, worm, and Trojan horse infections?

Install a personal firewall program If the antivirus program

flags an

e-mail attachment as infected, delete the attachment

immediately

Set the macro security in programs so you can enable or disable macros

Never open an

e-mail attachment unless you are expecting it and

it is from a trusted source Install an antivirus

program on all of your computers

(9)

Keeps file in separate area of hard disk

Internet and Network Attacks

What happens if an antivirus program identifies an

infected file?

Attempts

to remove

any detected

(10)

Internet and Network Attacks

What are a

denial of service attack

,

back door

and

spoofing

?

A denial of service attack is an assault which disrupts computer access to an Internet service

such as the Web or e-mail

A back door is a program or set of instructions in a program that allow users to bypass security controls when accessing a computer

resource

Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or

(11)

Internet and Network Attacks

or Internet

Transmission appear legitimate

IP spoofing occurs when an intruder

computer fools a network into believing

its IP address is from a trusted source

Perpetrators of IP spoofing trick their victims into interacting

(12)

Internet and Network Attacks

What is a

firewall

?

 _{Security system consisting of hardware and/or software}

(13)

Internet and Network Attacks

What is a

personal firewall

utility?

 _{Program that protects personal computer and its data from}

unauthorized intrusions

 _{Monitors transmissions to and from computer}

(14)

Internet and Network Attacks

How can companies protect against hackers?

Intrusion detection software

analyzes network traffic, assesses

system vulnerabilities, and identifies

intrusions and suspicious behavior

(15)

Unauthorized Access and Use

What is a

user name

?

 _{Unique combination of characters that identifies user}  _Password_{is private}

combination of

(16)

Unauthorized Access and Use

How can you make your password more secure?

(17)

Unauthorized Access and Use

What is a possessed object?

 _{Item that you must carry to gain access to}

computer or facility

 _{Often used with numeric password called}_personal

(18)

Unauthorized Access and Use

What is a

biometric device

?

 _{Authenticates person’s identity}

using personal characteristic

(19)

Hardware Theft and Vandalism

What are

hardware theft

and

hardware vandalism

?

 _{Hardware theft}_{is act of stealing} computer equipment

 Cables sometimes used to lock equipment

 Some notebook computers use passwords, possessed objects, and biometrics as security methods

 For PDAs and smart phones, you can password-protect the device

(20)

Software Theft

What is

software theft

?

Act of stealing or

illegally copying

software or

intentionally

Software piracypiracy

is illegal duplication

of copyrighted

software

(21)

Software Theft

What is a

license agreement

?

 _{Right to use software}

 _{Single-user license agreement}_{allows user to install software on}

(22)

Software Theft

What is

product activation

?

Product activation

Product activation allows user to input product allows user to input product identification number online or by phone and receive

identification number online or by phone and receive

unique installation identification number

(23)

Information Theft

What is

encryption

?

 _{Safeguards against}_{information theft}

 _{Process of converting}_plaintext_{(readable data) into}_ciphertext_(unreadable characters)

 _{Encryption key}_{(formula) often uses more than one method}

(24)

Digital signature

is encrypted code attached to

e-mail message to verify identity

of sender

Freeware for personal, non-commercial use

Information Theft

What are methods for securing e-mail messages?

Pretty Good Privacy (PGP)

is popular

(25)

Secure site

is Web site that uses encryption to secure data

Information Theft

How do Web browsers provide secure data transmission?

Digital certificate

Digital certificate is notice that guarantees Web site is legitimate

(26)

Information Theft

What is a

certificate authority

(CA)?

 _{Authorized person or}

company that issues and verifies digital certificates

 _{Users apply for digital}

(27)

System Failure

What is a

system failure

?

Caused by aging hardware,

natural disasters, or electrical

power disturbances

Can cause loss of hardware,

software, data, or

information

Prolonged malfunction

of computer

(28)

System Failure

What is a

surge protector

?

 _{Protects computer and equipment}

from electrical power disturbances

 _{Uninterruptible power supply (UPS)}

(29)

Backing Up — The Ultimate

Safeguard

What is a

backup

?

Duplicate of file, program, or disk

Full backup Full backup all files in computer

Full backup

all files in computer

Selective backup Selective backup select which files

to back up Selective backup

Selective backup

select which files to back up three copies of important files three copies of important files

In case of system failure or corrupted files,

(30)

Wireless Security

How can I ensure my wireless communication is secure?

 _{Secure your wireless access point (WAP)}

 _{WAP should not broadcast your network name}

 _{Enable Wired Equivalent Privacy (WEP) or Wi-Fi}

Protected Access (WPA)

 _{802.11i conforms to the government’s security standards}

(31)

Ethics and Society

What are

computer ethics

?

Intellectual property rights—rights to which creators are entitled for

their work

Intellectual property rights—rights to which creators are entitled for

their work

Software theft

Software theft Information accuracyInformation accuracy

Information privacy

Unauthorized use of computers and networks

(32)

Information Privacy

What is

information privacy

?

Legal for employers to use monitoring software programs

Difficult to maintain today because data is stored online

Employee monitoring is using computers to observe employee

computer use

Right of individuals and companies to restrict collection and use of

(33)

Information Privacy

What are some ways to safeguard personal information?

Fill in only the necessary information on rebate, warranty, and

registration forms

Avoid shopping club and buyers cards

Install a cookie manager to filter cookies

Inform merchants that you do not want them to distribute

your personal information

Limit the amount of information you provide to Web sites; fill

in only required information

Clear your history file when you are finished browsing

Set up a free e-mail account; use this e-mail address for

merchant forms

Turn off file and print sharing on your Internet connection

Install a personal firewall

Sign up for e-mail filtering through your Internet service provider or

use an antispam program, such as Brightmail

Do not reply to spam for any reason

Surf the Web anonymously with a program such as Freedom Web Secure or

(34)

Information Privacy

What is an electronic profile?

 _{Data collected when you fill out form on Web}  _{Merchants sell your electronic profile}

 _{Often you can specify whether you want personal}

(35)

Information Privacy

What is a

cookie

?

Set browser to accept cookies,

prompt you to accept cookies,

or disable cookies Some Web sites

sell or trade information stored in your

cookies Small file on

your computer that contains data about you

User preferences

(36)

Information Privacy

(37)

Information Privacy

What are spyware, adware, and

spam

?

 _{Spyware is program placed}

on computer without user’s knowledge

 _{Adware is a program}

that displays online advertisements

 _Spam_{is unsolicited}

(38)

Information Privacy

How can you control spam?

Collects spam in central location

that you can view any time Service that

blocks e-mail messages from

designated sources

E-mail filtering E-mail filtering

Sometimes removes valid e-mail messages Attempts to

remove spam

(39)

Information Privacy

What is

phishing

?

Scam in which a perpetrator sends an official looking

e-mail that attempts to obtain your personal

(40)

Information Privacy

(41)

Information Privacy

(42)

Information Privacy

What is

content filtering

?

 _{Process of restricting access to certain material}  _{Internet Content Rating}

Association (ICRA)

provides rating system of Web content

 _{Web filtering software}

(43)

Computer vision syndrome (CVS)

—eye and vision problems

Computer vision syndrome (CVS)

—eye and vision problems

Health Concerns of Computer Use

What are some health concerns of computer use?

Repetitive strain injury (RSI)

Computer addiction

Computer addiction—when —when computer consumes entire social

computer consumes entire social

life

Computer addiction

Computer addiction—when —when computer consumes entire social

computer consumes entire social

life

Tendonitis

Tendonitis—inflammation of —inflammation of tendon due to repeated motion

tendon due to repeated motion

Tendonitis

Tendonitis—inflammation of —inflammation of tendon due to repeated motion

tendon due to repeated motion

Carpal tunnel syndrome (CTS)

Carpal tunnel syndrome (CTS)—— inflammation of nerve that connects

inflammation of nerve that connects

forearm to palm

Carpal tunnel syndrome (CTS)

Carpal tunnel syndrome (CTS)—— inflammation of nerve that connects

inflammation of nerve that connects

forearm to palm

(44)

Health Concerns of Computer Use

What precautions can prevent tendonitis or carpal tunnel

syndrome?

 _{Take frequent breaks during computer session}

 _{Use wrist rest}

 _{Exercise hands and arms}

 _{Minimize number of times you switch between}

(45)

Health Concerns of Computer Use

(46)

Health Concerns of Computer Use

What is ergonomics?

 _{Applied science devoted to comfort, efficiency, and safety in}

workplace

keyboard height: 23” to 28”

feet flat on floor

adjustable height chair with 4 or 5 legs for stability elbows at 90°