Ch 9 - The Personal and Social Impact of Computers

  • Computer Waste: inappropriate use of computer technology and resources
      * Computer related mistakes: errors, failures, and other computer problems that make computer output incorrect or not useful

  • Causes of computer waste: Improper management of information systems and resources
      * Discarding of old software/computer systems when they still have value
      * Building and maintaining complex systems that are not used to their fullest extent
      * Using corporate time/technology for personal use
      * Spam

\

  • Preventing computer release waste and mistakes:
      * Establishing policies and procedures (for proper waste disposal)
      * Implementing policies and procedures
      * Monitoring policies and procedures
      * Reviewing policies and procedures

  \

  • Computer Crime: often defies detection, is the theft of intellectual property. Criminals require two tools to be able to commit computer crimes:

  
  1. Knowing how to access computer systems
  2. Manipulating the system to produce desired result

\

  • Examples:
      * Social engineering
      * Dumpster diving
      * Counterfeit and banking fraud using legitimate desktop publishing programs

\

  • Cyberterrorist: someone who intimated or coerces a government or organisation to advance their political or social objectives by launching computer based attacks against computers or networks
      * The goal is to gather all information stored in them

  • Identity Theft: imposter obtains key pieces of personal identification information to impersonate someone else

  \

  • Illegal access and use of information:
      * Hacker: learns about and uses computer systems
      * Criminal hacker (cracker): gains unauthorised use or illegal access to computer systems
      * Script bunnies: automate the job of crackers
      * Insider: employee who compromises corporate systems
      * Malware: software programs that destroy or damage processing
      * Virus: computer program file capable of attaching to disks or other files and replicating itself repeatedly
        * without the owner’s permission

      \

  • Worm: parasitic computer program that can create copies of itself on infected computer or send copies to other computers via a network
      * Trojan horse: malicious program that disguises itself as a useful application and purposefully does something the user does not expect
      * Logic bomb: type of trojan horse that executes when specific conditions occur
      * Triggers for logic bombs include a change in a file by a particular series of keystrokes or at a specific time or date

  \

  • Avoiding viruses and worms:
      * Installing antivirus software on your device
      * Update antivirus software regularly
      * Backup files regularly
      * Do not open suspicious files or links

  \

  • Antivirus program: software that runs in the background to protect your computer from dangers lurking on the internet and other possible sources of infected files
      * Tips:
        * Run and update antivirus software
        * Scan all CD’s before using them
        * Only install softwares from well-known websites
        * Take immediate action if a virus is detected

      \

  • Software Piracy: act of illegally duplicating software

  • Internet software piracy: illegally downloading software from the internet
      * Most rapidly expanding type of software piracy
      * Most difficult to combat
      * Can be served penalties
      * Examples: pirate Websites, auction sites that offer counterfeit software, peer-to-peer networks

  • Phishing: gaining access to personal information by redirecting user to fake site

\

  • Crime prevention by corporations:
      * Public key infrastructure (PKI): enables users of an unsecured public network such as the internet to securely and privately exchange data
      * Uses public and private cryptographic key pair that is obtained and shared through a trusted authority
      * Biometrics: measurement of one of a person's traits, whether physical or behavioural

  \

  • Using intrusion detection software:
      * Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion
        * Intrusion activities: failed login attempts, suspicious behaviour
        * Can provide false alarms
        * Email or voice message alerts may be missed
      * Managed security service provider (MSSP): organisational that monitors, managers, and maintains network security for both hardware and software
        * Sifts through alarms and alerts from all monitoring systems
        * May provide scanning, blocking, and filtering capabilities

    \

  • Platform for privacy preferences (P3P): Screening technology that shields users from websites that do not provide the level of privacy protection they desire
  • Ergonomics: science of designing machines, products, and systems to maximise the safety, comfort, and efficiency of the people who use them
  • Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behaviour

\