Masyarakat dan Teknologi Informasi Masa Kini

Sumber: Chapter 9. The Challenges of Digital Age: Society and IT, p.463 Williams, B.K, Stacy C. Sawyer (2007). Using Information Technology: A Practical Introduction to Computers & Communications. Seventh Edition, McGraw-Hill, New York. ISBN-13: 978-007-110768-6

1

Learning Outcomes Pada akhir pertemuan ini, diharapkan mahasiswa akan mampu :

• menjelaskan: bagaimana data digital digunakan utk membodohi orang lain, dan dapat menjelaskan jenis-jenis ancaman pada komputer, dan karakteristik dari lima komponen sekuriti (C2)

2

Outline Materi • Truth Issues: Manipulating Digital Data • Security Issues: Threats • Security: Safeguarding Computers & Communications 3 .

cs.edu/~dejohnso/morph. Hidden Dragon” and “Harry Potter” contain many scenes that could never actually happen • Adobe Photoshop allows changes.Truth Issues: Manipulating Digital Data • Digital Images and Sounds can be manipulated – Pro: Creates new forms of art • Morphing software makes one image morph into another http://www.html • Movies such as “Crouching Tiger. enhancements to photos • Digital technology allows musicians to sing every track of a song and accompany themselves – Con: Has made photographs & recordings untrustworthy • Famous Yalta summit photo edited: Stallone added in! 9-4 .utah.

tutorialized.com/tutorial/Basic-ModelRetouching/9547 » http://news.com/blog/2005/11/30/photoshop -101-even-models-have-flaws » http://www.co.uk/1/hi/health/769290.bbc.etniesgirl.stm 9-5 .Truth Issues: Manipulating Digital Data – Photographs may not be authentic – Photographs may be deliberately misleading • 1994 Time magazine photo of O. Simpson was digitally darkened to make him appear sinister – Could this have biased potential jury members? • Fashion model photos are routinely elongated to make models appear more slender – How many girls become anorexic to try to match those models’ impossible perfection? » http://www.J.

at Binghamton is researching digital cameras that hide a picture of the photographer’s iris inside each digital photo 9-6 . wrote the first systematic. William H. Mitchell of M.com/ adds a digital watermark to its photos – Hany Farid of Dartmouth College devised algorithms to detect changes to uncompressed digital photos – Prof.corbis. Jessica Fridrich of S.N.T.U.I.Y. critical analysis of the digital revolution – Corbis http://pro.Truth Issues: Manipulating Digital Data • Techniques to combat digital deception – Prof.

THEN do more research – The data is not necessarily accurate • Cross-check against multiple sources – Each database service has boundaries • Know what those boundaries are – Different keywords bring different results – History is limited • These databases often begin with data from 1980 or later 9-7 .Truth Issues: Manipulating Digital Data • Limitations of Public databases – You can’t get the whole story • Start with a public database.

and school? 9-8 . What do I need to do to use it safely for work.Security Issues: Threats • • • • Errors and accidents Natural hazards Computer crime Computer criminals Is my computer safe? I’m concerned about it. home.

Security Issues: Threats Errors & Accidents • Human errors – People choose the wrong computer • Too simple or too complex – Human emotions affect performance • People get frustrated – Human perceptions are slower than the equipment • Watch out when you click the OK button! You may have just deleted something important! 9-9 .

Security Issues: Threats Errors & Accidents • Procedural errors – When people fail to follow safe procedures. errors can occur • Software errors – Programmers make coding errors – Famous example: Utility billing software: • Customer pays early – software credits account • Customer pays late – software credits account. adds late fee in for next bill • Programmer forgot to consider customers who pay exactly on time – their payments were never credited at all! 9-10 .

and credit to make sure they are accurate • Natural hazards can lead to disasters 9-11 . updated.Security Issues: Threats Errors & Accidents • Electromechanical problems – Mechanical systems wear out – Power failures shut down computers unless you have battery backup – Using cellphones and Blackberries while driving can cause people to crash • Dirty data problems – Incomplete. school. or inaccurate data – Check your records – medical.

Security Issues: Threats Computer Crimes • Two types of computer crime – It can be an illegal act perpetrated against computers or telecommunications – It can be the use of computers or telecommunications to accomplish an illegal act 9-12 .

Security Issues: Threats Computer Crimes • • • • • • • • • Theft of hardware Theft of software Theft of online music and videos Theft of time and services Theft of information Internet-related fraud Taking over your PC Crimes of malice Computer criminals 9-13 .

buying one copy of the software and using it on multiple computers – Software makers have prosecuted both companies and individuals including students for software piracy 9-14 .Security Issues: Threats Computer Crimes • Theft of hardware can range from – Shoplifting an item from a computer store – Stealing an entire PC or laptop • Theft of software – Pirated software is software obtained illegally – This includes “softlifting” .

000 per song – Stealing movies • The film industry has taken aggressive aim at pirated movies • 11-nation crackdown announced in 2005 9-15 .Security Issues: Threats Computer Crimes • Theft of online music and movies – Entertainment industry takes this seriously and prosecutes offenders – Stealing music • Illegal file swapping services • Damages can be up to $150.

when you can get free long distance over the internet using skype www.Security Issues: Threats Computer Crimes • Theft of time and services – Theft of computer time at work • Surfing or playing games when you should be working • Some employees violate policy by conducting personal business online such as online auctions from work • Most employers have policies against viewing X-rated web sites at work – Theft of phone services • Phone phreaks use company phone systems to make “free” unauthorized long distance calls • Why break the law.skype.com 9-16 .

usdoj. Department of Justice discusses their approach to this crime at http://www.ftc. or credit card and financial information – Legislation to make it a crime to steal someone’s identity was the 1998 Identity Theft and Assumption Deterrence Act – The U. medical information.Security Issues: Threats Computer Crimes • Theft of Information – A common crime today – Can include theft of personal information.gov/pls/dod/widtpubl$.S. you may file a report online at the Federal Trade Commission’s website at https://rn.startup?Z_ORG_CODE=PU03 9-17 .gov/criminal/fraud/idtheft.html – If you are a victim of identity theft.

Security Issues: Threats Computer Crimes • Internet-related Fraud – Because it lends itself to anonymity. internetrelated fraud is becoming more common – Well-known examples include: • Nigerian letter scam – Letter says you can get a lot of money out of Nigeria if you pay a “money transfer fee” first • Evil twin attacks – A cracker sets up an attack computer as a duplicate public access point in a public location • Phishing – Sending emails that appear to come from a trusted source that links you to a website where you type in personal information that is intercepted by the phisher 9-18 .

Security Issues: Threats Computer Crimes • Internet-related Fraud (continued) – Pharming • Malicious software is implanted in your computer that directs you to an imposter web page – Trojan horses • A program such as a “free” online game or screensaver that loads hidden programs that take over your computer or cause mischief without your knowledge • For example. and connects their computer to a remote control "bot" network run by malicious hackers 9-19 . Windows users who install the phony MSN Messenger Version 8 "beta" are actually installing an IM worm that spreads to their IM contacts.

Security Issues: Threats Computer Crimes • Crimes of Malice: Crashing entire computer systems – Sometimes criminals are more interested in vandalizing systems than they are in gaining control of them – In 2003. dams. an entrepreneur with a grudge because he lost a sale retaliated by shutting down the WeaKnees website – Crackers regularly attempt to crash Microsoft’s website – Security specialists monitor for possible cyber-attacks on electrical and nuclear power plants. and air traffic control systems – Crackers have attacked the internet too and brought down large sections of it 9-20 .

Security Issues: Threats Computer Crimes • Computer criminals may include – Individuals or small groups who • Use fraudulent email and websites • Steal peoples’ identities for monetary gains • Show off their power for bragging rights – Employees who • Have a grudge against their current or former employers • Have a grudge against another employee • Sell their company’s secrets for personal profit – Outside partners and company suppliers 9-21 .

Security Issues: Threats Computer Crimes • Computer criminals may also include – – – – Corporate spies Enemy foreign intelligence services Organized crime Terrorists • Computer criminals do not include your employer. who is legally allowed to monitor the computers at work – Check your company’s computer usage policy – Make sure you follow the rules – Know that any data you store in the computer at work – including emails – is company property 9-22 .

system failures.Computers & Communications • Security is – A system of safeguards for protecting information technology against disasters. and unauthorized access that can result in damage or loss Security: Safeguarding • Computer Security’s Five Components – – – – – Deterrence of computer crime Identification and access Encryption Protection of software and data Disaster recovery plans 9-23 .

2005 CERT issued alert SA05347A documenting Windows Explorer vulnerabilities 9-24 Security: Safeguarding .org – For example. to conduct and coordinate cybersecurity activities – On December 13.Computers & Communications • Deterrents to computer crime – Enforcing laws – CERT: The Computer Emergency Response Team • Provides round-the-clock information on international computer security threats • The CERT website is www.cert. 2005 announced a partnership between the US and ictQatar. on December 15. the Qatar Supreme Council for Information and Communications Technology.

Computers & Communications • More deterrents to computer crimes – Tools to fight fraudulent and unauthorized online uses • Rule-based detection software • Predictive-statistical-model software • Employee internet management software • Internet filtering software • Electronic surveillance – Verify legitimate right of access • Use cards. keys. and badges • Use PINs and passwords • Use physical traits and personal identification 9-25 Security: Safeguarding . signatures.

2005. informed their customers that criminals had stolen their credit cards because Guidance had FAILED to encrypt a database that was accessible over the internet Security: Safeguarding – Disadvantage: encrypting data may prevent lawenforcement officials from reading the data criminals are sending to each other Discussion Question: Does information privacy outweigh law enforcement’s needs to track down and prosecute criminals? Should we all encrypt our information to prevent crackers and criminals from stealing it? 9-26 . a maker of Computer Forensics software. Guidance Software. 7.Computers & Communications • Encryption – The process of altering readable data into unreadable form to prevent unauthorized access – Advantage: encrypting data that is available over the internet keeps thieves and crackers from reading it • On Dec.

Computers & Communications Security: Safeguarding • 4 ways to protect software & data – Educate employees in backing up data. and not sharing passwords – Control of access to restrict usage – Audit controls to document who used what programs and computers and when – People controls include screening applicants. monitoring internet. background checks. virus protection. and computer usage 9-27 . email.

with a UPS • Automatically storing data redundantly in two places. CD. with a generator • Having an off-site computerized data storage center with independent power supply • Having a complete “hot” redundant data center that can instantly be used if there is a disaster More $$$ 9-28 . or zip disk.Computers & Communications • Disaster-recovery plans – A method of restoring information-processing operations that have been halted by destruction or accident • Reinforced by 2001 World Trade Center attack • Reinforced by company data losses incurred during 2005 Hurricane Katrina Security: Safeguarding – Plans range in price and complexity from • Backing up data from disk to tape.

Kesimpulan 29 .

Sign up to vote on this title
UsefulNot useful