Chapter 9: Privacy, Crime, and Security
Privacy in Cyberspace Privacy: an individual’s ability to restrict or eliminate the collection, use and sale of confidential personal information The problem: collection of information without consent Anonymity: the ability to convey a message without disclosing your name or identity
Privacy in Cyberspace Cookies: small files that are written to your computer’s hard disk by many of the Web sites you visit Global Unique Identifier (GUID): an identification number that is generated by a hardware component or a program
Protecting Your Privacy Browse anonymously by surfing from www.anonymizer.com Disable cookies on your Web browser Use a free e-mail address to place on Web pages, mailing lists, chat rooms, or other public Internet spaces Do not fill out site registration forms unless you see a privacy statement indicating that the information gathered will not be sold to 3rd parties
Types of Computer Crime Identity Theft Computer Virus: a hidden code within a program that may damage or destroy infected files Time Bomb (Logic Bomb): a virus that sits harmlessly on a system until a certain event causes the program to become active Worm: a program that can spread from one computer to another and can propagate over a computer network Trojan Horse: a rogue program disguised as a useful program but contains hidden instructions to perform a malicious task instead
Types of Computer Crime Salami Shaving: a method that a programmer alters a program to subtract a very small amount of money from an account and divests the funds to the embezzler’s account Data Diddling: a method that insiders modify data by altering accounts or database records so that it is difficult to tell that they have stolen funds or equipments Forgery: a method that a user makes Internet data appear to come from one place when it is really coming from another Blackmail
Attackers Hackers, Crackers (Black hats), Cybergangs, Virus Authors, Ethical Hackers (White Hats) Swindlers Shills Cyberstalkers and Sexual Predators
Security Risks Wireless Network War Driving: an individual drives around with a wireless device to look for wireless networks Corporate Espionage: the unauthorized access of corporate information, usually to the benefit of a competitor Information Warfare: the use of information technologies to corrupt or destroy an enemy’s information and infrastructure Security Loophole Detection Program: a program that automatically search for unprotected or poorly protected computers
Protecting Computer Systems Power-Related Problems: by using Uninterruptible Power Supply (UPS) Controlling Access: by using password authentication, know-and-have authentication, or biometric authentication Firewall: a computer program or device that permits an organization’s internal computer users to access the external Internet but severely limits the ability of outsiders to access internal data Avoiding Scams Preventing Cyberstalking
Encryption Encryption: a coding or scrambling process that renders a message unreadable by anyone except the intended recipient Public Key Encryption Encryption Key (Public Key) Decryption Key (Private Key) Digital Signature: a technique that guarantees a message has not been tampered with Digital Certificate: a technique for validating one’s identity Public Key Infrastructure (PKI): a uniform set of encryption standards that specify how public key encryption, digital signatures, digital certificates should be implemented in computer systems and on the Internet