Chapter 9: Privacy, Crime, and Security (cont.)

greenpepperwhinnyΑσφάλεια

3 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

124 εμφανίσεις

Billy Lyne

Preview


Security on Computers and networks,
and risks that go along with them


Computer Espionage, Information
Warfare, and Cyber Storm


Protecting computer systems and
Encryption


Article


“The Curious Case of Internet
Privacy”

Security


As our entire economy and infrastructure
move to networked computer systems,
breaches of computer security can be
costly, even without any actual damage
occurring.



Estimated that security currently accounts
for 10
-
20 percent of all corporate
expenditures on computer systems.

Computer Security Risks


Wireless Networks


send their traffic across
shared space, and since no one owns the
space the data travels the opportunity for
interference from others is great.



Wardriving
-

a process where an individual
drives around with a wireless device to look for
wireless networks, and hackers will look for
unsecured networks to hack into to obtain
confidential information.

Security Methods for Wireless


WEP (Wired
Equivalent Privacy)



WPA (WiFi
Protected Access)



WPA2 (newer
version of WPA)

Earliest of the 3, several well
-
known
weaknesses, may be only option on
older equipment.


Developed to provide a stronger
level of security


Uses Advanced Encryption
Standards to provide government
-
grade security.

Corporate Espionage


The Unauthorized access of
corporate information, usually
to the benefit of a competitor,
is sharply on the rise.


The offenders are often ex
-
employees hired by a
competing firm due to their
knowledge of the computer
system.


One estimate puts 80 percent
of all data loss at corporations
due to company insiders


Information Warfare


-
The use of technology to corrupt or destroy an
enemy’s information and infrastructure.


According to an expert, a coordinated attack of just 100
key computer installations could bring the U.S.
economy to a complete halt.


April 2009, the Pentagon issued a statement placing a
cost of cyber
-
defense for just a 6
-
month period at $100
million, mostly the cost of cleaning up after attacks.


2007 cyber
-
attack on the country of Estonia brought
the country to basically a technological halt for several
weeks, with the focused on disrupting commerce and
communications in the country.

Cyber Storm


Coordinated every 2 years
by the U.S. Computer
Emergency Readiness
Team (CERT)


Cyber Storm 2(2008):
Involved 18 government
agencies, 5 countries, 9
states, 40 companies, and
10 analysis centers.


Simulated attack on
telecommunication centers,
the Internet, and control
systems in the United States

Protecting Computer Systems


Controlling Access
-

password creation
and protection.


Hand
-
held Authentication
-

using key
cards, badges, etc. to restrict access to
certain people.


Biometric
Authentication
-

using a
physical trait or characteristic to identify
an individual and grant access.


Firewall
-

A computer program or device
used to severely limit the ability of
outsiders to access internal data.


Encryption


Refers to a coding or scrambling process
that renders a message unreadable by
anyone except the intended recipient.



Has been around for a long time in many
different situations, not just on computers



http://www.youtube.com/watch?v=Ru814g6
03Y4


Windtalkers
-

learning code


Same idea as in the video is used today
in technology, just much more complex
on computers.




Some of the decipher keys used by
banks and the military are so complex it
would take several hundred years by
supercomputers to discover the key
used.

Encryption

(cont.)

Public Key Encryption


Considered a great scientific achievement of the
20
th

century.


It is a computer security process in which two
different keys are used
-

an encryption (public) key
and a decryption (private) key. The use of 2
different keys safeguards data and provides
confidentiality.

The Curious Case of Internet Privacy


In this article the author talks about how people
everyday willingly give up private information
about themselves to companies/websites in order
to gain access to services.



Companies will take your information that they
obtain for next to nothing and either use that
information to make a profit, or sell off your info to
another company that wants to buy it

Why do we seem to value privacy so little?



it's because we are told to.



People don’t realize what is actually
happening
-

What we agree to
participate in on the Internet isn't a
negotiated trade, but really a one
-
sided
deal.

Trying to preserve privacy


Four possible mechanisms:
norms
,
law
,
code
, and
markets
…and we’ve been pretty terrible at all of
them so far.


Norms = wagging your finger at a child for being
bad, doesn’t work.


Law = users can instruct their browsers to transmit
a tag that says, “do not track”, but can’t be sure it
works since there’s nothing to see if it’s working.


Code = Can turn cookies completely off or on, not
always the best way to search the web either way.


Markets = Started making an impact with Mozilla
Firefox.

Summary


Many risks today with most of the world turning
toward computers for everything.


Companies and even countries are going after
each other for secrets off of each other’s
networks…not just some person going for your
bank account.


Cyber
-
attacks are becoming more prevalent,
which means everyone needs to get better
security.


Newer ideas are being used to protect technology


Encryption is constantly becoming more common,
yet more complex.


People today are too lax with their personal
privacy, and steps are being made to protect
everyone.