1 / 24

Security and Privacy

Security and Privacy. Viruses. Not all programs that cause damage are viruses Computer viruses share two characteristics with their biological counterparts they require a host; they are not complete programs but pieces of code that become attached to (infect) another program

evictorino
Download Presentation

Security and Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security and Privacy

  2. Viruses • Not all programs that cause damage are viruses • Computer viruses share two characteristics with their biological counterparts • they require a host; they are not complete programs but pieces of code that become attached to (infect) another program • they replicate (copy) themselves

  3. Types • boot sector infector: virus affecting the boot program (recall that booting is loading the operating system) • program or file infector: attaches to a program (typically has a .exe or .com extension)

  4. Types (cont.) • macro virus: • a macro is a small program that automates repeated tasks in an application (like Word or Excel) • Macro  virus • a macro virus is a macro used to cause damage • example: Melissa

  5. Bombs and worms • A logic bomb is designed to cause its damage only when a particular condition is met, a special case is a time bomb which goes off at a particular time • e.g. the Michelangelo virus • a worm does not attach itself to another program but fills one’s disk space (memory) with copies of itself

  6. Protection • do not download and run software of questionable origin • install and run an anti-viral utility such as Norton Anti-virus on floppies and on hard drives • Update it frequently • do not have a floppy in the A drive when starting (booting) the computer • disable macros of unknown origin

  7. Unauthorized access and use • Unauthorized access: logging on and using a computer without consent • hacker: one who gains unauthorized access to computers • Unauthorized use: sometimes the user is legitimate but the activity is not, e.g. playing games or downloading certain material or receiving/sending private email at work

  8. Protection against unauthorized access • passwords • should be relatively long • should be a combination of letters and numbers (and symbols if allowed) • should be something you can remember and nobody else can guess • should not be shared • should be committed to memory and not written down on or near the PC

  9. More on passwords • Windows NT (2000) has better password protection than Windows 95 because it was designed as a genuine multi-user operating system • For extra protection, add a password at the BIOS level

  10. Other examples • ATM cards are used to authenticate users and to identify which accounts (files) he or she has access to; there is typically a password or personal identification number (PIN) as well • biometric devices: fingerprint or retina scanner, voice recognition, etc. • better protection • more expensive

  11. Cryptography • one way to secure data, be it in storage or in transit, is encryption • Encryption coverts information in its usual readable form (called plaintext) to information in an encoded, unreadable form (called cyphertext) • PGP (Pretty Good Privacy) program: a good encrypter that works with most email systems

  12. Keys • a key is a formula that encodes information • Single key cryptography uses one key; i.e. encryption and decryption method known to sender and receiver • Public-key cryptography uses two keys:(more secure) • public key: anyone can have used to encrypt • private key: only you have, used to decrypt

  13. Digital signature • use this process in reverse • you can use your private key to encrypt a message • then anyone with your public key can decrypt it • BUT he or she knows who sent it • encryption and digital signatures are what makes secure transactions over the net possible

  14. Encryption controversy • Government should have control over encryption, i.e. be able to decode it • PRO: aid FBI and such in fight against espionage, terrorism, drugs, etc. • CON: if government has this capability, there are those who will use it illegally; it’s no security at all

  15. Gone but not forgotten • Deleting a file is not the end of it • Remember to empty the recycle bin • Even emptying the recycle bin or (quick) reformatting a disk does not completely eliminate your information • Only when the disk space is written over is the information truly disposed of

  16. YOU’RE NOT PARANOID THEY REALLY ARE WATCHING YOU!

  17. Data mining • data mining is collecting information available on a person or group of people • often done for targeted marketing • once a tedious chore, now easily done with computers • They’ll know you by your social security number

  18. Your Privacy Quotient • (from PC World Sept. 1998) • Registered to vote • Bought a house • Had a baby • Owned substantial stock in a company • Given more than $50 to a campaign • Had your dog vaccinated for rabies • Taken out a permit for a yard sale • Paid a fine for an overdue library book

  19. Privacy Quotient (cont.) • Gotten a parking ticket • Participated in a phone survey • Mailed in a warranty card • Entered a contest or sweepstakes • Used your ATM card for any purchase • Rented a movie • Subscribed to a magazine

  20. At work • Electronic supervision: the computer at work can be used to keep track of your activity and/or productivity • email at work is not private; unless explicitly stated otherwise your employer can look at your email • the LAN manager can easily look at your files

  21. The Cookie Monster • a cookie is information about your having visited a web site stored in YOUR computer • you can eliminate or block future cookies • browsers typically keep a list of sites visited, sometimes saved from session to session • it requires work to cover your surfing tracks

  22. Software Piracy • “buying” software does not entitle the purchaser to copy and distribute, doing so is called “software piracy” • Billions of dollars every year, especially rampant in Asia • Public domain: software you are free to use in any way, you should still credit the source

  23. More • Site license: permission for a school or company to run software from a network so one does not need a license for each computer • Plagiarism: claiming another’s work as your own, it may be code, research, writing, music, etc.

  24. References • Discovering Computers 2000 (Shelly, Cashman and Vermaat) • Information Technology: The BreakingWave (Curtin, Foley, Sen, Morin) • PC World, Sept. 1998

More Related