Ch 9 - The Personal and Social Impact of Computers

• Computer Waste: inappropriate use of computer technology and resources

  • Computer related mistakes: errors, failures, and other computer problems that make computer output incorrect or not useful

• Causes of computer waste: Improper management of information systems and resources

  • Discarding of old software/computer systems when they still have value
  • Building and maintaining complex systems that are not used to their fullest extent
  • Using corporate time/technology for personal use
  • Spam

\

• Preventing computer release waste and mistakes:

  • Establishing policies and procedures (for proper waste disposal)
  • Implementing policies and procedures
  • Monitoring policies and procedures
  • Reviewing policies and procedures

  \

• Computer Crime: often defies detection, is the theft of intellectual property. Criminals require two tools to be able to commit computer crimes:

  1. Knowing how to access computer systems
  2. Manipulating the system to produce desired result

\

• Examples:
  • Social engineering
  • Dumpster diving
  • Counterfeit and banking fraud using legitimate desktop publishing programs

\

• Cyberterrorist: someone who intimated or coerces a government or organisation to advance their political or social objectives by launching computer based attacks against computers or networks

  • The goal is to gather all information stored in them

• Identity Theft: imposter obtains key pieces of personal identification information to impersonate someone else

  \

• Illegal access and use of information:

  • Hacker: learns about and uses computer systems

  • Criminal hacker (cracker): gains unauthorised use or illegal access to computer systems

  • Script bunnies: automate the job of crackers

  • Insider: employee who compromises corporate systems

  • Malware: software programs that destroy or damage processing

  • Virus: computer program file capable of attaching to disks or other files and replicating itself repeatedly

  • without the owner’s permission

    \

• Worm: parasitic computer program that can create copies of itself on infected computer or send copies to other computers via a network

  • Trojan horse: malicious program that disguises itself as a useful application and purposefully does something the user does not expect
  • Logic bomb: type of trojan horse that executes when specific conditions occur
  • Triggers for logic bombs include a change in a file by a particular series of keystrokes or at a specific time or date

  \

• Avoiding viruses and worms:

  • Installing antivirus software on your device
  • Update antivirus software regularly
  • Backup files regularly
  • Do not open suspicious files or links

  \

• Antivirus program: software that runs in the background to protect your computer from dangers lurking on the internet and other possible sources of infected files

  • Tips:

  • Run and update antivirus software

  • Scan all CD’s before using them

  • Only install softwares from well-known websites

  • Take immediate action if a virus is detected

    \

• Software Piracy: act of illegally duplicating software

• Internet software piracy: illegally downloading software from the internet

  • Most rapidly expanding type of software piracy
  • Most difficult to combat
  • Can be served penalties
  • Examples: pirate Websites, auction sites that offer counterfeit software, peer-to-peer networks

• Phishing: gaining access to personal information by redirecting user to fake site

\

• Crime prevention by corporations:

  • Public key infrastructure (PKI): enables users of an unsecured public network such as the internet to securely and privately exchange data
  • Uses public and private cryptographic key pair that is obtained and shared through a trusted authority
  • Biometrics: measurement of one of a person's traits, whether physical or behavioural

  \

• Using intrusion detection software:

  • Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion
  • Intrusion activities: failed login attempts, suspicious behaviour
  • Can provide false alarms
  • Email or voice message alerts may be missed
  • Managed security service provider (MSSP): organisational that monitors, managers, and maintains network security for both hardware and software
  • Sifts through alarms and alerts from all monitoring systems
  • May provide scanning, blocking, and filtering capabilities

  \

• Platform for privacy preferences (P3P): Screening technology that shields users from websites that do not provide the level of privacy protection they desire

• Ergonomics: science of designing machines, products, and systems to maximise the safety, comfort, and efficiency of the people who use them

• Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behaviour

\