Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Computer Continuum14-1 Chapter 14: Ethics, Spies and Privacy At what point does storage of personal data become an invasion of privacy?

Similar presentations

Presentation on theme: "The Computer Continuum14-1 Chapter 14: Ethics, Spies and Privacy At what point does storage of personal data become an invasion of privacy?"— Presentation transcript:

1 The Computer Continuum14-1 Chapter 14: Ethics, Spies and Privacy At what point does storage of personal data become an invasion of privacy?

2 The Computer Continuum14-2 Ethics, Spies and Privacy n In this chapter: In what ways is the computer used as a criminal tool? What are the affects of software piracy? To what lengths do people go in order to break into computer systems? How do computer viruses spread? How can you prevent viruses from spreading? Does invasion of privacy need to be a deliberate act? Does filtering infringe on our freedom of speech or just an act of protection against sensitive material?

3 The Computer Continuum14-3 Vulnerability and Technological Abuse n Technology has permeated our society. Without technology, our society would grind to a halt. Jan. 15, 1990: AT&T’s long distance network went dead for almost 9 hours. –Due to a single line of code that had never executed before, therefore it was never tested. 1985-1986: Therac-25 radiation machine gave overdoses of radiation injuring many and killing one due to a software error.

4 The Computer Continuum14-4 High Tech Crime: The Computer as a Criminal Tool n Computers and networks have provided both law enforcement professionals and criminals with opportunities: FBI: Uses its homepage on the WWW as a weapon against crime and criminals.FBI –Web pages contain: Information about the bureau. List of persons wanted for suspected criminal activities. Information telling readers how to protect themselves from some types of computer crimes.

5 The Computer Continuum14-5 High Tech Crime: The Computer as a Criminal Tool n Every new technological advancement leads to criminals developing a new type of crime. New platforms for theft and fraud: –ATM (Automated Teller Machine) –EFT (Electronic Fund Transfers) –Cellular phones

6 The Computer Continuum14-6 High Tech Crime: The Computer as a Criminal Tool n What is a Computer Crime? Any criminal act that has been committed using a computer as the principal tool. An illegal activity that could not take place without a computer Any illegal activity using computer software, data, or access as the object, subject, or instrument of the crime.

7 The Computer Continuum14-7 High Tech Crime: The Computer as a Criminal Tool n High-tech heists: Theft of money: EFT (Electronic Funds-transfer system) –Example: SWIFT, an international EFT system was used to divert two large corporate bank deposits to Switzerland one Christmas Eve. A malfunction in the system during transfer alerted security. The thief was arrested and sent to a federal prison. Theft of goods: Tracking and altering inventories or redirecting goods to a safe location.

8 The Computer Continuum14-8 High Tech Crime: The Computer as a Criminal Tool n Two techniques used to for thefts of goods and money: Trojan horse and the Salami. Trojan horse - The insertion of false information into a program to profit from the outcome. –Example: The previous EFT scenario used a Trojan horse. Salami - Spreading the haul over large number of trivial transactions. –Example: A bank clerk had a job of updating customer accounts by running a program that adds daily interest to all savings. Each amount was rounded to the nearest decimal point. The clerk inserted a line that would divert the round-off amount to an account of his own resulting in the attempted theft of several millions of dollars.

9 The Computer Continuum14-9 High Tech Crime: The Computer as a Criminal Tool n High-tech heists: Theft of Information or Services: Piggybacking and Data diddling. –Piggybacking: Involves invading a communication system by riding in behind a legitimate user with a password. –Data diddling: Involves swapping one piece of information for another of the same type. Example: In 1997, 18 people were arrested for stealing mobile communication services. They had reprogrammed the microchips in their cell-phones so that calls could be made at no charge.

10 The Computer Continuum14-10 High Tech Crime: The Computer as a Criminal Tool n Protect Yourself from High-tech Theft Protect all data and programs, and all system access, by password. Issue passwords to as few people as possible, and no outsiders. Make passwords less obvious and less memorable. Change passwords frequently.

11 The Computer Continuum14-11 Electronic Piracy n Computers have become prevalent in our society. Prices have spiraled downward. Total world market for software is around $500 billion. Software piracy has become a major growth industry. –Software piracy: The unauthorized copying or use of software for which you have not paid the appropriate licensing fee.

12 The Computer Continuum14-12 Electronic Piracy n Software License Ownership of the software is retained by the company that wrote it. A license allows you to copy the software from the storage media to your hard disk and to use it. U.S. Computer Software Copyright Act of 1980 acknowledged software as “intellectual works.” –Same class as books and magazines. –It is illegal to use or copy software without the copyright holder’s written permission. Unsure of your rights? Read the copyright information!

13 The Computer Continuum14-13 Electronic Piracy n How Big is the Piracy Problem? ENORMOUS. The US Software Publishing Association (SPA) estimated that in 1990 its members lose $4 - $6 billion a year due to software theft. Lotus, Inc., claims that over half of its potential sales in the early 90s were lost to pirates. (over $160 million a year) There is now a nationwide trend toward being “legal” with software. –Schools, computer clubs, have a more serious approach to software copyright.

14 The Computer Continuum14-14 Hacking and Cracking n Hacking (just a few definitions) A software troubleshooter; making a program work despite the frustrations of others. Attempts to see whether some task is possible. Wants to learn more about the software and its limitations. Maliciously pokes around existing data sources. Finds and uses other people’s passwords, often without permission. For this discussion, hackers love to delve into the mysteries of computing systems. Hackers are problem solvers that have infinite patience for experimenting with computers and fiddling with software.

15 The Computer Continuum14-15 Hacking and Cracking n Cracker: Person who breaks into other peoples’ systems for either fun or profit, or with the intent to commit blackmail or sabotage. (Described as “illegal hacking”.) Engage in malicious acts that –Damage systems or files. –Disrupt networking services. –Profit from illegally acquired goods or data. –Thwart rightful authority just because it is there.

16 The Computer Continuum14-16 Hacking and Cracking n Why do Hackers and Crackers hack? Hackers: See themselves as ‘adventurists’. –Approach computers as new adventures full of fun and excitement. Crackers: Those who hack maliciously. –Have personal motives. Some are disgruntled ex- employees. –Logic bomb: A software routine that can be embedded and triggered at some later time by a predetermined sequence of events. –Time bomb: Similar to the logic bomb but is triggered by the computer’s clock (not sequence of events).

17 The Computer Continuum14-17 Hacking and Cracking n Hacker (and Cracker) techniques: Scavenging - Searching through stray data and electronic garbage for clues that might unlock the secrets of a targeted computer system. Password guessing - –Personal information about account holder: names, dates –Common & popular: qwerty, abcde, 12345, sex, love, god Autodialer - Systematically dials until answered by a computer.

18 The Computer Continuum14-18 Hacking and Cracking n Hacker (and Cracker) techniques: (continued) Distributed denial of service (DDoS): Utilizes time bomb cracker technology to embed a software routine into many computers. –At a predetermined time, infected computers all send messages to one targeted system. The overload forces the target system to close down. –February 2000: Yahoo, eBay and other major Web sites. Piggybacking: Most system penetrations are assisted by some form of inside aid. –Universities: Unsuspecting students leave terminal without logging off first. (Ride in on someone else with password.)

19 The Computer Continuum14-19 Viruses, Worms, and Other Intruders n What are Computer Worms and Viruses? Virus: A self-replicating program that may cause damage, generally hard disk erasure or data file corruption, and infects other programs, floppy disks, and hard disks by copying itself onto them. Worm: A piece of programming code that can infiltrate a legitimate file and alter or destroy data. It cannot replicate itself.

20 The Computer Continuum14-20 Viruses, Worms, and Other Intruders n Viral Infections Spread over the Internet Threats are now of global proportions. n Melissa virus: Appeared in 1999. This “macro” virus spread through e-mail attachments. –If opened, the virus printed out a list of pornographic sites and sent the list, in your name, to the first 50 people in your address book. –The volume of messages inundated file servers.

21 The Computer Continuum14-21 Viruses, Worms, and Other Intruders n Love Bug virus: Appeared on May 4, 2000. Spread via an “ILoveYou” email attachment (love letter) –If opened, it printed I Love You and “joke” in big letters on the screen and forwarded itself using personal and business address books. –According to the BBC, it had been developed by a Filipino computer student who may have spread the virus worldwide by accident. It infected at least 45 million computer users and caused billions of dollars of damage. –Only affected systems running the Microsoft Windows operating system. –Immobilized the House of Commons (UK) e-mail system.

22 The Computer Continuum14-22 Viruses, Worms, and Other Intruders n Vaccines and Disinfectants Vaccine or disinfectant: A program that searches your disk for viruses, and notifies you of any that were found. Some virus checkers can also remove viruses from the program they have infected.

23 The Computer Continuum14-23 Viruses, Worms, and Other Intruders n Ways to protect disks and system: Install current, updated virus checkers and use them regularly. –Check for free online virus protection programs. Run your virus checker before closing down every time you access the Internet or WWW. Check every previously used disk, every time, before placing it into your machine. Don’t copy lab or public-use computer program files before checking them first. –Beware of downloaded files onto public-use computers. –Download only from known, reliable sources. Do not open attachments from unknown senders.

24 The Computer Continuum14-24 Viruses, Worms, and Other Intruders n Ways to protect disks and system: If you are extremely vulnerable to virus invasion, you might wish to install a firewall on your system. –Firewall: A filtering software program that scans all incoming documents and files and refuses to accept any found to be virus-infected.

25 The Computer Continuum14-25 Invasion of Privacy n As various computer data banks are being integrated and easy access is available by more and more agencies, abuses and mistakes involving privacy are inevitable. Examples of large databases that have resulted in problems: –By police organizations (NCIC - National Crime Information Center) Mistaken Identity: Arrested businessman in Tempe Arizona on a warrant for grand theft. After spending the night in jail, it was learned that he had repossessed a trailer that he had sold. –By credit bureaus and those who access that data. Errors in credit reports: A woman in Illinois applied for a mortgage. Credit bureau records showed she owed money on several credit cards and had a delinquent loan for a $34,000 sports car. The bad credit belonged to another.

26 The Computer Continuum14-26 Invasion of Privacy n Deliberate acts of intrusion: High-tech surveillance in the workplace: –Used for “Increased productivity, quality control, and good management practices.”

27 The Computer Continuum14-27 Invasion of Privacy n High-tech surveillance in the workplace: n In Nursing: Hospital care is no longer measured in terms of patient benefits, but in units of time. Many nurses are monitored. They carry boxes on their belts that track the amount of time used for each procedure with a patient. Don’t be surprised if nurses seem to lack bedside manner; they can’t overstay their time limit.

28 The Computer Continuum14-28 Invasion of Privacy n High-tech surveillance in the workplace: n In Trucking: Where can a person get a better sense of independence and freedom from supervision than barreling across the great plains, completely on your own? Think again! At the end of a long run, the trucker pulls into the company terminal. While the rig is being serviced, a little computer tape is removed from the engine. The tape tells the supervisor what the average speed and gas mileage were, how many stops the truck made, where his stops were, and a lot more. In addition, some trucks are now monitored by satellites. If the trucker is speeding, he gets a phone call in the truck (and often a fine).

29 The Computer Continuum14-29 Invasion of Privacy n High-tech surveillance in the workplace: n In Hotel Housekeeping: The maids at the hotel you stay at are probably monitored. Your maid punches her employee code into the phone when she enters your room, and again when she leaves it. This provides her supervisor with a detailed log of her speed of performance, as well as a detailed log of her movements throughout the day.

30 The Computer Continuum14-30 Invasion of Privacy n Stolen Identity Some computer criminals make their fortunes by stealing the private information of one group of people for financial benefit of another. Credit doctor: A person who can cure your low credit rating by stealing a good credit history and selling it to you to replace your bad one. –Often get the information by bribing some employee of a credit bureau to gain a password into their computer system. –The “client” (having the same name as the stolen identity) is supplied with a social security number and a new A-1 credit rating.

31 The Computer Continuum14-31 Invasion of Privacy n Eavesdropping, Blackmail and Illegal Personal Gain Eavesdropping: May be boss, neighbor, merchant, or stranger. –Eavesdroppers can tap into radio scanners, baby monitors, cellular phones, financial transactions made by computer, e-mail, or voice mail. May do nothing with the information. May use it to their advantage: Blackmail. Electronic Communications Privacy Act (ECPA) of 1986. –Designed to protect one’s privacy when using electronic forms of communications. (Company policies overrule the protections of the EPCA.) The woman who listened in on a murder conspiracy conversation on her cellular phone and turned in the suspects was actually in violation of this act.

32 The Computer Continuum14-32 Invasion of Privacy n How Can We Develop Electronic Privacy? 1. Do not give out personal information freely. 2. Do electronic business with reputable companies who provide secure Web sites, and who have strong policies protecting customer privacy. 3. If you are concerned about electronic eavesdropping on your e-mail, install a software encryption system, and provide decryption codes to as few people as possible. –Encryption: Software translates the text of your message or other document into unreadable code. The transmission must be decoded into plainly readable text when received.

33 The Computer Continuum14-33 Protective Censorship Vs. Freedom of Speech n The United States’ Bill of Rights guarantees its citizens freedom of speech. In its current unregulated state, the Web also enjoys this same freedom. As a result of “indecent” or “undesirable” information attainable on the Web, efforts have been made to censor certain materials. –One method of censoring access to Web materials is called screening, or content filtering. Content filtering: One or more pieces of software that work together to prevent users from viewing selected material found on the Internet.

34 The Computer Continuum14-34 Protective Censorship Vs. Freedom of Speech n The content filtering process can be accomplished in two steps: Establishing ratings: To determine what sites and materials are undesirable, someone must apply value judgements to categorize Web sites based on content. –Take the form of ‘allowed’ or ‘disallowed’ indicators placed on lists of subject areas and key words. Filtering: Filtering software examines resources that the user has requested. –Determines ‘allowed’ or ‘disallowed’ based on PICS ratings. PICS (Platform for Internet Content Selection): A set of technical rating standards for evaluating content of digital materials.

35 The Computer Continuum14-35 Protective Censorship Vs. Freedom of Speech n Stand-Alone Filtering Systems Stand-alone filtering systems limit users to decisions made by the vendor. (Some let parents or installers add or remove sites) –Filtering tools use some combination of two approaches to evaluate software: List-based blocking and Keyword searches. List-based Blocking: To be added to a list of acceptable sites, the site must meet the vendors criteria for being ‘objectionable’ or ‘family-friendly’.

36 The Computer Continuum14-36 Protective Censorship Vs. Freedom of Speech n List-based filtering raises several issues involving the selection of sites: It is impossible to search all Internet sites for ‘objectionable material. Updated lists will become obsolete as soon as it is released. –Objectionable material may be added to a site soon after the site is added to (or removed from) a list of blocked sites. Vendors have blocked beyond ‘objectionable’ materials. –Blocked sites include those that criticize blocking and some political sites. The definition of ‘objectionable’ is still controversial.

37 The Computer Continuum14-37 Protective Censorship Vs. Freedom of Speech n Keyword-based blocking Uses text searches to categorize sites where ‘objectionable’ words or phrases are blocked. –Keyword searches match words, not meanings. Chicken breast and breast cancer would be blocked. –Keyword searches cannot interpret graphics.

38 The Computer Continuum14-38 Protective Censorship Vs. Freedom of Speech n Protocol-Based Filtering Systems Protocol-based filtering systems use standardized rating systems to determine which sites should be blocked. –Rating: A description of some particular Internet content, using the terms and vocabulary of some ratings systems. –These ratings can be used to classify content. “Romance; no sex” “Explicit sexual activity” –Users are usually given the ability to choose the rating system they would like to use.

39 The Computer Continuum14-39 Protective Censorship Vs. Freedom of Speech n Measures parents can take to provide some protection for their children: Consider the extent of the problem. –Children seldom randomly stumble upon pornographic material. –Many adult sites require registration or payment by credit card. Parents should play an active role and interest in their children’s use of the Internet. Parents should work to educate children regarding proper use of the Internet. Parents could consider purchasing filtering software. The Internet is a reflection of society in general (can be found on cable TV, movies.)

Download ppt "The Computer Continuum14-1 Chapter 14: Ethics, Spies and Privacy At what point does storage of personal data become an invasion of privacy?"

Similar presentations

Ads by Google