Viruses and Worms
Unsubscribe Compliance
(visible opt-out)
ILOVEYOU-
2000, caused over $15 billion in damages. Spread through emails that had the attachment "ILOVEYOU"
MyDOOM- :•
2004, most costly virus ever created. Causes over $38 billion in damages. Slowed the internet globally by 12%.
Sasser Worm-
2008, $18 billion in damages.
Know the difference between the two Adware and spyware:
Adware is useful for advertisers, spyware uses the users internet connection in the background without permission or knowledge
CAN-SPAM Act
Controlling the Assault of Non-Solicited Porn and Marketing Act• Signed into law in 2003 by George W. Bush. • Referred to as "You-Can Spam" Act
SO BIG
IN 2003, the SoBIG virus caused over $37.1 billion. Almost as damaging as MyDOOM.
Cookies:
Info about you can be captured legitimately and automatically each time you visit a website• As soon as you exit the browser it makes you type your password again • They can be intercepted or retrieved from your hard disk by hackers • Then the website owners ma sell the information from cookies to third parties
Which one is better?:
It depends on the situation. If you are the business, then you want Opt-out. If you are a user, you want Opt-in.
How to protect yourself from cybercrime:
Use hard to guess passwords that mix capital letters with numbers and lower-case letters and update it regularly.
Email worm- :•
Virus and worms copy annoying or destructive routines in to networked computers• Often spread via email of file attachments, or shareware• A virus copies itself into the files of the operating system. Then it spreads to the primary memory and copies itself throughout the hard disk, flash drives, disks, etc. Then it spreads through e-mail or infected devices.
Know difference between virus and worm-
What Is a Virus? A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going. Because a virus is spread by human action people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email. What Is a Worm? A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided. The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line. Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely.
•
When a user was infected with the virus it created network opening which allowed other so have access to your computer
Opt-in:
You (the customer) explicitly consents to allow data to be compiled about you. Law in Europe. Benefits the user.
Sending Behavior compliance-
cant have a false header, cant send on open relay (sending through a third-party)
Opt-out:
data can be compiled about you (the customer) unless you specifically request it not to be. Law in the United States. Benefits the business.
Symmetric Key- :
easiest. Email terms, encrypt the message, send it to user and then send the key a few seconds later. In post office example, put mail in box send it, and then send key. The sniffer program can intercept the packets of both and the email and key, which allows them to see message.
Content Compliance-
label if adult content, legitimate and visible address, relevant subject
Three Pass Protocol Asymmetric Key-:
sender puts message in box and lock it with own lock, the receiver can't open it bc they don't have key. Put their own lock on it, send it back and then the original sender opens their lock and sends it back one more time with one lock on it. And then the receiver opens there lock with the content inside.
Asymmetric Key-:
sends message saying that I want to send you a secret message. Send box with open lock, I put my message in, lock it and send it back. Advantage: There is no key going back and forth so they can't see the content.
Adware- :
software that purports to serve a useful purpose but also allows internet advertisers to display advertisements (pop-up and banner ads)
Violation of Privacy:
•Accessing individuals' private e-mail conversations and computer records, Legal but unethical. • Collecting and sharing information about individuals gained from their visits to Internet websites. Legal, but unethical.
Computer monitoring:
•Always knowing where a person is, especially as mobile and paging services become more closely associated with people rather than places. • Computers used to monitor the productivity and behavior of employees as they work.
Protecting your Privacy on the Internet:
•Email can be encrypted • ISP can be asked not to sell your name and personal information to mailing list providers and other marketers • Decline to reveal personal data and interest on online service and website user profiles
Computer matching:
•Using customer information gained from many sources to market additional business services
Unauthorized personal files:
•collecting phone numbers, email addresses, credit card numbers, and other personal information to build individual customer profiles.
Spyware- :
•special type of adware. Adware that employs the user's internet connection in the background without your permission or knowledge • It usually sends info to a third party for identity theft