Intro to the AS/400
Download
Report
Transcript Intro to the AS/400
Intro to Info Tech
Computer Issues
This presentation can be viewed on line at:
Copyright 2007 http://web.fscj.edu/Janson/cgs1060/wk14.Issues.ppt
by Janson Industries
1
Objectives
Discuss major issues impeding
the spread of computers
Security: H/W, S/W and data
Privacy
Health
Show how IT companies combat
these issues
2
Copyright 2012 by Janson Industries
Security
Issue: unauthorized access to
computing resources
Not
just destruction
Changing,
even copying
Your Visa balance is now 0
SSNs, Grand Theft Auto 17
People minimize because it's
impersonal (just files, non-violent)
3
Copyright 2012 by Janson Industries
Cybercriminal types
Hacker
Non-malicious
Trying
to "show security problems"
Cracker
Malicious
access
access
Script kiddie
Follow
instructions or use s/w
No technical skills
4
Copyright 2012 by Janson Industries
Cybercriminal types
Corporate spies
Usually
Trying
not destructive
to steal or gather info
Hitachi
http://www.businesspundit.com/10most-notorious-acts-of-corporateespionage/
Unethical employees
Revenge
For
Copyright 2012 by Janson Industries
– destructive
profit
Salami shaving
5
Cybercriminal types
Cyberextortionist
Threatens
to harm computer
resources or expose info
Overwhelm a company's servers
Delete data
Looking
to be paid off
Is this any better then Somali pirates?
Cyberterrorist
Attack
and destroy computer
resources
Copyright 2012 by Janson Industries
US in Gulf War 1
6
Attack Types
Attacks rarely done by hand at a
computer
Usually involves unleashing some
malware (malicious s/w)
Viruses
S/W
that is installed unknowingly
May harm or simply copy
Keep track of accounts and pws
Relay info back
May
Copyright 2012 by Janson Industries
replicate onto other computers 7
Attack Types
Worm
S/W
that is installed unknowingly
Replicates itself over and over,
impeding the system
"I love you" email
Trojan horse
S/W
that is inside legitimate s/w
Usually an event kicks it off
Michaelangelo
8
Copyright 2012 by Janson Industries
Attack Types
Malware can do many things
Slow
system performance
Destroy
s/w and data
Even operating system
Change
system settings
system usage (DoS –
Denial of Service attack)
Deny
Lock out the keyboard
Flood an email server
Yankee Doodle
Copyright 2012 by Janson Industries
9
Attack Types
Botnets
A
network of infected computers
Infected computers called zombies
User doesn’t know that the computer is
being controlled remotely
Your
good IP address used to:
Send spam
Attack servers
Access other computers
Headline from NYT 3/29/09
Vast Spy System Loots Computers in 103 Countries
Copyright 2012 by Janson Industries
10
11
Copyright 2012 by Janson Industries
Attack Types
Backdoors: access that
circumvents security
Programmer
created when s/w
written
Installed after initial illegal access
Certain key combination
Create a new user id and pw
Copyright 2012 by Janson Industries
Spoofing: make your computer
resources look like someone else's
Make your ip or email address look
like BOAs
12
Got this email from "Yahoo"
Notice typo, bad grammar, and short time frame – trying
13
to Industries
scare me into making a bad choice
Copyright 2012 by Janson
How?
User tries to open an infected file
Opens
User inadvertently runs it
Thinks
they're running a game
Uses an infected secondary
storage media
Where
what they think is a picture
has that thumb drive been?
Connects to an infected network
14
Copyright 2012 by Janson Industries
Prevention?
Never open a file from an
unknown source
Don't use unknown secondary
storage media
Don't open email attachments
unless they are expected
Even
if it is from someone you trust
Install antivirus s/w
Most
Copyright 2012 by Janson Industries
computers come with some
Lots of free stuff available
15
Antivirus S/W
Initially will scan all files looking
for malware
If found will delete
If can't delete will quarantine
Thereafter will check any
downloaded files
Update s/w often
Updates will protect against the latest
threats
16
Copyright 2012 by Janson Industries
Some OS let you automate the updates
17
Copyright 2012 by Janson Industries
Firewall
System to protect a networked
computer
Consists of s/w and possibly
specialized hardware
Monitors and validates all
external communications
Example
A proxy server with firewall s/w
18
Copyright 2012 by Janson Industries
Firewall
Proxy server gets all
communication and decides
yes/no
Yes/no can be decided by
many factors
Where
it came from
Type of communication
Content
User sets the rules
19
Copyright 2012 by Janson Industries
Firewall
Examples:
No
FTP communications allowed
No executable files
Only these IP addresses allowed
Additional advantage
No
direct access to internal
network
External systems don't know
location of internal resources
Can only attack the proxy
20
Copyright 2012 by Janson Industries
User Authentication
Create user id and pw
Person
must specify before
access granted
Not perfect: can be hacked
Hacker tries every possible combo
System only allows 5 unsuccessful
attempts
Physical objects like FOBs
Every minute generates a new code
Or, like a car, unlocks the computer
Copyright 2012 by Janson Industries
Biometric devices
21
User Authentication
Digital signature
Encrypted
code added to a
message
Confirms who you are
Can also confirm content not
changed (like a check bit)
Digital certificate
Given
to a site that has been
certified secure
When communicating encrypted
certificate sent with msg
22
Copyright 2012 by Janson Industries
System Security
Audit Trail: a record of
Sign
on attempts
Date and time
Resources accessed
Like chain of custody on CSI
Additional security for individual
resources
Shippers
can access shipping data
Only bldg F computers can access
the bldg F printer
23
Copyright 2012 by Janson Industries
Hardware Theft
Kept behind locked doors
Cabled to desk
Need physical device to operate
Policies
I
can't leave students unattended
in lab
24
Copyright 2012 by Janson Industries
Information Theft
Both from storage and when
transmitted over network
Encryption
Windows
allows you to encrypt
files and folders
Just another property
Takes longer to access cause it
must be decrypted
DVDs are encrypted (CSS –
Content Scrambling System)
Copyright 2012 by Janson Industries
25
Software Piracy
Illegally copying
Retards
new development
Many levels
Government
Corporate
Private
Copying for friends
Copying to sell
Copyright 2012 by Janson Industries
License agreement
Product activation key
26
Software Piracy
In addition, laws are sometimes
vague
Copyright gives "fair use" to
purchasers
Can
you install a game on multiple
computers?
Can you "rip" a movie DVD so you
can watch it on your laptop?
Can a restaurant show the movie?
Can you post the movie on your
website so others can watch?
Copyright 2012 by Janson Industries
27
Software Piracy
SOPA – Stop Online Piracy Act
What is it?
HR3261
Legal
action can be taken by DoJ or
copyright owner against any site
deemed to have "only limited
purpose or use other than
infringement”
28
Copyright 2012 by Janson Industries
Software Piracy
Can
demand that search engines,
social networking sites and domain
name services block access to the
targeted site
If these companies fail to comply, DoJ
or copyright owner can begin legal
proceedings against them
Makes
unauthorized web streaming
of copyrighted content a felony with
a penalty up to five years in prison
29
Copyright 2012 by Janson Industries
SOPA
Who’s fer it?
Motion
Picture Assoc of
America
Entertainment S/W Assoc
GoDaddy.com
Who’s agin it?
Google
Wikipedia
Major
League Gaming
Obama
Copyright 2012 by Janson Industries
30
Software Piracy
What about PIPA (Protect IP Act)
Stop
search engines (Google,
Yahoo) from directing users to
sites with stolen content
Came before the Senate
1/24/2012
31
Copyright 2012 by Janson Industries
System Failure
Power surges
Surge
protector
Power outage
UPS
(uninterruptible power supply)
Usually include a surge protector
Disaster recovery
Backup
data
Can automate
32
Copyright 2012 by Janson Industries
Select where to back up to
Start to specify what to back up to
Copyright 2012 by Janson Industries
33
Select what to back up
Pick a date/time to run or set up a schedule
34
Copyright 2012 by Janson Industries
Information Privacy
Concerns:
What
Is
is being collected?
it lawful to collect?
Who
has access?
How
well is it protected?
35
Copyright 2012 by Janson Industries
Unknowing Shoppers in Japan
Security cameras film all
customers in store
If person shoplifts or makes
an unreasonable complaint
Put
on blacklist as "shoplifter"
or "complainer"
When customer enters other
stores, warning issued to store
staff (that only they can see)
36
Copyright 2012 by Janson Industries
Unknowing Shoppers in Japan
Customers not notified they
are listed
No recourse
If
erroneous, no way to fix
37
Copyright 2012 by Janson Industries
Event Data Recorder
Installed in cars, tracks
Direction
Speed
Seat
belt usage
Will be mandatory in all cars
9/2014
No
warrant required for law
enforcement to access
38
Copyright 2012 by Janson Industries
Event Data Recorder
"We know everyone who
breaks the law. We have
GPS in your car, so we
know what your doing."
Jim
Farley, Ford Motors Sales
Executive
What about cameras in cars
Who
has rights to those
images?
39
Copyright 2012 by Janson Industries
Event Data Recorder
2015 Stingray has windshield
mounted camera and
microphone in cabin
Performance
Real
data recorder
time feedback on driving
GAO says some automakers
keep data from onboard Nav
systems and mapping apps
40
Copyright 2012 by Janson Industries
What is Being Collected
Obviously:
Your
doctor has your medical records
Amazon
knows what you have
bought, has your address, & CC #
Visa
knows everything you bought,
how much $, when, and where
Email
provider, FaceBook, &
MySpace have copies of all your
emails and postings
Copyright 2012 by Janson Industries
Google and Yahoo keep login records for
18 months
41
What is Being Collected
Not so obviously:
Cookies:
files that store preferences
Can be read to keep track of web sites
you visit
Can be read to see what you like and
appropriate ads displayed
Spyware:
tracks what sites you visit
Installed surreptitiously on consumers
Employers use to track employee
computer usage
Parents/husband-wife/boy-girl friend
42
Copyright 2012 by Janson Industries
What is Being Collected
Not so obviously:
Phishing:
official looking email that
solicits information
SSN, Bank Account #'s and PINs
Pharming:
official looking website that
solicits information
You try to go to BOA website and are
directed to a look alike
Posted
info
Your email address on your home page
• Can I gather that and send you spam?
• Can I sell that to spammers?
Copyright 2012 by Janson Industries
Your pictures on MySpace, Facebook
43
Is it Lawful to Collect
Obviously not
Phishing,
Pharming
Obviously
Email,
FaceBook, MySpace
Info used to conduct business
Amazon, your doctor, Visa
But only info needed to do business
Not so obviously
Cookies,
Spyware, Posted info
If deleted, can FaceBook keep copy?
44
Copyright 2012 by Janson Industries
Is it Lawful to Collect
Not so obviously
Cookies:
provide convenience
Spyware:
Parent/employer have the right to monitor
Aren't your activities on the web just like
walking into different stores in a mall?
• So, it's public domain information
Monitoring
Lawsuits pending re: whether employer
can read your email? Currently – YES!
Cameras
Copyright 2012 by Janson Industries
Email
in the workplace
Should the college be able to put cameras
45
in all the classrooms?
Is it Lawful to Collect
Not so obviously
Posted
info: public domain
Can I use your images on my website?
Why can't a company use to sell a
product?
Even if deleted, wasn’t it made available
to everyone?
• FaceBook tried to change its usage policy to
imply they had rights to everything forever
46
Copyright 2012 by Janson Industries
Who Can See It
Authorities need a search warrant
from a judge to see emails that are
Less
than 180 days old and unread
In some cases:
Prosecutors
can obtain a court order
by presenting facts that suggest the
messages are relevant
Prosecutors
can issue subpoenas
without any court involvement
47
Copyright 2012 by Janson Industries
Who Can See It
After arrests police have been
searching cell phones
See
where arrestee has been, who
called, etc.
6/25/14 ruling by Supreme Court
requires police to get warrant
The
fact that the new technology make
private life portable renders it no "less
worthy of the protection for which the
Founders fought" – CJ Roberts
48
Copyright 2012 by Janson Industries
Who Can See It
The Supreme Court ruling only
affects gov't searches
Corporate, commercial, and
workplace privacy still not fully
settled
49
Copyright 2012 by Janson Industries
Who Can See It
There are some laws that clarify:
Companies
can't release:
Video rental history
Cable subscribers records
Credit records
Limits
on:
Educational records
Government records
Disclosure of health records
50
Copyright 2012 by Janson Industries
Who Can See It
How accurate is it?
If
CC comp lists your income as
$3K instead of $30K
Will you get:
A mortgage from a bank?
A second CC?
Some rules
Must
be able to see you credit
report for free
Access to educational records
Copyright 2012 by Janson Industries
1974
51
Is It Protected
How safe is it?
A hospital is good at healing
How
good is it at protecting the data?
How
good is it at preventing
unauthorized access?
Jax girl sent out 20 letters
52
Copyright 2012 by Janson Industries
How email is Protected
Digital Signatures
Some
encrypted code attached to
email to prove it is authentic
Certificates
3rd
party validation that email is
authentic
DMARC
Common
spec for email authentication
Yahoo, MS, FB, Google support it
53
Copyright 2012 by Janson Industries
How to Protect Privacy
Anonymizers
Proxy
server between client and the
Internet
Hides
who you are from sites and
where you go on the Internet
Of course, it can be tracked that you are
using an anonymizer
Some
repressive govts ban the use
Anonymizer.com
54
Copyright 2012 by Janson Industries
How to Protect Privacy
Onion Router s/w
Pass
communications between a
network of servers
Conceals original location
Data
encrypted multiple times
At each relayed server, one layer of
decryption is performed
www.torproject.org
Browser that hides you location
55
Copyright 2012 by Janson Industries
56
Copyright 2012 by Janson Industries
Can you think of any possible down side?
57
Copyright 2012 by Janson Industries
How to Protect Privacy
Encrypt your messages/files
Some
email services offer this service
along with other options such as timed
destruction of msgs and email addrs
Software
to encrypt
Windows provides encryption capability
– mobile app to encrypt photos,
text, etc.
Wickr
When file erased, writes over metadata that
could be used to recreate info
58
Copyright 2012 by Janson Industries
Computers and Health
Any health issues?
Dropping one on your foot would
hurt..
RSI
(repetitive strain/stress injury)
Keyboard, mouse, joy stick
Eye
strain
Backaches, headaches
"PlayStation" palm
Solution: ergonomics and common
sense
“Maybe you should take a break”
Copyright 2012 by Janson Industries
59
Computers and Health
Computer addiction
Is
there something inherent in the
computer to make it addictive?
People
get addicted to:
Shoes
Shopping
Gambling
Has
more to do with the person
than the thing
What
Copyright 2012 by Janson Industries
about games?
60
Computers and Health
Huge amount of electronic waste
Toxic materials in the devices
Electricity usage
Solutions
Laws
about recycling devices
Green computing
Use energy star devices
When possible print on both sides of paper
Recycle paper, toner and ink cartridges
61
Copyright 2012 by Janson Industries
Points to Remember
People resist using computers
because of concerns re:
Crime/safety
Privacy
Health
Copyright 2012 by Janson Industries
Computer and s/w mfgs
continue to improve products to
solve these issues
Govt passing laws to clarify
what can and cannot be done
62