Computers Are Your FutureTenth Edition
Chapter 9: Privacy, Crime, & Security
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 1
22
All rights reserved. No part of this publication may be reproduced, stored in a
retrieval system, or transmitted, in any form or by any means, electronic,
mechanical, photocopying, recording, or otherwise, without the prior written
permission of the publisher. Printed in the United States of America.
Copyright Copyright ©© 2009 Pearson Education, Inc. 2009 Pearson Education, Inc.
Publishing as Prentice HallPublishing as Prentice Hall
What You Will Learn
� Understand how technological developments are eroding privacy and anonymity.
� List the types of computer crime and cybercrime.
� List the types of computer criminals.
� Understand computer system security risks.Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 3
What You Will Learn
� Describe how to protect your computer system and yourself.
� Define encryption and explain how it makes online information secure.
� Describe the issues the government faces when balancing the need to access encrypted data and the public’s right to privacy.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 4
Privacy, Crime, & Security
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 5
Privacy in Cyberspace
� Privacy is the ability of a person or entity to control and prevent others from collecting, using, and selling personal, confidential information.
� With the use of computers and the Internet, having anonymity, the means to communicate without disclosing your identity, has become more difficult to achieve.Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 6
Privacy in Cyberspace
� Technologies that jeopardize online anonymity include:
� Cookies
� Global unique identifiers
� Ubiquitous computing
� Radio frequency identification
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 7
Privacy in Cyberspace
� After a user visits a Web site, a small text file known as a cookie may be written to the user’s hard disk by the Web site. � Although some cookies are used for justifiable reasons, this is not always the case.
� Some cookies are used to gather personal information without the user’s consent.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 8
Privacy in Cyberspace
� Anonymous use of the Internet is made more difficult through the use of global unique identifiers (GUIDs), an identification number produced by software or a piece of hardware.
� Companies that have GUIDs integrated into their products usually do not inform the public.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 9
Privacy in Cyberspace
� The tendency to interact with more than one computer at a time is called ubiquitous computing.
� Given that smaller devices such as smartphones can receive and transmit personal user information, if they are lost, the privacy of the user could be compromised.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 10
Privacy in Cyberspace
� Radio frequency identification (RFID) uses radio waves to track a chip or tag. � Often used for inventory control in stores� Example of a concern about RFID technology:
� It could compromise a person’s anonymity and privacy if information stored on RFID tags attached to U.S. passports is misused
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 11
Privacy in Cyberspace
� To protect society, governments should provide privacy rights including but not limited to:� Informing users of the collection of information and its intended use.
� Allowing users to give or deny their consent to have their information collected.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 12
Privacy in Cyberspace
� Privacy online:� Use protective software or devices such as Anonymous Surfing or IronKey Secure USB flash drives when using the Internet.
� Create e-mail addresses from free Web-based services whenever you use your e-mail address for such things as chat rooms and mailing lists.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 13
Privacy in Cyberspace
� Privacy online (continued):
� Teach children the importance of getting permission prior to giving out personal information over the Internet.
� Before you fill out any online registration forms, make sure the privacy policy statement of a Web site states that the information provided will not be sold.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 14
Privacy in Cyberspace
� Privacy at home:� GPS capabilities are embedded in newer cell phones so they can be located.
� Services such as Wherify and uLocate can determine the precise location of a cell phone.
� Software is available to determine and provide notification when a cell phone leaves a specific geographic area.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 15
Privacy in Cyberspace
� Privacy at work:� Refrain from making personal calls on a work phone.
� Avoid using a company e-mail account for personal purposes.
� Assume that your actions at work are being monitored.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 16
Privacy in Cyberspace
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 17
Computer Crime & Cybercrime
� Actions that violate the law are known as computer crimes.
� Crimes perpetrated through the use of the Internet are cybercrimes.
� The area of law dedicated to computer crime is called cyberlaw.
� Many Web sites educate users about cybercrime and cybercriminals.Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 18
Computer Crime & Cybercrime
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 19
Computer Crime & Cybercrime
� Types of computer crime
� Identify theft: A criminal gains access to personal information in order to impersonate another
� Phishing: Legitimate-looking e-mails or Web sites are created in an attempt to obtain confidential data about a person for illegal purposes.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 20
Computer Crime & Cybercrime
� Types of computer crime (continued)
� Malware (short for malicious software): programs developed to intentionally harm or gain access to a computer system without permission.
� Includes spyware, viruses, worms, zombies, and Trojan horses
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 21
Computer Crime & Cybercrime
� Types of computer crime (continued)
� Spyware: software that gathers private information and tracks Web use, and provides that information to third parties
� Adware: a form of spyware that generates annoying pop-up and banner ads
� Keyloggers: keep track of keystrokes to provide cybercriminals with confidential data
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 22
Computer Crime & Cybercrime
� Types of computer crime (continued)
� Computer virus: code that is concealed inside a program and intended to harm or destroy files
� File infectors attach themselves to files.
� Boot sector viruses attach to the first tracks on a hard drive and execute each time you start the computer.
� Macro viruses attach to data files and take advantage of application macros.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 23
Computer Crime & Cybercrime
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 24
Computer Crime & Cybercrime
� Rogue forms of malware include:
� Time bomb: A virus program that remains dormant on a computer system until it is activated by a specific event
� Worm: Similar to a virus but does not need the action of a user to execute the code and cause damage
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 25
Computer Crime & Cybercrime
� Denial of service (DoS) attack
� Assaults an Internet server with so many requests that it cannot function
� Accomplished through zombies, individual computers in a botnet—a group of “hijacked” computers.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 26
Computer Crime & Cybercrime
� Trojan horse
� Normal-looking program that includes concealed instructions
� Created to cause harm
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 27
Computer Crime & Cybercrime
� As the stealing of private and confidential information increases, the possibility of fraud also increases.
� The physical stealing of computer equipment is also growing, especially computer components such as microprocessors and chips.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 28
Computer Crime & Cybercrime
� Types of fraud and theft
� Memory shaving: only a portion of RAM is stolen to make the theft less evident
� Password stealing: unauthorized gathering of passwords
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 29
Computer Crime & Cybercrime
� Techniques to obtain passwords
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 30
Computer Crime & Cybercrime
� Types of fraud and theft (continued)
� Salami shaving: an embezzlement tool in which a program takes a little money from numerous accounts
� Data diddling: individuals change data so that it is hard to determine that the resulting theft has occurred
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 31
Computer Crime & Cybercrime
� Types of fraud and theft (continued)
� Forgery: information is transmitted over the Internet as if from a user by an illegal source that appears to be legitimate.
� A high percentage of cybercrimes go unreported because of blackmail.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 32
Computer Crime & Cybercrime
� Crackers
� Cybergangs
� Virus authors
� Swindlers
� Shills
� Cyberstalkers
� Sexual predators
� Cyberbullies
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 33
� Types of computer criminals
Computer Crime & Cybercrime
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 34
� Examples of Internet Scams
Computer Crime & Cybercrime
� Cyberstalkers use the Internet, social networking sites, and e-mail to harass or threaten an individual.
� Most perpetrators are men.
� Most victims are college-age women.
� Cyberbullies send threatening messages via e-mail or text messages.
� Cyberbullying involves minors.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 35
Security
� Computer security risk is:
� Any intentional or unintentional action that results in damaging a computer system and/or its data
� Increased by wireless LANs because transmissions occur over shared airwaves instead of dedicated lines.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 36
Security
� Security options available for wireless networks include:
� WEP (Wired Equivalent Privacy)
� WPA (Wi-Fi Protected Access)
� WPA2
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 37
Security
� Threats to the security of computer systems include:
� Corporate espionage
� Information warfare
� Security loophole detection programs
� Attacks on safety-critical systems
� Terrorism
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 38
Security
� To reduce security risks:
� Use an uninterruptible power supply (UPS), which supplies additional power during power outages or electrical current fluctuations to prevent damage or loss to computer components and/or data.
� Control access to computer systems though appropriate password selection and know-and-have authentication.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 39
Security
� To reduce security risks (continued):
� Use biometric authentication—the use of voice recognition, retinal scans, and fingerprint scans for authentication purposes.
� Incorporate firewalls, which can be hardware or software, to prevent unauthorized access.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 40
Security
� Avoiding scams on the Internet and preventing cyberstalking
� Use common sense.
� Don’t give out personal information.
� Be cynical of information provided in chat rooms.
� Read documents carefully.
� Remain cautious when using the Internet.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 41
The Encryption Debate
� Cryptography
� The study of encoding messages
� Encryption
� Method of coding or mixing up a message so that it cannot be understood by unintended recipients
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 42
The Encryption Debate
� Public Key Encryption
� Uses two keys
� Public key to encrypt
� Private key to decrypt
� Used in e-commerce
� Used to implement
� Digital signatures, which guarantee that messages haven’t been tampered with
� Digital certificates, which validate identity
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 43
The Encryption Debate
� Public Key Infrastructure (PKI)
� Uniform set of encryption standards
� Several corporate PKI proposals, including Live ID
� Many fear monopoly if PKI is chosen
� U.S. government proposal
� Included a backdoor that enabled message code to be cracked
� Considered an invasion of privacy
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 44
The Encryption Debate
� Government Solution
� The right to privacy often conflicts with need to know.
� The U.S. government continues its search for ways to balance the public’s right to privacy and the government’s need to know.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 45
What You’ve Learned
� The lack of complete federal regulations to protect the right to privacy for individuals has resulted in numerous Web sites collecting and accumulating personal information.
� Computer crime and cybercrime are on the rise, including such crimes as identity theft, malware, fraud, and theft.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 46
What You’ve Learned
� Computer criminals, such as crackers, cybergang members, and virus authors, are often the cause of the increase in computer security risks.
� Security risks are events, actions, and situations that could lead to losses.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 47
What You’ve Learned
� Although no computer system can be totally safe, you can take simple steps to protect your computer and data.
� Encryption can be used to guard privacy online through public key encryption.
� The government must keep trying to find a balance between its need to know and the privacy rights of individuals.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall 48