Basic

Computer course book

Free University of Bolzano Bozen Dr. Paolo Coletti Edition 7.0 (8 October 2012)

Introduction
ThisbookcontainscourseslessonsheldattheFreeUniversityofBolzanoBozen.Itcontainsonlythefirst
partofthecourses,namelythelessonson:

computerintroduction,
MicrosoftWindows,
computernetworks,
computerdangersandsecurity.

It does not contain the parts on Microsoft Word, Microsoft Excel, financial functions, Microsoft Access,
computer algorithms, SPSS, Visual Basic for Applications, which are very well covered by the respective
coursessuggestedbooks.
Thisbookisusuallyupdatedeveryyear,pleasetakealookattheeditiondate.

Disclaimers
This book is designed for very novice computer users. It often contains oversimplifications of reality and
everytechnicaldetailispurposelyomitted.Expertuserswillfindthisbookuselessand,forcertainaspects,
partiallywrong.
This book supposes that the user is using Microsoft Windows 7 operating system in English language.
However, most of the book is perfectly readable with other Windows versions, while some menus and
instructionscanberatherdifferentifthelanguageisnotEnglish(Windowslanguagemaybechangedon
multilanguageinstallations:seepage6forfurtherinformation).
The novice user in this book is, for simplicity, always considered male. This is not meant to be gender
discrimination.

Table of Contents
Introduction..........................................................1
1. Computers....................................................2
1.1. Storage.........................................................2
1.2. Software.......................................................3
2. MicrosoftWindows......................................5
2.1. Versionsandeditions...................................5
2.2. Regionalandlanguagesettings....................6
2.3. Filesystem....................................................7
3. Computernetworks...................................13
3.1. Technicalaspects........................................13
3.2. Communication..........................................14

3.3. Internetconnections.................................17
4. Computersecurity.....................................18
4.1. Encryption..................................................18
4.2. Passwords..................................................21
4.3. Viruses.......................................................23
4.4. Emails.........................................................24
4.5. Navigation..................................................26
4.6. Attacksfromoutside.................................27
4.7. Backup.......................................................28
Index..................................................................31

Dr.PaoloCo
oletti

BasiccComputercoursebookk

1. Com
mputerrs
Thischapteerpresentsw
withabriefd
descriptionofcomputerm
maincompo
onents,oftheemostcomm
mondevicess
andofthettypicalsoftw
warecomponentsfornovviceuser.

1.1. Sto
orage
1.1.1. Me
easures
Before starrting with the computeer descriptio
on, it is useeful to beco
ome proficieent with th
he data size
e
terminologyy,whichwilloftenbeuseedinthisbook.
Computers haveaveryelementaryywaytostorredata:theyycanremem
mberonly0o
or1.Avalueeof0or1iss
calledbitan
ndallcompu
uterdataareestoredasse
equencesofbits.Asequenceof8bittsiscalledabyte,which
h
isaquantityylargeenoughtostoreu
usuallyaletteroradigit(eventhoughsometimes2bytesareenecessary)..
Modern co
omputers aree able to deal with en
normous quaantity of byytes, forcing us to intro
oduce otherr
quantities:

Kilo
obyte(KB),approximatelyy1,000byte
es,
Megabyte(MB)),approximately1,000KBoronemillionbytes,
Gigabyte(GB),aapproximateely1,000MB
Boronebillio
onbytes,
Terabyte(TB),aapproximately1,000GBo
oronetrillio
onbytes.

Usuallythe unformatte
edtextofaw
wholebook canfitinso
omeKB,whileforanimaageinagoodresolution
n
(letssayreadytobeprrintedonA4paper)orfo
oramodernsongsomeM
MBarerequired,whileaafilminhigh
h
qualityneed
dssomeGB.

1.1.2. Mo
oores law
Over the laast 40 years, computer hardware has
h been con
ntinuously im
mproving itss performances with an
n
exponentialgrowth.Thisgrowthis summarized
dbythefamousMooresslawwhich saysthattheenumberoff
transistors in a processsor doubles every 18 mo
onths. This law
l
can be extended
e
to almost every aspect off
hardware aand we may say that thee performan
nce (be it speed or capaacity) of hard
dware doubles every 18
8
months, thus leading to
t a general exponentiaal growth. Unfortunately
U
y softwaress performancce does nott
increasewitththesamerate.

1.1.3. De
evices
The compu
uter uses sevveral devices to perman
nently store and move data, which
h vary a lot in terms off
capability,ccost,speedaandportabilitty.
Themostusedisstheinternaalharddisk,w
whichusualllyisinsideth
hecomputerrboxand
cannotbemoveed.Itssizecu
urrentlyranggesfrom500
0GBto2TB.Ontheotheerhand,an
exte
ernalharddiskisoutsidethecomputter,hasthessamesizeandobviouslyccanbe
movved.Itsonlydisadvantageisbeingslightlyslowerr.
SSD SolidState Disksarestaartingtoslow
wlyinvadethemarket.TTheyarenottdisksatall,,
but very larrgememoryy cards shapeed like an hard disks wh
hich can enttirelyreplace
ethe internaalharddisk..
Theirmain advantages arethatnotthavingmovvingparts(theydonotrrotateathigghspeedlikeeharddisks))
are more ro
obust and th
hat in most situation they are fasteer than hard disks (up to
o 10 times faaster). Theirr
disadvantaggeisthelimitedsizewhicchcurrentlyis250GBan
ndtheirhighprice.
Page2of32
2

Edition7.0(0
E
08/10/2012))

BasicComp
putercoursebook

PaoloColettii
Dr.P

CDandDVDaretheetwomoderrnwaystosttoredata.Th
heycontainaabout700M
MBand4GB,,
respecttively.Theyaaredividedin
ntoRwhichmayonlybeewrittenoncceandRWw
whichmaybe
e
writtenarerewritttenseveraltimes.TheyrrequireaCDreaderoraDVDreaderrtoberead,,
whichaareavailableonmostcom
mputers,and
daCDwriterorDVDwritertobewrritten,which
h
A new generation of high
are avaailable only on some computers.
c
h
capacitty discs hass
appeared
donthemarket,theBluraywith25GBsize.
MemoryystickorUSB
Bpendriveissthemostussedwaytotemporarysttoreandmovvedata.Its
sizeisno
owupto64G
GB,howeverritsreliabilittyisnotperfect,thereforreit
isusedm
mostlytomo
ovedata.
monwaystostoreandm
movedataare
ethroughamemorycard,usedby
Othercomm
externaldevvicessuchassphotocameras,cellularrphonesorm
musicplayerrs.

1.2. Sofftware
Softwarecaanbedivided
dintothreeb
bigcategorie
es:operatinggsystems,prrogramsanddata.
Theoperatiingsystemtaakescare,th
hroughthep
processorandthemothe
erboard,ofccontrollingth
hecomputerr
hardwareandthehumaancomputerrinteraction.Thereareccurrentlythreewidelyussedoperatinggsystems:

MiccrosoftWind
dows(withittsversionsXP,VistaandWindows7),whichisthe
emarketleaader,

Linux/Unix (it is
i a family of
o very similaar operatingg systems), which
w
is the new costlesss operatingg
sys
stem,

Maacintoshcom
mputershaveetheirowno
operatingsysstemMacOSSX.

Programsaresoftware whichisuseedtodoparticulartasks,e.g.Word
dfordocume
entwriting, Explorerforr
Internetnavvigation,theeCalculatorfformathemaaticaloperations.
Dataiseverrythingwhicchisproduceedeitherby theuseror byprogramss(sometime
esevenbyth
heoperatingg
system)to storeinform
mation,e.g.aadocument fileproduceedby Word isdata,adownloaded web pageiss
data.

1.2.1. Sofftware lice

enses
Softwarecaanbedivided
d,fromacom
mmercialpo
ointofview,usingtwofeeatures:thecostandtheepermission
n
tobemodiffied.
Subdivisionbycostis:

freeeware, softw
ware which is completelyycostless. The
T producerrs of this software are either
e
publicc
insttitutionssuchasuniversities,ordeveloperswho
odoitforpe
ersonalinterrestoradverrtisementorr
privvate compan
ny who do it for dum
mping reason
ns. Some exxamples are
e Skype com
mmunication
n
pro
ogramorLinu
uxoperatingsystem;
shareware,softtwarewhichisinitiallycostlessbutaafteracertaainperiodtheuserisaskkedtopayaa
fee or delete it; or softw
ware which has two versions: a free
f
one, but
b incompleete or with
h
advvertisement banners,and
dacompleteeadvertisem
mentfreeon
ne,forwhich
htheusermustpay.The
e
mostfamousexxampleisWinZipcompre
essionprograam;
com
mmercial, so
oftware for which
w
the user has to pay
p a licensee to use it. Common exxamples are
e
MiccrosoftWind
dowsoperatingsystemorPhotoshop
pimageeditin
ngprogram;

Edition7.0(08/10/2012
2)

Page3of32
2

Dr.PaoloColetti

BasicComputercoursebook

private,softwareuniquelybuilt,underpayment,foraspecificcustomertofithisneeds.Onlythe
costumer may use it. A typical example is the universitys studentscoursesexamsprofessors
databasesystem.

The permission to be modified can seem a trivial question for the novice user, however for program
developersandcomputerexpertsbeingauthorizedtomodifyasoftwareisagreatadvantagesinceitcan
be improved, checked for errors and tailored to specific needs. The open source versus proprietary
softwareisastrongethicalandeconomicaldebateinthecomputerscientistscommunity.Subdivisionby
permissiontomodifyis:

open source software may be studied, used and especially modified by anyone. The software
developersatthesametimelegallyauthorizeanymodificationsandtheydistributethesourceof
thesoftwaretoputotherdevelopersinaconditiontoeasilymodifyit.Opensourcesoftwareisalso
automaticallyfreeware.ThemosttypicalexampleisLinuxoperatingsystem.
copyleft software is open source but carries the restriction that any modification must be
distributed as open source and copyleft, thus impeding that software becomes, after a
modification,proprietary.ThemostfamouscopyleftcontractlicenseistheGNUPublicLicense(see
http://www.gnu.org/licenses/gpl.html).
proprietarysoftwareisdistributed(costlessasAdobeAcrobatReader,orasasharewareasWinZip,
ormostoftensoldascommercialsoftwareasMicrosoftOffice)withtheexplicitlegalwarningnot
tomodifyitandtechnicallylockedtopreventotherdeveloperstoseeormodifyitssource.

1.2.2. Software naming

Software is usually identified by a name, for example Linux or Microsoft Office, sometimes by a
distribution/edition name Linux Ubuntu, Microsoft Office Professional and very often by a version
number,asequenceofnumbers,pointsandletters(sometimes,asforWindows,commercialnames)which
distinguishesthechangesmadebydeveloperswithtime,suchasLinuxUbuntu12.10orMicrosoftOffice
Professional 2010. Obviously the version numbers of open source software changes rapidly, due to the
manydevelopersworkingonthem.

1.2.3. Data format licenses

Dataneedtobesavedwithacertainstructure,calledformats.Forexample,aplaintextfilemaybesimply
saved as a sequence of letters and symbols, which corresponds to the TXT format. More complex
structures,suchasimages,videos,butalsoformattedtexts,needmoreelaboratedformatstobestored.
Theseformatsmaybe:

closedproprietary,aformatownedbyasoftwarecompanyandkeptasatradesecret.Inthisway
only programs build by that company can use those data files and no other company is able to
endanger its monopoly. A famous example is DOC format which, until 2007, was kept secret by
Microsoft,thuspreventingcompetitorsfrombuildingalternativestoMicrosoftWordprogram.
openproprietary,,aformatpubliclyavailablebutwhoseimprovementsandcontrolareunderthe
ownershipofasoftwarecompany.AtypicalexampleisthenewWordformatDOCX.
open,apubliclyavailableformatwhichfollowsofficialstandardswhosecontrolisunderownership
of public organizations, such as American ANSI, German DIN or Italian UNI. Typical examples are
imagesformatGIForformattedtextsformatPDForwebpagesformatHTML.

Page4of32

Edition7.0(08/10/2012)

BasicComputercoursebook

Dr.PaoloColetti

2. Microsoft Windows
MicrosoftWindowsiscurrentlythemarketleaderoperatingsystem,itistheusualinterfacewhichappears
whentheuserturnsapersonalcomputeron.

2.1. Versions and editions

Microsoft released Windows XP in 2001 and for many years it has been the main Microsoft operative
system.InMay2012itisstillinstalledonapproximately30%ofcomputers(sourcegs.statcounter.com).
Windows Vista was released in 2007 and it was not a market success.
Currentlyitisinstalledonlessthan10%ofcomputers.
Microsoft released Windows 7 in 2009, which is the currently default
Microsoft operative system. It is installed on approximately 50% of
computers.Itseditionsare:

StarterandHomeBasic,cheapversionswithseverelimitations,used
mostlyonsmallnotebooks;
HomePremium,homeusersedition;
Professional, personal business edition which includes more
networkprograms;
Enterprise/Ultimate,Professionaleditionwithmorenetworkutilities
available to companies/individual users. Enterprise edition is
currently(June2012)installedatUNIBZ

Starter
HomeBasic
HomePremium
Professional
Enterprise/Ultimate

2.1.1. Computer locking problem

MicrosoftWindowssometimesbecomesunstable:itcanunpredictably,withoutanywarningandwhenthe
user does not expect it and typically when he is doing something very important and urgent, lock and
refusetorespondtousersactions.Whenthishappens,itisusuallycausedbytheprogramthatwasused
and therefore the first thing to do is to try to close the current program. If this does not improve the
situation, the only other solution left is to turn off the computer. The list of operations to try until the
computeranswerstouserscommandsis:
1. if the mouse works, click the X button on the
programwindoworotherwisepressALT+F4;
2. press CTRL+SHIFT+ESC; select the program from the
listandpressEndProgram;
3. pressCTRL+ALT+DELand,fromthebottomrighticon,
chooseShutDown;
4. pressthecomputeron/offbutton;
5. unplugtheelectricpower.
Inanycaseallthecurrentunsavedworkwillbelost;inthe
last two cases the operating system can sometimes be
damagedbutveryoftenitwillrepairbyitselfthenexttime
the computer is turned on. Therefore it is always a very
good idea to save very often the current work, especially
whenitisimportant,urgent,ordifficulttoredo.
Edition7.0(08/10/2012)

Page5of32

Dr.PaoloColetti

BasicComputercoursebook

2.2. Regional and language settings

With a multilanguage Windows installation, keyboard settings or menus languages may be changed
clicking on the Start icon, choosing Control panel, then Clock, Language and Region, then Change
DisplayLanguage,andmodifyingtheappropriatesetting.
Another interesting
option, available on
every
Windows
installation, is the
numbers and dates
formats. When in
Clock,Languageand
Region, choosing
Region
and
Language
and
clickingonFormats
then on Additional
Settings the user is
able to change the
format of numbers,
especially
the
decimal separator,
thecurrencyandthe
date
format,
especiallytheEnglish
(monthday)
and
European
(day
month)formats.
Whilethekeyboardsettingscanbeadjustedfromthismenu,itiseasiertoadjustitdirectlyfromtheright
sideoftheapplicationbar,simplyclickingonkeyboardiconandselectingtheappropriateone.

2.2.1. Keyboards and languages

Before starting this section it is necessary to take aclose look atyour keyboard.Locatethesekeyssince
theywillbeusedintherestofthismanualandareveryusefulinmanyprograms:
Englishkeyboard Germankeyboard ItalianKeyboard
CTRL
ALT
ALTGR
F1toF12
DEL
INS
HOMEor
END
PGandPG
Page6of32

STRG
ALT
ALTGR
F1toF12
ENTF
EINFG
POS1
ENDE
BILDandBILD

Mainfunction

CTRL

ALT

ALTGR
Producecharacteronthekeysrightleft
F1toF12

CANC
Deletenextcharacter
INS
Toggleinsert/overwritemode

Gotobeginning
FINE
Gotoend
PAGandPAG
Goonepageupordown

Edition7.0(08/10/2012)

BasicComp
putercoursebook

Dr.P
PaoloColettii

PACEor
BACKSP

ENTEERor
TAB
Bor
SHIFFTor
CAPSLO
OCKor
ARROW
WS

INVIOor
TABor

Deletelasttcharacter
Enterrdata
Movethroughthewindow
M
Capitalizzeletters
KeepSHIFFTpressed
Moveth
hecursor

InthisbookktheEnglishnameforkeeyswillbeindicated.Wh
henA+Bisindicated,itm
meansthatth
heusermustt
presskeyA,,thenpresskeyB,andth
henreleasebothkeys.

2.3. File
e system
m
Beforestarttingthissecttionitisneceessarytodothefollowin
ngoperationss:
1.
2.
3.
4.
5.
6.

clickontheStarrtmenuicon
n,onthelow
werleftcorneerofthescreeen
opeentheContro
olPanel
cho
ooseAppearaanceandPerrsonalization
n
cho
ooseFolderO
Options
cho
ooseView
desselectHideeextensionsfo
orknownfile
etypes.

Inthiswayextensions(sseesection2
2.3.3)areshownandfileetypesarebe
etterrecogn
nized.

2.3.1. Files and dirrectories

Softwareis storedonsttoragedeviccesinaspecialcontainerrcalledfile.TTheoperatin
ngsystemusses
alotoffilessforitselfan
ndforitsdatta,aprogram
musuallyussesonefilefforitselfand
dotherfilesffor
itsdata,andtheuseru
usessomefilesforhisdata.Afileissrepresented
dbyasmalllpicturecallled
icon.
Anotherspeecialobject isthedirecttoryorfolder,whichisb
basicallyaco
ontainerfor filesandoth
her
directories and is represented witth an icon depicting
d
a yellow
y
closeed or open folder.
f
Doub
ble
clickingonaadirectoryo
opensanewwindowwhiichpresentsthedirectorrycontent.

Eachstoraggedeviceisaabigdirecto
ory,accessib
blefromMy Computer
window, w
which contaains directo
ories and files.
f
Each of these
subdirectorries may con
ntain other files
f
and oth
her subsubd
directories,
andsooninahierarchicalway,forrmingatree withtheharddisk(or
anothersto
oragedevice)astheroott,directoriessasbrancheesandfiles
as leaves. O
On UNIBZ co
omputers, th
he usual harrd disk are C:

which
containsprograms,E:whichconttainscoursessinformationandF:
whichcontaainsusersreservedspace.DisksdirrectoriesA:andB:
areusuallyreservedforrfloppydiskss,andD:orZ:forCDreader.

Edition7.0(08/10/2012
2)

Page7of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

Choosing th
he Change your view menu of a directory
d
windows will provide
p
the user with fiive differentt
waystoloo
okatfilesanddirectoriess,themostimportantwaybeingtheeDetailswhiichcanshow
winterestingg

information
nonfilesand
ddirectoriessuchastheirsizeanddaateoflastmo
odification.
Eachfilean
nddirectory canbeunivo
ocallyidentifiedbyitsab
bsolutepath
horaddress.Fordirecto
oriesitisthe
e
path which appears on
n the address bar of th
he directory window, while for filess it is the path of theirr
containing directory fo
ollowed by \ and thee file name. For examp
ple, the abso
olute path of directoryy
Common in HP directory in
n Program Files direectory in the
t
C: hard
d disk is C:\Program

m
Files\HP\Co
ommonasccanbeseen fromthead
ddressbar.W
While,theHP
PeDiag.dllfillehastheab
bsolutepath
h
C:\Program
mFiles\HP\C
Common\HP
PeDiag.dll.
Notethat,fforWindowssoperatingsyystem,capitalorsmallcaapslettersin
npathsarep
perfectlyequ
ual.
Aspecialan
ndtrickyobje
ectisthelinkorshortcutt.Althoughiitsiconlooksslikeafileiccon,
thesmallcu
urvedarrow
wontheleft cornerclearrlyindicates thatthisob
bjectisalinkk.A
linkissimpllyanaddressstoafileordirectory,itisnotareallfileordirecctory.Whenthe
userclicks onthe
o
link, thecomputter behaves exactly as iffthe user is clickingon the
realfileor directory(if Windowscaanfindtherrealone,wh
hichisnotth
hecaseifin the
meantime somebody
s
deleted
d
or moved
m
it). However, anyy copy/move
e operation on the linkk will simplyy
copy/movethelinkand
dnottherealfileordirecctory;especiiallycopying/movingtheelinktoanottherdiskwilll
probablycaauseittomalfunction.Th
hereforeitisagoodideaafornoviceu
userstoavoidusinglinkssatall.

2.3.2. Files operattions

When doub
ble clicking on a file, Windows
W
usu
ually starts a program. The user iss totally unaaware of an
n
importantd
difference:
doubleclickingonaaprogramru
unstheprogrramwhichw
wasdoubleclicked
double clickingonaafilecallstheprogramaassociatedw
withthatfile andrunsit, atthesameetimetellingg
the pro
ogram to opeen the file. If no program is associaated with that file type, Windows assks the userr
whichp
programshouldopentheefile.
Copying a file
f means reproducing it to anothe
er location or
o to the same location with a diffeerent name..
Copying a d
directory me
eans reproducing it to another
a
locaation, or to the same lo
ocation with
h a differentt
name, togeether with itts entire treee of subdireectories and files. To
copy a file ordirectoryy windows offers several methods,tthe most
usedbeing:

Page8of32
2

Edition7.0(0
E
08/10/2012))

BasicComp
putercoursebook

Dr.P
PaoloColettii

dragtheobjecttothedestination.Ifap
plussymbol does
nott appear, prress CTRL keey to have it appear while
w
dragging.Releasetheobjecctinthedestination;
seleect the obje
ect and clicck the right mouse button.
Seleect copy. Point the mouse to the destination
n and
click the right mouse buttton. Select paste. Iff the
desstinationisth
heoriginallo
ocation,theffilenamechaangestoco
opyof;
seleect the object and presss CTRL+C. Po
oint the mou
use to the destination
d
a press CTTRL+V. If the
and
e
desstinationisth
heoriginallo
ocation,theffilenamechaangestoco
opyof.

Movingafiilemeansmovingittoaanotherlocationlosingtthefileintheoriginalplace.Movinggadirectoryy
meansmovvingittoano
otherlocationtogetherw
withitsentirretreeofsub
bdirectories andfiles.To
omoveafile
e
ordirectoryywindowsofffersseveralmethods,th
hemostused
dbeing:

dragtheobjecttothedestination.Ifap
plusoralinksymboldoesappear,pressCTRLorSSHIFTkeyto
o
rem
moveit.Releaasetheobjectinthedesstination;

seleect the obje

ect and clickk the right mouse button. Select cut

and th
he icon
beccomes lighte
er. Point thee mouse to the
t destinattion and clicck the right mouse
buttton.Selectpaste;

seleect the objeect and preess CTRL+X and the ico

on becomess lighter. Po
oint the mo
ouse to the
e
desstinationand
dpressCTRL++V.

Tocreatealinktoafileordirectoryy:

dragtheobjectttothedesttinationofth
helink.Ifa linksymbol doesnotap
ppear,press CTRL+SHIFTT
unttilitappears..Releasetheeobjectinth
hedestination;
seleect the objeect and clickk the right mouse
m
butto
on. Select ccreate shorttcut. A linkk is
creaatedinthessamedirecto
ory.

Deletingaffilemeanso
oftenputtinggitintothe trashcanw
whereitcan berecuperatedunlesstthe
trashcanissemptied.D
Deletingadirrectorymeanputtingitttothetrash cantogetheerwithitsentiretreeoff
subdirectorries and file
es. Pay speccial attentio
on, since no
ot always th
he trash caan works co
orrectly and
d
sometimes filesaredelletedwithou
utpassingth
hroughthettrashcan. To
odeleteafileordirecto
orywindowss
offersseverralmethods,themostussedbeing:

dragtheobjecttothetrashcanandrele
easeit;
seleecttheobjecctandclickth
herightmou
usebutton.SSelectdelete;
seleecttheobjecctandpressDELkey.

Torename afileordirectory,simp
plyselecttheeobject,clicckonthenaameandretyypeit.UsuallyWindowss
accepts eveery name, but
b novice users
u
should
d stick with letters and numbers and
a
spaces, since otherr
charactersm
maybeforbiidden.
Tocreatea newdirecto
ory,simplyriightclicktheemouseand
dchoose
NewandFolder.Aftterthecreattion,renameeit.

SSometimesfilesoccupyaalotofspaceeandneedtobereduced
dtosavedisskspaceorto
obesentbyy
eemail;other timesfilesm
mustbeputiinapackageetoremaintogetherorttobesentassasinglefile
e
vvia email. Th
hese two op
perations aree accomplish
hed compressing a set of files and directories,,
whichmean
nsusingasp
pecialprogram(WinZipo
orIZArcorth
heoperativesystemitself)toreduce(from0%to
o
90%dependingonthe filetype)thefilesizean
ndproduceaanewsingle
efilecalledzziparchiveco
ontainingalll
theselected
dfilesanddiirectories.
Edition7.0(08/10/2012
2)

Page9of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

Tocompresssasetoffileesanddirecttories:
1. seleectthefilesaanddirectoriiesalltogeth
her,
2. clicktherightm
mousekey,
3. seleect IzArc or
o the installed compre
ession prograam and seleect somethin
ng like Add
d to Archive
e
Filee,
4. adiialogboxapp
pearsaskingyoutochoo
osetheziparrchivenameanditsdesttination;
5. inthisdialogbo
oxyoumustalsochoosethecompreessionmetho
od,whichissstronglysugggestedtobe
e
ZIPtobecompaatiblewithotherprogram
ms;
6. inthisdialogan
nencryptionmethod(seesection4.1
1onpage18
8)maybech
hosen.Ifyourziparchive
e
sho
ouldbeopen
nedbyanybo
ody,thench
hooseNonee:Otherwisse,ifyouwaanttheziparchivetobe
e
unccompressed onlybypeop
pleknowing aproperpaassword,cho
ooseanyofttheencryptio
onmethods,,
suchasAES12
28bit,andp
providethep
password.
Otherfileso
ordirectorieesmaybead
ddedlaterto
otheziparch
hivesimplyd
draggingthemonthezip
parchivefile
e
(thisisacop
pyandnotamoveoperaation)ifitisnotencrypteed.
Toextractffilesfromazziparchivefiile,simplyclicktherighttmousekey onthefileaandfromtheedropdown
n
menu choo
ose the apprropriate extrract option: the contentt will appeaar in the location you have chosen,,
togetherwiithallitsdireectoriesstru
ucture.
Whendoub
bleclickingo
onacompresssedfile,ifth
hecompresssionprogram
misproperlyyinstalled,it willopenin
n
awindowaasifitwere adirectory. Butitisnotanormaldiirectory,itisssimplyawindow,prod
ducedbythe
e
compression program, with the listt of the ziparchives content: the user
u
should not open filees from thiss
window sin
nce it is a ve
ery unreliable way to modify files! Files
F
can be copied from
m this windo
ow to a reall
directory siimply draggiing them to
o the directo
ory. When the entire co
ontent of th
he ziparchive has to be
e
extracted o
or when the user wants to preserve
e the originaal tree struccture, it is beetter to use the Extractt
buttonofth
hisspecialwindow.

2.3.3. File types

Windowsid
dentifiesafiletypebyitssextension,w
whichiseverrythingafterrthelastdottinthefilenaame.Usuallyy
itisa3or4
4character acronym.Ussingthefile extension,W
Windowskno
owsthefile typeanddeecideswhich
h
programwiillopenthat file.Ifthefileextension
ndoesnotsh
howup,follo
owtheinstru
uctionsatseection2.3on
n
page7.Theemostimporrtantfiletypeesare:
Filetype

Typicallprogramsthatopenit

Typicalexttensions

Program
m

itsself

.exe.com
m.bat

Compressed

WinZip
p/IZArc

.zip
p

Text

Nottepad

.txt

Documen
nt

W
Word/Acroba
at/Powerpo
oint

.
.docx.doc.rt
tf.pdf.ppt

Sheet

Exxcel

.xlsx.xls.csv

Image

Explorrer/PictureFaxViewer//Paint/
OfficePictu
ureManagerr

.jpg.jpeg.giff.bmp.png

Video

MediaaPlayer

.avi.mov.m
mpg.mpeg

Page10of3
32

Typicaalicons

Edition7.0(0
E
08/10/2012))

BasicComp
putercoursebook

Dr.P
PaoloColettii

Audio

p
MediaPlayer/WinAmp

.mp3..wav

Webpagge

Exp
plorer

.html..htm

2.3.4. File permissions

For each fille Windows 7 operativee system usees a permisssion.
Click the rigght button of
o the mousse on a file or
o directory and
select Pro
oprieties an
nd Securityy. The secu
urity dialog box
showsthellistofusers orgroupsoffuserswho mayaccess this
object,whillenotlistedusersmaynotaccessit.Foreachuseeror
group this dialog boxx displays tthe permisssions, the most
m
importantb
being:

readpermission
n,tocopyan
ndopentheo
object;
readandexecute,sameasread,plusru
untheobjecttifit
isaprogram;
listcontent(forrdirectories),toseetheccontent;
writte permissio
on (for direcctories), to create files and
sub
bdirectories;
modifypermisssion(alsocallled,whenreeferredtoa file,
writte permissio
on), same as
a read and
d execute, plus
deleete,move,reename,saveemodificatio
ons;
fullcontrol,sam
measmodifyy,pluschangepermission
ns.

The owner of the file usually

u
has full
f control on it and m
may change permissions
p
or add new
w authorized
d
groups or u
users. A speecial group iss the Admin
nistrators gro
oup (contain
ning the useers involved in technicall
administrattionofcomputers)which
hhasfullcon
ntroloneveryyobject.

2.3.5. Ne
etwork fold
ders at UNIBZ
OnUNIBZLLANtherearesharedharddisksonw
whichcomm
moninformattionisstored
d,sothatit isaccessible
e
fromeverycomputer.TThesearecallednetworkkfolders.Som
meofthemaare:

\\ubz01fst\courrses\course__coletti whicch contains utility

u
files that will be used during the course..
Theese files musst never be opened dou
ubleclicking from here, otherwise they
t
will be locked (see
e
secttion2.3.4on
npage11);th
heyshouldb
becopiedoneachusersdesktopbefforeopeninggthem;
\\ubz01fst\courrses\exam_ccoletti\,follo
owedbyusersloginnam
meortheusserslastnam
meandfirstt
nam
me,whichwiillcontainexxamfilesand
dwhichisacccessibleonlyybytheuserr;
\\ubz01fst\stud
dents\, follow
wed by year, faculty an
nd users login name, contains
c
a copy of the
e
stud
dentsdiskFF,desktop,an
ndconfiguration.

2.3.6. Ro
oaming use
er profile a
at UNIBZ
Whenever the
t user loggs in on a neew compute
er, usually hee should find
d a complette new profile (Desktop,,
icons,Docu
uments,conffiguration),w
whichisobviouslyveryannoying.Ino
ordertolethimfindalw
wayshisstufff
asithasbeeenleftonthelastcompu
uterused,whenevertheuserlogsofffallhisprofiileiscopiedondirectoryy
\\ubz01fst\\students\, followed
f
by year, facultty and userrs login nam
me (for example, for Diana
D
Pfeiferr
enrolled in 2012 it is \\ubz01fst\sstudents\User2012\Eco\\dpfeifer). Whenever
W
hee logs in aggain on anyy
universityscomputer,tthatcomputeerretrievesallhisprofileesstufffrom
mthisdirecto
ory.
Edition7.0(08/10/2012
2)

Page11of32
2

Dr.PaoloColetti

BasicComputercoursebook

Thismechanism,calledroaminguserprofile,worksfineonlyiftheuserisnotusingtoomuchdiskspace
(whichisusually300MB,butitisagoodideatostaybelow150MB).Iftheuserisoverquota,thesystem
sendsawarningviaemailtotheuserand,iftheuserremainsoverquota,thismechanismdoesnotwork
anymore.Moreover,iftheuserstillremainsoverquota,hewillbeforbiddenfromsavinganyfileonthe
computerheiscurrentlyusing.
ThereforeitisagoodideatoalwaysworkonaUSBpendrive(whichisthencopiedonanotherpersonal
computer)andtoperiodicallycheckthediskspacelookingattheproprietiesofthisdirectory.Ifawarning
email has been received or, even worse, roaming user profile does not work anymore, files need to be
deletednotfromthecurrentcomputer(sincethemechanismisnotworkinganymore)butdirectlygoing
throughthisdirectory.

Page12of32

Edition7.0(08/10/2012)

BasicComputercoursebook

Dr.PaoloColetti

3. Computer networks
Thispartofthebookisdedicatedtocomputernetworksfromausersperspective.Nowadaysacomputer
is very likely to belong to some companys network, or to be connected to the Internet via an Internet
provider, and is therefore exposed to all the typical network problems. Without entering into technical
details,thissectionwillexplorethesituationsinwhichanoviceusercanfindhimselfintroublesandhow
hecantrytosurvivedialoguingwithnetworkadministratorsintheirownstrangetechnicallanguage.

3.1. Technical aspects

Acomputernetworkisasetofdeviceswhichcommunicateandshareresources.Thesedevicesaremostly
computers, and sometimes standalone hard disks, telephones, printers and terminals (processorless
computerswhichmustrelyonothercomputerstowork).

3.1.1. Server and client

A computer network interaction is based on the client server architecture. When considering a single
interaction,onecomputeristheserverandtheotheroneistheclient.Theserveristhecomputerwhichis
offering its resource, usually programmed to wait until someone asks for its resource. The client is the
computerwhichusestheresource,whichsendstherequesttoawaitingserver.
Forexample,whensendingadocumenttotheprinter,theuserscomputeristheclientwhiletheprinteris
the server; when retrieving personal emails, the users computer is the client which connects to the
mailserver asking for available emails. When talking to a friend on an Internet chat, the interaction is
composed of two different interactions: the users computer as a client is connected to the chat rooms
computeractingasaserver,andthefriendscomputerdoesthesameinteraction.
The same computer may be the client for a service and the server for another service. For example, a
librarycomputermayhaveaCDinsideitsreadersharedtothenetwork(serverfortheCD)andmaybeat
thesametimeusedbyausertoprinthisowndocuments(clientfortheprinter).

3.1.2. Areas
Computernetworksarecommonlydividedintothreecategories:

Local Area Network (LAN or Intranet), usually the network of computers in the same building or
belongingtothesameowner.InsidetheLANevery computeriswellidentifiedandusuallyevery
userisknown.Itisconsideredatrustedarea.
WideAreaNetwork(WANorInternet),whichiseverythingwhichconnectsLANs.Computersand
usersidentificationisveryhardandanonymityispossible.Itisconsideredadangerousarea.
Virtual Private Network (VPN) is a way to recognize a computer outside the LAN as a trusted
computer: the user is identified with a password and his computer, even though connected via
Internet,willbeconsideredaspartoftheLAN,foraslongasitremainsconnected.VPNistypically
requiredtoidentifyportablecomputersconnectedviawirelessconnection.

3.1.3. Transfer speed

Thenetworkconnectingcomponentsarethecables,whichdeterminethespeedoftheLAN.Cableshavea
speedmeasureinbps(bitspersecond)whichindicateshowmanybitscanflowthroughthecableinone
second.
Edition7.0(08/10/2012)

Page13of32

Dr.PaoloCo
oletti

BasiccComputercoursebookk

Ethernetcablesshaveaspeedof10Mb
bpsandcan thuscarry1
1.25MBeach
hsecond,meaningthat,,
for example,a 600MBmovviecanbetrransferredin
n8minutesffromoneco
omputertoaanotherone,,
sup
pposing no one
o (neitherr users nor computers)
c
is using that network tract for other purposess
durringthetranssfer.
FasttEthernetcaableshaveaspeedof10
00Mbps.
GigaEthernetcableshaveaaspeedof1G
Gbps.
Aw
wirelessnetw
work,acableelessnetworrkwherecomputersuseeradio signaalstocommunicate,hass
usu
uallyaspeedaround308
80Mbps,dependingontthewirelessgeneration.

To find outt how much

h time doess it take to transfer a file
f with a size
s
expressed in bytes, divide the
e
connectionspeedinbpsby8tofind
doutthebyterateperssecondandtthendividetthefilesizeb
bythespeed
d
to find out the numbeer of seconds it takes fo
or the file trransfer. For example, to
o transfer a 600 MB file
e
through an Fast Ethern
net connectiion, find outt the speed of 12.5 MB
B per second
d (12,500,00
00 bytes perr
second)and
dthendividee600MB(o
or600,000,00
00bytes)byy12.5(orby12,500,000)tofindouttthetimeoff
48seconds..

3.2. Com
mmuniccation
Insideacom
mputernetw
workmanyco
ommunicatio
onprogramssareinstalle
edonIntraneetcomputersstoconnectt
totheInternetoreventointernalcomputers.

3.2.1. We
eb browse
er
Awebbrow
wserisaclientprogramttonavigatettheWWWaandretrieve webpages.
Itrunsdirectlyontheu
userscomputerasaclientandcon
nnectstoextternalweb
servers, ideentified with
h the www. prefix in th
he Internet name,
n
to reetrieve web
pages. The market leader (about 35% of uses according to recent statistics)
s
is
MicrosoftIn
nternetExplo
orer,afreew
wareproprietarysoftwarre.Itsmainccompetitors
are Mozilla Firefox, an open sourceesoftware, Chrome, thee browser frromGoogle
andSafari,tthebrowserforMacOSX,

3.2.2. Ma
ail reader
A mail read
der is a clien
nt program to send and
d retrieve emails. It run
ns directly on the
users computer as a client and connects
c
to a mailservver, a progrram in charrge of
collectinganddispatchiingemails.TThemarketle
eaderisMiccrosoftOutlo
ook,acomm
mercial
proprietarysoftware.Itthasmanyccompetitors,,themostfaamousbeinggtheopensource
MozillaThu
underbird.

Anotherwaaytoreadan
ndsendemaailsisthrougghwebmailssystems,whiicharewebssiteswherettheusercan
n
enter and read his re
eceived emaail and send new ones acting dirrectly on th
he mailservver, withoutt
downloadin
ng them norr using any client. It caan be useful for various reasons: it
i does not require the
e
installation ofamailreaaderprogram
m;oldreceivvedemailsarealwaysavvailableonth
hewebsiteaandcanthuss
be accessed
d fromhome
e, office and
d whiletrave
eling, evenw
withoutape
ersonal lapto
op; themailsserver takess
careofemaailsbackup.B
Butontheotherhanditrequiresacontinuousfaastconnectio
oneventow
writeasingle
e
longemail, whichcanb
becostlyand
d,insomesituations,im
mpossibleandusuallytheeemailspacceislimited..
Themostfaamouswebssite interfacees arethe MicrosoftOu
tlookWebA
M
App,where thewebinterfacelookss
exactly likee Microsoft Outlook, an
nd the Web
bmail interfaace, used and
a
personaalized by mo
ost Internett
providers.
Page14of3
32

Edition7.0(0
E
08/10/2012))

BasicComputercoursebook

Dr.PaoloColetti

3.2.3. Posta Elettronica Certificata PEC

Whensendinganemail,thesenderhasnoproofthatithasbeensent,forexampletobeusedinacourtof
justice,andnoguaranteethattheemailhasbeendispatched.Somemailreadersuseareceiptsystem,but
thereceiverisnotobligedtosendbackthereceipt.
In order to overcome these problems, many solutions have been proposed. The Italian Posta Elettronica
Certificata (PEC) system has become one of the most widespread solutions, thanks to law Decreto
Ministeriale 6 May 2009 which guarantees a free PEC email address to every citizen and thanks to law
82/2005whichdeterminesthatPECreceiptsarelegalproves.
WhenanemailissentfromaPECaddresstoanotherPECaddress,thesenderreceivestworeceipt:thefirst
oneisaproofthattheemailhasbeensentwithdateandtime,whilethesecondoneisaproofthatthe
emailhasbeendispatchedtothemailboxofthereceiver.Thisdoesnotrepresentaproofthattheemail
has been actually read, but from the moment the email is dispatched to the mailbox it is the receivers
responsibilitytoreadit.Underthiscircumstances,itisperfectlyequivalenttoraccomandataconricevuta
diritorno.EmailscanbesendalsofromaPECaddresstoanonPECaddress,andinthiscasethereceiver
getsonlythesentproofbutnotthedispatchedproof,liketheraccomandatasemplice.Whenanemailis
sentfromanonPECaddresstoaPECaddress,noreceiptisproducedandthisisequivalenttoastandard
letter.
Moreover,eventhoughitisnotofficiallyrequired,PECtoPECalsoguaranteesthatcontentbenotaltered
andthatsendersemailaddressistheindicatedone.However,itisimportanttonotethatPECalonedoes
notguaranteethatthesenderisreallythepersonwhoclaimstobeandthatcontentremainsunreaduntil
itreachesdestination.Inordertoovercometheselasttwoproblems,encryptionanddigitalsignature(see
section4.1onpage18)mustbeused.

3.2.4. Voice over IP programs

Voice over IP (VoIP) programs are able to use the computer connection as a substitute for standard
telephone.Equippedwitheithermicrophoneandheadphonesorwitharealtelephonelikedevice,theuser
can send his voice through the Internet to remote computers or even to real remote telephones, thus
savingontelephonebills.
VoIPrequiresasubscriptiontoaVoIPswebsite,themostfamousbeingSkype,whodecidesthetelephone
fares.TypicallycallingotherVoIPsusersisfreeallovertheworld,whilecallingfixedtelephonesdepends
only on the destination country and is independent from the callers country, with a fare which is
comparabletothestandardlocaltelephonecall(about2cent/minuteinJune2012).Ontheotherhand,
callingmobiletelephonesis,forthemoment,stillveryexpensive(about30cent/minuteinJune2012);for
thisreason,specialVoIPtelephones,whichcanbeprogrammedtoautomaticallydecidebetweenVoIPand
thestandardtelephonelineaccordingtothedialednumber,areappearingonthemarket.

3.2.5. Search engines

A search engine is a special program running on a website which offers to the user the possibility of
searchingotherwebsitesforspecificwebpages.Theuserneedstoconnecttothesearchenginewebsite
and digit the keywords, or sometimes even a complete question, and the website returns the list of
relevantwebpages.
Searchenginesuseacrawlertechnique:theycontinuouslygothroughtheknownwebpagesmemorizing
theircontentandtryingtodiscoverotherwebpagesthroughthecontainedlinks.Inthiswaytheyareable
tomemorizemostoftheWWWspages(morethan8billionpages),eventhoughsomenotlinkedwebsites
canremainunknowntosearchengines.
Edition7.0(08/10/2012)

Page15of32

Dr.PaoloCo
oletti

BasiccComputercoursebookk

Themostpo
opularsearcchenginesarreGoogle,th
hecurrentmarketleaderr,Yahoo!
andBing.In
nordertoch
hoosetheorderinwhich
hwebpages aredisplayeedtothe
user, search engines use
u scoring system. Thee most famo
ous one is Googles
G
which reliees on the id
dea that a linked page is very important and
d useful;
thereforeawebpagereeceivesasco
oreproportio
onaltothenumberofwe
ebpages
whichputaalinktoit.A
Accordingto recentreseaarches,thep
percentageo
ofuseof
theseengin
nesareGooggle83%,Yaho
oo6%,andB
Bing4%.

Therearem
manytricksto
ospeedupthewebsearrchandarriveequicklytottherightresult:

mostnovice users searchttheWWW usingonlya single

s
keywo
ord,whicho
oftenproduccestherightt
resu
ultbutinsomecasescanresultinlo
onglistsofw
wrongresultss,forexamplewhenlookkingforJavaa
Island using sim
mply java. Using as maany keyword
ds as possible often avo
oids wrong results,
r
even
n
tho
oughsometim
mesreturnsn
nopagesiftoomanywo
ordsareused
d;
puttting some words
w
betweeen quotation marks fo
orces the se
earch enginee to look fo
or the exactt
phrrase,i.e.exacctlyforthoseewordsinth
hatorderand
dwithnowo
ordsinbetween;
intheadvanced
dsearchmen
nuoftenthereareveryggoodoptionss,suchastheesearchofp
pagesonlyin
n
asp
pecifiedlanguageoronlyyinaspecifieedformat,fo
orexample.d
docor.pdf;

wheenlookingsimplyforsomeimages, itismoreco
onvenientto
ousethespeecificsearchratherthan
n
tryingtofindwebpagescon
ntainingthem
m.

Page16of3
32

Edition7.0(0
E
08/10/2012))

BasicComputercoursebook

Dr.PaoloColetti

3.3. Internet connections

TherearemanydifferentwaystoconnecttotheInternet,dividedbythephysicalmeanofconnection:the
telephonecable,adedicatedcableorelectromagneticsignals.

Broadband

Names

Equipment

Effectivespeed

Notes

PSTN(PlainStandard
TelephoneNetwork)
analogical
dialup

telephoneline
modem

56Kbps

Telephoneisbusy
duringconnection

ISDN(IntegratedService
DigitalNetwork)

ISDNtelephoneline
modem

128Kbps

Telephoneisbusy
duringfullspeed
connection

GPRS(GeneralPacketRadio
Service)

GSMcellularphone

100Kbps

ADSL(AsymmetricDigital
SubscriberLine)

telephoneline
modem

500Kbpsinupload
820Mbpsdownload

Speeddependson
subscriptionfee
andnetworktraffic

Internetcable
UMTS(UniversalMobile
TelecommunicationsSystem)
3G
Wireless
WiFi

someGbps

UMTScellularphone

7Mbps

wirelesscard

3080Mbps

antennainlineofsight
modem

40Mbps

WiMax

Speeddepends
stronglyon
environment
Speeddependson
wirelessgeneration
Speeddepends
stronglyon
distance

Manyfastconnections,especiallyADSL,sufferfromnetworkcongestion:toomanyusersareconnectingat
thesametimeandtheInternetprovidersmaincablesarenotabletosupporttheusersmaximumspeed
multiplied bythenumberofusers,andthereforemustreducethepracticalconnectionspeed.Therefore
the maximum speed is often only theoretical and some providers are offering a minimum band
guaranteed:aminimumspeedunderwhichtheconnectionmayneverfall.
Unfortunately, even in technologically advanced countries, there are still many areas where nor ADSL
neitherUMTSarrives,mostlyduetothegeographicconditions(mountains,islandsorlongdesertdistances)
and to the low inhabitants density. This phenomenon is called digital divide: there are people (e.g.
5,000,000ofItalianinhabitants)thatevenwillinglytopaycannotgetabroadbandconnection,and,onthe
otherhand,InternetservicesandespeciallytheWWWiscontinuouslygoingtowardslargesizecontents,
cuttingthesepeopleoff.Inordertoovercomethissocialproblem,WiMaxisspreading,asortofverylong
rangeWirelesswhicharrivesupto10Kmbutworksonlyifthetransmittingandreceivingantennasarein
lineofsightandwhosetheoreticalspeedof70Mbpsdecreaseswithdistancestoabout40Mbps.

Edition7.0(08/10/2012)

Page17of32

Dr.PaoloCo
oletti

BasiccComputercoursebookk

4. Com
mputerr securrity
Being connected to thee Internet means
m
givingg anybody access to thee computer. Despite thee traditionall
noviceuserrsbeliefthaatheistheo
onewhogoe
esoutside,iitisinstead theInternettworldwhicchiscomingg
inside,withallitsbeneffitsanddanggers.Knowingalittlebitofsecurityisssuesisnowadaysnecessaryevento
o
thenonexp
pertuser,toavoidbeingluredintotrrapsoradop
ptingpotentiaallydangerousbehaviorss.
Moreover,ttherecentIttalianlaw19
96/2003onp
privacyissuescontainsin
ntheAllegato
oBtheminimalsecurityy
techniques whichmustbeadoptedbysystemaadministrato
orsbutalsob
bynormalussers.Everyuserwhohass
accesstopeersonaldataprotectedb
byprivacymu
usttakecareeofthesepro
ocedures,inparticular:

eacch user mustt be authentticated by a personal ussername and

d a passworrd or a biom
metric device
e
(fingerprint,han
ndshape,eyye);
eacch user has its own peermissions, limited only to the data he needs for his wo
ork, and the
e
perrmissionsmu
ustberevokeedwhentheuserdoesnotneedthem
manymore;
useersmustrece
eivespecific trainingtob
beabletoussetheirauth
henticationaandtobeaw
wareoftheirr
resp
ponsibilities,,dutiesandtthepossibledangers;
a firewall (see section 4.6.1 on page 27)
2 and an antivirus
a
(see section 4..3 on page 23)
2 must be
e
present, either installed eiither on eacch computerr (as usuallyy the antivirrus, and som
metimes the
e
firewall,are)orattheLANeentrance(asusuallytheffirewallis);
softtware usedttohandle daatamustbeupdated atleastevery yearandseecuritysoftw
wareatleastt
eveery6monthss;
alld
datamustbe
ebackedup(seesection4.6onpagee27)atleasteveryweek;;
sensitivedatarreceivespecialcare:the
eymustbesstoredandtrransmittedu
usingencryp
ptionand,in
n
caseeofloss,mu
ustberestoreedwithin7d
days.

4.1. Enccryption
n
Encryption isatextmaskingtechnique,derived
dfrommilitaaryuse,whicchtransform
msinformatio
oninsuchaa
waythatit maybecorrrectlyreadonlywithasp
pecialpassw
wordcalledkeey.Itusestw
wokeys,apublickeyforr
encrypting,usuallyknow
wnonlytoo
onecomputeerorperson,andaprivattekeyfordeecrypting,ussuallyknown
n
byalltheccomputersor people wh
hich legitimately mayreaad the information. Thee size ofthesse keys, and
d
thus the difficulty to be guessed, is
i expressed in bits, with 128 bits being
b
the typically mostt secure size
e
used.
ThetwofolllowingscheemasillustratteshowB,C
CandDcan sendsecret messagesusingAspub
blickey

..

Thesentmessagesare encryptedaandlaterdeccryptedbyA
Awithhisprivatekey

.Incaseso
omebody

interceptsaamessage,h
heisunablettodecryptittcorrectlysin
ncehedoesnothaveAsprivatekeyy
isknownon
nlytoA.Even
nwhensomeebody

,which
h

ussesthepubliickeytodeccrypt,itdoessnotwork.

Thesamep
processhappenswheneverabrowserrtriestosen
ndapassworrdorsecretinformationttoawebsite
e
usingasecu
ureconnection(seesecttion4.5onp
page26):theewebsitetellsthebrowsseritspublickeyandthe
e
browseruseesittoencryyptinformationwhichcaanbereadon
nlybythearrivingwebsitte.

Page18of3
32

Edition7.0(0
E
08/10/2012))

BasicComp
putercoursebook

message 1

Dr.P
PaoloColettii

encrrypt

message 2

encry
ypt

message 3

encry
ypt

G#4hg!
G

decrypt

messaage 1

f
f@d*s

decrypt

messaage 2

^(iw,

decrypt

messaage 3

message 1

encrrypt

message 2

encry
ypt

message 3

encry
ypt

G#4hg!
G

decrypt

Trb:-

f
f@d*s

decrypt

Dr4^\|
9

^(iw,

decrypt

%$&/
L

bleexceptbyytheowner.Inthiscase
e
Anotheranalogoususaggeofencryptionistomaakestoreddaataunreadab
d public keys coincides and are kep
pt secret. The encryptio
on and decrryption proccess is done
e
private and
automatically by a proggram (PDF creation
c
proggrams or compression programs
p
can
n do it, see page 10 forr
instructionsshowtodo it)orevenb
bytheoperaativesystem(iftheentirrediskisenccrypted),wh
hichasksthe
e
passwordto
otheuserevverytime.

secrett
data

enccrypt

D(
*+]dH

decrypt

seccret
daata

secrett
data

enccrypt

D(
*+]dH

decrypt

%)(84
jhgd
ds?

Edition7.0(08/10/2012
2)

Page19of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

4.1.1. Dig
gital signa
ature
Adigitalsiggnature,ore
electronicsiggnature,isan
nencryption
ntechniqueffordocumen
ntswhichgu
uarantees,att
the same tiime, thedoccuments authors identity andthat thedocumeents conten
nt has notbeeen altered..
AccordingtoItalianlaw
w82/2005,digitalsignatureisequivalenttohandw
writtensignaature.
The two fo
ollowing scheemas illustraate instead the usage of
o encryptio
on for digital signature. A wants to
o
publishapubliclyavailaabledocumeentwithits signature.IttissufficienttforAtoen
ncryptitwith
hhisprivate
e
d all the users can try to decrypt it with As public key
. If the result of decryption iss
key
and
somethingreadable,itmeansthattthedocumentwasreallyyencryptedwithAsprivvatekeyandthuscomess
from A; on the other hand,
h
if the result is unreadable, it means thatt encryption was not do
one with Ass
privatekey..Inthisway,,digitalsignaatureusedin
ncombinatio
onwithPEC canguarante
eealsosend
dersidentityy
andemailscontent.

docum
ment

documentt

encrrypt

G#4$h
G
&
&?2y

decrypt

docum
ment

docum
ment

2?=zx:-ki

false
documentt

encrrypt

YY&:[
f
fgj?^d

decrypt

2?=zx:-ki

2?=zx
x:-ki

Whileencryyptiontorecceivesecretm
messagesortohideinformationsimplyrequirestheuserorttheprogram
m
to create itts own coup
ple of privatee and publicc keys (programs, for exxample brow
wsers, do this operation
n
automaticallywithouttheusersinttervention),ffordigitalsiggnatureitisn
notsosimple.Sinceeverrybodymustt
be sure thaat the public key is really the autthors publicc key, digitaal signature requires a certification
n
authorityto
odistribute privateand publickeys. Eventhougghtheoreticaallyasimple passwordissenough,to
o
besurethatttheuserdo
oesnotgivetheprivatep
passwordaround,thece
ertificationauthoritygiveeshim,afterr
havingiden
ntifiedhimth
hroughagovvernmentaliidentitycard
d,apasswordtogetherw
withasmart cardwhich,,
when used
d together, correspond to his privvate key. An
n automaticc signature program takes care off
automaticallyencryptin
ngdocumentts.
Page20of3
32

Edition7.0(0
E
08/10/2012))

BasicComp
putercoursebook

Dr.P
PaoloColettii

nstitutionsarrenowusinggthenationalhealthcarecard
SeveralItalianpublicin
asasmart cardand,ussingitascerrtificationof usersidenttity,offeraccessto
hough they do not offeer yet the digital
d
signatture of
many services, even th
ocuments. The
T service to digitally sign documents is offe
ered by
personal do
private cerrtification co
ompanies, with
w
prices currently affordable
a
also
a
by
private users and with alternative devices succh as OTP deevices (see section
s
4.2.1onpagge22).

4.1.2. Ke
eys expirattion
Themajord
drawbackoffencryption keys isthatt ifacomputeris putto
owork tryinggtoencrypttatextwith
h
insequenceeandthenttodecryptittwiththeco
manyprivatekeys
orrectpublicckey
,w
withinsome
e
yearsitwillmanagetofindtherigh
htprivatekeyywhichlead
dstoacorrecctencryption
ndecryption
n.Therefore,,
each couple of privateepublic keys has a tim
me limited duration,
d
usu
ually some years, after which it iss
necessaryto
ochangetheemandencryptagainallthepastdoccuments.
Documents for which it is importtant to deteermine the exact date of the signaature have moreover a
a
temporalm
marksignedd
directlybyth
hecertificatio
onauthority..

4.1.3. Comparison with hand

dwritten siignature

Whocanveerify

Digitalsign
nature
Needskeysfromcertifficationauthority
andpropertools
Everybodyy(withpropeertools)

Verification
nreliability

Sureforso
omeyears

Temporalduration

Someyearrs(canberen
newed)

Masssignattures

Someseco
ondsforalldocuments (w
with
propertoo
ols)

mesecondsp
perdocumen
nt
Som

Datereliabiility

Objectiveiiftemporalm
mark

Baseedonotherssubjectiveellements
(pap
persandinkksage)

Whocansiggn

Han
ndwrittensiggnature
Everrybodyinstantly
Handwritinganaalysts
Subjjectiveindubiouscases,notime
limitt
Untiilotherreliablesignatureesare
avaiilable

4.2. Passswordss
OntheIntraanettheuseerisidentifieedonlybyhisusername,,knowntoeeverybody,andhispassw
word,known
n
onlytohim.Thepasswordiswhat makesanun
nknownperssonanauthe
enticateduseer,withallh
hisprivilegess
and his ideentitys respo
onsibilities. If
I somebodyy else uses the
t right useers passworrd, for the Intranet thiss
otherperso
onisexactly theuser.Law196/2003
3explicitlyfo
orbidsusers fromgiving theirpasswo
ordtootherr
users, even
n when theyy are absentt from work. These are some, often
n underestim
mated, maliggn actions a
a
passwordsthiefcando
o:

steaalpersonalin
nformation:thethiefcan
nreadtheussersemailsaandpersonaalinformation;
steaal privacy prrotected datta: the thieff can gain acccess to data about oth
her people protected
p
byy
privvacy,orread
demailsreceeivedfromotherpeople..Thelegalre
esponsibleofthisprivacyyviolationiss
thethiefaswellastheuserrwhodidnottprotectoth
herpeoplesdata;
steaal money: the
t thief can
n find the users
u
bank account nu
umbers and passwords, sometimess
direectlyfromth
heusersweb
bbrowsersh
history;

Edition7.0(08/10/2012
2)

Page21of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

deleeteandmod
difydata:thethiefcand
deleteuserssimportant data,oreveenworseheecanmodifyy
these data with
hout the useers knowled
dge (bank nu
umbers, friends email addresses,
a
deegree thesiss
con
ntent,addilleegalpicturess);
steaalidentity:forthecomp
puterthethiefisnowth
heuser,and thereforehecanactto theoutside
e
worrld exactly as
a if it weree the user, for
f example answering to emails, subscribing
s
tto websites,,
withdrawingfro
omexams;
starrt illegal acttivities: anyb
body who wants
w
to starrt an illegal Internet acttivity will ob
bviously use
e
som
mebodyelseidentity,sohewillnotgetintotroub
bleswhenth
heactivityisd
discovered.

Thereforeittisabsolute
elynecessaryytokeeppasswordssecret.
However,th
herearesom
mewaystod
discovereasypasswordssby
trial: speciaal automaticc programs are
a able to try one milllion
passwords each seco
ond, and they
t
usuallyy start tryying
combinations of words and numbeers (the com
mplete set off all
Italian,Germ
manandEngglishwords canbetriedinlessthan
n30
seconds). Law 196/200
03 explicitly requires thaat password do
havesomefeatures:

chaangethepassswordoften,,atleasteve
erysixmonth
hs;
avo
oidwordsrelatedtoyourrself,suchassnames,birtthdates,birtthplacesand
daddresses;
useeminimum8
8characters.

Moreover,o
othergoodp
proceduresaare:

useeaspassword
dagoodmixxofnumberrs,strangech
haracters,sm
mallcapsand
dcapitalletteers,avoidingg
anyycommonword(otherpeoplesnamesorwordswhichcanb
befoundinadictionary);
usee different passwords
p
fo
or different purposes. Unfortunateely every weebsite asks the user to
o
registerwitha passwordan
nduserswho
ousealwayssthesamep
passwordareegivingitaw
waytoeveryy
web
bsite they register, even untrustwo
orthy ones. It is a good
d procedure to have at least three
e
passswords:oneeforimportaantuse(bankkaccount),aasecondone
eforeverydaayuseandalastoneforr
unimportantusse(registeringtounknow
wnwebsiteso
ortoserviceesthatwillno
otbeusedanymore).
bew
wareofpassw
wordsstored
dinprogram
ms:mailread
ders,InternettExploreran
ndmanyotherprogramss
storre your passsword masked with assterisks. Theey
seem to be un
nreadable, but
b compute
er experts caan
reveeal them insstantly. Storre passwords in program
ms
onlyyifthatcom
mputerhasasingleuser (i.e.thehom
me
com
mputerorthepersonallaaptop)orifaaccesstothaatcomputerisonausern
namebasis,butneverin
n
pub
blicplacessu
uchasanInteernetcaf.

4.2.1. On
ne Time Pa
assword de
evice
An OTP device is a modern password system which consists
c
of a
a
very sm
mall electronic device which displayys a password changingg
every feew seconds. The system
m is perfectlyy timealigned with the
e
OTPdevviceandeachpassword isaccepted onlyifenteredinthose
e
seconds.Therefore, evenifapaasswordisinterceptedorguessed,itt
expiresafteerafewseco
onds.
Obviouslythissystemw
worksincom
mbinationwitthanothersttandardpassswordthattheusermusstmemorize,,
toavoidthaatthephysiccallossortheeftoftheOTTPdeviceresultsinacom
mpletelysecu
uritybreach.
Page22of3
32

Edition7.0(0
E
08/10/2012))

BasicComputercoursebook

Dr.PaoloColetti

4.3. Viruses
FromtheInternetmanyunauthorizedconnectionattemptsarrive.Someofthesearemistakenlyauthorized
and manage to reach the Intranet or at least to come in contact with programs which are behind the
firewall.Iftheseconnectionscarry malignintentions, usuallytheir aim istoexploreandusethe Intranet
computers,todestroyIntranetdataortostopsomeIntranetservices(whichisadangerousattackifthese
servicesaremanagingstocktradesortelephonecalls).Defenseagainstthesekindsofattacksisincharge
systemadministrators.
While normal external attacks do not involve normal users, the virus is a special attack which arrives
directlyontheuserscomputerandmustbepreventedandstoppedbyhim.Thevirusisalittleprogram
whichhasthisnamebecauseitslifecycleisthesameofabiologicalorganism:surviveandduplicate.
1. Itarrivesonthecomputerthroughemailattachments,downloadedfiles,CDsandfloppydisksor
directlyfromtheIntranet.Itisoftenhiddeninsideothergoodfilesorprograms,whicharecalled
infected.
2. Assoonastheusermistakenlyrunsit(oftentryingtorunthegoodprogramortoopenthegood
file),thevirusordersthecomputertorunitselfeverytimethecomputeristurnedon,thusassuring
itssurvival.
3. Itstartsduplicatingitself,infectingotherfiles,CDsandfloppydisks,andtryingtosenditselfaround
byemailorontheIntranet.
4. Mostvirusesareprogrammedtododamagetothecomputerandtotheuser,alteringordeleting
files,sendingemailswithuserspersonaldata,preventingfirewallsandantivirusesfromrunning,or
turningthecomputeroff.Novirusesareknowntobeabletodamagehardware.
Manynamesareusedforvirusestypesaccordingtotheirdifferentbehaviors.

trojanhorseisaviruswhichlookslikeagoodprogramand,whendownloadedandrunbytheuser,
itperformstheuserswantedtaskbutatthesametimedoesotheractions;

keyloggerisaviruswhichrecordskeyboardsactivityandthensendsthekeystrokestoitscreator,
mostlytogetuserspasswords;

backdoorisaviruswhichopensaportonthecomputertoletexternalusersin;

adwareisaviruswhichdisplaysadvertisement;

spyware is a virus which spies users activity to get passwords or to target the user with specific
advertisement;

dialerisaviruswhichdialsexpensivenumbersusingthePSTNmodem.

These types are not exclusive: for example a Trojan horse which is at the same time a spyware and an
adware.
Aninfectedcomputercanberecognizedbysomesymptoms.Thesearethemostfrequentones:

when the computer is turned on, unwanted programs start, advertisement appears, and the
desktoppresentssomenewbarsorfeatureswhichwerenotpresentnorinstalledbefore;
thecomputerstartsveryslowlyandunknownprogramsgivestrangeoperatingsystemerrors;
commercialorpornographicwebpagesappearonthewebbrowserwithouttheusersconsent;
theanalogicalmodemmakestypicalconnectionnoisesevenwhenthecomputerisnotconnected
or the operating system asks the user to stop the current connection and start a new one to a
strangetelephonenumber;
theTaskManagerwindow(seepage5)presentsunknownprograms.
Edition7.0(08/10/2012)

Page23of32

Dr.PaoloColetti

BasicComputercoursebook

Most of the time, a responsible users behavior it the best weapon against viruses: it protects him from
getting viruses, helps him removing them and prevents him from diffusing them. Responsible behavior
means:

neveropendownloadedfilesandemailattachments,especiallywhentheycomefromafriendwith
a text such as please open it, urgent!, since simulating to be a users friend is a typical virus
tactics.Toopenthesefiles,savethemonthedesktop,checkthemwithanantivirusandthenopen
them;
donotinsertinyourcomputerCDs,DVDsandUSBpendrivescomingfromotherpeopleorwhich
were inserted inothercomputers, unlessyouhave an antivirus running or unlessyou scanthem
immediatelywithanantivirus;
avoid visiting strange websites, especially pornographic or hackers website, or websites which
openalotofpopupwindows;
have an antivirus always running or at least run an updated antivirus on your whole hard disks
everyweek(whileItalianlawcurrentlyprescribesminimumevery6months);keepyourantivirus
alwaysuptodate:morethan50newvirusesappeareveryweek;
keep communication programs and Microsoft products up to date. Microsoft and most software
companiesofferfreeupdatesandautomaticupdatingtools.

To check the computer for viruses and to try to remove viruses from the computer, the user can run a
specialprogramcalledantivirus.Theantivirusbasicallyhasthreepossibledifferentactions:
itcanscanallthestoragedevices(harddisks,thefloppydiskinsidethecomputer,theCDorDVD
insidethereader)forviruses.Ifavirusisfound,ittriestoremoveitandtorepairdamagedfiles.
Somefilescanbeunrecoverable.Completedevicesscanningtakesusuallysomehours;
itcanscanasinglefileoranentiredirectoryforviruses.Ifthereisaninfectedfile,ittriestodelete
thevirusandrepairit.Somefilescanbeunrecoverable.Singlefilescanningtakessomeseconds;
it can be always running. In this case, whenever a virus or a suspect file is run, the antivirus
preventsitfromrunningandwarnstheuser.
A lot of antivirus programs, free and commercial, exist. Their most important feature is obviously the
possibilitytobeconstantlyupdatedthroughtheInternet.

4.4. Emails
4.4.1. Attachments
Forviruses,emailattachmentsareafirstclasswayoftraveling,sincetheyareveryoftenopenedbyusers
withoutanyprecaution.Sometimesviruseshideinsidefileswhichwerereallysentbythesender,unaware
of having an infected computer.Other times avirustakescontrolof the mail readerprogram and sends
itselftothewholeaddressbook,counterfeitingthesenderaddress(oftenusinganaddresstakenfromthe
addressbook)inordertoavoidthattherealinfectedcomputerbeidentifiedandtogainthethrustofthe
receiver,andwritingintheemailtextsmartsentencespretendingtobearegularfriendofthereceiver.The
arrivalofthiskindofemailusuallycreateshavoc,sincethereceiverissurethatthefakesenderhasavirus,
whiletheoriginalinfectedcomputerisanotherone.
Thebasicruleisneveropenanyattachmentfromthemailreaderprogram.Savetheattachedfilesonthe
desktop and run an antivirus program to check these files before opening them. Even when the email
comesfromafriend:hecannotknowthattohavegotavirus,orhecannotbetherealsender.

Page24of32

Edition7.0(08/10/2012)

BasicComp
putercoursebook

Dr.P
PaoloColettii

4.4.2. Spa
am
Spammessagesareunssolicitedunw
wantedbulk emails.Theyyareunsoliccited,meaningthatthe userdidnott
asktoreceiivethem,theeyareunwanted,meaniingthattheuserdidnottwanttorecceivethem,aandtheyare
e
bulk,meaniingthattheyyaresenttomillionsofaaddresses.Th
heyareused
dmainlyforffourdifferentpurposes:

advvertisement emails aree the most innocuous

verssion. The em
mail messagge contains commercial
info
ormation ussually on medicines, po
ornography,
softtware or investmentts. Sometim
mes these
messsagesarep
purposelywrrittenwitho
orthographic
misstakesorwithstrangech
haracters,toavoidbeing
inteerceptedbyaantispampro
ograms;
chaain letters are
a electron
nic versionss of letters
circculating in th
he XX centu
ury. They pro
omise good
luckktoanyoneresendingitandbadlucktoanyone
trasshingit,orth
heycontainaasadstoryo
ofanillchild
dessiring postcaards or an urgent
u
warniing about a
terrriblevirus:th
heircontentisprobably falseortoo
old,, and a search on the WWW will reveal this
imm
mediately.Se
endingitaro
oundwillprobablycause
com
mplainsfrom
motheruserss;
frau
udsareusuaallylongletteersproposinggtheusera
sem
milegalbargainorabig lotteryprizee.Theironly
aim
ms are to ge
et the userss bank coorrdinates for
furttherillicitacctivitiesand tolurehim intopaying
smaall expenses hoping to
t get thee promised
imaaginarymoneey;

Edition7.0(08/10/2012
2)

Page25of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

phisshing emails look as completely

c
p
plausible
emaails from baanks and creedit card com
mpanies,
askingtheusertoentertheeirwebsiteto
oupdate
his passwords or credit card numbeer. They
ofteencarryreallbanklogos,,seemtoad
ddressto
the correct ban
nks websitee and even cite the
real banks anttiphishing campaign!
c
H
However,
thisswebsiteaddressisatraap,andthe userwill
be sent to a faalse websitee, who lookss exactly
likeethebanks one,whose onlyscope istoget
his passwords or
o credit carrd number. Phishing
hassbecomeab
bigproblem forInternetbanking
systtem, and the
t
users best defen
nses are
entering the baanks websitte always typing the
add
dress directlly in the web
w
browser (never
clicking on addresses contaained in emails) and
calling immediaately the bank at the teelephone
wheenever belie
eving of havving been victim
v
of
phisshing.

Thebestbeehaviortoad
doptagainst spammessaagesistoign
norethem.C
Complaining isworthlesss,sincetheirr
senderaddressisalwayysfalse;clickkingontheirlinks,especiallyiftheyssuggesttoclicktheretoberemoved
d
from their lists, usuallyy has the only effect of letting the sspammer know that the
e users addrress is reallyy
readbysom
meone.
The best w
ways to deffend from spammers
s
a to avoid
are
d giving thee users real email add
dress duringg
registration
ninforums,n
newsgroupsandunnecessarywebsittes,andtoavvoidpublishingitontheepersonalorr
thecompan
nyswebsite.Thesearettheplacesw
wherespamm
mersgettheirmillionsoffaddresses. Ifitisreallyy
necessary,aagoodstrateegyistohaveanalternattiveemailad
ddressforregistrations,w
whichwillreeceiveallthe
e
spam.
Thereareantispampro
ograms,whicchputthesu
upposedspammessagessinaseparattejunkemaiilfolder,butt
theyareno
otcompletelyyreliableandsometimestheytrash evengood messages.Theseprogramsrelieson
n
analysis of the emailss content and on blackklists, which
h contains the Internet mailserverss which are
e
supposed to let spamm
mers send th
heir emails; it may happ
pen that a good
g
mailserrver ends up
p into those
e
blacklistsan
ndthatemailssendfrom
mcustomerssoremployeeesofthatInternetsite aremarkedasspambyy
othersites.

4.5. Nav
vigation
n
Navigation isthesecondmostdanggerousIntern
netactivity. Ithasmore orlessthessamedangerrsasemails::
theusersccomputercangetvirusesifhedoes notrunan antivirusbeforeopeningdownloadeedfiles,and
d
theusercanbeluredin
ntophishinggwebsitesif hedoesnotttypeperso
onallythebanksaddresssintheweb
b
browser.M
Moreover,theecomputerccangetvirussesevenwhensimplyvisitingsome websites,an
ndtherefore
e
twogoodssuggestionsaaretoavoid visitingstraange(pornoggraphicwebsites,websitteswithalo
otofpopup
p
windows an
nd illegal websites) or untrustwortthy websitess and to kee
ep Internet Explorer an
nd Windowss
operatingsyystemalwayysuptodate.
Theothersecurityprob
blemwhilenavigatingisd
datainterception.When
nconnectingtoawebsitee,theuserss
data travelss long distances, passin
ng through a
a large number of comp
puters (to connect from
m unibz.it to
o
Page26of3
32
Edition7.0(0
E
08/10/2012))

BasicComp
putercoursebook

Dr.P
PaoloColettii

ua,Milanan
ndBolognap
passingthrou
ughatleast 13computeers).Dataon
n
www.athesia.itthedataagotoPadu
hout any pro
otection, anyy computer administrato
or can read them. Thereefore, when
n
the Interneet travel with
sendingpassswordsandotherprivattedatatoa website,theeusershouldtakespeciialcarethat theaddresss
intheaddreessbarstarttswithhttpss://(instead ofhttp://)aandonsomeebrowsera lockiconap
ppearsinthe
e
lower rightt part of thee windows, while on others
o
the address bar becomes grreen with a lock: these
e
indicationsmeanthatth
heconnectio
onissecure((SSL)sincedataaretraveelingencryptted.BewarethattheSSLL
connection guarantees only that data
d
are nott intercepted
d and that the
t user is connected tto the same
e
websitefromwhichhestartedthecconnection,w
whileitdoessnotguaranteedthisweebsiteistherrightone.

4.6. Attacks fro

om outside
Any compu
uter attached
d to the Intternet, eitheer directly th
hrough a mo
odem or ind
directly insid
de a LAN, iss
subjecttoaattacksfrom
mtheoutsideeWAN.The typicalattacckconsistsinexternalcomputerstrryingtogain
n
access to tthe compute
er using opeerating syste
em known problems
p
orr hoping thaat the user is currentlyy
running pro
ograms whicch open som
me computers parts to outside connections. Frrom the users side, the
e
best defensse is keepingg the compu
uters prograam always uptodate,
u
e
especially
the operating system and
d
communicaationprogram
ms(assuggestedinsection4.5onpaage26).
The most faamousattacck fromoutsside,andthe
eone fromw
which it isvvery difficult to have an appropriate
e
defense, is the DoS Denial of Serrvice attack.. It is an atttack which does not sttrike privatee users, butt
companiesofferingservvicesoverth
heInternet.Itconsistsinsendingmillionsofincomingconnecctionswhich
h
pretendto usetheservvicebutstayysimplyconn
nected,insu
uchawayto
oovercrowd theserveraanddrainalll
its resourcees (bandwidtth, speed, memory)
m
unttil the serverr crashes. Th
he attacker clearly does not use hiss
own computer to carrry on a DoS
attack, otherwise his computeer
would probably crash before the
server, bu
ut uses computer of
o
unaware users around
d the world
d,
called zom
mbies, which
h have been
hackedinthepastdayss.Inthisway
the attackker has thee power of
o
severaldozencomputeersconnected
from manyy different parts of the
world and at the sam
me time it is
i
difficult to trace the responsibility
uptohim.

4.6.1. Firrewall
Often proggrams securrity breachees
oncediscovveredneedssomedaysto
be fixed and somebody can take
benefit of them
t
in thiss short timee,
before the security update is
i
installed on the users computerr.
Therefore o
on every LA
AN, usually in
Edition7.0(08/10/2012
2)

Page27of32
2

Dr.PaoloColetti

BasicComputercoursebook

the point where the LAN connects to the Internet, or more often on every computer a special program
calledfirewallisrunning. The firewallexaminesalltheincomingandoutgoingtraffic,usingthe following
analysistechniques:

whichinternalprogramisoriginating/receivingthetraffic,
from/towhichexternaladdressisthetrafficoriginated/directed,
whatamountoftrafficispassingfrom/tothesameprogramto/fromthesameexternaladdress,
whichkindofdataarepassing.

Making an analysis of these data clearly slows down the connection but lets the firewall stop potential
unauthorizedconnection,puttingtheminawaitstateuntiltheusersgiveshisapprovalordenial.
WindowsSevenoperatingsystemcomeswithafirewallpreinstalled,whichletstheusercustomizewhich
kind of programs are allowed to make or receive connections and determine rules to approve or deny
automaticallyconnections.

4.7. Backup
Backup is the process of copying important data to another location to prevent their loss. Sometimes
programsandevenentireoperatingsystemsarecopied,tobeabletoimmediatelycontinueworkingeven
whenacomputerbreaks.Therearethreeverygoodreasonstodoregularbackups:

againsttheuser,whocanaccidentallydeletesomefilesorwhocanmodifyfilesandthenchange
hismind.Havingarecentbackuphandycanoftensavehoursofwork;
against thesystem, whichcan suddenly breakdue to hardware or software problems. Evenhard
diskstendtobeunreliableaftersomeyearsofcontinuousactivity.Arecentbackupsavestheuser
fromredoingalltheworkofthepreviousmonths;
againstvirusesandotherusers,whichcandeleteandalterfiles:abackupcansaveausercoming
backfromvacations.

Usuallytheoperatingsystemsandtheprogramsbackuparedonebysystemadministrators:law196/2003
explicitlyrequiresaninstantaneousbackupforallsensitivedataandthatdataarerestoredwithin7daysin
caseofloss.However,therearesomefileswhichshouldbetakeninchargebytheuserhimself:

personally created data files, including all documents and images created by the user, and any
otherfilewhichisaresultoftheuserspersonalwork;
theaddressbookandtheemails(mailreadersusuallyofferawaytosavethemintofilestobeused
forbackup),andforstrongnavigatorsalsowebbrowsersconfiguration;
some programs require a lot of configuration and store their configuration in configuration files,
whichareusuallyintheprogramsdirectory;
allthestuffwhichisdifficulttofindagain,suchasdocumentsfromotherpeopleordownloaded
fromforgottenwebsites.

Theplacewherethefilesarecopieddeterminesthereliabilityofthebackup.Itshouldbea large,cheap
andfaststoragedevice.Itshouldalsobehandy,sincethetypicalproblemwithbackupisthattheuserdoes
nottakestimetodoitregularlyand,whenthebackupistooold,itisworthless.Forhomeorsimpleoffice
users,theFridaymorningbackupisagoodtimingsolution.Goodstoragedevicestobeusedare:

asecondharddisk,usedonlyforbackup,whichisveryfastandverylargeandalwaysreadytobe
used;

Page28of32

Edition7.0(08/10/2012)

BasicComp
putercoursebook

Dr.P
PaoloColettii

onlinebackupssystems,wheereusersdaataareuploaadedandareereadyfrom
manywhere intheworld
d
(givven a broadband conneection), with
h Dropbox, Mozy, Sugarsync being the most famous
f
and
d
offeeringsomeG
GBofspacefforfree;
foursetsofrew
writableDVDss,tobeused
dincircle(on
neforeachm
monthsweek,forexamp
ple);
USB
Bpendrive,ttobeusedo
onlyinemerggencywhennootherapp
propriatesto
oragedeviceisavailable;
bigcompaniesu
usuallyhavespecialtapeedevicesforbackups.

4.7.1. RA
AID
Averypopu
ularbackupssolutionisR
RAID(Redund
dantArrayofIndepende
entDisks)tecchnology,wh
hichconsistss
of several iidentical harrd disks. There are different types of RAID implementatio
ons, which vary
v
a lot in
n
functionalittiesandsecu
urity.
JBOD (Just a Bunch Off Disks) is a primitive fo
orm of RAID in
which all th
he disks are
e seen by th
he user simp
ply as disks on
which theyy can write as usual. The
T
advantagge is that the
t
available sp
pace is the sum of the space of all the disks,
howeverth
hereisnoforrmofdatap
protection:iffadiskbreaks,
anythingon
nthatdiskislost.

disk 1
file

userd
decides
disk 2

RAID0usestwoidenticaaldiskswhichareseenb
bytheuserasa
singledisk. Everytimeh
hewritesaffile,thefirstpartoftheffile
is written on
o the first disk while tthe second on
o the seco
ond
this. This sttrategy has the big advantage that writing speeed
doubles,wiithatotalavvailablespaccewhichistthesumoftthe
size of the two disks. But
B if a disk breaks, all the
t content of
bothdisksislost,sincettheuserwilllosehalfofallthefiles.

fille
parrt1
file
f
paart2

disk 1

disk 2

RAID1 is the most com

mmon implem
mentation of RAID. It usses
two identiccal disks but the user seees only the first one. The
T
second diskk is simply an identical and
a instantaaneous copy of
the first on
ne. The disadvantage is that the sp
peed does not
n
improve an
nd theavailaable space iss the size of one diskon
nly,
butincase adiskbreakks,nofileis lostsinceth
heotheroneeis
its identicaal copy. Thiss is a very good backu
up solution to
protectdataagainstph
hysicalfailuree,especially suitedfor2
24h
services.Ho
owever,itisnotabacku
upsolutionaagainstvirusses
on
or users in
ncidental can
ncellations, since any modification
m
thefirstdiskisimmediaatelyperform
medonthesecondone.

Edition7.0(08/10/2012
2)

disk 1

filee
disk 2

Page29of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

RAID10 is an
a overlay of RAID1 and
d RAID0. It uses
u
four disks,
writing filess on the firsst and on the third as iff they were on
RAID0 and then dupliccating their content
c
on disks two and
four.Thisteechniquehasthespeed ofRAID0,th
hereliability of
RAID1, but gives the user a space equivalent to the sum of
twodiskssizes,whilefo
ourdisksareeffectivelyu
used.

file
f
paart1

disk 1

disk 3

file
paart2

disk 2

disk 4

All the RAIID techniquees are good

d at either improving the
t
speed or
o improvingg the reliab
bility againstt
hardwarefaailure,butarenotgoodagainstotherthreatsandthereforeetheymust alwaysbeccoupledwith
h
another forrm of backu
up, such as tape
t
backup
p for large companies
c
o weekly/daaily copy on DVD or on
or
n
anotherharrddiskforho
omeusers.

Page30of3
32

Edition7.0(0
E
08/10/2012))

BasicComputercoursebook

Dr.PaoloColetti

Index
.avi,10
.bat,10
.bmp,10
.com,10
.csv,10
.doc,10,16
.exe,10
.gif,10
.htm,11
.html,11
.jpeg,10
.jpg,10
.mov,10
.mp3,11
.mpeg,10
.mpg,10
.pdf,10,16
.ppt,10
.rtf,10
.txt,10
.wav,11
.xls,10
.zip,10
\ubz01fst,11
128bits,18
3G,17
absolutepath,8
Acrobat,10
address,8,24,26
addressbook,28
Administrators,11
ADSL,17
ADSLmodem,17
advancedsearch,16
advertisement,25
adware,23
ALT,6
AltaVista,16
ALTGR,6
analogical,17,23
AND,16
antispam,25,26
antivirus,18,23,24,26
ARROWS,7
asterisks,22
AsymmetricDigital
SubscriberLine,17
attachment,24
audio,11
authenticateduser,21
authentication,18
backdoor,23
BACKSPACE,7
backup,3,18,28
bank,25,26
BILD,6
biometric,18
bit,2
bitspersecond,13
blacklist,26

Edition7.0(08/10/2012)

doubleclick,8
download,17
downloadedfile,26
DVD,3,24,29
DVDreader,3
DVDwriter,3
edition,4
EINFG,6
electronicsignature,20
email,9,13,22,23,24,
25,26,28
emailattachment,23,24
encrypted,27
encryption,9,18,20,21
END,6
ENDE,6
ENTER,7
Enterprise,5
ENTF,6
esternalharddisk,2
Ethernet,14
Excel,10
execute,11
Explorer,10,11
extension,10
extract,9
F1,6
F12,6
FastEthernet,14
file,7,24,28
filesystem,7
filetype,8,10
FINE,6
firewall,18,23,28
floppydisk,7,23,24
folder,7
FolderOptions,7
forum,26
fraud,25
freeware,3,14
fullcontrol,11
Gbps,14
GeneralPacketRadio
Service,17
GigaEthernet,14
Gigabyte,2
GNUPublicLicense,4
Google,16
GPRS,17
groupofusers,11
GSMcellularphone,17
harddisk,2,7,11,24,28
hardware,23,28
Hideextensions,7
hierarchical,7
HOME,6
HomePremium,5
http,27
https,27
icon,7

bps,13
broadband,17
browser,18
bulk,25
byte,2
cables,13
CANC,6
CAPSLOCK,7
CD,3,23,24
CDreader,3,7
CDwriter,3
certificationauthority,
20,21
chainletter,25
chat,13
Chrome,14
client,13
closedproprietary
format,4
commercial,3
communicationprogram,
14,15,24
compress,9
compressedfile,10
computernetwork,13
configurationfile,28
congestion,17
connection,23
Controlpanel,6
copy,8,9
copyleft,4
counterfeit,24
crawler,15
createanewdirectory,9
createshortcut,9
CTRL,6,9
CTRL+ALT+DEL,5
CTRL+C,9
CTRL+SHIFT+ESC,5
CTRL+V,9
CTRL+X,9
curvedarrow,8
cut,9
dangerousarea,13
data,3,28
datainterception,26
DEL,6,9
delete,9
DenialofService,27
desktop,23,24
Details,8
dialer,23
dialup,17
digitaldivide,17
digitalsignature,20
directory,7,24,28
distribution,4
document,10,28
documents,28
DoS,27

identity,21,22
image,10,17,28
INS,6
IntegratedServiceDigital
Network,17
interaction,13
interception,26
internalharddisk,2
Internet,13,14,17,18,
26
Internetconnection,17
Internetprovider,14
Intranet,13,14,21,23
INVIO,7
ISDN,17
ISDNmodem,17
ISDNtelephone,17
IZArc,9,10
JBOD,29
junk,26
Kbps,17
key,18
keylogger,23
keyboard,6
keyword,15,16
Kilobyte,2
LAN,11,13
language,6
law196/2003,18,21,22,
28
law82/2005,15,20
link,8,9,15,26
Linux,3
listcontent,11
localareanetwork,13
lockicon,27
locking,5
locks,11
Lycos,16
MacOSX,3,14
Macintosh,3
mailreader,14,24,28
mailserver,14
maximumspeed,17
Mbps,14,17
MediaPlayer,10,11
Megabyte,2
memorycard,3
memorystick,3
MicrosoftInternet
Explorer,14,22,26
MicrosoftOutlook,14
MicrosoftOutlookWeb
App,14
MicrosoftWindows,3,5,
26
MicrosoftWindows7,3,
5
MicrosoftWindows
Seven,28

Page31of32

Dr.PaoloColetti
MicrosoftWindows
Vista,3,5
MicrosoftWindowsXP,
3,5
minimumband,17
minimumspeed,17
modem,17,23
modify,11
Mooreslaw,2
motherboard,3
move,9
MozillaFirefox,14
MozillaThunderbird,14
mp3players,3
multilanguage,6
navigation,26
networkfolder,11
networktraffic,17
newdirectory,9
newsgroup,26
Notepad,10
OfficePictureManager,
10
OneTimePassword,22
open,8,24,26
openformat,4
openproprietaryformat,
4
opensource,4
operatingsystem,3,23,
26,27,28
OR,16
OTP,21,22
overquota,12
owner,11
PAG,6
Paint,10
password,18,20,21,22,
26,27
paste,9
PEC,15,20
permission,18
permissions,11

personaldata,18
PG,6
phishing,26
photocameras,3
PictureFaxViewer,10
PlainStandard
TelephoneNetwork,
17
plussymbol,9
POS1,6
PostaElettronica
Certificata,15
PowerArchiver,10
Powerpoint,10
printer,13
privacy,18
private,4
privatekey,18,20,21
processor,3
Professional,5
program,3,10,22,23,
28
proprietary,4,14
proprietaryformat,4
Proprieties,11
provacy,18,21
PSTN,17
publickey,18,20,21
quotationmark,16
RAID,29
RAID0,29
RAID1,29
RAID10,30
RAID5,30
read,11
readandexecute,11
RegionalandLanguage
Options,6
registration,26
rename,9
resources,13
roaminguserprofile,12
root,7

BasicComputercoursebook
run,8,24
Safari,14
save,24
scoring,16
searchengine,15,16
secure,18,27
security,18
Security,11
sender,24
senderaddress,24,26
sensitivedata,18,28
server,13
servicepack,5
shareware,3
sheet,10
SHIFT,7,9
shortcut,8
Skype,15
smartcard,20,21
software,3,28
solidstatedisk,2
spam,25,26
spammessage,25
speed,13
spyware,23
SSD,2
SSL,27
storagedevice,24,28
STRG,6
subdirectories,7
TAB,7
tapedevice,29
TaskManager,23
telephone,17
temporalmark,21
terminal,13
text,10
trashcan,9
tree,7
trojanhorse,23
trustedarea,13
Ultimate,5
UMTS,17

UMTScellularphone,17
UniversalMobile
Telecommunications
System,17
Unix,3
unsolicited,25
unwanted,25
upload,17
USBpendrive,3,29
username,18,21,22
users,11
versionnumber,4
video,10
VirtualPrivateNetwork,
13
virus,23,24,26,28
VoiceoverIP,15
VoIP,15
VPN,13
WAN,13
webbrowser,14,23,26,
28
webpage,11,14,15,16,
23
webmail,14
webserver,14
website,15,18,24,26,
27,28
WideAreaNetwork,13
WiFi,17
WiMax,17
WinAmp,11
WinZip,9,10
wireless,13,14,17
wirelesscard,17
Word,10
write,11
WWW,14,15,17,25
Yahoo!,16
ziparchive,9
zombie,27

Page32of32

Edition7.0(08/10/2012)