B.A. (Mahayana Studies) Introduction to Computer Science November March Safety and Security What are the main safety and security issues when using computers? How can data/files be kept safe?
Intro to CS. 9/Secure 2 Overview 1. Hardware Reliability 2. Backing up your Data 3. Computer Viruses 4. Keeping Data Safe 5. Internet Security
Intro to CS. 9/Secure 3 The reliability of a computer component is measured in MTBF (mean time between failures). hardware is tested in a laboratory number of failures is divided by total hours of observation It’s better to plan for a hardware failure than hope one doesn’t happen. 1. Hardware Reliability
Intro to CS. 9/Secure 4 Downtime - time when a computer is not functioning. Hardware redundancy (maintaining extra equipment) is a popular safeguard used by e- commerce sites. Hardware Failure
Intro to CS. 9/Secure 5 A power failure is a complete loss of power to the computer system. data stored in RAM will be lost A power spike is a brief increase in power less than one-millionth of a second A power surge lasts a little longer Surges and spikes can damage computers. Power Supply Problems
Intro to CS. 9/Secure 6 A UPS (uninterruptible power supply) is the best protection against power failures, surges, and spikes. A UPS contains a battery that keeps your computer running for several minutes during a power failure Uninterruptible Power Supply
Intro to CS. 9/Secure 7 A surge strip can protect your computer and other devices from power spikes and surges. does not contain a battery Surge protector vs. Power strips continued
Intro to CS. 9/Secure 8 Don’t mistake a power strip for a surge strip a power strip provides multiple outlets but cannot protect your computer from power spikes and surges
Intro to CS. 9/Secure 9 Copying files, or the contents of am entire disk, provides the best security for your data. Backup tips: scan for viruses before backing up make frequent backups (once a day/week) check the backups store backups away from your computer 2. Backing up your Data
Intro to CS. 9/Secure 10 Consider capacity, speed, and reliability. What to Use for Backups
Intro to CS. 9/Secure 11 Backup Software Norton Ghost 9.0 Simply Safe Backup (free)
Intro to CS. 9/Secure 12 Types of Backups Full backup copy all the files safe but can take a long time Differential backup copy the files that have changed since the last full backup takes less time but more complex Incremental backup copy the files that have changed since the last backup
Intro to CS. 9/Secure 13 A computer virus is a program that attaches itself to a file, duplicates itself, and spreads to other files. 3. Computer Viruses
Intro to CS. 9/Secure 14 The following signs might mean that your computer has a virus: displays a rude, embarrassing message unusual visual or sound effects difficulty saving files files mysteriously disappear the computer works very slowly applications increase in size for no reason Virus Warning Signs
Intro to CS. 9/Secure 15 A boot sector virus infects the system files that your computer uses. A macro virus infects a macro. Macros are tiny programs used in word documents, databases, spreadsheets, and many other large applications Virus Types
Intro to CS. 9/Secure 16 Macro viruses are the most common. Most Popular Virus Types
Intro to CS. 9/Secure 17 Do not get files from high risk sources Use anti-virus software Computer Protection
Intro to CS. 9/Secure 18 Don't: any attachments from your machine Ignore it, hoping it will go away Do: tell your system administrator remove it using anti-virus software keep anti-virus software updated When a Virus Hits...
Intro to CS. 9/Secure 19 Anti-virus software avast! 4 Home Edition (free) Norton AntiVirus 2005
Intro to CS. 9/Secure 20 Anti-virus software checks for a virus signature – a unique series of bytes that identifies a known virus inside another program. Hackers keep making new viruses, with new signatures, so anti-virus software needs to be updated regularly. usually automatically via the Internet Virus Detection Methods
Intro to CS. 9/Secure 21 A Trojan horse is a computer program that appears to do something good/useful while actually doing something bad. not a virus, but may carry a virus does not duplicate itself Example: a free game available for download from an unknown Web site it really deletes files once it is started A Trojan Horse
Intro to CS. 9/Secure 22 A time bomb is a program that stays in your system undetected until it is triggered by a certain event in time. e.g. on "Friday 13th" it deletes all your files usually carried as a virus or in a Trojan horse A Logic bomb is a program triggered by changes to your files. e.g. every new Word file is deleted Bombs
Intro to CS. 9/Secure 23 A software worm is a program designed to enter a computer system through security holes in the computer network. Worms
Intro to CS. 9/Secure 24 Good habits: save files frequently when you are working on them backup files frequently use anti-virus software do not open documents with unknown macros 4. Keeping Data Safe
Intro to CS. 9/Secure 25 Acceptable use policy - rules that specify how a computer system should be used determined by management used by large organizations makes users aware of limits and penalties provides framework for legal action Acceptable Use Policy
Intro to CS. 9/Secure 26 User rights - rules that limit directories and files that each user can access. erase rights create rights write rights read rights file find rights User Rights
Intro to CS. 9/Secure 27 Keep data backups in a locked room, away from the main computing area. Offices with computers should be locked when there is no one around. Computers can be chained to their desks. Restrict Physical Access
Intro to CS. 9/Secure 28 Personal identification help identify authorized users: identity badges user IDs and passwords biometrics Personal IDs
Intro to CS. 9/Secure 29 Fingerprint scanners can confirm your identity in less than two seconds. Biometric Example
Intro to CS. 9/Secure 30 Scramble information so it cannot be understood until it is decrypted. Encryption
Intro to CS. 9/Secure 31 Many Internet security problems are due to ActiveX controls developed by Microsoft to extend the power of Internet Explorer ActiveX controls can be part of Web pages downloaded by Internet Explorer 5. Internet Security and ActiveX continued
Intro to CS. 9/Secure 32 ActiveX controls has full access to your computer. hackers can use ActiveX controls to cause havoc Digital certificates identify the author of an ActiveX control controls with digital certificates should be safe, if you trust the certificate! Internet Explorer can be configured to reject all ActiveX controls that do not come with certificates.
Intro to CS. 9/Secure 33 Most e-commerce sites provide a secure channel for transmitting credit card data. SSL (Secure Socket Layers) uses encryption to establish a secure connection. SSL pages start with https instead of http. S-HTTP encrypts data one message at a time. Electronic Commerce Security continued
Intro to CS. 9/Secure 34 Encrypted messages ensure that credit card numbers cannot be intercepted between a computer and an e-commerce site. During secure transactions, Internet Explorer displays a lock icon and Netscape Navigator displays a key icon.