SlideShare a Scribd company logo

SecPrivCompIntro

Download as PPT, PDF
Mohammed Adam
Mohammed Adam

Security and Privacy: Computers and the Internet

Technology
1 of 60
Security and Privacy: Computers and the Internet Mohammed Adam
Objectives • Explain the different types of computer crime and the difficulties of discovery and prosecution. • Describe the aspects of securing corporate data, including software and data security, disaster recovery plans, and security legislation. • Describe in general terms how viruses work, the damage they can cause, and procedures used to prevent this damage. • Explain the threats to personal privacy posed by computers and the Internet. Describe actions you can take to maximize your privacy.
Contents • Computer Crime • Security • Disaster Recovery • Backup • Pests • Privacy • Junk e-mail • Protecting Children
Computer Crime Stealing and using or selling of data: Company data Personal information in company files
Computer Crime Employees and individuals need to recognize the possible danger from computer systems and protect their assets.
Computer Crime Security and Privacy Keep data secure • Destruction • Accidental damage • Theft • Espionage Keep data private • Salaries • Medical information • Social security numbers • Bank balances Data communications capabilities provides new challenges
Data, not equipment (cont) Ways to secure data • Locked servers • Removable hard drives that are locked when not in use • Hard disk drives requiring special tools for detachment • Physical cages around computers that prohibit access • Passwording files Computer Crime
Computer Crime • Supplies for the Hacker – PC – Communications network • Why hack? – Harass – Show-off – Gain access to computer services without paying – Obtain information to sell Hackers are individuals who attempt to gain access to computer systems illegally
White-hat hackers • Computer professionals hired to illicitly gain entry into a system – Reveal weak points – Protect the points – May not alert its own employees of the testing • Tiger teams • Intrusion tester • White hat hackers Computer Crime Hackers for Hire
Computer Crime What Systems Have Been Invaded? • Corporate networks – Over half largest corporations were invaded – Competitors? • Government networks – Dept of Defense attacked more than 200,000 times per year – Computer attack abilities of other nations? • Web sites
Computer Crime How Can Systems be Easily Compromised? Social engineering Con artist – persuade others to give away their passwords over the phone Electronic pickpockets Use computers to transfer or change assets to their advantage
Computer Crime Frequently Reported Crimes • Credit-card fraud – Numbers captured and used fraudulently • Data communications fraud – Piggyback on someone else’s network – Office network for personal purposes – Computer-directed diversion of funds • Unauthorized access to computer files – Accessing confidential employee records – Theft of trade secrets and product pricing • Unlawful copying of copyrighted software – Casual sharing of copyrighted software – Assembly-line copying
Computer Crimes • Bomb – Program to trigger damage – Scheduled to run at a later date – May be found in software for general public, especially shareware • Data diddling – Changing data before or as it enters the system • Denial of service attack (DOS) – Hackers bombard a site with more request for service than it can possible handle – Prevents legitimate users from accessing the site – Appearance of requests coming from many different sites simultaneously
• Piggybacking – Original user does not sign off properly – Intruder gains accesses to files via the original user id • Salami technique – Embezzlement • Scavenging – Search garbage and recycling bins for personal information Computer Crimes
• Trapdoor – Illicit program left within a completed legitimate program – Permits unauthorized and unknown entry to the program • Trojan horse – Illegal instructions placed inside a legitimate program – Program does something useful and destructive at the same time • Zapping – Software to bypass security systems Computer Crimes
• Discovery – Difficult – Accidental – 85% of computer crimes are never reported • Prosecution – Legal representatives lack technical knowledge to understand the crime Computer Crimes
Computer Fraud and Abuse Act – 1986 • Computer criminals subject to – Fines – Jail time – Confiscation of hardware • Supplemented by state statutes Computer Crime Discovery and Prosecution
Computer Forensics Uncovering computer-stored information suitable for legal use Computer Crime Discovery and Prosecution
Security • Natural disasters • Fire • Accidents • Vandalism • Theft • Theft or destruction of data • Industrial espionage • Hackers System of safeguards designed to protect a computer system and data from deliberate or accidental damage
Security Identification and Access • Provide access to authorized individuals only • Uses one of more of the following systems – What you have – What you know – What you do – What you are
Security Identification and Access What You Have • Key • Badge • Token • Plastic card – magnetized strip • Active badge – signals wearer’s location using infrared signals
Security Identification and Access What You Know • Password • Identification number • Combination
Security Identification and Access What You Do • Verify signature – software verifies scanned and online signatures
Security Identification and Access What You Are • Biometrics – science of measuring individual body characteristics • Fingerprints • Voice pattern • Retina of the eye • Entire face
Security Identification and Access • Internal controls – Transaction log • Auditor checks – Who has accessed data during periods when that data is not usually used? – Off-the-shelf software to access the validity and accuracy of the system’s operations and output
Security Identification and Access • Secured waste – Shredders – Locked trash barrels • Applicant screening – Verify the facts on a resume – Background checks • Built-in software protection – Record unauthorized access attempts – User profile
Security Software Security Ownership • Company if programmer is employee • Contractual agreement if the programmer is not an employee • Software can be copyrighted
Security The Internet Firewall Dedicated computer that governs interaction between internal network and the Internet Encryption Data Encryption Standard (DES)
Security Personal Computers • Physical security with locks and cables • Surge protector • Uninterruptible power supply (UPS) • Backup files regularly and systematically
Disaster Recovery Hardware loss • Can be replaced • Temporarily diminished processing ability Software loss • Industry standard – make backups of program files
Disaster Recovery Data loss • Reassemble records – Customer information – Accounting data – Design information • Major costs and time
Disaster Recovery Plan Restoring computer processing operations and data files if operations are halted or files are damaged by major destruction
Disaster Recovery Plan Approaches • Manual services temporarily • Purchase time from a service bureau • Mutual aid pack – Two or more companies will lend each other computer power – Problem if regional disaster
Disaster Recovery Plan Approaches • Consortium – Joint venture – Complete computer system – Routinely tested – Used only if disaster – Sites • Hot site – fully equipped and environmentally controlled computer center • Cold site – environmentally suitable empty shell
Disaster Recovery Plan Advance Arrangements Everything except hardware safely stored in geographically distant locations – Program and data files – Program listings – Program and operating systems documentation – Hardware inventory lists – Output forms – Copy of the disaster plan manual
Disaster Recovery Plan Includes • Priorities for programs • Plans for notifying employees • List of needed equipment and where it is located • Alternative computing facilities • Procedures for handling input and output data • Emergency Drills
Backup Why Backup? “If you are not backing up your files regularly, you deserve to lose them.” Average user experiences loss once a year
Backup What Can Cause Data Loss? • Incorrect software use • Input data incorrectly • Software may harm data • Hard disk malfunctions • Accidentally delete files • Virus infection
Backup Methods Full backup Differential backup Incremental backup Media Diskette Tape Zip disk CD-R / CR-RW DVD-RAM Mirrored hard drive
Pests Invade the computer system and cause something unexpected to occur May interfere with function of PC
Worms • Rare • Transfers over a network • Plants as a separate file on the target’s computer
Viruses • Illicit instructions that pass themselves on to other programs – Benign – Damaging to computer • Digital vandalism
Viruses Vaccine or antivirus • Stops the spread of and eradicates the virus • Install software • Download signature files regularly
Viruses • Retrovirus – Fights the vaccine and may delete the antivirus software • Costs – Billions of dollars a year – Aggravation to individual users
Virus Transmission Networks Diskettes
Virus Getting Infected • Executing the virus program • Booting from a diskette containing an infected boot sector including accidentally leaving a “non-system disk” in the floppy drive • Downloading an infected file and executing it • Opening an infected e-mail attachment • By viewing e-mail in some versions of Microsoft Outlook
Virus Precautions • Be wary of free software from the Internet or friends • Only install programs from diskettes in sealed packages • Use virus-scanning software to check any file or document before loading it onto your hard disk
Privacy • Where is my data? • How is it used? • Who sees it? • Is anything private anymore? Everything about you is in at least one computer file
Privacy How Did They Get My Data? • Loans • Charge accounts • Orders via mail • Magazine subscriptions • Tax forms • Applications for schools, jobs, clubs • Insurance claim • Hospital stay • Sending checks • Fund-raisers • Advertisers • Warranties • Military draft registration • Court petition
Privacy How Did They Get My Data?
Privacy Legislation • Fair Credit Reporting Act – 1970 • Freedom of Information Act – 1970 • Federal Privacy Act – 1974 • Video Privacy Protection act – 1988 • Computer Matching and Privacy Protections Act – 1988
Privacy Your Boss is Spying on You! Monitoring software – Screens – E-mail – Keystrokes per minute – Length of breaks – What computer files are used and for how long Privacy groups want legislation requiring employers to alert employees that they are being monitored.
Privacy Monitoring by Web Sites Records: • City • Site you just left • Everything you do while on the site • Hardware and software you use • Click stream – Series of clicks that link from site to site – History of what the user chooses to view
Privacy Monitoring by Web Sites Cookie • Stores information about you • Located on your hard drive • Beneficial uses – Viewing preferences – Online shopping – Secure sites retain password in cookie • Controversial use – Tracking surfing habits for advertisers • Can set browser to refuse cookies or warn before storing • Software available to manage cookies
Privacy P3P Platform for Privacy Preference Project • Standards proposed by the World Wide Web Consortium (W3C) – User sets privacy preferences – Web server transmits privacy policies – Software determines if web site meets users’ requirements • Participation by web site is voluntary
Junk e-mail • Cheaper than snail mail • Spamming – Sends e-mail messages to “everyone” – Abandons the originating site
Junk e-mail • Help eliminate junk e-mail – Do not complete a member profile with online service – Do not fill in registration forms unless the purveyor promises not to sell or exchange your information – Never respond to spamming • Use filter software • States are beginning to provide laws banning unsolicited junk e-mail
Protecting Children • Blocking software – high-tech chaperone • Examine browser history to see what sites are visited • Locate computer in a semipublic, high-traffic location of your home
Protecting Children Laws Communications Decency Act – 1996 Children’s Online Privacy Protection Act (COPPA) – 2000
THANK YOU

Recommended

Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security EngineeringMd. Hasan Basri (Angel)
 
Readying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudReadying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudRH
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowCyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowStephen Cobb
 
Cyber Security –PPT
Cyber Security –PPTCyber Security –PPT
Cyber Security –PPTRajat Kumar
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016Quick Heal Technologies Ltd.
 
Network security basics
Network security basicsNetwork security basics
Network security basicsSkillspire LLC
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 

Recommended

Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security EngineeringMd. Hasan Basri (Angel)
 
Readying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudReadying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudRH
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowCyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowStephen Cobb
 
Cyber Security –PPT
Cyber Security –PPTCyber Security –PPT
Cyber Security –PPTRajat Kumar
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016Quick Heal Technologies Ltd.
 
Network security basics
Network security basicsNetwork security basics
Network security basicsSkillspire LLC
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksJames Cash
 
Cyber security mis
Cyber security misCyber security mis
Cyber security misAditya Singh Rana
 
Competitive cyber security
Competitive cyber securityCompetitive cyber security
Competitive cyber securityWilliam Mathews
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Beyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenBeyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenSegun Ebenezer Olaniyan
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1Kabul Education University
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital HygieneLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Digital Self Defense (RRLC version)
Digital Self Defense (RRLC version)Digital Self Defense (RRLC version)
Digital Self Defense (RRLC version)Ben Woelk, CISSP, CPTC
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityIndonesia Honeynet Chapter
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & PrivacyNawanan Theera-Ampornpunt
 
Security tools
Security toolsSecurity tools
Security toolsarfan shahzad
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessStephen Cobb
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyHaa'Meem Mohiyuddin
 
Chap11
Chap11Chap11
Chap11nitin_009
 

More Related Content

What's hot

Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksJames Cash
 
Competitive cyber security
Competitive cyber securityCompetitive cyber security
Competitive cyber securityWilliam Mathews
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessStephen Cobb
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 

What's hot (20)

Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber Attacks
 
Cyber security mis
Cyber security misCyber security mis
Cyber security mis
 
Competitive cyber security
Competitive cyber securityCompetitive cyber security
Competitive cyber security
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Beyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenBeyond The Dark Hacking Screen
Beyond The Dark Hacking Screen
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital Hygiene
 
Digital Self Defense (RRLC version)
Digital Self Defense (RRLC version)Digital Self Defense (RRLC version)
Digital Self Defense (RRLC version)
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health Security
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Security tools
Security toolsSecurity tools
Security tools
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good Business
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 

Similar to SecPrivCompIntro

Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measuresjoy grace bagui
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxFannyKwok1
 
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usagetushki92
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptxRushikeshChikane2
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Uc14 chap15
Uc14 chap15Uc14 chap15
Uc14 chap15ayahye
 
9. Computer Ethics.ppt
9. Computer Ethics.ppt9. Computer Ethics.ppt
9. Computer Ethics.pptasm071149
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Lecture 5.1.pptx
Lecture 5.1.pptxLecture 5.1.pptx
Lecture 5.1.pptxDibyesh1
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
chapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfchapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfsatonaka3
 
CNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security OperationsCNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security OperationsSam Bowne
 

Similar to SecPrivCompIntro (20)

Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
Chap11
Chap11Chap11
Chap11
 
Chap11
Chap11Chap11
Chap11
 
css ppt.ppt
css ppt.pptcss ppt.ppt
css ppt.ppt
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measures
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptx
 
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usage
 
9 - Security
9 - Security9 - Security
9 - Security
 
Network security
Network securityNetwork security
Network security
 
Security Architectures and Models.pptx
Security Architectures and Models.pptxSecurity Architectures and Models.pptx
Security Architectures and Models.pptx
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Uc14 chap15
Uc14 chap15Uc14 chap15
Uc14 chap15
 
9. Computer Ethics.ppt
9. Computer Ethics.ppt9. Computer Ethics.ppt
9. Computer Ethics.ppt
 
Uc14 chap15
Uc14 chap15Uc14 chap15
Uc14 chap15
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Isys20261 lecture 02
Isys20261 lecture 02Isys20261 lecture 02
Isys20261 lecture 02
 
Lecture 5.1.pptx
Lecture 5.1.pptxLecture 5.1.pptx
Lecture 5.1.pptx
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
chapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdfchapter13 - Computing Security Ethics.pdf
chapter13 - Computing Security Ethics.pdf
 
CNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security OperationsCNIT 125 Ch 8. Security Operations
CNIT 125 Ch 8. Security Operations
 

More from Mohammed Adam

Android Penetration Testing - Day 3
Android Penetration Testing - Day 3Android Penetration Testing - Day 3
Android Penetration Testing - Day 3Mohammed Adam
 
Android Penetration testing - Day 2
Android Penetration testing - Day 2 Android Penetration testing - Day 2
Android Penetration testing - Day 2Mohammed Adam
 
Android Penetration Testing - Day 1
Android Penetration Testing - Day 1Android Penetration Testing - Day 1
Android Penetration Testing - Day 1Mohammed Adam
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration TestingMohammed Adam
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Basic Foundation For Cybersecurity
Basic Foundation For CybersecurityBasic Foundation For Cybersecurity
Basic Foundation For CybersecurityMohammed Adam
 
Golden Ticket Attack - AD - Domain Persistence
Golden Ticket Attack - AD - Domain PersistenceGolden Ticket Attack - AD - Domain Persistence
Golden Ticket Attack - AD - Domain PersistenceMohammed Adam
 
Evading Antivirus software for fun and profit
Evading Antivirus software for fun and profitEvading Antivirus software for fun and profit
Evading Antivirus software for fun and profitMohammed Adam
 
Introduction to Network Fundamentals
Introduction to Network FundamentalsIntroduction to Network Fundamentals
Introduction to Network FundamentalsMohammed Adam
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authenticationMohammed Adam
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Introduction to null villupuram community
Introduction to null villupuram communityIntroduction to null villupuram community
Introduction to null villupuram communityMohammed Adam
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurityOSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurityMohammed Adam
 
Android Application Penetration Testing - Mohammed Adam
Android Application Penetration Testing - Mohammed AdamAndroid Application Penetration Testing - Mohammed Adam
Android Application Penetration Testing - Mohammed AdamMohammed Adam
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 

More from Mohammed Adam (20)

Android Penetration Testing - Day 3
Android Penetration Testing - Day 3Android Penetration Testing - Day 3
Android Penetration Testing - Day 3
 
Android Penetration testing - Day 2
Android Penetration testing - Day 2 Android Penetration testing - Day 2
Android Penetration testing - Day 2
 
Android Penetration Testing - Day 1
Android Penetration Testing - Day 1Android Penetration Testing - Day 1
Android Penetration Testing - Day 1
 
Wireless Penetration Testing
Wireless Penetration TestingWireless Penetration Testing
Wireless Penetration Testing
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Basic Foundation For Cybersecurity
Basic Foundation For CybersecurityBasic Foundation For Cybersecurity
Basic Foundation For Cybersecurity
 
Golden Ticket Attack - AD - Domain Persistence
Golden Ticket Attack - AD - Domain PersistenceGolden Ticket Attack - AD - Domain Persistence
Golden Ticket Attack - AD - Domain Persistence
 
Evading Antivirus software for fun and profit
Evading Antivirus software for fun and profitEvading Antivirus software for fun and profit
Evading Antivirus software for fun and profit
 
Introduction to Network Fundamentals
Introduction to Network FundamentalsIntroduction to Network Fundamentals
Introduction to Network Fundamentals
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authentication
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Introduction to null villupuram community
Introduction to null villupuram communityIntroduction to null villupuram community
Introduction to null villupuram community
 
Internet security
Internet securityInternet security
Internet security
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed Adam
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
 
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurityOSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
 
Android Application Penetration Testing - Mohammed Adam
Android Application Penetration Testing - Mohammed AdamAndroid Application Penetration Testing - Mohammed Adam
Android Application Penetration Testing - Mohammed Adam
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
Network Security
Network SecurityNetwork Security
Network Security
 

Recently uploaded

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

SecPrivCompIntro

  • 1. Security and Privacy: Computers and the Internet Mohammed Adam
  • 2. Objectives • Explain the different types of computer crime and the difficulties of discovery and prosecution. • Describe the aspects of securing corporate data, including software and data security, disaster recovery plans, and security legislation. • Describe in general terms how viruses work, the damage they can cause, and procedures used to prevent this damage. • Explain the threats to personal privacy posed by computers and the Internet. Describe actions you can take to maximize your privacy.
  • 3. Contents • Computer Crime • Security • Disaster Recovery • Backup • Pests • Privacy • Junk e-mail • Protecting Children
  • 4. Computer Crime Stealing and using or selling of data: Company data Personal information in company files
  • 5. Computer Crime Employees and individuals need to recognize the possible danger from computer systems and protect their assets.
  • 6. Computer Crime Security and Privacy Keep data secure • Destruction • Accidental damage • Theft • Espionage Keep data private • Salaries • Medical information • Social security numbers • Bank balances Data communications capabilities provides new challenges
  • 7. Data, not equipment (cont) Ways to secure data • Locked servers • Removable hard drives that are locked when not in use • Hard disk drives requiring special tools for detachment • Physical cages around computers that prohibit access • Passwording files Computer Crime
  • 8. Computer Crime • Supplies for the Hacker – PC – Communications network • Why hack? – Harass – Show-off – Gain access to computer services without paying – Obtain information to sell Hackers are individuals who attempt to gain access to computer systems illegally
  • 9. White-hat hackers • Computer professionals hired to illicitly gain entry into a system – Reveal weak points – Protect the points – May not alert its own employees of the testing • Tiger teams • Intrusion tester • White hat hackers Computer Crime Hackers for Hire
  • 10. Computer Crime What Systems Have Been Invaded? • Corporate networks – Over half largest corporations were invaded – Competitors? • Government networks – Dept of Defense attacked more than 200,000 times per year – Computer attack abilities of other nations? • Web sites
  • 11. Computer Crime How Can Systems be Easily Compromised? Social engineering Con artist – persuade others to give away their passwords over the phone Electronic pickpockets Use computers to transfer or change assets to their advantage
  • 12. Computer Crime Frequently Reported Crimes • Credit-card fraud – Numbers captured and used fraudulently • Data communications fraud – Piggyback on someone else’s network – Office network for personal purposes – Computer-directed diversion of funds • Unauthorized access to computer files – Accessing confidential employee records – Theft of trade secrets and product pricing • Unlawful copying of copyrighted software – Casual sharing of copyrighted software – Assembly-line copying
  • 13. Computer Crimes • Bomb – Program to trigger damage – Scheduled to run at a later date – May be found in software for general public, especially shareware • Data diddling – Changing data before or as it enters the system • Denial of service attack (DOS) – Hackers bombard a site with more request for service than it can possible handle – Prevents legitimate users from accessing the site – Appearance of requests coming from many different sites simultaneously
  • 14. • Piggybacking – Original user does not sign off properly – Intruder gains accesses to files via the original user id • Salami technique – Embezzlement • Scavenging – Search garbage and recycling bins for personal information Computer Crimes
  • 15. • Trapdoor – Illicit program left within a completed legitimate program – Permits unauthorized and unknown entry to the program • Trojan horse – Illegal instructions placed inside a legitimate program – Program does something useful and destructive at the same time • Zapping – Software to bypass security systems Computer Crimes
  • 16. • Discovery – Difficult – Accidental – 85% of computer crimes are never reported • Prosecution – Legal representatives lack technical knowledge to understand the crime Computer Crimes
  • 17. Computer Fraud and Abuse Act – 1986 • Computer criminals subject to – Fines – Jail time – Confiscation of hardware • Supplemented by state statutes Computer Crime Discovery and Prosecution
  • 18. Computer Forensics Uncovering computer-stored information suitable for legal use Computer Crime Discovery and Prosecution
  • 19. Security • Natural disasters • Fire • Accidents • Vandalism • Theft • Theft or destruction of data • Industrial espionage • Hackers System of safeguards designed to protect a computer system and data from deliberate or accidental damage
  • 20. Security Identification and Access • Provide access to authorized individuals only • Uses one of more of the following systems – What you have – What you know – What you do – What you are
  • 21. Security Identification and Access What You Have • Key • Badge • Token • Plastic card – magnetized strip • Active badge – signals wearer’s location using infrared signals
  • 22. Security Identification and Access What You Know • Password • Identification number • Combination
  • 23. Security Identification and Access What You Do • Verify signature – software verifies scanned and online signatures
  • 24. Security Identification and Access What You Are • Biometrics – science of measuring individual body characteristics • Fingerprints • Voice pattern • Retina of the eye • Entire face
  • 25. Security Identification and Access • Internal controls – Transaction log • Auditor checks – Who has accessed data during periods when that data is not usually used? – Off-the-shelf software to access the validity and accuracy of the system’s operations and output
  • 26. Security Identification and Access • Secured waste – Shredders – Locked trash barrels • Applicant screening – Verify the facts on a resume – Background checks • Built-in software protection – Record unauthorized access attempts – User profile
  • 27. Security Software Security Ownership • Company if programmer is employee • Contractual agreement if the programmer is not an employee • Software can be copyrighted
  • 28. Security The Internet Firewall Dedicated computer that governs interaction between internal network and the Internet Encryption Data Encryption Standard (DES)
  • 29. Security Personal Computers • Physical security with locks and cables • Surge protector • Uninterruptible power supply (UPS) • Backup files regularly and systematically
  • 30. Disaster Recovery Hardware loss • Can be replaced • Temporarily diminished processing ability Software loss • Industry standard – make backups of program files
  • 31. Disaster Recovery Data loss • Reassemble records – Customer information – Accounting data – Design information • Major costs and time
  • 32. Disaster Recovery Plan Restoring computer processing operations and data files if operations are halted or files are damaged by major destruction
  • 33. Disaster Recovery Plan Approaches • Manual services temporarily • Purchase time from a service bureau • Mutual aid pack – Two or more companies will lend each other computer power – Problem if regional disaster
  • 34. Disaster Recovery Plan Approaches • Consortium – Joint venture – Complete computer system – Routinely tested – Used only if disaster – Sites • Hot site – fully equipped and environmentally controlled computer center • Cold site – environmentally suitable empty shell
  • 35. Disaster Recovery Plan Advance Arrangements Everything except hardware safely stored in geographically distant locations – Program and data files – Program listings – Program and operating systems documentation – Hardware inventory lists – Output forms – Copy of the disaster plan manual
  • 36. Disaster Recovery Plan Includes • Priorities for programs • Plans for notifying employees • List of needed equipment and where it is located • Alternative computing facilities • Procedures for handling input and output data • Emergency Drills
  • 37. Backup Why Backup? “If you are not backing up your files regularly, you deserve to lose them.” Average user experiences loss once a year
  • 38. Backup What Can Cause Data Loss? • Incorrect software use • Input data incorrectly • Software may harm data • Hard disk malfunctions • Accidentally delete files • Virus infection
  • 39. Backup Methods Full backup Differential backup Incremental backup Media Diskette Tape Zip disk CD-R / CR-RW DVD-RAM Mirrored hard drive
  • 40. Pests Invade the computer system and cause something unexpected to occur May interfere with function of PC
  • 41. Worms • Rare • Transfers over a network • Plants as a separate file on the target’s computer
  • 42. Viruses • Illicit instructions that pass themselves on to other programs – Benign – Damaging to computer • Digital vandalism
  • 43. Viruses Vaccine or antivirus • Stops the spread of and eradicates the virus • Install software • Download signature files regularly
  • 44. Viruses • Retrovirus – Fights the vaccine and may delete the antivirus software • Costs – Billions of dollars a year – Aggravation to individual users
  • 46. Virus Getting Infected • Executing the virus program • Booting from a diskette containing an infected boot sector including accidentally leaving a “non-system disk” in the floppy drive • Downloading an infected file and executing it • Opening an infected e-mail attachment • By viewing e-mail in some versions of Microsoft Outlook
  • 47. Virus Precautions • Be wary of free software from the Internet or friends • Only install programs from diskettes in sealed packages • Use virus-scanning software to check any file or document before loading it onto your hard disk
  • 48. Privacy • Where is my data? • How is it used? • Who sees it? • Is anything private anymore? Everything about you is in at least one computer file
  • 49. Privacy How Did They Get My Data? • Loans • Charge accounts • Orders via mail • Magazine subscriptions • Tax forms • Applications for schools, jobs, clubs • Insurance claim • Hospital stay • Sending checks • Fund-raisers • Advertisers • Warranties • Military draft registration • Court petition
  • 50. Privacy How Did They Get My Data?
  • 51. Privacy Legislation • Fair Credit Reporting Act – 1970 • Freedom of Information Act – 1970 • Federal Privacy Act – 1974 • Video Privacy Protection act – 1988 • Computer Matching and Privacy Protections Act – 1988
  • 52. Privacy Your Boss is Spying on You! Monitoring software – Screens – E-mail – Keystrokes per minute – Length of breaks – What computer files are used and for how long Privacy groups want legislation requiring employers to alert employees that they are being monitored.
  • 53. Privacy Monitoring by Web Sites Records: • City • Site you just left • Everything you do while on the site • Hardware and software you use • Click stream – Series of clicks that link from site to site – History of what the user chooses to view
  • 54. Privacy Monitoring by Web Sites Cookie • Stores information about you • Located on your hard drive • Beneficial uses – Viewing preferences – Online shopping – Secure sites retain password in cookie • Controversial use – Tracking surfing habits for advertisers • Can set browser to refuse cookies or warn before storing • Software available to manage cookies
  • 55. Privacy P3P Platform for Privacy Preference Project • Standards proposed by the World Wide Web Consortium (W3C) – User sets privacy preferences – Web server transmits privacy policies – Software determines if web site meets users’ requirements • Participation by web site is voluntary
  • 56. Junk e-mail • Cheaper than snail mail • Spamming – Sends e-mail messages to “everyone” – Abandons the originating site
  • 57. Junk e-mail • Help eliminate junk e-mail – Do not complete a member profile with online service – Do not fill in registration forms unless the purveyor promises not to sell or exchange your information – Never respond to spamming • Use filter software • States are beginning to provide laws banning unsolicited junk e-mail
  • 58. Protecting Children • Blocking software – high-tech chaperone • Examine browser history to see what sites are visited • Locate computer in a semipublic, high-traffic location of your home
  • 59. Protecting Children Laws Communications Decency Act – 1996 Children’s Online Privacy Protection Act (COPPA) – 2000