c12book

8/8/2019 c12book

1/34

Chapter 12

Computers and Society:

Security and Privacy

8/8/2019 c12book

2/34

Computer Security: Risks

and Safeguards

What is a computer virus? computer program that

alters the way thecomputer works

without yourknowledge orpermission

Spreads its damage

p.12.2

Next

Click to

view video

8/8/2019 c12book

3/34


and Safeguards

What are the ways viruses can beactivated?

Opening aninfected file

Running aninfected program

Booting thecomputer with aninfected floppydisk

p.12.2

Next

Click to view Web Link

then click Computer Viruses

8/8/2019 c12book

4/34


and Safeguards

What are signs of a virus infection?

p.12.4 Fig. 12-2

Next

8/8/2019 c12book

5/34

Boot sector virus

Executes when acomputer boots up

Resides in the bootsector of a floppydisk or the masterboot record of ahard disk


and Safeguards

What are the three main types of virus?

p.12.4

Next

File virus

Attaches itselfto program files

When you runthe infectedprogram, the

virus loads intomemory

Macro virus

Uses the macrolanguage of anapplication to hidevirus code

When you open adocument thatcontains an infectedmacro, the virusloads into memory

Click to

view animation

8/8/2019 c12book

6/34


and Safeguards

How do viruses activate?

p.12.4

Next

Many activate as soon as acomputer accesses an infectedfile or runs an infected program

Logic bomb

A virus that activates when itdetects a certain condition

Time bomb

A type of logicbomb that activates

on a particular date

Click to

view animation

8/8/2019 c12book

7/34


and Safeguards

A program thatacts without ausers knowledge

Deliberately altersthe computer'soperations

Several types

virus worm

rojan horse

p.12.4

Next

Worm

copies itself repeatedly in memory oron a disk drive until no memory or

disk space remains

Trojan orse

ides it in or looks like a le itimatepro ram and is usually tri ered y a

certain condition or action

nlike a virus or orm, it does not

replicate itself to ot er computers

W at is a malicious-lo ic pro ram?

8/8/2019 c12book

8/34


and Safeguards

How can you safeguard your computerfrom virus attacks?

Install an antivirusprogram andupgrade itfrequently

Be selective in

opening emails Settings in your

browser

p.12.5 Fig. 12-4

Next

Popular antivirus software packages

8/8/2019 c12book

9/34


and Safeguards

What is a virus signature? A known specific pattern of virus code

Used by Antivirus software to identify viruses

Updates

p.12.6 Fig. 12-5

Next

8/8/2019 c12book

10/34

8/8/2019 c12book

11/34

Technology Trailblazer

Clifford Stoll

Provokes people to thinkabouthow they use computertechnology

Wrote The Cuckoos Eggin 1989about his investigation thatuncovered a computer spy ring

Highly critical of the benefitscomputers and the Internetpresumably provide

Questions why computersare so bland looking

Why hardware has such a short useful life

Proclaims that schools should spend money on teachers,librarians, and books rather than on technology because

computers isolate and weaken peoplep.12.8

Next

Click to view

Web Link

then click

Clifford Stoll

8/8/2019 c12book

12/34


and Safeguards

Access control

Determine who, what, where

and when Two-phase process of access

control

Identification verifies that you

are a valid user Authentication verifies that you

are who you claim to be

Four methods exist

p.12.8

Next

User names andpasswords

Possessedobjects

Biometricdevices

Callback

systems

How can unauthorized access and use beprevented?

8/8/2019 c12book

13/34


and Safeguards

How can you make your password moresecure? Longer passwords provide greater security than shorter

ones

p.12.9 Fig. 12-9

Next

8/8/2019 c12book

14/34


and Safeguards

What is a possessed object? Any item that you

must carry to gainaccess to a

computer Often used in

combination with apersonalidentificationnumber (PIN)

p.12.10 Fig. 12-10

Next

Click to view

Web Link

then click

Personal

Identification

Numbers

8/8/2019 c12book

15/34


and Safeguards

What is a biometric device?

Authenticates apersons identity byverifying personalcharacteristics

Translates a personscharacteristics into adigital code that iscompared to a digitalcode stored in thecomputer

p.12.10

Next

Click to view Web

Link

then click

Biometric Devices

Biometric identifier

A physical or behavioralcharacteristic

Fingerprints

Hand geometry

Facial features

Voice

Signatures

Retinal (eye) patterns

8/8/2019 c12book

16/34


and Safeguards

What is a fingerprint scanner? Captures curves and

indentations of afingerprint

Some predict this willbecome the home usersauthentication device fore-commerce transactions

Some newer keyboardsand notebook computersalready equipped

p.12.11 Fig. 12-11

Next

8/8/2019 c12book

17/34


and Safeguards

What is a hand geometry system? Measures the shape

and size of a personshand

Typically used as atime and attendancedevice by largecompanies

Costs more than$1,000

p.12.11 Fig. 12-12

Next

8/8/2019 c12book

18/34


and Safeguards

What is a face recognition system?

Captures a live faceimage and compares itto a stored image

Can recognize peoplewith or without glasses,makeup, or jewelry, andwith new hairstyles

p.12.11 Fig. 12-13

Next

8/8/2019 c12book

19/34


and Safeguards

p.12.12

Next

Voice verification system

Compares a persons livespeech to their stored voice

pattern Signature verificationsystem

Recognizes the shape ofyour handwritten signature,as well as pressure exerted

and the motion used towrite the signature

Uses a specialized pen andtablet

8/8/2019 c12book

20/34


and Safeguards

An access controlmethod thatauthenticates

remote users

p.12.12

Next

You call the computer

You enter a username and password

If these are valid, thecomputer instructs

you to hang up

What is a callback system?

The computer callsyou back and allows

you to connect to

the system

8/8/2019 c12book

21/34

When you purchasesoftware, you do not

own the software.Instead, you

become a licenseduser


and Safeguards

What is software theft? Can range from someone

physically stealing mediathat contains software to

intentional piracy ofsoftware

Software piracy is theunauthorized and illegalduplication of

copyrighted software

p.12.14

Next

Click to view Web Link

then click Software Piracy

Click to

view video

8/8/2019 c12book

22/34


and Safeguards

What is a single-user license agreement? The most common

type of licenseincluded withsoftware packages

purchased byindividual users

Also called an end-user licenseagreement (EULA)

Includes manyconditions thatspecify a usersresponsibility

p.12.14

Next

Users are permitted to:

Install the software on only onecomputer

Make one copy for backup

Give or sell the software to another

individual, but only after theyremove the software from theircomputer first

Users are not permitted to:

Install the software on a network

Give copies to friends andcolleagues

Export the software

Rent or lease the software

8/8/2019 c12book

23/34


and Safeguards

What is a site license? Gives the buyer the

right to install thesoftware onmultiple computersat a single site

Usually costssignificantly lessthan purchasing

individual copies ofsoftware for eachcomputer

p.12.15

Next

Network sitelicense

Allows network usersto share a single copyof the software which

resides on the networkserver

8/8/2019 c12book

24/34


and Safeguards

What is encryption? The process of

converting readable datainto unreadablecharacters

An encryption key is theformula that the recipientof the data uses todecrypt ciphertext

Two types - private key encryption

public key encryptionp.12.16

Next

Click to view

Web

Link

then click

Encryption

Plaintext

Unencrypted, readable data

Ciphertext

The encrypted (scrambled) data

encryption software

Plaintext

encryption key

8/8/2019 c12book

25/34


and Safeguards

What are some data encryption methods? An encryption key (formula) often uses more than one of

these methods

p.12.16 Fig. 12-18

Next

8/8/2019 c12book

26/34

Full backup

Also called an archival backup

Copies all of the files in the computer

Provides the best protection against data loss


and Safeguards

File Backups

p.12.20

Next

Differential backup

Copies only the files that have changed since the last full backup

You always have two backups: the full backup and thedifferential backup

Incremental backup

Copies only the files that have changed since the last full orlastincremental backup

You have the full backup and one or more incremental backups

8/8/2019 c12book

27/34


and Safeguards

What is a disaster recovery plan? A written plan

describing the stepsa company would

take to restorecomputeroperations in theevent of a disaster

p.12.21

Next

Emergency plan

Backup plan

Recovery plan

Test plan

8/8/2019 c12book

28/34

Test Plan

Contains information

for simulating variouslevels of disasters

Best test is to simulatea disaster withoutadvance notice

Recovery Plan

Specifies the actions to

be taken to restore fullinformation processingoperations

Differs for each type ofdisaster


and Safeguards

What is a recovery plan and a test plan?

p.12.21

Next

8/8/2019 c12book

29/34

Internet and Network

Security

How do Web browsers provide secure datatransmission?

Many Web browsers

use encryption Secure sites

Secure sites usedigital certificates

along witha security protocol

Secure SocketLayers (SSL)

p.12.23

Next

Digital certificate

Also called a public-keycertificate

A notice that

guarantees a user or aWeb site is legitimate

8/8/2019 c12book

30/34


Security

What is a digital signature?

An encrypted code that a person, Web site, orcompany attaches to an electronic message to

verify the identity of the message sender The code usually consists of the user's name and

a hash of all or part of the message

Helps to prevent e-mail forgery and verify that thecontents of a message has not changed

p.12.24

Next

Hash

Amathematical formula thatgenerates a code from the

contents of the message

8/8/2019 c12book

31/34


Security

What is a firewall?

A security system consisting of hardwareand software that prevents unauthorized

access to data and information on anetwork

p.12.24

Next

8/8/2019 c12book

32/34

Track user preferences

Information Privacy

What is a cookie? A small file that a Webserver stores on yourcomputer

A Web site can read data

only from its own cookie file Some Web sites sell or trade

information stored in yourcookie to advertisers

You can set your browser to

accept cookiesautomatically, prompt you ifyou wish to accept a cookie,or disable cookie use

p.12.28

Next

Click to view

Web Link

then click

Cookies

Track how regularlyyou visit a site andthe Web pages you

visit when at the site

Targetadvertisements toyour interests andbrowsing habits

8/8/2019 c12book

33/34

Information Privacy

What is spyware? A program placed on a

computer without theuser's knowledge thatsecretly collects

information about the user Can enter your computer

as a virus or as a result ofinstalling a new program

Communicates

information it collects tosome outside source whileyou are online

p.12.31

Next

Adware

Spyware used byInternet advertising

firms to collectinformation about a

users Web browsing

habits

To removespyware, you

need to purchasea special program

that can detectand delete it

8/8/2019 c12book

34/34

Todays Quote

Diplomacy is the art ofletting someone else get

your way.

Documents

c12book