The Challenges of Digital Age:
Society and IT
Williams, B.K, Stacy C. Sawyer (2007).
2
Learning Outcomes
Pada akhir pertemuan ini, diharapkan mahasiswa
akan mampu :
• menjelaskan: bagaimana data digital
digunakan utk membodohi orang lain, dan
dapat menjelaskan jenis-jenis ancaman
Outline Materi
• Truth Issues: Manipulating Digital Data
• Security Issues: Threats
• Security: Safeguarding Computers &
Communications
• Quality-of-Life Issues
9-4
Truth Issues: Manipulating
Digital Data
• Digital Images and Sounds can be manipulated
– Pro: Creates new forms of art
• Morphing software makes one image morph into another http://www.cs.utah.edu/~dejohnso/morph.html
• Movies such as “Crouching Tiger, Hidden Dragon” and
“Harry Potter” contain many scenes that could never actually happen
• Adobe Photoshop allows changes, enhancements to photos • Digital technology allows musicians to sing every track of a
song and accompany themselves
– Con: Has made photographs & recordings untrustworthy
Truth Issues: Manipulating
Digital Data
– Photographs may not be authentic
– Photographs may be deliberately misleading
• 1994 Time magazine photo of O.J. Simpson was digitally darkened to make him appear sinister
– Could this have biased potential jury members?
• Fashion model photos are routinely elongated to make models appear more slender
– How many girls become anorexic to try to match those models’ impossible perfection?
» http://www.etniesgirl.com/blog/2005/11/30/photoshop-101-even-models-have-flaws
9-6
Truth Issues: Manipulating
Digital Data
• Techniques to combat digital deception
– Prof. William H. Mitchell of M.I.T. wrote the first
systematic, critical analysis of the digital revolution – Corbis http://pro.corbis.com/ adds a digital watermark
to its photos
– Hany Farid of Dartmouth College devised algorithms to detect changes to uncompressed digital photos
Truth Issues: Manipulating
Digital Data
• Limitations of Public databases
– You can’t get the whole story
• Start with a public database, THEN do more research – The data is not necessarily accurate
• Cross-check against multiple sources
– Each database service has boundaries • Know what those boundaries are
– Different keywords bring different results – History is limited
9-8
Security Issues: Threats
• Errors and accidents
• Natural hazards
• Computer crime
• Computer criminals
Is my computer safe?
I’m concerned about it. What do I need to do to use it safely for work, home, and
Security Issues: Threats
Errors & Accidents
• Human errors
– People choose the wrong computer
• Too simple or too complex
– Human emotions affect performance
• People get frustrated
– Human perceptions are slower than the
equipment
9-10
Security Issues: Threats
Errors & Accidents
• Procedural errors
– When people fail to follow safe procedures, errors can occur
• Software errors
Security Issues: Threats
Errors & Accidents
• Electromechanical problems
– Mechanical systems wear out
– Power failures shut down computers unless you have battery backup
– Using cellphones and Blackberries while driving can cause people to crash
• Dirty data problems
– Incomplete, updated, or inaccurate data
– Check your records – medical, school, and credit to make sure they are accurate
9-12
Security Issues: Threats
Computer Crimes
• Two types of computer crime
– It can be an illegal act perpetrated against
computers or telecommunications
– It can be the use of computers or
Security Issues: Threats
Computer Crimes
• Theft of hardware
• Theft of software
• Theft of online music and videos
• Theft of time and services
9-14
Security Issues: Threats
Computer Crimes
•
Theft of hardware can range from
– Shoplifting an item from a computer store
– Stealing an entire PC or laptop
•
Theft of software
– Pirated software is software obtained illegally
– This includes “softlifting” - buying one copy of the
software and using it on multiple computers
– Software makers have prosecuted both
Security Issues: Threats
Computer Crimes
• Theft of online music and movies
– Entertainment industry takes this seriously
and prosecutes offenders
– Stealing music
• Illegal file swapping services
• Damages can be up to $150,000 per song
– Stealing movies
• The film industry has taken aggressive aim at pirated movies
9-16
Security Issues: Threats
Computer Crimes
•
Theft of time and services
– Theft of computer time at work
• Surfing or playing games when you should be working • Some employees violate policy by conducting personal
business online such as online auctions from work
• Most employers have policies against viewing X-rated web sites at work
– Theft of phone services
• Phone phreaks use company phone systems to make “free” unauthorized long distance calls
• Why break the law, when you can get free long
Security Issues: Threats
Computer Crimes
• Theft of Information
– A common crime today
– Can include theft of personal information, medical information, or credit card and financial information – Legislation to make it a crime to steal someone’s
identity was the 1998 Identity Theft and Assumption Deterrence Act
– The U.S. Department of Justice discusses their approach to this crime at
http://www.usdoj.gov/criminal/fraud/idtheft.html
9-18
Security Issues: Threats
Computer Crimes
• Internet-related Fraud
– Because it lends itself to anonymity,
internet-related fraud is becoming more common
– Well-known examples include:
• Nigerian letter scam
– Letter says you can get a lot of money out of Nigeria if you pay a “money transfer fee” first
• Evil twin attacks
– A cracker sets up an attack computer as a duplicate public access point in a public location
• Phishing
– Sending emails that appear to come from a trusted source that links you to a website where you type in personal
Security Issues: Threats
Computer Crimes
•
Internet-related Fraud (continued)
– Pharming• Malicious software is implanted in your computer that directs you to an imposter web page
– Trojan horses
• A program such as a “free” online game or
screensaver that loads hidden programs that take over your computer or cause mischief without your
knowledge
• For example, Windows users who install the phony MSN Messenger Version 8 "beta" are actually
9-20
Security Issues: Threats
Computer Crimes
•
Crimes of Malice: Crashing entire computer systems
– Sometimes criminals are more interested in vandalizing systems than they are in gaining control of them
– In 2003, an entrepreneur with a grudge because he lost a sale retaliated by shutting down the WeaKnees website – Crackers regularly attempt to crash Microsoft’s website – Security specialists monitor for possible cyber-attacks on
electrical and nuclear power plants, dams, and air traffic control systems
Security Issues: Threats
Computer Crimes
• Computer criminals may include
– Individuals or small groups who
• Use fraudulent email and websites• Steal peoples’ identities for monetary gains • Show off their power for bragging rights
– Employees who
• Have a grudge against their current or former employers
• Have a grudge against another employee
9-22
Security Issues: Threats
Computer Crimes
• Computer criminals may also include
– Corporate spies
– Enemy foreign intelligence services – Organized crime
– Terrorists
• Computer criminals
do not
include your
employer, who is legally allowed to monitor the
computers at work
– Check your company’s computer usage policy – Make sure you follow the rules
Security: Safeguarding
Computers & Communications
• Security is
– A system of safeguards for protecting information technology against disasters, system failures, and
unauthorized access that can result in damage or loss
• Computer Security’s Five Components
– Deterrence of computer crime – Identification and access
– Encryption
9-24
Security: Safeguarding
Computers & Communications
• Deterrents to computer crime– Enforcing laws
– CERT: The Computer Emergency Response Team
• Provides round-the-clock information on international computer security threats
• The CERT website is www.cert.org
– For example, on December 15, 2005 announced a partnership between the US and ictQatar, the Qatar Supreme Council for Information and
Communications Technology, to conduct and coordinate cybersecurity activities
Security: Safeguarding
Computers & Communications
•
More deterrents to computer crimes
– Tools to fight fraudulent and unauthorized online uses • Rule-based detection software
• Predictive-statistical-model software
• Employee internet management software • Internet filtering software
• Electronic surveillance
– Verify legitimate right of access
9-26
Security: Safeguarding
Computers & Communications
• Encryption
– The process of altering readable data into unreadable form to prevent unauthorized access
– Advantage: encrypting data that is available over the internet keeps thieves and crackers from reading it
• On Dec. 7, 2005, Guidance Software, a maker of Computer Forensics software, informed their customers that criminals had
stolen their credit cards because Guidance had FAILED to encrypt a database that was accessible over the internet
– Disadvantage: encrypting data may prevent
Security: Safeguarding
Computers & Communications
• 4 ways to protect software & data
– Educate employees in backing up data, virus
protection, and not sharing passwords
– Control of access to restrict usage
– Audit controls to document who used what
programs and computers and when
– People controls include screening applicants,
background checks, monitoring internet,
9-28
Security: Safeguarding
Computers & Communications
•
Disaster-recovery plans
– A method of restoring information-processing operations that have been halted by destruction or accident
• Reinforced by 2001 World Trade Center attack
• Reinforced by company data losses incurred during 2005 Hurricane Katrina
– Plans range in price and complexity from
• Backing up data from disk to tape, CD, or zip disk, with a UPS • Automatically storing data redundantly in two places, with a
generator
• Having an off-site computerized data storage center with independent power supply
• Having a complete “hot” redundant data center that can instantly be used if there is a disaster
Quality-of-Life Issues
•
Information Technology misuse can result
in
– Environmental problems
• Manufacturing computers and circuits can cause pollution
• Computer component manufacturing employees may be exposed to toxic substances
• Used computers/monitors contain chromium,
cadmium, lead, mercury, PVC, and brominated flame retardants – all toxic substances that must be
disposed of properly
9-30
Quality-of-Life Issues
•
Information Technology misuse can result in
– Environmental problems
– Exacerbation of mental-health problems
• Isolation; computer gamers may substitute online games for interpersonal interaction
• Online gambling can be addictive • Many users find PCs stressful
• Internet usage by children can expose them to online predators
Quality-of-Life Issues
• Information Technology misuse can result in
– Environmental problems
– Exacerbation of Mental-health problems
– Proliferation of pornography
• Online pornographers use pop-up ads and internet search engines to troll for new customers
• This means that children may be exposed to porn when involved in innocent online searches
• Parents may use online blocking software like
Cybersitter, Cyber Patrol, or Net Nanny to prevent this
9-32
Quality-of-Life Issues
• Parental Responses to protecting children from
online porn
– Online blocking software – DVD filters
– Videogame rating systems – The V-chip
– Support legislation to require pornographers to use certain web addresses, such as .xxx domain
– Monitor internet use
– Be candid to your children about the threats
Quality-of-Life Issues
•
Information technology misuse can result in
– Environmental problems
– Exacerbation of mental-health problems
– Proliferation of pornography
– Workplace problems
• Misuse of technology
9-34
Economic & Political Issues
• Technology may affect the gap between the
rich and the poor
– Most jobs require employees who are tech-savvy
– People who are not tech-savvy won’t qualify for those jobs
– Technology is being used to replace employees in
traditional jobs, traditionally filled by untrained workers
• Internet is not controlled
– This means that information moves freely on the internet
– Nondemocratic governments can’t control internet political activism