Module 12 Ethics and Security in Computing Some social issues in computing –Division issues, workplace issues, legal issues –protecting children on the Internet Ethics in computing –Professional ethics –Intellectual property rights Security issues in computing –Security problems –Protection –Viruses and worms

2 Division issue: Haves vs. Have-Nots Division caused by computing access –Those with access to computers and the Internet take advantage of personal and economic opportunities –Those without access fall farther behind Major divisions within countries –Between urban areas and rural ones –Between rich and poor Major divisions among nations –Between industrialized and non-industrialized nations Narrowing the Divide

3 Workplace Issues Healthy computing –Harmful emissions from monitor, Eyestrain from monitor, Back pain from position of chair and desk, Repetitive strain injury –Ergonomic equipment, Ergonomic behavior –Ergonomics refers to human factors related to the use of computers Employee monitoring –An employer monitors an employee’s performance –Many companies have policies that notify employees about monitoring practices Environmental concerns –Power consumption. Computer supplies. PC disposal

4 Many other issues Jurisdictional issues –International issues Applying national laws to a world-wide medium is a difficult process Issues exist over which country’s court has jurisdiction –National issues Issues exist over which locality’s court has jurisdiction Imposition of sales taxes on Internet transactions Protecting Children on the Internet –The Internet offers many opportunities for children –There are also unsavory elements on the Internet –Ways to protect children Blocking software. Child monitoring. Laws to protect children

5 Ethics in Computing Ethics – standards of moral conduct –Used to help determine the proper course of action in difficult situations Ethics Issues –Computer ethics –Professional ethics –Programmer responsibility –Ethical use of computers

6 Computer Ethics Ten Commandments of Computer Ethics Apply general ethical principles to computing Developed by the Computer Ethics Institute

7 Professional Ethics Relates to ethics of those whose work focuses on computer systems Code of Ethics and Professional Conduct developed by the Association for Computing Machinery (ACM) Divided into sections –General principles –Professional responsibilities –Guidelines for organizational systems

8 Programmer Responsibility Bug-free software does not exist –Testing can only show the presence of bugs, not their absence Issues related to software quality –How much testing is enough? –How many minor bugs are acceptable in software about to be released?

9 Ethical Use of Computers Data quality –Users are responsible for the quality of data entered into the system –Procedures must be in place to detect and correct inaccurate information Protecting customers’ personal data –Particularly relevant to companies doing business over the Internet –Develop privacy policies stating how data will be used –Two approaches Opt-in policy – customers are notified of privacy policy and must agree before their data can be released Opt-out policy – customers are assumed to agree to the release of their data unless they specifically request it be kept private Digitally altering data

10 Intellectual Property Rights Refers to results of intellectual activity in the industrial, scientific, literary, or artistic fields U.S. Copyright Act provides protection in three areas –Copyrights –Patents –Trademarks

11 Copyrights Provides the creator of a literary or artistic work with control over its use and distribution –Widespread distribution of music and video over the Internet has created quite a controversy

12 Digital Fair Use Issues Copy-protection schemes make it impossible to copy CDs and DVDs –Users claim that violates their fair use rights Software –Users may not modify copyrighted software Digital images –Images on the Web may be downloaded and used as screen savers, but they may not be distributed or altered Plagiarism –Work taken from the Internet must be cited if it is used in a paper or other presentation

13 Trademarks A word, name, symbol, or device used to distinguish one company and its products from another Two issues in the digital arena –Unauthorized use of one company’s trademarks on another’s Web site –Obtaining a domain name that includes another company’s trademark, then selling that domain name at a profit

14 Patents Designed to protect inventions and encourage inventors –Grant patent holder exclusive rights to the invention Patent Office will grant patent protection to software algorithms and techniques –Will also grant patents for business methods implemented in software

15 Security and Privacy Security – data stored on computer must be kept safe Privacy – private data must be kept from prying eyes

16 Computer Crime Hacker – someone who attempts to gain access to computer systems illegally Cracker – someone who uses the computer to engage in illegal activity Most commonly reported categories –Credit card fraud –Data communications fraud –Unauthorized access to computer files –Unlawful copying of copyrighted software

17 Methods Computer Criminals Use Bomb Denial of service Piggybacking Trapdoor Trojan horse

18 Bomb Causes a program to trigger damage under certain conditions –Usually set to go off at a later date Sometimes planted in commercial software –Shareware is more prone to having a bomb planted in it

19 Denial of Service Attack Hackers bombard a site with more requests than it can possibly handle –Prevents legitimate users from accessing the site –Hackers can cause attacks to come from many different sites simultaneously

20 Piggybacking An illicit user “rides” into the system on the back of an authorized user –If the user does not exit the system properly, the intruder can continue where the original user has left off Always log out of any system you log into

21 Trapdoor An illicit program left within a completed legitimate program –Allows subsequent unauthorized and unknown entry by the perpetrator to make changes to the program

22 Trojan Horse Involves illegal instructions placed in the middle of a legitimate program –Program does something useful, but the Trojan horse instructions do something destructive in the background

23 White-Hat Hackers Hackers that are paid by a company to break into that company’s computer systems –Expose security holes and flaws before criminals find them –Once exposed, flaws can be fixed

24 Discovery and Prosecution Crimes are often undetected –When they are detected, they are often not reported Prosecution is difficult –Law enforcement agencies and prosecutors are ill- equipped to handle computer crime –Judges and juries often don’t understand computer crime Congress passed the Computer Fraud and Abuse Act to increase awareness of computer crime

25 Security: Playing It Safe Security – a system of safeguards –Protects system and data from deliberate or accidental damage –Protects system and data from unauthorized access

26 Controlling Access Four means of controlling who has access to the computer –What you have –What you know –What you do –What you are

27 A Disaster Recovery Plan A method of restoring computer processing operations and data files in the event of major destruction Several approaches –Manual services –Buying time at a service bureau –Consortium Plan should include priorities for restoring programs, plans for notifying employees, and procedures for handling data in a different environment

28 Data Security Several techniques can be taken to prevent theft or alteration of data –Internal controls –Auditor checks –Applicant screening –Passwords –Built-in software protection

29 Personal Computer Security Physical security of hardware –Secure hardware in place with locks and cables –Avoid eating, drinking, and smoking around computers

30 Backing Up Files Back up to tape drive, CD-RW, or DVD-RAM –You can use software that automatically backs up at a certain type of day Disk mirroring –Makes second copy of everything you put on disk to another hard disk Three types of backup –Full backup – copies everything from the hard drive –Differential backup – copies all files that have been changed since the last full backup –Incremental backup – copies only those files that have been changed since either the last full backup or the last incremental backup Comprehensive backup plan

31 Thread from worm and virus Worm –A program that transfers itself from computer to computer Plants itself as a separate file on the target computer’s disks

32 Virus A set of illicit instructions that passes itself on to other files, which can tremendous damage to computer and data files Transmission of virus –Viral instructions inserted into a game or file Typically distributed via the Web or –Users download the file onto their computers –Every time the user opens that file, virus is loaded into memory As other files are loaded into memory, they become infected

33 Virus Prevention Antivirus software –Detects virus signature –Scans hard disk every time you boot the computer Viruses tend to show up on free software or software downloaded from the Internet –Use antivirus software to scan files before you load them on your computer Often distributed as attachments –Do not open attachments without scanning them or if you do not know the person sending the e- mail

34 Security Problems on the Internet With so many people on the Internet, how do you keep data secure? Several approaches –Using a firewall –Encryption

35 A Firewall A combination of hardware and software that sits between an organization’s network and the Internet –All traffic between the two goes through the firewall –Protects the organization from unauthorized access –Can prevent internal users from accessing inappropriate Internet sites

36 Encryption Scrambling data so that it can only be read by a computer with the appropriate key –Encryption key converts the message into an unreadable form –Message can be decrypted only by someone with the proper key Private key encryption – senders and receivers share the same key Public key encryption – different keys are used in encryption and decryption

37 Cookies A small text file stored on your hard drive File is sent back to the server each time you visit that site –Stores preferences, allowing Web site to be customized –Stores passwords, allowing you to visit multiple pages within the site without logging in to each one –Tracks surfing habits, targeting you for specific types of advertisements

38 Spamming Mass advertising via –Can overflow your inbox –Bogs down your server, increasing the cost of service Preventing spam –Many ways you can minimize junk Be careful how you give out your address Filtering software allows you to block messages or send them to designated folders Don’t register at Web sites without a promise the Web site will not sell your information NEVER respond to spam Anti-spamming legislation