Chapter 9: Privacy, Security and Ethics Flashcards
Technology has had a very positive impact on
People, but some of the impact could be negative
Most significant concerns about technology
1) Privacy: What are the threats to personal privacy, and how can we protect ourselves?
2) Security: How can access sensitive information be controlled, and how can we secure hardware and software?
3) Ethics: How do the actions of individual users and companies affect society?
Privacy
Concerns the collection and use of data about individuals
Accuracy
Responsibility of those who collect data and must be secure and correct
Property
Relates to who owns the data
Access
Responsibility of those who control data and use that data
Large organizations compile
Information about us daily
Big data is
Exploding and ever-growing
90% of the data collected has been
Collected over the last 2 years
Information Resellers/Brokers
1) Collect and sell personal data
2) Create electronic profiles
Personal information is
A marketable commodity, which raises many issues:
Collecting public, but
Personally identifying information (e.g Google’s Street View)
Spreading information without
Personal consent, leading to identity theft
Spreading inaccurate information
Mistaken identity
Freedom of Information Act
Entitlement to look at your records held by government agencies
Employee monitoring software
Employers can monitor email legally
A proposed law could
Prohibit this type of electronic monitoring or at least require the employer to notify the employee first
Illusion of anonymity
People are not concerned about privacy when surfing the Internet or when sending email
When browsing the web, critical information is stored on the hard drive in these locations, and these are included.
1) History Files
2) Temporary Internet Files
3) Browser cache
4) Cookies
5) Privacy Mode
6) Spyware
History Files
Include locations or addresses of sites you have recently visited
Temporary Internet Files/Browser Cache
1) Saved files from visited websites
2) Offers quick re-display when you return to the site
Small data files that are deposited on your hard disk from
Web sites you have visited
First-party cookies
Generated only by websites you are visiting
Third-party cookies
Generated by an advertising company that is affiliated with the website
Tracking cookies
To keep track of your Internet activities through third party cookies
Privacy Modes
Ensure your browsing activity is not recorded on your hard drive
Recognition Mode is
Google Chrome
Private Browsing
Safari
Web bugs
Invisible images or HTML code hidden within an e-mail message or webpage
Spyware
1) Record and report Internet activities
2) Change the browser to manipulate what you view
Computer monitoring software
1) Most invasive and dangerous
2) Keystroke loggers: Record activities and keystrokes
Anti-Spyware programs
Detect and remove privacy threats
Online Identity
The information that people voluntarily post and online
Archiving and search features of
The Web makes it available indefinitely
Major Laws on Privacy
1) Gramm-Leach-Bliley Act
2) Health Insurance Portability and Accountability Act (HIPAA)
3) Family Educational Rights and Privacy Act (FERPA)
1) Gramm-Leach-Bliley Act
Protects personal financial information
2) Health Insurance Portability and Accountability Act (HIPAA)
Protects medical records
3) Family Educational Rights and Privacy Act (FERPA)
Resists disclosure of educational records
Security
Involve protecting individuals or organizations from theft and danger
Hackers
1) Gain unauthorized access with malicious intent
2) Not all hackers are illegal
Cybercrime/Computer Crime
A criminal offense that involves a computer and a network
1) Effect over 400 million people annually
2) Costs over $400 billion each year
Identity theft
Illegal assumption of a person’s identity for economic gain
Internet scams
Scams over the Internet
Data manipulation
Unauthorized access of a computer network and copying files to or from the server
Ransomware
Malicious software that encrypts your computer’s data and ransoms the password to the user
DoS, Denial of Service
Attempt to slow down or stop a computer system or network by flooding a computer or network with requests for information and data
DDoS, Distributed denial of Service
Coordinates several computer making repeated requests for service
Internet Scams
Scams using the Internet
Internet scams have created
Financial and legal problems for many thousands of people
The majority are initiated by
A mass mailing to unsuspecting individuals
Advance fee loans
Guaranteed low-rate available to almost anyone. After the applicant provides personal loan-related information, the loan is granted subject to an “insurance fee payment.”
Auction fraud
Merchandise is selected, and payment is sent. Merchandise is never delivered
Fake Antivirus Software
A website or email warns you that you are at risk of being infected by a computer virus and need to download and install the security software they recommend. Ironically, the security software is fake and will install malicious software on your computer
Nigerian Scam
A classic email scam. The recipient receives an email from a wealthy foreigner in distress who needs your bank account information to safely store their wealth, and for your trouble, you will receive a large amount of money. Of course, once the scammer has your bank account information and your accounts will be drained and they will disappear
Social Engineering
Practice of manipulating people to divulge private data
Social Engineering played a crucial role in
1) Identity theft
2) Internet scams
3) Data manipulation
Phishing
Attempts to trick Internet users into thinking a fake but official-looking website or email is legitimate
Malicious Programs or Malware
Designed by crackers, computer criminals, to damage or disrupt a computer system
Computer Fraud and Abuse Act makes
Spreading a virus a federal offense
3 most common programs
1) Viruses
2) Worms
3) Trojan Horse
Viruses
Migrate through networks and attach to different programs
Worms
Fills the computer with self-replicating information
Trojan Horse
Programs disguised as something else
Malicious Hardware
Criminals use hardware for crimes
The most common are malicious hardware
1) Zombies
2) Rogue Wi-Fi Hotspot
3) Infect USB Flash Drives
Zombies
1) Computers infected by a virus, worm, or Trojan Horse
2) Botnet or Robot Network is a collection of Zombies
Rogue Wi-Fi Hotspot
1) Imitating legitimate free Wi-Fi
2) Capture data coming through the Rogue Wi-Fi
Infect USB Flash Drives
1) Left on purpose in hopes for people to pick up and use
2) Have malicious software contained on them
Measures to Protect Computer Security
Principle measures to ensure computer security
Computer Fraud and Abuse Act
1) Crime for an unauthorized person to view, copy, or damage data using computers across state lines
2) Prevents use of any government or federally insured financial institution computers
Restricting Access
1) Password
2) Biometric scanning
Dictionary Attack
It uses software to try thousands of common words sequentially in an attempt to gain unauthorized access to a user’s account
Biometric scanning
1) Fingerprint scanners
2) Iris (eye) scanner
3) Facial recognition
Ways to perform and automate important security tasks
1) Security suites
2) Firewalls
3) Password managers
Security suites
Provide a collection of utility programs designed to protect your privacy and security
Firewalls
Security buffer between a corporation’s provide network and all external networks
Password managers
Helps to create strong password
Encryption: Coding information to make it unreadable, except to
Those who have the encryption key or key
The key will decrypt the information into
A readable format
Common uses for encryption
1) Email encryption
2) File encryption
3) Website encryption: HTTPS: hypertext transfer protocol secured
4) Virtual private network
5) WPA2 Wifi protected access
Wireless network encryption restricts access to
Authorized users
Anticipating Disaster
1) Physical security
2) Data security
3) Disaster recovery plan
Physical security protects
Hardware
Data security protects
Software and data from unauthorized tampering or damage
A disaster recovery plan describes ways to
Continue operating in the event of a disaster
Preventing data loss
1) Frequent backups
2) Redundant data storage
Store-off site in case of
Loss of equipment
Precautions you as an individual can and should take to make sure that you aren’t the victim of high-tech criminals
1) Update software
2) Be careful when browsing
3) Be alert to email scams
4) Use antivirus software
5) Strong passwords
Ethics
Standards of moral conduct
Computer ethics
Guidelines for the morally acceptable use of computers
1) Copyright and Digital Rights Management
2) Cyberbullying
3) Plagiarism
Copyright
1) Gives content creators the right to control the use and distribution of their work
2) Paintings, books, music, films, and video games
Software piracy
Unauthorized copying and distribution of software
Digital rights management (DRM) controls access to
Electronic media
Digital Millenium Copyright Act protects
Against piracy
Cyberbullying
Use of the Internet to send or post content intended to harm another person
Plagiarism
Representing some other person’s work and ideas as your own without giving credit to the original person’s work and ideas
Most forums and comment areas on websites to
Allow users to post messages anonymously
Future software can
Identify you and track your moves through a mall or store
