Ch 9 - The Personal and Social Impact of Computers

Computer Waste: inappropriate use of computer technology and resources

• Computer related mistakes: errors, failures, and other computer problems that make computer output incorrect or not useful

Causes of computer waste: Improper management of information systems and resources

• Discarding of old software/computer systems when they still have value
• Building and maintaining complex systems that are not used to their fullest extent
• Using corporate time/technology for personal use
• Spam

Preventing computer release waste and mistakes:

• Establishing policies and procedures (for proper waste disposal)
• Implementing policies and procedures
• Monitoring policies and procedures
• Reviewing policies and procedures

Computer Crime: often defies detection, is the theft of intellectual property. Criminals require two tools to be able to commit computer crimes:

1. Knowing how to access computer systems
2. Manipulating the system to produce desired result

Examples:

• Social engineering
• Dumpster diving
• Counterfeit and banking fraud using legitimate desktop publishing programs

Cyberterrorist: someone who intimated or coerces a government or organisation to advance their political or social objectives by launching computer based attacks against computers or networks

• The goal is to gather all information stored in them

Identity Theft: imposter obtains key pieces of personal identification information to impersonate someone else

Illegal access and use of information:

• Hacker: learns about and uses computer systems
• Criminal hacker (cracker): gains unauthorised use or illegal access to computer systems
• Script bunnies: automate the job of crackers
• Insider: employee who compromises corporate systems
• Malware: software programs that destroy or damage processing
• Virus: computer program file capable of attaching to disks or other files and replicating itself repeatedly
• without the owner’s permission

Worm: parasitic computer program that can create copies of itself on infected computer or send copies to other computers via a network

• Trojan horse: malicious program that disguises itself as a useful application and purposefully does something the user does not expect
• Logic bomb: type of trojan horse that executes when specific conditions occur
• Triggers for logic bombs include a change in a file by a particular series of keystrokes or at a specific time or date

Avoiding viruses and worms:

• Installing antivirus software on your device
• Update antivirus software regularly
• Backup files regularly
• Do not open suspicious files or links

Antivirus program: software that runs in the background to protect your computer from dangers lurking on the internet and other possible sources of infected files

• Tips:
• Run and update antivirus software
• Scan all CD’s before using them
• Only install softwares from well-known websites
• Take immediate action if a virus is detected

Software Piracy: act of illegally duplicating software

Internet software piracy: illegally downloading software from the internet

• Most rapidly expanding type of software piracy
• Most difficult to combat
• Can be served penalties
• Examples: pirate Websites, auction sites that offer counterfeit software, peer-to-peer networks

Phishing: gaining access to personal information by redirecting user to fake site

Crime prevention by corporations:

• Public key infrastructure (PKI): enables users of an unsecured public network such as the internet to securely and privately exchange data
• Uses public and private cryptographic key pair that is obtained and shared through a trusted authority
• Biometrics: measurement of one of a person's traits, whether physical or behavioural

Using intrusion detection software:

• Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion
• Intrusion activities: failed login attempts, suspicious behaviour
• Can provide false alarms
• Email or voice message alerts may be missed
• Managed security service provider (MSSP): organisational that monitors, managers, and maintains network security for both hardware and software
• Sifts through alarms and alerts from all monitoring systems
• May provide scanning, blocking, and filtering capabilities

Platform for privacy preferences (P3P): Screening technology that shields users from websites that do not provide the level of privacy protection they desire

Ergonomics: science of designing machines, products, and systems to maximise the safety, comfort, and efficiency of the people who use them

Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behaviour