CIS 115: Chapter 8

Cookie-Is a small file that contains information about you and your web activities.

Privacy and Employees

• Use strong passwords
• Use different passwords
• Change password every 60 days
• Check your credit report at least once year at all thee credit reporting agencies Experian,Transunion and Equifax
• Dont Carrie around your social security number

Store personal documents you keep in a non public place

Hardware key logger is a hardware device that captures keystokes on their journey from the keyboard to the motherboard.

Key logger, or Key trapper, software, is a program that, when installed on a computer, records every keystroke and mouse click. It records all email, instant messege, chat room exchanges, Web sites you visit, applications you run, and passwords you type in on that computer.

IDENTITY THEFT

• Embezzlement
• Computer Aided Fraud

• Hackers
• Computer Virus
• Worm
• Denial-of-service attack (DoS)

~flood the server or network with so many requests for service that it slows down or crashes

Security precautions:

~detects and removes or quarantines computer viruses.

Access Authentication

• Biometrics
• Password

Encryption & Public Key Encryption

CIS: Chapter 8

$1.25

April 7 - 11, 2014

Protecting People and Information

SLO #3A

Introduction

Privacy

Protecting yourself from identity theft

Privacy

Store personal documents in a secure non public place

Shred personal documents

Introduction:

Privacy is the right to be left alone when you want to, to have control over your own personal possessions, and not to be observed without your consent. It's the right to be free of unwanted intrusion into your personal life. This section will exam some specific areas of privacy: individuals snooping on each other; employer's collection of information about employees; businesses' collection of information about consumers; government collection of personal information;and the issue of privacy in international trade.

is the forging of someone's identity for the purpose of fraud.

is a technique to gain personal information for the purpose if identity theft, usually by means for fraudulent e-mail.

• Phishing

(also called carding or brand spoofing)

• Spear phishing

is phishing that is targeted to specific individuals.

• Whaling

the use of phishing targeted at senior business executives and other types of high- profile in individuals.

• Pharming

is the rerouting of your request for a legitimate web site. (you may type in the correct address for your bank and be redirected to a fake site that collects information from you)

Threats and Safeguards

There are three ways to handle information:

• The importance of ethics in the ownership and use of information.
• The importance to people of personal privacy and the ways in which it can be compromised.
• Threats to information and how to protect against them (security).

These examples are questionable from an ethical viewpoint:

• People copy, use, and distribute software they have no right to.
• Misguided people create and spread viruses that cause trouble for those using and maintaining IT systems
• Employees destroy or steal proprietary schematics, sketches, customer lists, and reports from their employers.

SLO #3B

Privacy and Consumer

Ethics

Business face a dilemma.

Customers want business to know who they are, but , at the same time, they want them to leave them alone.

Customers want businesses to provide what they want, but, at the same time, they don't want businesses knowing to mucc about their habits and preferences

Customers want businesses to tell them about products and services they might like to have, but they dont want to be inundated with ads.

Web Log

Consist of one line of information for every visitor to a Web site and is usually stored on a Web server.

Clickstream

Records information about your during a Web surfing session such as what what Web site your visited, how long you were there , what ads you looked at, and what you bought.

Anonymous Web browsing (AWB)

Services, which, in effect, hide your identity from the Web sites you visit.

Law Enforcement

You've often heard about someone being apprehended for a grievous crime after a routine traffic stop for something like a broken taillight.

COOKIES

The basic tool of consumer web monitoring is the cookie. A cookies is a small file that contains information about you and your web activities, which Web site your visit places on your computer. a cookie has many uses.

SPAM

is unsolicited e-mail from businesses that advertise goods and services. Often spam mass mailing \advertise pornography, get-rich-quick schemes, and miracles cures.

ADWARE AND SPYWARE

if you've downloaded a game or other software from the Web for free, you may have noticed that it came with banner ads. These ads are collectively know as adware. ADWARE is software to generate ads that installs itself on your computer when you download some other program from the Web.

Trojan horse software

Meaning that it's a software you don't want hidden inside software you do want. there's usually a disclaimer, buried somewhere in the multiple "I agree" screens, saying that the software includes this adware.

SPYWARE

is malicious software that collects that collects information about and your computer and reports it to someone without your promission.

Other Federal Agencies

The internal revenue services (IRS) gets income information from taxpayers. But the agency has acess to other databases, too.

Laws on privacy

The united States doesn't have a compregensive or consistent set of laws governing the use of information. However, some laws are in place.

Intellectual Property

Ethics can be defined as the principles and standards that guides our behavior toward other people.

This is intangible creative work that is embodied in physical form.

Two factors that determine how you decide ethical issues.

Factor one: This is your basic ethical structure that you developed when you grew up.

Factor Two: A set of practical circumstances inevitably involved in the decision that you are trying make, that is, all the shades of gray in what are rarely black or white decisions.

Intellectual Property is the intangible creative work that is embodied in physical form.

Copyright is the legal protection afforded an expression of an idea, such as a song, video game, and some types of proprietary documents.

Fair Use Doctrine says that you may use copyrighted material in certain situations, for example, in the creation of new work or, within certain limits, for teaching purposes.

Pirated Software is the unauthorized use, duplication, distribution, or sale of copyrighted software.

Security

Closing Case Study

Security and employees:

Group 1:

Group 3:

Group 2:

Group 4:

• Anti-virus software
• Firewall

~ hardware and/or software that protects a computer or network from intruders.

Security and outside threats:

Sony Reels from Multiple Hackers Attacks

• Sony lost approximately 3.2 billion dollars. But, they seem to have recovered from the losses because people love the PS4

The use of physiological characteristics- such as our finger print, the blood vessels in the iris of your eye, the sound of your voice, or perhaps even your breath- to provide identification.

~generally knowledgeable computer users who use their knowledge to invade other people's computer

For 23 days, Sony PlayStation Network (PSN) was hacked and down in results making many PSN members lose all of their vital information. Not only did Sony not take this matter seriously, they completely down played the situation. At the end, Sony took a hit of 177 million dollar to assess their damage control after downplaying did not turn out to be effective. After all this, many would question Sony's ability to encrypt sensitive data and their concern for their gamers.

~Software that is written with malicious intent to cause annoyance or damage.

~A type of virus that spreads itself, not just from file to file, but from computer to computer via email and other internet traffic.

• We all agree that people that steal others identification should be prosecuted
• We also think that hackers can be used for good things such as:
• Helping to catch other hackers
• Testing a systems security

~Scramble the contents of a file so that you can't read it without having the right decryption key.

~An encryption system that uses two keys:

• A public key that everyone can have.
• A private key for only the recipient.

• We discussed about private and consumers, cookies, spam, adware and spyware, law enforcement, other federal agencies.

BUSINESS FACE DILEMMAS

Customers want businesses to know who they are, but, at the same time, they wantm to leave them alone

COOKIES

You have two options if you want to block cookies. First, you can set your browser to accept or reject all cookies. Second, you can get cookie management software with additional options that are not available on your browser.

SPAM

Many states have passed laws to regulate spam and Federal Goverment passed an anti-spam law in 2003 called the CAN-Spam act, which was widely criticized by anto-spam activists as legitimizing spam, since it set down rules for spamming rather than banning it altogether

SPYWARE

Spyware is fast becoming the hidden cost of free software. Software such as Kazaa Media Desktop and Audiogalaxy, the successors to Napster for sharing music and other file online, includes spyware.

PRIVACY AND GOVERNMENT AGENCIES

Government agencies have about 2,000 databases containing personal information on individuals. The various branches of government need information to administer entitlement programs, such as social security, welfare, student loans, law enforcement, and so on.

in April 17, 2011, and April 19, 2011, the Sony PlayStation network (PSN) was hacked. personally identifiable information (PII) on some 77 million users was compromised. on April 20, Sony announced that it was taking down the PSN site, preventing owners of PlayStation 3 and PlayStation portable consoles from participating in any online activities on the PSN network.

The outage lasted for approximately 23 days, until May 15, when Sony began bringing some gaming services back online on a country-by-country basis starting with North America. During the 23-day outage, Sony postured, hoping to downplay the significance of the breach.

Sony admitted that its PlayStation network had been the target of one of the largest data breach ever. it offered free game time for returning customers and other perks. it even announced that it was paying $1 million in identity theft insurance for each of its compromised users. the insurance was to last 12 months and include internet surveillance and complete identity repair in that the cost of the PSN outage would be $177 millions

The lawsuit alleged many things including:

• Sony failed to encrypt data
• Sony failed to provide prompt and adequate warning of a security breach to users
• Sony created unreasonable delays in bringing PSN services back online.

• Companies down play and don't accurately report breeches of security to protect themselves.

• Two of us have been victims of someone that was not us using our accounts, but none of us have actually been victims of identity theft.