Ch 9 - The Personal and Social Impact of Computers

  • Computer Waste: inappropriate use of computer technology and resources   * Computer related mistakes: errors, failures, and other computer problems that make computer output incorrect or not useful

  • Causes of computer waste: Improper management of information systems and resources   * Discarding of old software/computer systems when they still have value   * Building and maintaining complex systems that are not used to their fullest extent   * Using corporate time/technology for personal use   * Spam

\

  • Preventing computer release waste and mistakes:   * Establishing policies and procedures (for proper waste disposal)   * Implementing policies and procedures   * Monitoring policies and procedures   * Reviewing policies and procedures

  \

  • Computer Crime: often defies detection, is the theft of intellectual property. Criminals require two tools to be able to commit computer crimes:

     1. Knowing how to access computer systems   2. Manipulating the system to produce desired result

\

  • Examples:   * Social engineering   * Dumpster diving   * Counterfeit and banking fraud using legitimate desktop publishing programs

\

  • Cyberterrorist: someone who intimated or coerces a government or organisation to advance their political or social objectives by launching computer based attacks against computers or networks   * The goal is to gather all information stored in them

  • Identity Theft: imposter obtains key pieces of personal identification information to impersonate someone else

  \

  • Illegal access and use of information:   * Hacker: learns about and uses computer systems   * Criminal hacker (cracker): gains unauthorised use or illegal access to computer systems   * Script bunnies: automate the job of crackers   * Insider: employee who compromises corporate systems   * Malware: software programs that destroy or damage processing   * Virus: computer program file capable of attaching to disks or other files and replicating itself repeatedly     * without the owner’s permission

      \

  • Worm: parasitic computer program that can create copies of itself on infected computer or send copies to other computers via a network   * Trojan horse: malicious program that disguises itself as a useful application and purposefully does something the user does not expect   * Logic bomb: type of trojan horse that executes when specific conditions occur   * Triggers for logic bombs include a change in a file by a particular series of keystrokes or at a specific time or date

  \

  • Avoiding viruses and worms:   * Installing antivirus software on your device   * Update antivirus software regularly   * Backup files regularly   * Do not open suspicious files or links

  \

  • Antivirus program: software that runs in the background to protect your computer from dangers lurking on the internet and other possible sources of infected files   * Tips:     * Run and update antivirus software     * Scan all CD’s before using them     * Only install softwares from well-known websites     * Take immediate action if a virus is detected

      \

  • Software Piracy: act of illegally duplicating software

  • Internet software piracy: illegally downloading software from the internet   * Most rapidly expanding type of software piracy   * Most difficult to combat   * Can be served penalties   * Examples: pirate Websites, auction sites that offer counterfeit software, peer-to-peer networks

  • Phishing: gaining access to personal information by redirecting user to fake site

\

  • Crime prevention by corporations:   * Public key infrastructure (PKI): enables users of an unsecured public network such as the internet to securely and privately exchange data   * Uses public and private cryptographic key pair that is obtained and shared through a trusted authority   * Biometrics: measurement of one of a person's traits, whether physical or behavioural

  \

  • Using intrusion detection software:   * Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion     * Intrusion activities: failed login attempts, suspicious behaviour     * Can provide false alarms     * Email or voice message alerts may be missed   * Managed security service provider (MSSP): organisational that monitors, managers, and maintains network security for both hardware and software     * Sifts through alarms and alerts from all monitoring systems     * May provide scanning, blocking, and filtering capabilities

    \

  • Platform for privacy preferences (P3P): Screening technology that shields users from websites that do not provide the level of privacy protection they desire
  • Ergonomics: science of designing machines, products, and systems to maximise the safety, comfort, and efficiency of the people who use them
  • Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behaviour

\