What’s Wrong with Electric Cars? What’s Wrong with Electric Cars?
Ethics, Security, and Privacy What’s Right, What’s Wrong, and How Do I Protect Myself? Chapter...
-
Upload
issac-tatum -
Category
Documents
-
view
221 -
download
3
Transcript of Ethics, Security, and Privacy What’s Right, What’s Wrong, and How Do I Protect Myself? Chapter...
Ethics, Security, and Privacy
What’s Right, What’s Wrong, and How Do I
Protect Myself?
Chapter 9
©2003 The McGraw-Hill Companies
Student Learning Outcomes
1. Define ethics and describe what it means to use computers in an ethical fashion
2. Define copyright, Fair Use Doctrine, and pirated software
3. Identify and describe five types of threats in cyberspace
©2003 The McGraw-Hill Companies
Student Learning Outcomes
4. Describe the seven types of hackers and what motivates each group
5. Define privacy and identify ways in which it can be compromised
6. Describe what you can do to protect yourself in cyberspace
©2003 The McGraw-Hill Companies
Introduction
Today’s society has become increasingly dependent on computers to create, store, and manage critical information.
As such, it is vital to ensure that both the computers and the information they contain are protected from loss, damage, and misuse.
©2003 The McGraw-Hill Companies
9.1 Ethics
Ethics – actions that have serious consequences in the lives of others.Right or wrong actions
Manners – our day to day behavior toward others in situations whose effects are not likely to be far-reaching.
Polite or rude behavior
Societal rules fall into one of two categories
©2003 The McGraw-Hill Companies
Ethics in the Use of Computers
Generally it is unethical to:– Use your computer to harm others– Use your computer to steal– Abuse your power– Use or access someone else's computer
resources without permission– Copy copyrighted software for your own use
or to give to others. This is also illegal
©2003 The McGraw-Hill Companies
Ethics and Computers
• Copyright– Legal protection for the expression of
an idea – It is illegal to copy a copyrighted video
game or other software without permission
• Fair Use Doctrine– Defines situations in which copyrighted
material may be used
• Pirated software– Copyrighted software that is copied
and distributed without permission of the owner
p. 9.261 Fig. 9.1
©2003 The McGraw-Hill Companies
Software
Type Your Rights
Copyright Buy a license to use it
Shareware Try before you buy
Freeware Use, copy, share
Public Domain Use, copy, share, sell
p. 9.262 Fig. 9.2
©2003 The McGraw-Hill Companies
9.2 Threats in Cyberspace
Computers used as Weapons to:
Snoop into private files
Spread rumors & harass people
Steal credit card numbers
Steal personal identities
Steal money & customer lists
©2003 The McGraw-Hill Companies
Hackers
Computers as Targets of Crime
Cyberterrorists Script Bunnies
HacktivistsCrackers
©2003 The McGraw-Hill Companies
Credit Card Fraud
Skimmers – that scan the number off credit cardsSkimmers – that scan the number off credit cards
Magnetic strip readers – that read the name, number, expiration date, and a unique code off the card as well as the numberMagnetic strip readers – that read the name, number, expiration date, and a unique code off the card as well as the number
Break into databases of credit card bureaus, banks, or other institutions that keep credit card recordsBreak into databases of credit card bureaus, banks, or other institutions that keep credit card records
©2003 The McGraw-Hill Companies
Identity Theft
• Identity theft is the impersonation by a thief of someone with good credit
• The thief essentially uses the victim’s credit to steal products and services
©2003 The McGraw-Hill Companies
Crime & Scams in Cyberspace
Travel and vacation fraud
Get-rich schemes
Phone fraud Health care fraud
©2003 The McGraw-Hill Companies
Two Most Notorious Types of Malware
Viruses Denial-of-ServiceAttacks
©2003 The McGraw-Hill Companies
Computers as Targets
• Computer virus• Macro virus• Worm• Virus hoax• Denial-of-Service
(DoS) attack• Combination
Worm/DoS
©2003 The McGraw-Hill Companies
Viruses: Common Types
Virus Hoax e-mail distributed with the intention of frightening people about a nonexistent virus
Worm Spreads itself from computer to computer via e-mail and other Internet traffic
Macro Viruses spread by binding themselves to software such as Word or Excel.
©2003 The McGraw-Hill Companies
The Love Bug Worm
p. 9.268 Fig. 9.6
©2003 The McGraw-Hill Companies
Computers as Targets - cont.
Denial-of-service (DOS) attacks cause thousands of access attempts to a Web site over avery short period of time, overloading the target
site and shutting it down – i.e., Ping of Death
Denial-of-service (DOS) attacks cause thousands of access attempts to a Web site over avery short period of time, overloading the target
site and shutting it down – i.e., Ping of Death
Combined Worm/DoS is a form of malware
that combines a worm’s ability to propagate
and denial-of-service attack’s ability to bring
down a Web site. i.e., Code Red
Combined Worm/DoS is a form of malware
that combines a worm’s ability to propagate
and denial-of-service attack’s ability to bring
down a Web site. i.e., Code Red
©2003 The McGraw-Hill Companies
Denial-of-Service Attack
p. 9.269 Fig. 9.7
©2003 The McGraw-Hill Companies
The Perpetrators
• Thrill-seeker hackers
• Black-hat hackers
• Crackers
• Hactivists
• Cyberterrorists
• Script bunnies
• White-hat or ethical hackers
©2003 The McGraw-Hill Companies
Perpetrators: Hacker Definitions
• Thrill-seeker hackers are hackers without evil intentions
• Black-hat hackers are hackers with malicious intent – they’re cyber vandals
• Crackers are hackers who hack for profit
• Hacktivists are hackers who use the Internet to send a political message of some kind
©2003 The McGraw-Hill Companies
Perpetrators: Hacker Definitions
• Cyberterrorists are hackers who seek to cause harm to a lot of people or to destroy critical systems or information
• Script bunnies are people who would like to be hackers but don’t have much technical expertise
• White-hat or ethical hackers are hackers who legitimately, with the knowledge of the owners of the IT system, try to break in to find where the vulnerable areas are located and fix them
©2003 The McGraw-Hill Companies
9.3 Privacy Matters
• Privacy is the right …– To be left alone– To have control over your personal information– To not be observed without your consent
• Privacy is the right to be free of unwanted intrusion into your private life
SimNet Concepts Support CD: “Privacy Issues”
©2003 The McGraw-Hill Companies
Snooping by Others
• Snoopers can install key logger or key trapper software to record:– Key strokes and mouse clicks– E-mail, instant messages, chat room exchanges– Web sites visited– Applications run – Passwords
• Screen capture programs can be used to periodically record what’s on the screen
©2003 The McGraw-Hill Companies
E-Mail is Not a Private Matter
• E-mail is completely insecure
• Sent e-mail is copied and stored, at least temporarily, on four or more different computers
©2003 The McGraw-Hill Companies
E-mail is Stored on Many Computers
p. 9.273 Fig. 9.8
©2003 The McGraw-Hill Companies
Information On Your Buying Habits & Preferences
• Information volunteered for something you want
• Information collected by having direct contact with a company– Web sites collect information through cookies
• Information sold from one company to another
©2003 The McGraw-Hill Companies
Accepting Cookies
p. 9.276 Fig. 9.11
©2003 The McGraw-Hill Companies
Companies Use Internet Tools
• Sniffers are software that sits on the Internet analyzing traffic to find out who you are
• Web tracking is used to track your Internet activity
• Spam is electronic junk mail, usually from businesses attempting to sell you products and services
• Spoofing is forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender
©2003 The McGraw-Hill Companies
Government Records
• NCIC (National Crime Information Center)– Is a huge database with information on the criminal
records of more than 20 million people
• IRS (Internal Revenue Service)– Has income information on all tax payers. – Has access to other databases
• The Census Bureau– Collects information every 10 years on all the U.S.
inhabitants the agency can find
©2003 The McGraw-Hill Companies
9.4 How To Protect Yourself
• Security in cyberspace transactions– If you buy goods and services, use common
sense– Be just as careful as you are in the brick-and-
mortar world
©2003 The McGraw-Hill Companies
Protect Your Computer and Files
• Three rules that should be remembered:– If it can be stolen, lock it up– If it can be damaged, back it up– If it can come in and do damage, block it
©2003 The McGraw-Hill Companies
Snooping by Others
• You can get free programs to disable activity-monitoring programs like Spectro Pro– Privacy Companion– Who’s Watching Me
©2003 The McGraw-Hill Companies
E-Mail is Never Private
• E-mail can be encrypted using products such as:– ZixMail– CertifiedMail– PrivacyX– SafeMessage– Disappearing Email
©2003 The McGraw-Hill Companies
Security in Cyberspace:Credit Card and Identity Theft
• Give information only to reputable companies that you trust
• Use only secure sites, i.e., https://• Never give out your social security number
unless the law demands it• Use passwords of at least 10 characters
and numbers• Use different passwords for different
systems/sites
©2003 The McGraw-Hill Companies
Security in Cyberspace:Dot.Cons
• Be skeptical about extraordinary performance or earnings potential
• Always read the fine print• Always look at the site’s privacy policy• Be wary of a company that doesn’t clearly
state its name, address, or phone number• Immediately report any fraudulent,
deceptive, or unfair practices to the Federal Trade Commission
©2003 The McGraw-Hill Companies
Security in Cyberspace
• Protect personal information
• Use anti-tracking software
• Avoid spam
• Use a firewall
©2003 The McGraw-Hill Companies
Protecting a Computer or Network from Intruders
• Firewalls check and examine each message and permits nothing to enter or leave that shouldn’t. – McAfee’s Personal Firewall– Zone Labs’ ZoneAlarm
• Home router such as Linksys can be set up to check all incoming traffic and deny access to any that looks suspicious
SimNet Concepts Support CD: “Security Issues”
©2003 The McGraw-Hill Companies
©2003 The McGraw-Hill Companies
9.5 Key Terms
• Black-hat hacker• Cookie• Copyright• Cracker• Cyberterrorists• Denial-of-service
attack• Ethics• Fair Use Doctrine
• Firewall• Hacker• Hacktivist• Identity theft• Key logger (key
trapper) software• Macro virus• Malware
©2003 The McGraw-Hill Companies
9.5 Key Terms
• Pirated software• Privacy• Script bunny (script
kiddie)• Sniffer• Spam
• Spoofing• Thrill-seeker hacker• Virus hoax• White-hat or ethical
hacker• Worm
©2003 The McGraw-Hill Companies
Review of Concepts
1. Sensible Internet Use and Good Manners Should you forward personal e-mail you
receive?
2. Napster, Kazaa, and Other Music Sites In 2002, Napster left the Web for good
©2003 The McGraw-Hill Companies
Hands On ProjectsE-Commerce
1. Browsing the Web Anonymously Can you hide your movements in
cyberspace?
2. Renting a Hotel Room
3. Making Airline Reservations
©2003 The McGraw-Hill Companies
Hands On ProjectsEthics, Security & Privacy
1. Expedia.com Helps to Find the Killer Doesn’t it only help find flights, hotel rooms,
rental cars, and the like?
©2003 The McGraw-Hill Companies
Hands On Projectson the Web
1. Want to Know Your IP Address?
2. Codes of Ethics See what the professionals have to say
3. Parental Control Software Packages
4. What Polymorphic Viruses Are Floating around Cyberspace? Viruses that change form to evade
detection?
©2003 The McGraw-Hill Companies
Hands On ProjectsGroup Activities
1. How Does HIPAA Protect Your Personal Health Information
2. Helping a Friend
3. Providing Personal Information
4. Ethics and Laws
5. Debating Privacy
6. Digital Signatures and Certificates