Exploring Security and Privacy Issues

Living Online Lesson 6

Internet and Web Page Design

Lesson Objectives

• Identify types of computer crimes.• Identify the “work” of hackers.• Identify computer viruses.• Describe how privacy is invaded because of

computer use.• Identify various security measures.• Describe software piracy.• Identify computer-related laws.

Types of Computer Crimes

• Definition: Conduct that involves the manipulation of a computer or computer data in order to obtain money, property, or value dishonestly or to cause loss.

• Examples– Stealing money from bank accounts– Stealing information from other people’s

computers

• Indicators of computer fraud– Low staff morale: unhappy employees who

decide the company owes them.– Unusual work patterns.– Employees who appear to be living beyond

their income

Computer Fraud

Computer Hacking

• Definition: invading someone else’s computer, usually for personal gain or just for the fun of it.

• Usually computer experts• Steal money• Change or damage data stored on a computer• Causes millions of dollars of damage each year

Computer Viruses

• Definition: a program that has been written, usually by a hacker, to cause corruption of data on a computer.

• Viruses attach to an executable file• Spreads from one file to another once the

program is run or used• Can cause major damage to a computer’s

data • Can display messages on the screen

Types Computer Viruses

Computer Virus: Worm• Makes many copies of itself until

the computer system slows down or actually stops

• Worms do not have to attach themselves to other files

• Example:– Dialer.AxFreeAccess is a dialer

program that can phone high cost numbers from the compromised computer.

Computer Virus: time bomb

• Does not cause damage until a certain date or until the system has been booted a certain number of times.

• Example– BAT.Bomb is a batch script that grows in

size, taking up any free space on the hard drive partition on which it resides. This will cause a dramatic slowdown in performance and operating system instability.

Computer Virus: logic bomb

• Triggered by the appearance or disappearance of specified data

Computer Virus: trojan horse

• Does something different from what it is expected to do

• Example– AOL4Free: This trojan horse first

searches for the DOS program DELTREE.EXE in various directories, and then uses DELTREE.EXE to delete all files from your C drive.

Ways to protect your computer against virus damage

• Anti-virus software• Scan email attachments before you open them• Scan other files copied to diskettes or

downloaded from the Internet

Other Computer Crimes• Theft of time

– Committed regularly on a job– An employee uses a company’s computer for

personal use

• Theft of output– Using the information seen on someone’s computer

screen

• Data Diddling– Changing data before or after it is entered into the

computer – Usually committed by someone who is entering,

recording, encoding, or checking data who has access to documents to change information

Computer crimes are difficult to prove and prosecute.

Other Computer Issues

Privacy

• Information is being gathered about you as you surf the Internet

• Companies create databases and sell or trade this information to others

• The results after being sold causes your name to be added to mailing lists.

• Lists are used for marketing purposes.• Junk e-mail (spam) is used for the same purpose.• Credit history is also available to be sold.• Information sent by e-mail at work or school can be

accessed without your permission.

Security

• Need to keep hardware, software, and data safe from harm or destruction

• Some risks– Natural– Accidents– Intentional

• Companies protect data by controlling access– Most common form: passwords– Passwords are changed periodically

Other Security Measures

• Maintain and enforce security measures that are already in place.

• Electronic identification cards to access certain areas

• Firewalls (special hardware and software)• Anti-virus software• Selective hiring process• Careful screening of potential employees• Regular backing up of data and storing it

Other Security Measures

• Biometric security measures– Hardware and software used to examine a

fingerprint, voice pattern, iris or retina of the eye

Software Piracy

• Definition: illegal copying and using software

• If sued for civil copyright infringement, the penalty is up to $100,000 per title infringed.

• If charged with a criminal violation, the fine is up to $250,000 per title infringed and up to five years imprisonment.

Classifications of Software

Commercial Software

• Commercial Software is generally developed for license to users for a fee.

• An example of commercial software is MS Word ®, whose licensor is Microsoft Corporation.

• Companies that develop and distribute commercial software have become increasingly vigilant about guarding their valuable corporate assets (software copyrights) by pursuing unauthorized users.

Shareware

• Different from commercial software in that it can be copied (usually by downloading from the Internet) at no cost for a trial period.

• However, Shareware is still protected by copyright. After the copy of the software is tested or the free trial period expires, the user must purchase a license for the shareware or delete, uninstall or otherwise destroy the copy of the shareware.

• The software is still protected by copyright law and is subject to the terms of the licensing agreement.

Freeware

• Software that is protected by copyright but can be copied as either an archival (backup) copy or for use as long as the use is not for profit.

• Some Freeware can be de-compiled(change it) and modified without the permission of the copyright holder, but generally any new program derived from Freeware must also be designated as Freeware and not sold for profit.

• It is important to understand that all software that is freely attainable is not Freeware. For example, while Microsoft and Netscape currently distribute respectively Internet Explorer and Navigator browser software for free, neither is Freeware

Public Domain

• Copyrighted software enters the Public Domain when a copyright holder specifically surrenders all rights to the software.

• This kind of software is not protected by copyright and can be freely copied, modified or de-compiled without license or permission.

• Any new programs derived from this software are not subjected to limitations or conditions on distribution.

• All intellectual property works are assumed by law to be copyrighted.

• Therefore, for software to become public domain software the holder must explicitly designate such software as being public domain. A user's incorrect assumption that certain software was in the public domain will not likely constitute a valid defense against a charge of copyright infringement.

Laws for Technology Abuse

• Copyright Act of 1976– Protects the developers of software

• Computer Matching and Privacy Protection Act, 1988– Regulates how federal data can be used to determine

whether an individual is entitled to federal benefits

• Electronic Communications Privacy Act, 1986– Prohibits the interception of data communication

• Computer Fraud and Abuse Act, 1986– Prohibits individuals without authorization from knowingly

accessing a company computer to obtain records from financial communications

• Software Piracy and Counterfeiting Amendment of 1983

• Many states have individual laws governing computer crimes

Organizations Against Piracy

Software and Information Industry Association

• Represents software developers of all types and sizes

• Lobby lawmakers for tougher anti-piracy laws• Takes proactive steps to stop pirates. • The organizations offer rewards to persons

who report pirates or acts of piracy• Help businesses perform voluntary software

audits • Works with law enforcement officials to

conduct involuntary audits.

Business Software Alliance

• Promotes global policies that foster innovation, growth and a competitive marketplace for commercial software and related technologies.

• Strong copyright protections, cyber security and barrier-free trade are crucial to achieving these goals.

Summary• Computer crime has become a major problem, costing

companies billions of dollars annually.• Computer fraud is conduct that involves the

manipulation of a computer or computer data for dishonest profit.

• Computer hacking involves invading someone else’s computer for personal gain. Sometimes it is done for financial gain and sometimes just as a prank.

• A computer virus is a program that has been written to cause corruption of data on a computer. There are different variations of viruses. These include worms, time bombs, logic bombs, and trojan horses.

• To protect yourself against viruses, install and keep an antivirus program running on your computer. Be sure to update it regularly.

Summary (cont’d)• E-mail attachments can contain viruses. It is a good idea to save

any message to disk if you are not familiar with the sender. After saving it to a disk, you can scan it for viruses.

• Personal privacy has been invaded by the computer. Information about our personal lives is freely available.

• Other computer crimes include theft of computer time, data diddling, and using information from another person’s screen or printouts

• Companies purchase personal information obtained on the Internet to sell to various companies for marketing purposes.

• Computer security is necessary in order to keep hardware, software, and data safe from harm or destruction.

• The best way to protect data is to control access to the data. The most common way to control access to data is to use passwords.

• Laws have been passed in an effort to assist those who have been injured by computer crimes and offenses.