GIT 335 Lecture 91 Arizona State University Department of Technology Management GIT 335 Computer Systems Technology Lecture 9 Challenges of the Digital Age Dr. Thomas Schildgen, Professor

GIT 335 Lecture 92 Lecture 9 Introduction to Information Technology Content taken from the McGraw Hill Textbook Chapter 9

GIT 335 Lecture 93 The Challenges of the Digital Age

GIT 335 Lecture 94 Truth Issues: Manipulating Digital Data Digital Images and Sounds can be manipulatedDigital Images and Sounds can be manipulated –Pro: Creates new forms of art Morphing software makes one image morph into another Movies such as “Crouching Tiger, Hidden Dragon” and “Harry Potter” contain many scenes that could never actually happen Adobe Photoshop allows changes, enhancements to photos Digital technology allows musicians to sing every track of a song and accompany themselves –Con: Has made photographs & recordings untrustworthy Famous Yalta summit photo edited: Stallone added in!

GIT 335 Lecture 95 Truth Issues: Manipulating Digital Data –Photographs may not be authentic –Photographs may be deliberately misleading 1994 Time magazine photo of O.J. Simpson was digitally darkened to make him appear sinister –Could this have biased potential jury members? Fashion model photos are routinely elongated to make models appear more slender –How many girls become anorexic to try to match those models’ impossible perfection? » toshop-101-even-models-have-flawshttp:// toshop-101-even-models-have-flaws » Model-Retouching/9547http:// Model-Retouching/9547 »

GIT 335 Lecture 96 Truth Issues: Manipulating Digital Data Techniques to combat digital deceptionTechniques to combat digital deception –Prof. William H. Mitchell of M.I.T. wrote the first systematic, critical analysis of the digital revolution –Corbis adds a digital watermark to its photoshttp://pro.corbis.com/ –Hany Farid of Dartmouth College devised algorithms to detect changes to uncompressed digital photos –Prof. Jessica Fridrich of S.U.N.Y. at Binghamton is researching digital cameras that hide a picture of the photographer’s iris inside each digital photo

GIT 335 Lecture 97 Truth Issues: Manipulating Digital Data Limitations of Public databasesLimitations of Public databases –You can’t get the whole story Start with a public database, THEN do more research –The data is not necessarily accurate Cross-check against multiple sources –Each database service has boundaries Know what those boundaries are –Different keywords bring different results –History is limited These databases often begin with data from 1980 or later

GIT 335 Lecture 98 Security Issues: Threats Errors and accidents Natural hazards Computer crimes Computer criminals

GIT 335 Lecture 99 Security Issues: Threats Errors & Accidents Human errorsHuman errors –People choose the wrong computer Too simple or too complex –Human emotions affect performance People get frustrated –Human perceptions are slower than the equipment Watch out when you click the OK button! You may have just deleted something important!

GIT 335 Lecture 910 Security Issues: Threats Errors & Accidents Procedural errorsProcedural errors –When people fail to follow safe procedures, errors can occur Software errorsSoftware errors –Programmers make coding errors –Famous example: Utility billing software: Customer pays early – software credits account Customer pays late – software credits account, adds late fee in for next bill Programmer forgot to consider customers who pay exactly on time – their payments were never credited at all!

GIT 335 Lecture 911 Security Issues: Threats Errors & Accidents Electromechanical problems –Mechanical systems wear out –Power failures shut down computers unless you have battery backup –Using cellphones and Blackberries while driving can cause people to crash Dirty data problems –Incomplete, updated, or inaccurate data –Check your records – medical, school, and credit to make sure they are accurate Natural hazards can lead to disasters

GIT 335 Lecture 912 Security Issues: Threats Computer Crimes Two types of computer crimeTwo types of computer crime –It can be an illegal act perpetrated against computers or telecommunications –It can be the use of computers or telecommunications to accomplish an illegal act

GIT 335 Lecture 913 Security Issues: Threats Computer Crimes Theft of hardware Theft of software Theft of online music and videos Theft of time and services Theft of information Internet-related fraud Taking over your PC Crimes of malice Computer criminals

GIT 335 Lecture 914 Security Issues: Threats Computer Crimes Theft of hardware can range fromTheft of hardware can range from –Shoplifting an item from a computer store –Stealing an entire PC or laptop Theft of softwareTheft of software –Pirated software is software obtained illegally –This includes “softlifting” - buying one copy of the software and using it on multiple computers –Software makers have prosecuted both companies and individuals including students for software piracy

GIT 335 Lecture 915 Security Issues: Threats Computer Crimes Theft of online music and movies –Entertainment industry takes this seriously and prosecutes offenders –Stealing music Illegal file swapping services Damages can be up to $150,000 per song –Stealing movies The film industry has taken aggressive aim at pirated movies 11-nation crackdown announced in 2005

GIT 335 Lecture 916 Security Issues: Threats Computer Crimes Theft of time and servicesTheft of time and services –Theft of computer time at work Surfing or playing games when you should be working Some employees violate policy by conducting personal business online such as online auctions from work Most employers have policies against viewing X-rated web sites at work –Theft of phone services Phone phreaks use company phone systems to make “free” unauthorized long distance calls Why break the law, when you can get free long distance over the internet using Skype (

GIT 335 Lecture 917 Security Issues: Threats Computer Crimes Theft of InformationTheft of Information –A common crime today –Can include theft of personal information, medical information, or credit card and financial information –Legislation to make it a crime to steal someone’s identity was the 1998 Identity Theft and Assumption Deterrence Act –The U.S. Department of Justice discusses their approach to this crime at –If you are a victim of identity theft, you may file a report online at the Federal Trade Commission’s website at E=PU03 E=PU03

GIT 335 Lecture 918 Security Issues: Threats Computer Crimes Internet-related FraudInternet-related Fraud –Because it lends itself to anonymity, internet-related fraud is becoming more common –Well-known examples include: Nigerian letter scam –Letter says you can get a lot of money out of Nigeria if you pay a “money transfer fee” first Evil twin attacks –A cracker sets up an attack computer as a duplicate public access point in a public location Phishing –Sending s that appear to come from a trusted source that links you to a website where you type in personal information that is intercepted by the phisher

GIT 335 Lecture 919 Security Issues: Threats Computer Crimes Internet-related Fraud (continued)Internet-related Fraud (continued) –Pharming Malicious software is implanted in your computer that directs you to an imposter web page –Trojan horses A program such as a “free” online game or screensaver that loads hidden programs that take over your computer or cause mischief without your knowledge For example, Windows users who install the phony MSN Messenger Version 8 "beta" are actually installing an IM worm that spreads to their IM contacts, and connects their computer to a remote control "bot" network run by malicious hackers

GIT 335 Lecture 920 Security Issues: Threats Computer Crimes Crimes of Malice: Crashing entire computer systemsCrimes of Malice: Crashing entire computer systems –Sometimes criminals are more interested in vandalizing systems than they are in gaining control of them –In 2003, an entrepreneur with a grudge because he lost a sale retaliated by shutting down the WeaKnees website –Crackers regularly attempt to crash Microsoft’s website –Security specialists monitor for possible cyber-attacks on electrical and nuclear power plants, dams, and air traffic control systems –Crackers have attacked the internet too and brought down large sections of it

GIT 335 Lecture 921 Security Issues: Threats Computer Crimes Computer criminals may includeComputer criminals may include –Individuals or small groups who Use fraudulent and websites Steal peoples’ identities for monetary gains Show off their power for bragging rights –Employees who Have a grudge against their current or former employers Have a grudge against another employee Sell their company’s secrets for personal profit –Outside partners and company suppliers

GIT 335 Lecture 922 Security Issues: Threats Computer Crimes Computer criminals may also includeComputer criminals may also include –Corporate spies –Enemy foreign intelligence services –Organized crime –Vandals & Terrorists Computer criminals do not include your employer, who is legally allowed to monitor the computers at workComputer criminals do not include your employer, who is legally allowed to monitor the computers at work –Check your company’s computer usage policy –Make sure you follow the rules –Know that any data you store in the computer at work – including s – is company property

GIT 335 Lecture 923 Security: Safeguarding Computers & Communications Security isSecurity is –A system of safeguards for protecting information technology against disasters, system failures, and unauthorized access that can result in damage or loss Computer Security’s Five ComponentsComputer Security’s Five Components –Deterrence of computer crime –Identification and access –Encryption –Protection of software and data –Disaster recovery plans

GIT 335 Lecture 924 Security: Safeguarding Computers & Communications Deterrents to computer crimeDeterrents to computer crime –Enforcing laws –CERT: The Computer Emergency Response Team Provides round-the-clock information on international computer security threats The CERT website is –For example, on December 15, 2005 announced a partnership between the US and ictQatar, the Qatar Supreme Council for Information and Communications Technology, to conduct and coordinate cybersecurity activities –On December 13, 2005 CERT issued alert SA05-347A documenting Windows Explorer vulnerabilities

GIT 335 Lecture 925 Security: Safeguarding Computers & Communications More deterrents to computer crimesMore deterrents to computer crimes –Tools to fight fraudulent and unauthorized online uses Rule-based detection software Predictive-statistical-model software Employee internet management software Internet filtering software Electronic surveillance –Verify legitimate right of access Use cards, keys, signatures, and badges Use PINs and passwords Use physical traits and personal identification

GIT 335 Lecture 926 Security: Safeguarding Computers & Communications Encryption –The process of altering readable data into unreadable form to prevent unauthorized access –Advantage: encrypting data that is available over the internet keeps thieves and crackers from reading it On Dec. 7, 2005, Guidance Software, a maker of Computer Forensics software, informed their customers that criminals had stolen their credit cards because Guidance had FAILED to encrypt a database that was accessible over the internet –Disadvantage: encrypting data may prevent law- enforcement officials from reading the data criminals are sending to each other

GIT 335 Lecture 927 Security: Safeguarding Computers & Communications Three ways to protect software & data –Control of access to restrict usage –Audit controls to document who used what programs and computers and when –People controls include screening applicants, background checks, monitoring internet, , and computer usage

GIT 335 Lecture 928 Security: Safeguarding Computers & Communications Disaster-recovery plans –A method of restoring information-processing operations that have been halted by destruction or accident Reinforced by 2001 World Trade Center attack Reinforced by company data losses incurred during 2005 Hurricane Katrina –Plans range in price and complexity from Backing up data from disk to tape, CD, or zip disk, with a UPS Automatically storing data redundantly in two places, with a generator Having an off-site computerized data storage center with independent power supply Having a complete “hot” redundant data center that can instantly be used if there is a disaster More $$$

GIT 335 Lecture 929 Quality-of-Life Issues Information Technology misuse can result inInformation Technology misuse can result in –Environmental problems Manufacturing computers and circuits can cause pollution Computer component manufacturing employees may be exposed to toxic substances Used computers/monitors contain chromium, cadmium, lead, mercury, PVC, and brominated flame retardants – all toxic substances that must be disposed of properly

GIT 335 Lecture 930 Quality-of-Life Issues Information Technology misuse can result inInformation Technology misuse can result in –Exacerbation of mental-health problems Isolation; computer gamers may substitute online games for interpersonal interaction Online gambling can be addictive Many users find PCs stressful Internet usage by children can expose them to online predators

GIT 335 Lecture 931 Quality-of-Life Issues Information Technology misuse can result inInformation Technology misuse can result in –Proliferation of pornography Online pornographers use pop-up ads and internet search engines to troll for new customers This means that children may be exposed to porn when involved in innocent online searches Parents may use online blocking software like Cybersitter, Cyber Patrol, or Net Nanny to prevent this

GIT 335 Lecture 932 Quality-of-Life Issues Parental responses to protecting children from online pornParental responses to protecting children from online porn –Online blocking software –DVD filters –Videogame rating systems –The V-chip –“xxx” web addresses –Monitor internet use –Be candid to your children about the threats –Save evidence and block messages to prevent cyberbullying

GIT 335 Lecture 933 Quality-of-Life Issues Information technology misuse can result in –Workplace problems Misuse of technology Fussing with computers can waste time Information overload

GIT 335 Lecture 934 Economic & Political Issues Technology may affect the gap between the rich and the poorTechnology may affect the gap between the rich and the poor –Most jobs require employees who are tech-savvy –People who are not tech-savvy won’t qualify for those jobs –Technology is being used to replace employees in traditional jobs, traditionally filled by untrained workers Internet is not controlledInternet is not controlled –This means that information moves freely on the internet –Nondemocratic governments can’t control internet political activism –Internet is only loosely policed, so criminals take advantage