Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
8Activity
0 of .
Results for:
No results containing your search query
P. 1
Risks

Risks

Ratings: (0)|Views: 271|Likes:
Published by optimistic_harish

More info:

Published by: optimistic_harish on Jul 19, 2008
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

09/28/2010

pdf

text

original

 
risks
e-burglary
One of the popular worries about e-commerce is the possible (and probably exaggerated) abuse of credit cardnumbers. But if you book a holiday over the Internet, shouldn't you also worry about a hacker getting hold of your home address and the dates of your holiday, and connecting it with your recent purchase and insurance of expensive jewellery?(I'm sure all the large insurance houses have excellent data security, but is this also true of all the agents and brokers?)Even if you merely browse a site selling expensive antiques, this might be enough to trigger interest from a gangspecializing in stealing antiques.Many people would dismiss this as an irrational fear, because it would be
unlikely
that the hacker would also be alocal burglar, and in any case the hacker wouldn't be
certain
that you were leaving your house empty, with theexpensive jewellery in it.This is bad logic. You shouldn't ask for the probability of a given hacker being a local burglar, but for the probabilitythat any local burglar might also be a hacker - or have friends who are hackers.In any case, like a good salesman, a professional burglar doesn't expect information to provide a guaranteed outcome- merely to identify hot prospects, where there is a better than average chance of a good haul. Imagine you
were
a burglar - ask yourself how you would use easily available information to enhance your success.
e-strangers
A friend from the US has forwarded me a warning to Internet-age parents. You teach your children to be wary of giving personal information to strangers - but then they go online and chat freely. Impersonation is rife - you think you are talking to a teenage girl in Michigan, but you may actually be revealing snippets of your identity and habits toa middle-aged man in your own town.Computer studies are very popular on the school curriculum, but I wonder how much children are taught about theuse and abuse of information. Or for that matter, the use and abuse of deductive logic.(Of course, most adults are equally naive about the use and abuse of information. Even people working withcomputers often fail to appreciate how much information can be deduced from the personal data collected by banks,airlines, supermarkets and others, and to what uses this could be put. Or they take false comfort from the fact that theorganizations they work with are incapable of making effective use of the information already available.)
e-cruitment
Some companies now advertise job vacancies on their website. Applicants are invited to submit a CV electronically.There is rarely any authentication, so it is easy to submit spoof CVs. This would include maliciously compiled CVson behalf of real people.Having compiled a spoof CV, it is then possible to write a program that submits this CV (or variants of it) tothousands of companies.
trolling
A troll is a spoof message introduced into a list or chat room for the purpose of evoking maximum response. It is theweb equivalent of those books of replies to silly letters written to famous people. Its author is masked, it has norestrictions on scope - often they are copied to other forums - it is designed to arouse an emotional response and
 
ultimately poke fun at belief and trust. [source: Aidan Ward]
how is internet different?
dialectic - quantity becomes quality
Internet amplifies the power of a sad person by several orders of magnitude. Instead of writing a few anonymousletters in spidery handwriting, you can send thousands of copies.And because it's so quick and easy, the message can be broadcast around the world before you've had second thoughtsabout sending it.We are not good at judging probability at the best of time, but this increase in scale makes our intuitive judgementsabout probability even worse. When you are tempted to dismiss something as unlikely, remember that in very largesystems, with very large volumes and densities of interaction, extremely unlikely things happen every day.
novelty and unfamiliarity
There are some parallels with the arguments about soft drugs. Proponents of soft drugs claim that dope is lessharmful (its use less risky) than alcohol and tobacco, and if these are legal, so dope should be too. But that argument,although attractive, is invalid. The argument isn't about what risks would we accept if we were starting again fromscratch. If this were the case, we might all agree that dope, for all its dangers, was at least better than booze, and e-commerce better than traditional commerce. The argument is about what additional risks we are prepared to accepton top of the risks we already have.Other things being equal, the unfamiliar is usually riskier than the familiar, simply because we don't yet know how tohandle it safely. Of course, that isn't an argument against ever trying anything new, but it is a warning about theadditional risks involved.
barriers to entry
The late adopters of a technology are typically risk-averse. Further adoption of internet will be inhibited by perceptions of risk, whether or not these are "objectively" valid. It is therefore in the interests of technology vendorsto address these risks seriously, from the perspective of the late adopters.Thus the acceptability of electronic banking depends on several factors, but a perception that it is riskier thantraditional banking, whether or not this is fair, will slow down the adoption.
technical mechanisms
There is a growing industry of security experts, developing and selling technical solutions and products and devicesto deal with the supposed dangers of e-commerce and e-business.There are several base mechanisms in play, including various forms of encryption and e-signature.Meanwhile, there is a growing army of people motivated to crack these mechanisms.Technical solutions are important, but they must be combined with social solutions.http://www.ljean.com/trustRisk/http://www.symantec.com/norton/security_response/malware.jsp
 
Introduction To Codes, Ciphers, & Codebreaking
BASIC CONCEPTS
* The oldest means of sending secret messages is to simply conceal them by one trick or another. The ancient Greek historian Herodotus wrote that when the Persian Emperor Xerxes moved to attack Greece in 480 BC, the Greeks werewarned by an Greek named Demaratus who was living in exile in Persia. In those days, wooden tablets covered withwax were used for writing. Demaratus wrote a message on the wooden tablet itself and then covered it with wax,allowing the vital information to be smuggled out of the country.The science of sending concealed messages is known as "steganography", Greek for "concealed writing". Other classical techniques for smuggling a message included tatooing it on the scalp of a messenger, letting his hair grow back, and then sending him on a journey. At the other end, the recipient shaved the messenger's hair off and read themessage.Steganography has a long history, leading to inventions such as invisible ink and "microdots", or highly miniaturizedmicrofilm images that could be hidden almost anywhere. Microdots are a common feature in old spy movies and TVshows. However, steganography is not very secure by itself. If someone finds the hidden message, all its secrets arerevealed. That led to the idea of obscuring the message so that it could not be read even if it were intercepted, and theresult was "cryptography", Greek for "hidden writing". The result was the development of "codes", or secretlanguages, and "ciphers", or scrambled messages.* The distinction between codes and ciphers is commonly misunderstood. A "code" is essentially a secret languageinvented to conceal the meaning of a message. The simplest form of a code is the "jargon code", in which a particular arbitrary phrase, for an arbitrary example:
The nightingale sings at dawn.
-- corresponds to a particular predefined message that may not, in fact shouldn't have, anything to do with the jargoncode phrase. The actual meaning of this might be:
The supply drop will take place at 0100 hours tomorrow.
Jargon codes have been used for a long time, most significantly in World War II, when they were used to sendcommands over broadcast radio to resistance fighters. However, from a cryptographic point of view they're not veryinteresting. A proper code would run something like this:
BOXER SEVEN SEEK TIGER5 AT RED CORAL
This uses "codewords" to report that a friendly military force codenamed BOXER SEVEN is now hunting an enemyforce codenamed TIGER5 at a location codenamed RED CORAL. This particular code is weak in that the "SEEK"and "AT" words provide information to a codebreaker on the structure of the message. In practice, military codes areoften defined as "codenumbers" rather than codewords, using a codebook that provides a dictionary of code numbersand their equivalent words. For example, this message might be coded as:
85772 24799 10090 59980 12487
-- where "85772" maps to BOXER SEVEN, "12487" maps to "RED CORAL", and so on. Codewords andcodenumbers are referred to collectively as "codegroups". The words they represent are referred to as "plaintext" or,more infrequently, "cleartext", "plaincode", or "placode".Codes are unsurprisingly defined by "codebooks", which are dictionaries of codegroups listed with their corresponding their plaintext. Codes originally had the codegroups in the same order as their plaintext. For example,in a code based on codenumbers, a word starting with "a" would have a low-value codenumber, while one startingwith "z" would have a high-value codenumber. This meant that the same codebook could be used to "encode" a plaintext message into a coded message or "codetext", and "decode" a codetext back into plaintext message.However, such "one-part" codes had a certain predictability that made it easier for outsiders to figure out the patternand "crack" or "break" the message, revealing its secrets. In order to make life more difficult for codebreakers,codemakers then designed codes where there was no predictable relationship between the order of the codegroupsand the order of the matching plaintext. This meant that two codebooks were required, one to look up plaintext to findcodegroups for encoding, the other to look up codegroups to find plaintext for decoding. This was in much the same

Activity (8)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Danial Ebabu liked this
alaksingh liked this
nisarg dave liked this
nisarg dave liked this
yosry79 liked this
avril_ahooja liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->