Chapter 9 Privacy, Security, and Ethics
first-party cookie
A cookie that is generated (and then read) only by the website you are currently visiting. Many web- sites use first-party cookies to store information about the current session, your general preferences, and your activity on the site. The intention of these cookies is to provide a personalized experience on a particular site.
Computer Fraud and Abuse Act
A measure to protect computer security by making it a crime for unauthorized persons even to view—let alone copy or damage data— using any computer across state lines. It also prohibits unauthorized use of any government computer or a computer used by any federally insured financial institution.
information resellers or information brokers
A vast industry of data gatherers that collects, analyzes, and sells personal data
What are three primary privacy issues?
Accuracy: to the responsibility of those who collect data to ensure that the data is correct. / Property: relates to who owns data. / Access: relates to the responsibility of those who have data to control who is able to use that data.
Rogue Wi-Fi Hotspots
Imitates free networks. Once connected, the rogue networks capture any and all information sent by the users to legitimate sites, including user names and passwords.
Wireless network encryption
Restricts access to authorized users on wireless net- works. WPA2 (Wi-Fi Protected Access) is the most widely used wireless network encryption for home wireless networks.
antispyware or spy removal programs
Software designed to detect and remove various types of privacy threats.
illusion of anonymity
The idea that with selective disclosure of one's name or other personal information, then little can be done to invade their personal privacy.
Infected USB flash drives
USB drives can hide viruses and other malicious soft- ware. Crackers will abandon these drives in the hope that others will find them, plug them into their computer, and become infected.
What are the three most common types of malware?
Viruses, worms, and Trojan horses
Cracker
a hacker with criminal intent (creates malicious software)
Copyright
a legal concept that gives content creators the right to control use and distribution of their work. Materials that can be copyrighted include paintings, books, music, films, and even video games.
picture password
accepts a series of ges- tures over a picture of the user's choice to gain access.
Firewalls
act as a security buffer between a corporation's private network and all external networks, including the Internet. Security is maintained by denying access to unauthorized communications.
employee-monitoring software
allows company administrators to monitor and supervise all their employee computers from a central location. It is normally deployed over a business network and allows for easy centralized log viewing via one central networked PC.
Temporary Internet files
also known as the browser cache, contain web page content and instructions for displaying this content.
Denial of service A denial of service (DoS) attack
attempts to slow down or stop a computer system or network by flooding a computer or network with requests for information and data. These requests can come from a single computer issuing repeated requests. Widely used today is a variation known as distributed denial of service (DDoS), which coordinates several computers making repeated requests for service.
Phishing
attempts to trick Internet users into thinking a fake but official-looking website or e-mail is legitimate.
Zombies
computers infected by a virus, worm, or Trojan horse that allows them to be remotely controlled for malicious purposes. A collection of zombie computers is known as a botnet, or robot network.
Physical security
concerned with protecting hardware from possible human and natural disasters.
Data security
concerned with protecting software and data from unauthorized tampering or damage.
Cybercrime or computer crime
criminal offense that involves a computer and a network. It was recently estimated that cybercrime affects over 400 million people
Biometric scanning
devices such as fingerprint and iris (eye) scanners are used to access restricted data.
Digital Rights Management (DRM)
encompasses various technologies that control access to electronic media and files by controlling the number of devices that can access a given file and limits the kinds of devices that can access a file.
Virtual private networks (VPNs)
encrypt connections between company networks and remote users such as workers connecting from home. This connection creates a secure virtual connection to a company LAN across the Internet.
Encrypting Data
encryption, the process of coding information to make it unreadable except to those who have a special piece of information known as an encryption key, or, simply, a key.
computer ethics
guidelines for the morally acceptable use of computers in our society.
Password managers
help you create strong passwords. Additionally, they will store all your passwords in one location and automatically provide the appropriate password when requested from one of your favorite sites.
Electronic profiles
highly detailed and personalized descrip- tions of individuals.
History Files
includethelocations,oraddresses,ofsitesthat you have recently visited.
Web bugs
invisible images or HTML code hidden within a web page or e-mail message, can be used to transmit information without your knowledge. When a user opens an e-mail containing a web bug, information is sent back to the source of the bug. The receiving server will now know that this e-mail address is active.
Third-party cookie
is usually generated by an advertising company that is affiliated with the website you are currently visiting. These cookies are used by the advertising company to keep track of your web activity as you move from one site to the next. For this reason, they are often referred to as tracking cookies.
Digital Millennium Copyright Act
makes it illegal to deactivate or otherwise disable any antipiracy technologies, including DRM technologies. The act also establishes that copies of commercial programs may not be legally resold or given away. It further makes it a crime to sell or to use programs or devices that are used to illegally copy software.
Ransomware
malicious software that encrypts your computer's data and ransoms the password to the user.
Trojan Horse
programs that appear to be harmless; however, they contain malicious programs. Trojan horses are not viruses. Like worms, however, they can be carriers of viruses. The most common types of Trojan horses appear as free computer games and free antivirus software that can be downloaded from the Internet.
Viruses
programs that migrate through networks and operating systems, and mostly attach themselves to other programs and databases. Although some viruses are relatively harmless, many can be quite destructive. Once activated, these destructive viruses can alter and/or delete files.
Worms
programs that simply replicate themselves over and over again. Once active in a network, the self-replicating activity clogs computers and networks until their operations are slowed or stopped. Unlike a virus, a worm typically does not attach itself to a program or alter and/or delete files. Worms, however, can carry a virus.
Health Insurance Portability and Accountability Act (HIPAA)
protects medical records
Gramm-Leach-Bliley Act
protects personal financial information
Security suites
provide a collection of utility programs designed to protect your privacy and security while you are on the web.
Family Educational Rights and Privacy Act (FERPA)
restricts disclosure of educational records
cookies
small data files that are deposited on your hard disk from websites you have visited.
malicious software (malware)
specifically designed to damage or disrupt a computer system
Big data
the exponential growth in the volume, variety, and velocity of information and the development of complex, new tools to analyze and create meaning from such data
Online identity
the information that people voluntarily post about themselves online
Computer monitoring software
the most invasive and dangerous type of spyware. One type of computer monitoring software, known as a keylogger, records every activity and keystroke made on your computer system, including credit card num- bers, passwords, and e-mail messages.
Social engineering
the practice of manipulating people to divulge private data. For example, a criminal may call you at work, pretending to be an IT worker who needs your password and user name, or they may "friend" you on social media to get access to private information.
Data manipulation
the unauthorized access of a computer network and copying files to or from the server. This can be as sim- ple as making a post in Facebook when logged in as someone else
software piracy
the unauthorized copying and/or distribution of software.
Spyware
used to describe a wide range of programs that are designed to secretly record and report an individual's activities on the Internet.
dictionary attack
uses software to try thousands of common words sequentially to gain unauthorized access to a user's account.
facial recognition
uses specialized cameras to identify users and automatically log them in.