Security, Privacy and Ethics

A. Security

   1. At risk: hardware, software, data, information, processing capability
   2. Viruses - programs that implant themselves in files (documents, programs)
        that may damage/change system without permission
      a. Types
         i. Boot sector - load into memory at start
         ii. File virus - attaches to another file
         iii. Trojan horse - disguised as commonly used/highly desirable file
            (such as attachment)
         iv. Macro virus - hidden in applications (e.g., spreadsheet), appears
            when used
         v. Logic bombs/time bombs - activated when certain conditions occur
      b. Detection
         i. Scan for signature
         ii. Look at file data (size, modification, etc.)
      c. Examples
         i. Melissa (through email)
         ii. Chernobyl
         iii. iloveyou
   3. Unauthorized access
      a. Attack by crackers
      b. Access control
         i. identification
            e.g., account name
         ii. authentication
            e.g., password, finger/thumbprint scan, retinal scan, keystroke
              analysis
      c. Email snooping
      d. Browser vulnerability
      e. Anti-Hacking organizations
         i. Computer Emergency Response Team
   4. Hardware theft
   5. Software theft
      a. Illegal duplication (software piracy)
      b. Anti-Piracy organizations
         i. Business Software Alliance (BSA)
         ii. Software & Information Industry Alliance (SIIA)
   6. Intellectual property
      a. Napster debate and MP3 problem
   7. System failure - due to hardware failure
      a. Backup of system
         i. Backup types (full, differential, incremental)
         ii. Disaster recover plans (for different situations)

B. Privacy

   1. Information - person's right to restrict access to data about that person
   2. Child - Children's Online Privacy Protection Act (4/2000)
      a. Web sites must get permission to gather data about under 13 kids
      b. But didn't anticipate other problems (cookies, cell phone history)
   3. Employee monitoring
      a. Email (employers CAN read email)
      b. Web sites visited
      c. Keyboard activity
      d. Files
      e. Location
   4. Encryption - disguising information
      a. Plaintext (original data), ciphertext (encrypted data)
      b. Various methods (often through use of key)
    
C. Ethical Issues

   1. Unauthorized use
   2. Software piracy
   3. Information piracy
   4. Information accuracy
      a. Web site information liability
      b. Misleading information (doctored pictures)
   5. Objectional material
      a. Communications Decency Act (1996)
         i. criminal to distribute indecent/offensive material online
         ii. declared unconstitutional June, 1996
   6. Objectional speech?
      a. Threats
      b. Stalking
      c. Political opinions