This action might not be possible to undo. Are you sure you want to continue?
Module’s Information: Module Session Programme Lecturer ICT2209 COMPUTER ETHICS SEPTEMBER 2009 BGSDI, BIMCI, BNMCI, BITMI Vijayan A/L Venggadasallam Email: firstname.lastname@example.org Phone Ext: 2335 Summary of Coursework Breakdown: (as stated in course structure) No Description of coursework Learning Outcomes covered Room: A3-F02
Assignment 1 Assignment 2
L01, L02, L04 L01, L02, L03, L05, L06
30% 30% 60% 40% 100%
CONTRIBUTION OF THE COURSEWORK TO THE COURSE FINAL EXAM TOTAL Penalty for late submission: 1 day – minus 20% of total mark awarded 2 days – minus 50% of total mark awarded 3 days – 0 mark for this piece of coursework
FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY
Module’s Information: Module Session Programme Lecturer ICT2209 COMPUTER ETHICS SEPTEMBER 2009 BGSDI, BIMCI, BNMCI, BITMI Vijayan A/L Venggadasallam ICT2209 COMPUTER ETHICS Coursework Type Percentage Hand-out Date Due Date Student’s Declaration: Individual Assignment 2 30% out of 100% Week 4 Week 7 Room: A3-F02
I declare that: I understand what is meant by plagiarism This assignment is all my own work and I have acknowledged any use of the published or unpublished works of other people. I hold a copy of this assignment which I can produce if the original is lost or damaged [Name/ID] _______________________________________ [Date] _____________________
Learning Outcomes Assessed: LO1 LO2 LO3 LO5 LO6
Discuss the computer revolution and highlight the problems of global ethics Explain the computer security and human values Discuss the privacy issues relate it to the Information Age.
Discuss the propriety rights in computer software Apply the ethics in software development project Total Marks
10 20 20 25 25
1. 2. 3. 4. 5. Introduction. Background study. Report format and structure. Specification and Discussion of the Requirements. The overall presentation skills.
Font size: 12. Proposed topics: 1. and list of references. Font type: Times New Roman. and body of information. Computer security 3. Intellectual Property 4. Issues in computer privacy 2. 2. Students are also required to conduct presentation on the topic. Spacing: 1. contents page. conclusion. 3. Any other suitable topic The following guidelines must be adhered: 1.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY Final Mark (30%) Lecturer’s Comments Penalty for late submission: 1 day – minus 20% of total mark awarded 2 days – minus 50% of total mark awarded 3 days – 0 mark for this piece of coursework Description of Coursework #2: Student to do research on topic related to computer ethics and produce report of their research.5 End of Coursework #2 Coursework Specifications Page 3 . The report should have 15-20 pages. The contents of the report must have a cover page.
3. Pharming Prevention Tips Conclusion References Plagiarism Detect Page Page No. Coursework Specifications Page 4 . 4. 8. 6. 7. 2.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY TABLE OF CONTENTS No. Hackers Attitude Identity Theft 18.104.22.168. Phishing 4. Descriptions Introduction Background study Contents Hacking 3. 1. 5 6 8 8 11 12 14 16 20 21 22 5.
So it will cover about some stealing techniques that the criminal use to steal our confidential information and how to protect our personal information. Coursework Specifications Page 5 . while allowing the information and property to remain accessible and productive to its users’ needs. My research tells about computer security. tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. The terms computer system security.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 1. and natural disaster. Computer security is a branch of technology known as information security and usually applied to computers and networks. means the whole processes and mechanisms by which sensitive and valuable information and services are protected from publication. corruption. Introduction Nowadays there are so many computer crimes all over the world. The objectives of computer security consist of protection of information and property from theft.
but the content of a computer is vulnerable to few risks even less the computer is connected to other computers on a network and as the use of computer networks. and is Coursework Specifications Page 6 . on the other hand. breaches of confidentiality range from the embarrassing to the disastrous. 3.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 2. Background study The term computer security is often used. integrity. 2. that a person who has received a message cannot refused to receive it. Other important concerns of computer security professionals are maintain access control and nonrepudiation. In addition to these technical aspects. the concept of computer security has expanded to denote issues refering to the networked use of computers and their resources. Authentication means that users are who they claim to be and availability means that resources are accessible by authorized parties. but also that they are not refused resources that they legitimately can expect to access. Computer security touches draws from disciplines as ethics and risk analysis. 1. the forming of concepts reach of computer security is extensive and multifaceted. Integrity means that information is protected against changes without permission that are not detectable to authorized users and many incidents of hacking expose the integrity of databases and other resources. The most important areas of computer security are usually represented by the initials CIA: confidentiality. "denial of service‖ are attacks against availability which are sometimes the topic of national news. Nonrepudiation implies that a person who sends a message cannot refuse that he sent it and. especially the Internet. and authentication or availability. Maintaining access control means not only that users can access only those resources and services to which they are entitled. Confidentiality means that information cannot be access by unauthorized parties and is also known as secrecy or privacy.
privacy is perhaps the most important concern of computer security for everyday Internet users. it is now very important that individuals are able to maintain control over what information is collected about them. and what purpose it is used for. privacy on the Internet is about protecting one's personal information. the information in electronic format can be shared among third parties. for example. Although users may feel that they have nothing to hide when they are registering and filling a form with an Internet site or service. who may use it. and identity and anonymity in cyberspace. and authenticity are the most important aspects of a computer security. the prevention. even if the information does not seem valuable. a person's information seeking habits. Coursework Specifications Page 7 . While confidentiality. remediation of attacks.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY referred with topics such as computer crime. Because of the ease. how it is used. integrity. and detection. Because small pieces of related information from different sources can be easily linked together to form a unit of.
They usually reserve cracker refer to the black hat hacker or more generally hackers with unlawful intentions. The members of the computer underground should be called crackers. This community was a community that people had a great interest in computer programming. Some would say that the people that are now considered hackers are not hackers. including social engineering Coursework Specifications Page 8 . Hackers Attitude Several groups of computer underground have different attitudes and aims use different ways to separate distinctly themselves from each other. and are unconcerned about the use of illegal means to archive them. 1. Nowadays the subculture has evolved around hackers is often related to as the computer underground. Nowadays these people in the community refer to the cyber-criminal hackers as ―crackers‖. These computer professionals are employed by companies to ensure that a company’s information systems are secure and they may utilize variety kinds of methods to carry out their tests. There are 5 types of hackers that consist of white hat hacker. grey hat hacker. who have specialization in penetration testing and other testing methodologies. and they often create and distribute open source software. as before the media explained the person who breaks into the computer security as a hacker there was a hacker community.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 3. They are computer security experts. usually by gaining illegal or unauthorized access to administrative controls. Other uses of the word hacker not only related to computer security. or try excluding some specific group. but also rarely used by the mainstream media. Many people claim that the hackers are motivated by artistic and political ends.1. White hat hackers White hat hackers are known as ―ethical hackers‖. Hacking Hacking is an action that breaks into computers. 3. black hat hacker. script kiddie and hacktivist.
internet worms. data checks. a script kiddie is sometimes call script bunny. 2. but may or may not occasionally do crimes when the courses of their technological exploits. hardware key. is a term used to describe those who use scripts or program developed by other people to attack computer systems or networks. Coursework Specifications Page 9 . Black Hat Hackers A black hat hacker is refers to a hacker who breaks into networks or computers illegally or creates computer viruses. and sometimes not. The way may also refer to hackers who crack software to remove protection methods such as copy prevention. and is done without authorization. trial/demo version. They are a group of people between white and black hat hackers. or software annoyances like nag screens and adware. These crackers may distribute computer viruses. They are hackers who have specialization in unauthorized penetration and use computers to attack computer systems for profit. for fun. Black hat hackers are also called crackers. sometimes do good things. 3. It is commonly assumed that script kiddies are juveniles who lack of programming ability to write complicated hacking programs or exploits on their own. Grey Hat Hackers Grey hat hacker refers to a skilled hacker who sometimes acts illegally or without authorized permission. or for political purposes or as a part of social cause. Script kiddie In hacker culture. and their objective is to try impressing their friends or getting credit in computer-enthusiast communities. serial number. use of hacking tools. The penetration usually involves modification or destruction of data.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY tactics. CD check. They never hack for personal gain or have malicious purposes. 4. and attempts to evade security to gain entry into secured areas. and deliver spam through the use of botnets.
the controversy reflects two divergent philosophical strands within the hacktivist movement. redirect. Hacktivism is an offshoot of Cult of Dead Cow. Fundamentally. or information ethics. its beliefs include access to information as a basic human right. and software development. economic. refraining from destruction. These digital tools include web site defacements. Some people think that malicious cyber-attacks are an acceptable form of direct action and the other strand thinks that all protest should be peaceful. Freenet is a principal example of translating political thought (anyone should be able to speak) into code. Acts of hacktivism are brought about in the belief that proper use of code will have increased effects the same to regular activism or civil disobedience. It is understood as the code writing to promote political – promoting expressive politics. denial-of-service attacks. free speech. virtual sabotage. Hacktivism or Political Hacking Hacktivism (combination of hack and activism) is the nonviolent use of illegal or legal ambiguous digital tools to hack in pursuit of political ends. Some argue it was found to describe how electronic direct action might work toward social change by combining programming skills with critical thinking. The others use hacktivism as practically synonymous with malicious and destructive acts that undermine the security of the internet as a technical. Hacktivism is a controversial way. surveillance and privacy in an era of increased technological surveillance. The loose network of programmers. human rights. Hacktivist activities cause many political ideals and issues. virtual sit-ins. and political platform. artists and radical militants 1984 network liberty alliances more concerned with issues of free speech. Coursework Specifications Page 10 . information theft. web site parodies.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 5.
A later study by Carnegie Mellon University concluded that "the probability of becoming a victim to identity theft as a result of a data breach is .. only to use it. according to the company whose systems were breached. However the title of that report is "Data Breaches Are Frequent. since it is impossible to steal an identity.around only 2%". Identity theft is a thing that different from identity fraud. It is a crime to use another person’s personal identity for personal gain in many countries. There has been very little evidence to link ID fraud to data violations. synthetic ID theft is not always detectable by the consumers whose information was used. However. However.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 4. Someone can steal or appropriate someone identifying information without actually performing identity fraud. Identity theft Identity theft is a term used to relate to fraud that involves someone presuming to be someone else in order to steal money or get other benefits. The term is relatively new and is actually like an error in naming. but Evidence of Resulting Identity Theft Is Limited. resulted in only about 1800 instances of identity theft. The best example of this is when a data violation occurs. one of the largest data breaches ever. However. Coursework Specifications Page 11 . Identity fraud is result of identity theft. the terms are often used get accidentally exchanged. accounting for over four million records. according to an FTC report. the Full Extent Is Unknown". More recently. The person whose identity is stolen can suffer various kinds of consequences when he or she is held responsible for the criminal’s actions.. A Government Accountability Office study determined that most violations have not resulted in detected incidents of identity theft.
Since the email and corresponding Web site look like the real one. Phishers use spam. passwords. Each spam email has contents of a message that appears from a famous and trusted company. the phisher hopes at least a fraction of recipients are fooled into submitting their personal data. How phishing works In many cases. appears authentic and in some cases its URL has been covered so the web address looks real. and it often tries to provoke an emotional response to a false crisis. Usually the message contains the company’s name and logo. it is commonly believed that about 1 to 10 percent of recipients are tricked with a ―successful‖ phisher campaign having a response rate around 5 percent. 4. such as bank and credit card account details. for example by opening up new accounts using the victim’s information or draining the victim’s bank accounts or they sell it on the black market as third party for a profit. phishers send out a lot of spam email. And even sometimes the email provides the recipients to a fake web site. etc. sometimes up to millions of messages. they either use the stolen information themselves to deceive the victims. like the email. fake Web sites. Coursework Specifications Page 12 . crimeware and other techniques to trick people into leaking sensitive information. and phishers are nothing more than tech-intellect con artists and identity thieves. Email contents are looks like business language and couched in urgent. account numbers. While it is impossible to know the actual victim response rates to all phishing attacks.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY There are some stealing identity techniques such as phishing and pharming. the email often request for the user’s personal or financial information. Once they’ve captured enough victims’ financial information.1. The fake web site insists the visitor to provide confidential information such as social security numbers. The web site. Phishing Phishing is actually an online con game.
hostile Web sites by increasing common Web browser vulnerabilities to infect victim machines. this genre of crime ware has become more targeted or capturing just the information the phisher wants and more silent. This information is in turn used for research and refinement of Symantec’s products. Another example of the growing skills of the phishing groups is their use of lacks in Web site design to make their attacks more convincing. the phisher can simply steal our confidential information although we do not fill our information and the Trojan or spyware placed onto your machine would capture all of information the next time you visit the legitimate Web site of your bank or other online service. Throughout the past year. criminallyowned Web server. a lack in the IRS Web site allowed people to make their ―bait‖ URLs appear to be the IRS’ Web site. even though the victim was headed to a different. Symantec recently captured a stereotypical phishing attack in its honey pot network focused on the online auction service eBay. This is one of many potential examples of the steadily advancing skills of online fraudsters. phishers became much more complicated. EBay become one of the most phished brands on the internet. Phishing example Symantec operates a group of machines known as honey pots—a network of intentionally vulnerable systems that are used to capture and study real-world attacks. They began using crime ware in conjunction with their fraud. For example. This trend means that by simply following the link in a phishing email to a fake Website. Coursework Specifications Page 13 . using rootkit and other aggressive stealth techniques to remain hidden on an infected system.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY Over 2005.
hostile Web sites is how these fraudsters earned their namesake.g. www. The difference between phishers and pharmers is phishers drop a couple lines in the water and wait to see who will take the bait but pharmers are more like cybercriminals harvesting the Internet at a scale larger than anything seen before. The first method – the one that earned pharming its name – is commonly an old attack called DNS cache poisoning. 192.mybank. Instead of relying completely on users clicking on an enticing link in fake email messages. Pharmers rely upon the same bogus Web sites and theft of confidential information to perform online scams. Coursework Specifications Page 14 . Pharmers re-direct their victims using one of several methods. but are more difficult than phishing to detect in many ways because they are not reliant upon the victim accepting a ―bait‖ message. Pharming Pharming is another form of online fraud. they are effectively changing the rules of how traffic flows for an entire section of the Internet! The potential widespread impact of pharmers routing a enormous number of unsuspecting victims to a series of bogus. it is almost similar to its cousin phishing.2.g. DNS cache poisoning is an attack on the Internet naming system that allows users to enter in meaningful names for Web sites (e. When a pharmer performs a successful DNS cache poisoning attack.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 4. into the machine-understandable digits that whisk users to the Web site of their choice. pharming instead diverts victims to the bogus Web site if they type the right Web address of their bank or other online service into their Web browser. The naming system relies upon DNS servers to handle the conversion of the letter-based Web site names.1).1.com) rather than to remember series of numbers (e. which are easily recalled by people.168.
A pharming attack that took place weeks after this incident had more dangerous consequences. bogus Web sites.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY Pharming example One of the first known pharming attacks was happened in early 2005. Once the original address was removed to the new address. two of which attempted to load spyware and adware onto victim machines and the third that appeared to be an attempt to drive users to a Web site selling pills that are often sold through spam email. Using a software flaw as their foothold. Coursework Specifications Page 15 . pharmers changed out hundreds of legitimate domain names for those of hostile. the attacker had effectively hijacked the Web site and made the genuine site impossible to reach. The pharmer appears to have duped the personnel at an Internet Service Provider into entering the transfer of location from one place to another by taking advantage of a software lack. complicating the victim company and impacting its business. There were three waves of attacks.
If you make their job more difficult. More recent versions of Microsoft Windows and other popular software can be configured to download and apply updates automatically so that you do not have to remember to check for the latest software and taking advantage of "autoupdate" features in your software is a great way to keep yourself safe online. blocks many basic and automated attacks completely. you block attackers from being able to take advantage of software lacks (vulnerabilities) that they could otherwise use to go through into your system. There are some tips below provide basic information on how you can prevent online fraud. Keep your computer security current with the latest patches and updates. they will leave you alone and move on to an easier target. By evenly updating your computer. Make sure your computer is managed securely. Prevention Tips Cybercrime prevention can be performed when faced with a little technical advice and common sense. many attacks can be avoided. Choose strong passwords and keep your information safe. Coursework Specifications Page 16 . and might be enough to prevent a less-determined attacker to look for a more vulnerable computer elsewhere. it only makes it more difficult for hackers to gain access to your system. While keeping your computer up-to-date will not protect you at all. Keep your computer security current with the latest patches and updates. Protect your confidential information. online criminals are trying to make their money as quickly and simple as possible. In general. Protect computer with security software.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 5. One of the best ways to keep hackers away from your computer is to apply patches and other software fixes when they become available.
settings in your Web browser such as Internet Explorer or Firefox will decide what happens when you visit certain Web sites on the Internet. Choose strong passwords and keep your information safe. Coursework Specifications Page 17 . Oftentimes security and privacy settings can be simply configured without any sort of special expert skill by simply using the "Help" feature of your software or reading the vendor's Web site and if you are uncomfortable configuring it yourself call someone that experts in computer that you know and trust for assistance or contact the vendor directly. There are some tips can help make your online experiences secure: 1. but also focus on making it work securely. Configuring Internet applications such as your Web browser is one of the most important areas to focus on. Passwords are a fact of life on the Internet today and we use them for everything such as online banking and logging into our favorite airline Web site to see how many miles we have collected.g. For example. # $ %!?). Choose a password that cannot be easily guessed is the first step to keep passwords secure and away from the other people. Avoid using the following as your password such as your login name. pay attention not just to making your new system function. Don’t think that a newly purchased computer the right level of security for you. The strongest security settings will give you the most control over what happens online but may also disturbing some people with a large number of questions when they are searching some things ("This may not be safe. Choosing the level of security and privacy depends on the individual using the computer.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY Make sure your computer is managed securely. Strong passwords have eight characters or more and use a combination of letters. are you sure you want do this?") or the inability to do what they want to do. numbers and symbols (e. Just check it whether it is secure enough and if you are installing your computer at home.
If you notice something weird with one of your online accounts. Trojan horse and other type’s malicious programs. A firewall is usually your computer's first line defense. Coursework Specifications Page 18 . such as Norton Antivirus. which monitors all online activities such as email messages and Web browsing and protects an individual from viruses. 2. also protect from spyware and potentially unwanted programs. Change passwords regularly. 3. Protect your computer with security software. Your antivirus and antispyware software should be set to update itself. Keep your passwords in a safe place and do not to use the same password for every service you use online. Try to select especially strong and unique passwords for protecting important activities like online banking. You could think of a firewall as a sort of "policeman" that controls all the data that flow in and out of your computer on the Internet and allows communications that it knows are safe and blocking bad traffic such as attacks from ever reaching your computer. Firewall controls who and what can communicate and have access with your computer online. Having security software that gives you control over software you may not want and protects you from online threats is essential to staying safe when you are going online.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY anything based on your personal information such as your last name. worms. This can decrease the damage caused by someone who has already gained your password to access to your account. The next line defense is your antivirus software. and it should update by itself every time you connect to the Internet. one of the best steps you can take is to change your password immediately. Most recent versions of antivirus software. Several types of security software are necessary for basic online security and security software includes firewall and antivirus programs. at least every 90 days. your birthday and words that can be found in the dictionary.
Protect your confidential information.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY Organized security suites such as Norton Internet Security combine firewall. When in hesitant. antispyware with other features such as antispam and parental controls have become very popular as they offer all the security software needed for online protection into one package. antivirus. odd phrasings. or urge you to provide personal information immediately or else something bad will happen. contact the certain company by phone or by typing in the company Web address into your Web browser and don't click on the links in these messages as they make take you to a fraudulent. phishing messages will often insist you that you have to act quickly to keep your account open. poor grammar. Coursework Specifications Page 19 . phone number. and anything else out of the ordinary. the following list contains some tips for how to share personal information safely when going online: Keep an eye out and be careful for bogus email messages. Real companies will not use email messages to ask for your personal information. Things that indicate a message may be deceitful are misspellings. Don't respond to email messages that ask for confidential information. home address. Many people find using a security suite an attractive alternative to installing and setting several different types of security software as well as keeping them all up-to-date. you will inevitably have to provide personal information in order to handle billing and shipping of purchased goods. Web site addresses with strange formats. update your security. Be careful when sharing personal information such as your name. malicious Web site. Since not leaking any personal information is rarely possible. Additionally. Web site addresses that are entirely numbers where there are normally words. and email address online and to take advantage of many online services.
This requires integrating software security into your entire software engineering process is a topic that we take up in the next chapter. Safety-critical and high-assurance system designers have always taken great damages to analyze and to track software behavior and security-critical system designers must follow suit. The environment in which machines must survive has changed fundamentally since the popularization of the Internet. We must have knowledge about that and how to keep our computer and confidential information safe so we can minimize damages or even we can prevent all unauthorized attacks. We can avoid the Band-Aid-like penetrate-and-patch approach to security only by considering security as a important system property. Good software security practices can help ensure that software performs properly. Conclusion Nowadays computer security is a vast topic that is becoming more important because the world is becoming highly interconnected.FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 6. The goal of my research is to familiarize you with the current best practices for keeping security flaws out of your software. Coursework Specifications Page 20 . Cybercrime can happen anytime and anywhere. with networks being used to carry out important transactions.
jsp > Online Fraud: Pharming 10th October 2009 URL :< http://www.jsp> Prevention tips 11th October 2009 URL :< http://www.symantec.wikipedia.com/norton/cybercrime/pharming.org/02-fall/internet.istl.html> Computer security .Wikipedia. the free encyclopedia 11th October 2009 URL :< http://en.wikipedia.jsp > Coursework Specifications Page 21 .FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 7. References Science and Technology Resources on the Internet-by Jane F.com/norton/cybercrime/prevention.com/identity-theft/ > Online Fraud: Phishing 10th October 2009 URL :< http://www.org/wiki/Computer_security> Hacker (computer security) .symantec.Wikipedia. Kinkus-11th October 2009 URL :< http://www.org/wiki/Hacker_(computer_security) > Identity theft – eHow.symantec. the free encyclopedia 9th October 2009 URL :< http://en.com/norton/cybercrime/phishing.com 10th October 2009 URL :< http://www.ehow.
Plagiarism Detect Page Coursework Specifications Page 22 .FACULTY OF COMPUTING AND INFORMATION TECHNOLOGY 8.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.