340 likes | 356 Views
Arizona State University Department of Technology Management. GIT 335 Computer Systems Technology Lecture 9 Challenges of the Digital Age Dr. Thomas Schildgen, Professor. Lecture 9 Introduction to Information Technology Content taken from the McGraw Hill Textbook Chapter 9.
E N D
Arizona State UniversityDepartment of Technology Management GIT 335 Computer Systems Technology Lecture 9 Challenges of the Digital Age Dr. Thomas Schildgen, Professor GIT 335 Lecture 9
Lecture 9 Introduction to Information Technology Content taken from the McGraw Hill Textbook Chapter 9 GIT 335 Lecture 9
The Challenges of the Digital Age GIT 335 Lecture 9
Truth Issues: Manipulating Digital Data • Digital Images and Sounds can be manipulated • Pro: Creates new forms of art • Morphing software makes one image morph into another http://www.cs.utah.edu/~dejohnso/morph.html • Movies such as “Crouching Tiger, Hidden Dragon” and “Harry Potter” contain many scenes that could never actually happen • Adobe Photoshop allows changes, enhancements to photos • Digital technology allows musicians to sing every track of a song and accompany themselves • Con: Has made photographs & recordings untrustworthy • Famous Yalta summit photo edited: Stallone added in! GIT 335 Lecture 9
Truth Issues: Manipulating Digital Data • Photographs may not be authentic • Photographs may be deliberately misleading • 1994 Time magazine photo of O.J. Simpson was digitally darkened to make him appear sinister • Could this have biased potential jury members? • Fashion model photos are routinely elongated to make models appear more slender • How many girls become anorexic to try to match those models’ impossible perfection? • http://www.etniesgirl.com/blog/2005/11/30/photoshop-101-even-models-have-flaws • http://www.tutorialized.com/tutorial/Basic-Model-Retouching/9547 • http://news.bbc.co.uk/1/hi/health/769290.stm GIT 335 Lecture 9
Truth Issues: Manipulating Digital Data • Techniques to combat digital deception • Prof. William H. Mitchell of M.I.T. wrote the first systematic, critical analysis of the digital revolution • Corbis http://pro.corbis.com/ adds a digital watermark to its photos • HanyFarid of Dartmouth College devised algorithms to detect changes to uncompressed digital photos • Prof. Jessica Fridrich of S.U.N.Y. at Binghamton is researching digital cameras that hide a picture of the photographer’s iris inside each digital photo GIT 335 Lecture 9
Truth Issues: Manipulating Digital Data • Limitations of Public databases • You can’t get the whole story • Start with a public database, THEN do more research • The data is not necessarily accurate • Cross-check against multiple sources • Each database service has boundaries • Know what those boundaries are • Different keywords bring different results • History is limited • These databases often begin with data from 1980 or later GIT 335 Lecture 9
Security Issues: Threats • Errors and accidents • Natural hazards • Computer crimes • Computer criminals GIT 335 Lecture 9
Security Issues: ThreatsErrors & Accidents • Human errors • People choose the wrong computer • Too simple or too complex • Human emotions affect performance • People get frustrated • Human perceptions are slower than the equipment • Watch out when you click the OK button! You may have just deleted something important! GIT 335 Lecture 9
Security Issues: ThreatsErrors & Accidents • Procedural errors • When people fail to follow safe procedures, errors can occur • Software errors • Programmers make coding errors • Famous example: Utility billing software: • Customer pays early – software credits account • Customer pays late – software credits account, adds late fee in for next bill • Programmer forgot to consider customers who pay exactly on time – their payments were never credited at all! GIT 335 Lecture 9
Security Issues: ThreatsErrors & Accidents • Electromechanical problems • Mechanical systems wear out • Power failures shut down computers unless you have battery backup • Using cellphones and Blackberries while driving can cause people to crash • Dirty data problems • Incomplete, updated, or inaccurate data • Check your records – medical, school, and credit to make sure they are accurate • Natural hazards can lead to disasters GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Two types of computer crime • It can be an illegal act perpetrated against computers or telecommunications • It can be the use of computers or telecommunications to accomplish an illegal act GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Theft of hardware • Theft of software • Theft of online music and videos • Theft of time and services • Theft of information • Internet-related fraud • Taking over your PC • Crimes of malice • Computer criminals GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Theft of hardware can range from • Shoplifting an item from a computer store • Stealing an entire PC or laptop • Theft of software • Pirated software is software obtained illegally • This includes “softlifting” - buying one copy of the software and using it on multiple computers • Software makers have prosecuted both companies and individuals including students for software piracy GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Theft of online music and movies • Entertainment industry takes this seriously and prosecutes offenders • Stealing music • Illegal file swapping services • Damages can be up to $150,000 per song • Stealing movies • The film industry has taken aggressive aim at pirated movies • 11-nation crackdown announced in 2005 GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Theft of time and services • Theft of computer time at work • Surfing or playing games when you should be working • Some employees violate policy by conducting personal business online such as online auctions from work • Most employers have policies against viewing X-rated web sites at work • Theft of phone services • Phone phreaks use company phone systems to make “free” unauthorized long distance calls • Why break the law, when you can get free long distance over the internet using Skype (www.skype.com) GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Theft of Information • A common crime today • Can include theft of personal information, medical information, or credit card and financial information • Legislation to make it a crime to steal someone’s identity was the 1998 Identity Theft and Assumption Deterrence Act • The U.S. Department of Justice discusses their approach to this crime at http://www.usdoj.gov/criminal/fraud/idtheft.html • If you are a victim of identity theft, you may file a report online at the Federal Trade Commission’s website at https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03 GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Internet-related Fraud • Because it lends itself to anonymity, internet-related fraud is becoming more common • Well-known examples include: • Nigerian letter scam • Letter says you can get a lot of money out of Nigeria if you pay a “money transfer fee” first • Evil twin attacks • A cracker sets up an attack computer as a duplicate public access point in a public location • Phishing • Sending emails that appear to come from a trusted source that links you to a website where you type in personal information that is intercepted by the phisher GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Internet-related Fraud (continued) • Pharming • Malicious software is implanted in your computer that directs you to an imposter web page • Trojan horses • A program such as a “free” online game or screensaver that loads hidden programs that take over your computer or cause mischief without your knowledge • For example, Windows users who install the phony MSN Messenger Version 8 "beta" are actually installing an IM worm that spreads to their IM contacts, and connects their computer to a remote control "bot" network run by malicious hackers GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Crimes of Malice: Crashing entire computer systems • Sometimes criminals are more interested in vandalizing systems than they are in gaining control of them • In 2003, an entrepreneur with a grudge because he lost a sale retaliated by shutting down the WeaKnees website • Crackers regularly attempt to crash Microsoft’s website • Security specialists monitor for possible cyber-attacks on electrical and nuclear power plants, dams, and air traffic control systems • Crackers have attacked the internet too and brought down large sections of it GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Computer criminals may include • Individuals or small groups who • Use fraudulent email and websites • Steal peoples’ identities for monetary gains • Show off their power for bragging rights • Employees who • Have a grudge against their current or former employers • Have a grudge against another employee • Sell their company’s secrets for personal profit • Outside partners and company suppliers GIT 335 Lecture 9
Security Issues: ThreatsComputer Crimes • Computer criminals may also include • Corporate spies • Enemy foreign intelligence services • Organized crime • Vandals & Terrorists • Computer criminals do not include your employer, who is legally allowed to monitor the computers at work • Check your company’s computer usage policy • Make sure you follow the rules • Know that any data you store in the computer at work – including emails – is company property GIT 335 Lecture 9
Security: SafeguardingComputers & Communications • Security is • A system of safeguards for protecting information technology against disasters, system failures, and unauthorized access that can result in damage or loss • Computer Security’s Five Components • Deterrence of computer crime • Identification and access • Encryption • Protection of software and data • Disaster recovery plans GIT 335 Lecture 9
Security: SafeguardingComputers & Communications • Deterrents to computer crime • Enforcing laws • CERT: The Computer Emergency Response Team • Provides round-the-clock information on international computer security threats • The CERT website is www.cert.org • For example, on December 15, 2005 announced a partnership between the US and ictQatar, the Qatar Supreme Council for Information and Communications Technology, to conduct and coordinate cybersecurity activities • On December 13, 2005 CERT issued alert SA05-347A documenting Windows Explorer vulnerabilities GIT 335 Lecture 9
Security: SafeguardingComputers & Communications • More deterrents to computer crimes • Tools to fight fraudulent and unauthorized online uses • Rule-based detection software • Predictive-statistical-model software • Employee internet management software • Internet filtering software • Electronic surveillance • Verify legitimate right of access • Use cards, keys, signatures, and badges • Use PINs and passwords • Use physical traits and personal identification GIT 335 Lecture 9
Security: SafeguardingComputers & Communications • Encryption • The process of altering readable data into unreadable form to prevent unauthorized access • Advantage: encrypting data that is available over the internet keeps thieves and crackers from reading it • On Dec. 7, 2005, Guidance Software, a maker of Computer Forensics software, informed their customers that criminals had stolen their credit cards because Guidance had FAILED to encrypt a database that was accessible over the internet • Disadvantage: encrypting data may prevent law-enforcement officials from reading the data criminals are sending to each other GIT 335 Lecture 9
Security: SafeguardingComputers & Communications • Three ways to protect software & data • Control of access to restrict usage • Audit controls to document who used what programs and computers and when • People controls include screening applicants, background checks, monitoring internet, email, and computer usage GIT 335 Lecture 9
Security: SafeguardingComputers & Communications • Disaster-recovery plans • A method of restoring information-processing operations that have been halted by destruction or accident • Reinforced by 2001 World Trade Center attack • Reinforced by company data losses incurred during 2005 Hurricane Katrina • Plans range in price and complexity from • Backing up data from disk to tape, CD, or zip disk, with a UPS • Automatically storing data redundantly in two places, with a generator • Having an off-site computerized data storage center with independent power supply • Having a complete “hot” redundant data center that can instantly be used if there is a disaster More $$$ GIT 335 Lecture 9
Quality-of-Life Issues • Information Technology misuse can result in • Environmental problems • Manufacturing computers and circuits can cause pollution • Computer component manufacturing employees may be exposed to toxic substances • Used computers/monitors contain chromium, cadmium, lead, mercury, PVC, and brominated flame retardants – all toxic substances that must be disposed of properly GIT 335 Lecture 9
Quality-of-Life Issues • Information Technology misuse can result in • Exacerbation of mental-health problems • Isolation; computer gamers may substitute online games for interpersonal interaction • Online gambling can be addictive • Many users find PCs stressful • Internet usage by children can expose them to online predators GIT 335 Lecture 9
Quality-of-Life Issues • Information Technology misuse can result in • Proliferation of pornography • Online pornographers use pop-up ads and internet search engines to troll for new customers • This means that children may be exposed to porn when involved in innocent online searches • Parents may use online blocking software like Cybersitter, Cyber Patrol, or Net Nanny to prevent this GIT 335 Lecture 9
Quality-of-Life Issues • Parental responses to protecting children from online porn • Online blocking software • DVD filters • Videogame rating systems • The V-chip • “xxx” web addresses • Monitor internet use • Be candid to your children about the threats • Save evidence and block messages to prevent cyberbullying GIT 335 Lecture 9
Quality-of-Life Issues • Information technology misuse can result in • Workplace problems • Misuse of technology • Fussing with computers can waste time • Information overload GIT 335 Lecture 9
Economic & Political Issues • Technology may affect the gap between the rich and the poor • Most jobs require employees who are tech-savvy • People who are not tech-savvy won’t qualify for those jobs • Technology is being used to replace employees in traditional jobs, traditionally filled by untrained workers • Internet is not controlled • This means that information moves freely on the internet • Nondemocratic governments can’t control internet political activism • Internet is only loosely policed, so criminals take advantage GIT 335 Lecture 9