1 / 30

Computer Safety and Security

Computer Safety and Security. 4 February 2014 Slides at: http://www.colket.org/genealogy/USF/. Email from Larry Page. Received 7 June 2013

winter
Download Presentation

Computer Safety and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Safety and Security 4 February 2014 Slides at: http://www.colket.org/genealogy/USF/

  2. Email from Larry Page Received 7 June 2013 Dear Google users—You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers. As Google’s CEO and Chief Legal Officer, we wanted you to have the facts.First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.Second, we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users’ data are false, period. Until this week’s reports, we had never heard of the broad type of order that Verizon received—an order that appears to have required them to hand over millions of users’ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users’ Internet activity on such a scale is completely false. Finally, this episode confirms what we have long believed—there needs to be a more transparent approach. Google has worked hard, within the confines of the current laws, to be open about the data requests we receive. We post this information on our Transparency Report whenever possible. We were the first company to do this. And, of course, we understand that the U.S. and other governments need to take action to protect their citizens’ safety—including sometimes by using surveillance. But the level of secrecy around the current legal procedures undermines the freedoms we all cherish.Posted by Larry Page, CEO and David Drummond, Chief Legal Officer

  3. Syllabus Tips for Searching the Internet Instructor: Currie Colket Phone: Google Search for: colket 941 Classes 1:00 PM to 2:20 PM Lifelong Learning Academy: University of South Florida 7 January– Overview of Internet, Static & Dynamic Searches 14 January – Search Shortcuts; Advanced Static Searches 21 January – Google Magic; Google Books; Google Scholar; 28 January – Searching Images (Photos); Videos; Maps; Google Earth 4 February – Virtual Travel; Downloading; Safety & Security; 11 February – No Class 18 February – Dynamic Databases; Archive Grid; 25 February – Searching Translations; Researching in other languages Slides at: http://www.colket.org/genealogy/USF/

  4. Computer Safety and SecurityOverview Not Covered Most Common Electronic Infections Why Worry??? Internet Safety & Security What Happens When Something Bad Happens Internet Safety/Security Quiz Questions

  5. Security = Inconvenience

  6. Not Covered Ergonomic Safety and Physical Safety

  7. Most Common Electronic Infections - 1 • Malware- short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. • Malware includes computer viruses, worms, Trojan Horses, spyware, most rootkits, dishonest adware, crimeware and other malicious and unwanted software. • Viruses - Small piece of software that piggybacks on real programs. For example, a virus might attach itself to a program such as a Word or Excel program. Each time the program runs, the virus runs, too, and it has the chance to reproduce (by attaching to other programs) or wreak havoc. • E-mail viruses - An e-mail virus moves around in e-mail messages, and usually replicates itself by automatically mailing itself to dozens of people in the victim's e-mail address book.

  8. Most Common Electronic Infections - 2 • Worms - Small piece of software that uses computer networks and security holes to replicate itself. A copy of the worm scans the network for another machine that has a specific security hole. It copies itself to the new machine using the security hole, and then starts replicating from there, as well. • Trojan horses - A Trojan horse is simply a computer program. The program claims to do one thing (e.g., a game) but instead does damage when you run it (it may erase your hard disk). • Rootkits- one or more programs designed to obscure the fact that a system has been compromised. An attacker may use a rootkit to replace vital system executables, which may then be used to hide processes and files the attacker has installed, along with the presence of the rootkit. Often, they are Trojans, thus fooling users into believing they are safe to run on their systems. Techniques used to accomplish this can include concealing running processes from monitoring programs, or hiding files or system data from the operating systems. • Rootkits may also install a back door by replacing the login mechanism with an executable accepting a secret login, allowing an attacker to access the system.

  9. Most Common Electronic Infections - 3 • Spyware- type of malware that is installed on computers and collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is secretly installed on the user's personal computer. • Keyloggers - a form of Spyware capable of tracking Internet sites visited, passwords to financial accounts, etc. These are frequently installed by employers to keep track of corporate assets; Keyloggerscan be easily installed on public computers without owner knowledge to access passwords to financial accounts. • Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs. • Crimeware - a class of malware designed specifically to automate cybercrime.

  10. Why Worry??? - Beware • Scammers trying to get personal info to steal you identity • Either by asking you for it • - Congratulations, you won the lottery • Or scanning your computer for it • - Searching your computer for SSN, DOB, IRS files, etc. • Or both (Date of birth over computer; SSN by phone) • Scammers try to take over your computer to send emails • Recent “IRS” email told people to download government form to resolve a question about unreported income. • Downloading the form actually gave control of the computer to the attacker, who immediately sent the request to everyone on the victim’s email list. • Infected computers (called BOTNETS) provide power for cybercrime • Evil doers, just trying to destroy stuff Scammers use deceptive tactics to get you to run their software Distrust messages that use scare tactics

  11. Internet Safety/Security - 1 • 5 Ways the average user fails to protect computer • Surfing without adequate protection • Install anti-virus software and anti-spy software • Avast (avast.com) is a high quality anti-virus program • AVG (grisoft.com) for both virus and spyware protection • Windows Live OneCare; Norton AV and SpySweeper • Opening unsolicited communications • Never open anything from someone you don’t know • Beware of strange looking emails from friends • Close out uninvited pop-ups by clicking on “X” in corner • If you see something downloading you did not request, immediately close down your browser/email software • Neglecting Routine Maintenance • Normal use involves the accumulation of junk • Such programs cause slow starts and inefficient use • Perform a periodic cleanup, especially in startup menu

  12. Internet Safety/Security - 2 • 5 Ways the average user fails to protect computer (continued) • Ignoring Updates • Don’t ignore legitimate update requests that pop up • Keep anti-virus and spyware software current • Promptly install all updates from Microsoft, Apple, Adobe, Java, etc. • Failing to Secure your Wireless Connection • Without security, your wireless connection is available to anyone within range of your wireless router. • The Wireless Range can be greater than you think • By adding a password to access your wireless router, you will thwart nearly all intruders. Adapted From: “Avoid these Computer Pitfalls” by Patty Harshbarger

  13. Proactive Protections • Perform Weekly Backups • Backup Your Files on external hard drive/memory stick • Useful to use backup program in case of system crash • Useful to copy key files to external memory stick in case of accidental erasure • Do Not Store Identity Information on Computer • Store tax records and financial data on external memory stick • Purge your system of SSN, Birth Date, Account #s, etc. • Safeguard Passwords • Maintain a separate password for each system/account • Do not maintain passwords on main computer • Perhaps store on memory stick which is kept in safe • Do not Access Financial Data on Public Computers • Likely will have a keylogger

  14. What Happens When Something Bad Happens • Symptoms of Something Bad Happening: • Friends complain of emails You Did Not Send. • Computer Locks Up Frequently and Crashes • Computer Seems unusually Slow • Can not Reboot Computer • Suggestions to Recover: • Reboot Computer, install latest Antivirus Updates, Scan • Clean up desktop and tasks on taskbar • Eliminate unneeded programs and data • Run Disk Cleanup (All Programs => Accessories => System Tools) • Run Disk Defragmentor (ditto) • Take computer to computer repair shop (if relatively new) • Buy a new computer (if relatively old)

  15. Internet Safety/Security Quiz - 1 So, Would you download this file???

  16. Internet Safety/Security Quiz - 2 So, Would you download this file???

  17. Internet Safety/Security Quiz - 3 So, Would you download this file???

  18. Internet Safety/Security Quiz - 4 So, Would you download this file???

  19. Internet Safety/Security Quiz - 5 So, Would you download this file??? Never open any .zip file Can’t be scanned by virus software

  20. Internet Safety/Security - 6 So, Would you Verify Your Information???

  21. Internet Safety/Security - 7 So, Would you Give them your Password???

  22. Internet Safety/Security – 8a So, Would you Click on this Link

  23. Internet Safety/Security – 8b Actually a person By this name did Win the Lottery Can verify through many links Is the person sending The email the person Who won???? Not Likely

  24. Internet Safety/Security – 8c Look at email Full Header Note addresed To X-apparently As a Bulk email Very dangerous To get involved with These folks

  25. Computer Safety and SecurityQuestions

  26. Future - Memex • DARPA Launches Project to Revolutionize Web SearchNextGov.com (02/10/14) Bob BrewinThe U.S. Defense Advanced Research Projects Agency (DARPA) has launched its Memex project to improve Web searches by using topical domains rather than general subjects. DARPA says Memex will search "deep Web" content that commercial search engines overlook, and "will address the inherent shortcomings of centralized search by developing technology for domain-specific indexing of Web content and domain-specific search capabilities." DARPA aims to create technology to enable the discovery, organization, and presentation of domain-relevant content. In addition, the project aims to create advanced, automated Web-crawler software to access even sites with crawler defenses to improve domain-specific indexing and a domain-specific search engine. DARPA wants to use the technology to combat human trafficking that is facilitated by websites, forums, and chat rooms. Proposals for Memex are due April 8, and the project is expected to run for three years. • View Full Article

  27. EU Pushes to Globalize Internet Governance EU Pushes to Globalize Internet GovernanceThe Wall Street Journal (02/11/14) Frances Robinson; Sam SchechnerThe European Commission on Wednesday is expected to suggest the implementation of "concrete and actionable steps" to globalize essential Web functions, such as the allocation of top-level domain names that are contractually linked to the U.S. government. The commission also will propose a timeline for internationalizing the Internet Corporation for Assigned Names and Numbers in an effort to curb U.S. control of the Internet, according to a draft of the policy paper. "Large-scale surveillance and intelligence activities have...led to a loss of confidence in the Internet and its present governance arrangements," the paper says. The proposals are part of a years-long European effort to internationalize Internet governance as well as an effort to position Europe as an intermediary between the United States and other nations in the coming negotiations over Internet technical standards. The U.S. Commerce Department has said it is ready to discuss the future of Internet governance. "The U.S. government appreciates the thoughtful leadership of the Internet technical community on this important issue," said Assistant Secretary of Commerce Lawrence E. Strickling last month. "We want to work collectively to make multi-stakeholder governance more inclusive while maintaining the stability of the open and innovative Internet."View Full Article

  28. Future Decentralize the Web Tim Berners-Lee: We Need to Re-Decentralize the WebWired.co.uk (02/06/14) Liat ClarkIn an interview, Sir Tim Berners-Lee called on the public to refocus on a decentralized, open Internet. "I want a Web that's open, works internationally, works as well as possible, and is not nation-based," Berners-Lee says. "What I don't want is a Web where the Brazilian government has every social network's data stored on servers on Brazilian soil." The U.S. National Security Agency and the UK's Government Communications Headquarters surveillance controversies have led to distrust among governments and individuals that is threatening the open Web, Berners-Lee warns. He says the hacker community has the responsibility of "pushing back on conventional government sometimes" to voice alternative viewpoints. Berners-Lee promotes an open Internet through his work at the Open Data Institute, the World Wide Web Consortium, and the World Wide Web Foundation. In addition, as a Massachusetts Institute of Technology professor, Berners-Lee helps his students build "new architectures for the Web where it's decentralized."View Full Article | Return to Headlines | Share      

  29. NSA Is Collecting Less Than 30 Percent of U.S. Call Data NSA Is Collecting Less Than 30 Percent of U.S. Call Data, Officials SayThe Washington Post (02/07/14) Ellen NakashimaFormer and current U.S. officials say the U.S. National Security Agency (NSA) gathers less than 30 percent of all domestic phone data due to an upsurge in the use of mobile phones. The percentage of data being collected is down from 2006, when a senior U.S. official said NSA was collecting "closer to 100" percent of Americans' phone records from several U.S. companies. However, the U.S. government reportedly wants to collect more data and is preparing to seek court orders to require wireless companies that currently do not hand over records to the government to do so. In addition, although the current percentage is down from earlier levels, it reportedly still accounts for billions of records that go back as far as five years. "For innocent Americans, 20 or 30 percent is still a significant number and will chill legitimate lawful activities,’’ says the American Civil Liberties Union's Christopher Soghoian. Meanwhile, U.S. government officials defend the program, noting that even collecting a quarter of the available data is valuable. "It's better than zero,” says NSA's Rick Ledgett. "If it's zero, there's no chance."View Full Article

More Related