Nowadays, privacy and security are become important issues on the Web. This is because of increased of internet crime...
PRIVACY
- Privacy is a status where an individual can work on his/her information in seclusion, resulting in a selective revelation of one's identity and information.
- The definitions of privacy can differ across individuals and cultures. The invasion of privacy can be avoided by the issue of privacy laws.
- Internet, which hosts an enormous information base, has given rise to the concept of information privacy. Unauthorized access to the information is undesirable.
- Internet privacy is the control one has over what information about oneself, the person wishes to disclose. Internet privacy deals with controlling the access to information over the Internet.
the links below are some recent privacy issues:
Private Network
- Snoopware is a software basically software for spying on someone on a computer. Snoopers typically record actions and events on a computer and then save this information in a file.
- If a snooper is installed, virtually everything that happens on the computer is being watched by someone else.
- Snoopers are usually installed on the computer by a system administrator, a boss, a spouse, a lover, a co-worker, a competitor and others.
- Many snoopers are very careful to be invisible to computer users, so most users would have no idea if a snooper was installed.
SECURITY
i) Computer Crime
Malicious Programs
- A virus is a small piece of software that piggybacks on real programs. For example, a virus might attach itself to a program such as a spreadsheet program. Each time the spreadsheet program runs, the virus runs, too, and it has the chance to reproduce (by attaching to other programs).
- Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting.
- A worm is a small piece of software that uses computer network and security holes to replicate itself. A copy of the worm scans the network for another machine that has a specific security hole. It copies itself to the new machine using the security hole, and then starts replicating from there, as well.
- Examples of worms are the MS-Blaster and Sasser worms.
- Worm can destroying important files in user's system, causing some programs to stop working.
- Avoid computer worm by keeping antivirus up-to-date and installing patches provided by operating system and application vendors.
The key difference between a virus and worm is the manner in which it reproduces and spreads. A virus is dependent upon the host file or boot sector, and the transfer of files between computers to spread, whereas a computer worm can execute completely independently and spread on its own accord through network connections.
- A Trojan horse is simply a computer program. The program claims to do one thing but instead does damage when you run it (it may erase your hard disk). Trojan horses have no way to replicate automatically.
- The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users.
- Can spread through: a) email attachments
b) chat software such as Yahoo Messenger and Skype
- There are many types of trojan:
a) Remote Access Trojans
b) Password Sending Trojans
c) Key Loggers
d) Destructive Trojans
e) Denialof Service (DoS) Trojans
f) Proxy/ Wingate Trojans
g) FTP Trojans
- An e-mail virus travels as an attachment to e-mail message, and usually replicates itself by automatically mailing itself to dozens of people in the victim's e-mail address book. Some e-mail viruses don't even require a double-click -- they launch when you view the infected message in the preview pane of user's e-mail software.
Video about how to protect PC against malware:
Internet Scams
- refers to the use of Internet services to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme.
- few example of internet scams:
- business opportunities scams
- chain letters
- free goods
- vacation prize promotion
- how to avoid internet scams:
- always use common sense
- don't respond to bulk emails
- always ask for references and check them carefully
- make sure the company has a phone number and physical address
- always make sure that you get a strong guarantee
- pay by credit card
- avoid falling for high pressure sales tactics
- don't respond to bulk emails
- always print a hard copy of any on-line offer that you're considering
- don't participate in a pyramid scheme
- if you're told that you have won a prize, be skeptical
- beware of promoters who try to sell things using an anonymous email address such as non1234@anon.company.com,user@domain.com or post office box
The explanation of each scam and more example of scams can refer to: http://www.mycert.org.my/en/resources/fraud/main/main/detail/515/index.html
Theft
- an individual that copy or take business or others' information without authorize.
Commonly, this information is user information such as passwords, credit card information, other personal information, or other confidential corporate information
- because this information is illegally obtained, when the individual who stole this information is apprehended, it is likely he or she will be prosecuted to the fullest extent of the law
- hardware or software theft
a) hardware theft is an individual that stole computer equipments. Some tips to prevent hardware theft include:
| - Use physical access controls, such as locked doors, and windows |
| - Use cables to lock the equipment to desk, cabinet, or floor |
| - Install alarm systems for additional security |
| - Never leave a notebook or handheld unattended in a public place |
| - Use password, possessed objects, and biometrics as a method of security |
| - Back up all the files stored on the computer regularly |
b) Software theft is unauthorized duplication and/or use of computer software. This usually means unauthorized copying, either by individuals for use by themselves or their friends or by companies who then sell the illegal copies to users
- means that a user uses a PC to commit a crime. For example, using someone's PC to hack into another PC.
- or simply using their PC to upload illegal content.
Data Manipulation
ii) Hazards
- natural hazards (floods, fires, earthquakes, hurricanes, tsunami)
- civil strife and terrorism (wars, terrorist act)
- technological failures (hard disk crashed)
- human errors (do not install the antivirus software on PC, set password that with lower strength)
Measures to protect computer security
1. Restricting access
- is a way to limit who can access to the data or using particular equipment. Way to limit can done with:
- Consists of automated methods of recognizing a person based on unique physical characteristic.
- Each type of biometric system, while different in application, contains at least one similarity: the biometric must be based upon a distinguishable human attribute such as a person's fingerprint, iris, voice pattern or even facial pattern.
- Biometrics is a very promising field of research. Finding new and foolproof ways of identification is becoming more and more valuable in the current age where identity theft is commonplace.
i) fingerprint scanners
- provides an identification of a person based on the acquisition and recognition of those unique patterns and ridges in a fingerprint.- Standard systems are comprised of a sensor for scanning a fingerprint and aprocessor which stores the fingerprint database and software which compares and matches the fingerprint to the predefined database. Within the database, a fingerprint is usually matched to a reference number, or PIN number which is then matched to a person's name or account. In instances of security the match is generally used to allow or disallow access, but today this can also be used for something as simple as a time clock or payroll access.
ii) Iris (eye) scanners
- Iris scanning has the lowest false-accept rate of all biometrics, and unlike fingerprints, the iris does not change over time. All of this would lead one to believe that iris scanning technology will be more widely adopted over the next ten years over other biometrics.
- is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: type a password to login Facebok). The password should be kept secret from those not allowed access.
- firewall is a barrier to keep destructive forces away from your property. In fact, that's why its called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next.
2. Encrypting data
- encrypting data means converting data to a format that cannot be read by other people. A encryption key is added to data that you choose to encrypt. This key is needed to read the data.
3. Anticipating disasters
- get prepare before disasters by make sure physical security and data security through disasters recovery plan.
4. Preventing data loss
- save important data in secondary storage device to prevent it losing.
Ethics
1. Computer ethics
- Ethics is a set of moral principles that govern the behavior of a group or individual. Therefore, computer ethics is set of moral principles that regulate the use of computers.
- Some common issues of computer ethics include intellectual property rights (such as copyrighted electronic content), privacy concerns, and how computers affect society.
2. Copyright
- set of exclusive rights granted to the author or creator of an original work, including the right to copy, distribute and adapt the work.
3. Software piracy
- Most retail programs are licensed for use at just one computer site or for use by only one user at any time. By buying the software, user become a licensed user rather than an owner.
- Users are allowed to make copies of the program for backup purposes, but it is against the law to give copies to friends and colleagues.
- Software piracy is all but impossible to stop, although software companies are launching more and more lawsuits against major infractors. Originally, software companies tried to stop software piracy by copy-protecting their software. - This strategy failed, however, because it was inconvenient for users and was not 100 percent foolproof. Most software now requires some sort of registration, which may discourage would-be pirates, but doesn't really stop software piracy.
4. Plagiarism
- Plagiarism is when you use someone else's words or ideas and pass them off as your own.