9-1. Personal Technology 9.1 Truth Issues: Manipulating Digital Data 9.2 Security Issues: Threats...
-
Upload
harold-horn -
Category
Documents
-
view
213 -
download
1
Transcript of 9-1. Personal Technology 9.1 Truth Issues: Manipulating Digital Data 9.2 Security Issues: Threats...
Personal TechnologyPersonal Technology
9.1 Truth Issues: Manipulating Digital Data
9.2 Security Issues: Threats
9.3 Security: Safeguarding Computers & Communications
9.4 Quality-of-Life Issues
9.5 Economic & Political Issues
Chapte
r99
McGraw-Hill/Irwin © 2007 The McGraw-Hill Companies, Inc. All rights reserved.
9-3
Truth Issues: Manipulating Digital Truth Issues: Manipulating Digital DataData
Digital Images and Sounds can be manipulatedPro: Creates new forms of art
Morphing software makes one image morph into anotherhttp://www.cs.utah.edu/~dejohnso/morph.html
Movies such as “Crouching Tiger, Hidden Dragon” and “Harry Potter” contain many scenes that could never actually happen
Adobe Photoshop allows changes, enhancements to photos Digital technology allows musicians to sing every track of a
song and accompany themselvesCon: Has made photographs & recordings untrustworthy
Famous Yalta summit photo edited: Stallone added in!
9-4
Truth Issues: Manipulating Digital Truth Issues: Manipulating Digital DataData
Photographs may not be authenticPhotographs may be deliberately misleading
1994 Time magazine photo of O.J. Simpson was digitally darkened to make him appear sinister Could this have biased potential jury members?
Fashion model photos are routinely elongated to make models appear more slender How many girls become anorexic to try to match those models’
impossible perfection? http://www.etniesgirl.com/blog/2005/11/30/photoshop-101-e
ven-models-have-flaws
http://www.tutorialized.com/tutorial/Basic-Model-Retouching/9547
http://news.bbc.co.uk/1/hi/health/769290.stm
9-5
Truth Issues: Manipulating Digital Truth Issues: Manipulating Digital DataData
Techniques to combat digital deceptionProf. William H. Mitchell of M.I.T. wrote the first
systematic, critical analysis of the digital revolution Corbis http://pro.corbis.com/ adds a digital watermark to
its photosHany Farid of Dartmouth College devised algorithms to
detect changes to uncompressed digital photosProf. Jessica Fridrich of S.U.N.Y. at Binghamton is
researching digital cameras that hide a picture of the photographer’s iris inside each digital photo
9-6
Truth Issues: Manipulating Digital Truth Issues: Manipulating Digital DataData
Limitations of Public databases You can’t get the whole story
Start with a public database, THEN do more researchThe data is not necessarily accurate
Cross-check against multiple sourcesEach database service has boundaries
Know what those boundaries areDifferent keywords bring different resultsHistory is limited
These databases often begin with data from 1980 or later
9-7
Security Issues: ThreatsSecurity Issues: Threats
Errors and accidentsNatural hazardsComputer crimeComputer criminals
Is my computer safe?I’m concerned about it. What do I need to do to use it safely for work, home, and school?
9-8
Security Issues: ThreatsSecurity Issues: ThreatsErrors & AccidentsErrors & Accidents
Human errorsPeople choose the wrong computer
Too simple or too complexHuman emotions affect performance
People get frustratedHuman perceptions are slower than the equipment
Watch out when you click the OK button! You may have just deleted something important!
9-9
Security Issues: ThreatsSecurity Issues: ThreatsErrors & AccidentsErrors & Accidents
Procedural errorsWhen people fail to follow safe procedures, errors can
occurSoftware errors
Programmers make coding errorsFamous example: Utility billing software:
Customer pays early – software credits account Customer pays late – software credits account, adds late
fee in for next bill Programmer forgot to consider customers who pay exactly
on time – their payments were never credited at all!
9-10
Security Issues: ThreatsSecurity Issues: ThreatsErrors & AccidentsErrors & Accidents
Electromechanical problemsMechanical systems wear outPower failures shut down computers unless you have
battery backupUsing cellphones and Blackberries while driving can
cause people to crashDirty data problems
Incomplete, updated, or inaccurate dataCheck your records – medical, school, and credit to make
sure they are accurateNatural hazards can lead to disasters
9-11
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Two types of computer crimeIt can be an illegal act perpetrated against computers or
telecommunicationsIt can be the use of computers or telecommunications to
accomplish an illegal act
9-12
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Theft of hardwareTheft of softwareTheft of online music and videosTheft of time and servicesTheft of informationInternet-related fraudTaking over your PCCrimes of maliceComputer criminals
9-13
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Theft of hardware can range fromShoplifting an item from a computer storeStealing an entire PC or laptop
Theft of softwarePirated software is software obtained illegallyThis includes “softlifting” - buying one copy of the
software and using it on multiple computersSoftware makers have prosecuted both companies and
individuals including students for software piracy
9-14
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Theft of online music and moviesEntertainment industry takes this seriously and
prosecutes offendersStealing music
Illegal file swapping services Damages can be up to $150,000 per song
Stealing movies The film industry has taken aggressive aim at pirated
movies 11-nation crackdown announced in 2005
9-15
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Theft of time and servicesTheft of computer time at work
Surfing or playing games when you should be working Some employees violate policy by conducting personal
business online such as online auctions from work Most employers have policies against viewing X-rated web
sites at workTheft of phone services
Phone phreaks use company phone systems to make “free” unauthorized long distance calls
Why break the law, when you can get free long distance over the internet using skype www.skype.com
9-16
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Theft of InformationA common crime todayCan include theft of personal information, medical
information, or credit card and financial informationLegislation to make it a crime to steal someone’s identity
was the 1998 Identity Theft and Assumption Deterrence Act
The U.S. Department of Justice discusses their approach to this crime at http://www.usdoj.gov/criminal/fraud/idtheft.html
If you are a victim of identity theft, you may file a report online at the Federal Trade Commission’s website at https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
9-17
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Internet-related FraudBecause it lends itself to anonymity, internet-related
fraud is becoming more commonWell-known examples include:
Nigerian letter scam Letter says you can get a lot of money out of Nigeria if you pay
a “money transfer fee” first Evil twin attacks
A cracker sets up an attack computer as a duplicate public access point in a public location
Phishing Sending emails that appear to come from a trusted source that
links you to a website where you type in personal information that is intercepted by the phisher
9-18
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Internet-related Fraud (continued)Pharming
Malicious software is implanted in your computer that directs you to an imposter web page
Trojan horses A program such as a “free” online game or screensaver that
loads hidden programs that take over your computer or cause mischief without your knowledge
For example, Windows users who install the phony MSN Messenger Version 8 "beta" are actually installing an IM worm that spreads to their IM contacts, and connects their computer to a remote control "bot" network run by malicious hackers
9-19
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Crimes of Malice: Crashing entire computer systemsSometimes criminals are more interested in vandalizing
systems than they are in gaining control of themIn 2003, an entrepreneur with a grudge because he lost a
sale retaliated by shutting down the WeaKnees websiteCrackers regularly attempt to crash Microsoft’s websiteSecurity specialists monitor for possible cyber-attacks on
electrical and nuclear power plants, dams, and air traffic control systems
Crackers have attacked the internet too and brought down large sections of it
9-20
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Computer criminals may includeIndividuals or small groups who
Use fraudulent email and websites Steal peoples’ identities for monetary gains Show off their power for bragging rights
Employees who Have a grudge against their current or former employers Have a grudge against another employee Sell their company’s secrets for personal profit
Outside partners and company suppliers
9-21
Security Issues: ThreatsSecurity Issues: ThreatsComputer CrimesComputer Crimes
Computer criminals may also includeCorporate spiesEnemy foreign intelligence services Organized crimeTerrorists
Computer criminals do not include your employer, who is legally allowed to monitor the computers at workCheck your company’s computer usage policyMake sure you follow the rulesKnow that any data you store in the computer at work –
including emails – is company property
9-22
Security: SafeguardingSecurity: SafeguardingComputers & CommunicationsComputers & Communications
Security is A system of safeguards for protecting information
technology against disasters, system failures, and unauthorized access that can result in damage or loss
Computer Security’s Five ComponentsDeterrence of computer crimeIdentification and accessEncryptionProtection of software and dataDisaster recovery plans
9-23
Security: SafeguardingSecurity: SafeguardingComputers & CommunicationsComputers & Communications
Deterrents to computer crimeEnforcing lawsCERT: The Computer Emergency Response Team
Provides round-the-clock information on international computer security threats
The CERT website is www.cert.org For example, on December 15, 2005 announced a partnership
between the US and ictQatar, the Qatar Supreme Council for Information and Communications Technology, to conduct and coordinate cybersecurity activities
On December 13, 2005 CERT issued alert SA05-347A documenting Windows Explorer vulnerabilities
9-24
Security: SafeguardingSecurity: SafeguardingComputers & CommunicationsComputers & Communications
More deterrents to computer crimesTools to fight fraudulent and unauthorized online uses
Rule-based detection software Predictive-statistical-model software Employee internet management software Internet filtering software Electronic surveillance
Verify legitimate right of access Use cards, keys, signatures, and badges Use PINs and passwords Use physical traits and personal identification
9-25
Security: SafeguardingSecurity: SafeguardingComputers & CommunicationsComputers & Communications
Encryption The process of altering readable data into unreadable form to
prevent unauthorized access Advantage: encrypting data that is available over the internet
keeps thieves and crackers from reading it On Dec. 7, 2005, Guidance Software, a maker of Computer Forensics
software, informed their customers that criminals had stolen their credit cards because Guidance had FAILED to encrypt a database that was accessible over the internet
Disadvantage: encrypting data may prevent law-enforcement officials from reading the data criminals are sending to each other
Discussion Question: Does information privacy outweigh law enforcement’s needs to track down and prosecute criminals? Should we all encrypt our information to prevent crackers and criminals from stealing it?
9-26
Security: SafeguardingSecurity: SafeguardingComputers & CommunicationsComputers & Communications
4 ways to protect software & dataEducate employees in backing up data, virus protection,
and not sharing passwordsControl of access to restrict usageAudit controls to document who used what programs and
computers and whenPeople controls include screening applicants,
background checks, monitoring internet, email, and computer usage
9-27
Security: SafeguardingSecurity: SafeguardingComputers & CommunicationsComputers & Communications
Disaster-recovery plans A method of restoring information-processing operations that
have been halted by destruction or accident Reinforced by 2001 World Trade Center attack Reinforced by company data losses incurred during 2005 Hurricane
Katrina Plans range in price and complexity from
Backing up data from disk to tape, CD, or zip disk, with a UPS Automatically storing data redundantly in two places, with a
generator Having an off-site computerized data storage center with
independent power supply Having a complete “hot” redundant data center that can instantly be
used if there is a disasterMore $$$
9-28
Quality-of-Life IssuesQuality-of-Life Issues
Information Technology misuse can result in Environmental problems
Manufacturing computers and circuits can cause pollution Computer component manufacturing employees may be
exposed to toxic substances Used computers/monitors contain chromium, cadmium,
lead, mercury, PVC, and brominated flame retardants – all toxic substances that must be disposed of properly
Exacerbation of Mental-health problems Proliferation of pornography Workplace problems
9-29
Quality-of-Life IssuesQuality-of-Life Issues
Information Technology misuse can result in Environmental problemsExacerbation of mental-health problems
Isolation; computer gamers may substitute online games for interpersonal interaction
Online gambling can be addictive Many users find PCs stressful Internet usage by children can expose them to online
predatorsProliferation of pornography Workplace problems
9-30
Quality-of-Life IssuesQuality-of-Life Issues
Information Technology misuse can result in Environmental problemsExacerbation of Mental-health problems Proliferation of pornography
Online pornographers use pop-up ads and internet search engines to troll for new customers
This means that children may be exposed to porn when involved in innocent online searches
Parents may use online blocking software like Cybersitter, Cyber Patrol, or Net Nanny to prevent this
Workplace problems
9-31
Quality-of-Life IssuesQuality-of-Life Issues
Parental Responses to protecting children from online pornOnline blocking softwareDVD filtersVideogame rating systemsThe V-chipSupport legislation to require pornographers to use
certain web addresses, such as .xxx domainMonitor internet useBe candid to your children about the threatsSave evidence and block messages to prevent
cyberbullying
9-32
Quality-of-Life IssuesQuality-of-Life Issues
Information technology misuse can result in Environmental problemsExacerbation of mental-health problems Proliferation of pornographyWorkplace problems
Misuse of technology Fussing with computers can waste time Information overload
9-33
Economic & Political IssuesEconomic & Political Issues
Technology may affect the gap between the rich and the poor Most jobs require employees who are tech-savvy People who are not tech-savvy won’t qualify for those jobs Technology is being used to replace employees in traditional
jobs, traditionally filled by untrained workersInternet is not controlled
This means that information moves freely on the internet Nondemocratic governments can’t control internet political
activism Internet is only loosely policed, so criminals take advantage