ASSIGNMENT 15
COMPUTER CRIMES
Computer crime or cybercrime refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of the crime (Moore 2000). Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child porn, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, financial theft, and other cross-border crimes sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions, with the International Criminal Court among the few addressing this threat.
1.1 COMPUTER FRAUD
Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by:
• altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
• altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
• altering or deleting stored data;
• altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common.
Other forms of fraud may be facilitated using computer systems, including bank fraud, identity theft, extortion, and theft of classified information.
A variety of Internet scams target consumers direct.
1.2 COPYRIGHT INFRIGMENT
Copyright infringement (or copyright violation) is the unauthorized or prohibited use of works covered by copyright law, in a way that violates one of the copyright owner's exclusive rights, such as the right to reproduce or perform the copyrighted work, or to make derivative works.
For electronic and audio-visual media, unauthorized reproduction and distribution is also commonly referred to as piracy. An early reference to piracy in the context of copyright infringement was made by Daniel Defoe in 1703 when he said of his novel The True-Born Englishman that "Its being Printed again and again, by Pyrates". The practice of labeling the act of infringement as "piracy" predates statutory copyright law. Prior to the Statute of Anne 1709, the Stationers' Company of London in 1557 received a Royal Charter giving the company a monopoly on publication and tasking it with enforcing the charter. Those who violated the charter were labeled pirates as early as 1603.
The legal basis for this usage dates from the same era, and has been consistently applied until the present time. Critics of the use of the term "piracy" to describe such practices contend that it is pejorative and unfairly equates copyright infringement with more sinister activity, though courts often hold that under law the two terms are interchangeable.
1.3 COMPUTER THEFT
It is very unfortunate that several identity thieves know how to operate your computer better than you. While they are skilled in their methods of deception, there are few things that can be done to protect your personal information:
• Always remove the hard drive on a computer you are selling or giving away.
• Keep it in safe place or destroy it
• Inquire within a reliable computer supplier about how to safely overwrite the files
• Use a quality hard disk cleaning program.
There are also a few items you should delete individually. Though it may be some what of a task, recovering from identity theft is even more of a challenge. Here are the files that must be deleted before selling or giving your computer away:
• all email contacts
• all email messages
• all important word documents
• all files in the recycle bin or trash folder of the operating system
• all temporary internet files
• your internet search history
• the cache of your web browser
• any non-transferable software that may be installed on the hard drive
You should also make sure that trusted users of your computer are practicing identity theft prevention as well. Children should protect themselves from identity theft by never using their real name in an email account and limiting personal details on social networking sites. Being that children are often prime targets of internet predators, it is very important to protect the contents of your computer to prevent identity theft and ensure their safety.
1.4 COMPUTER ATTACK
Back when the only Internet connection available was telephone dial-up, we didn't have to worry about worms, Trojans, and viruses attacking our computer systems. Today however, with permanent, lightening-fast DSL and cable modem Internet connections, you need to take extra protections against those who enter your computer system without your consent. The following list details attack methods that are common today.
Hackers are individuals or programs that attempt to gain access to your system without your permission or your knowledge. Some hackers are automated, searching for details inside your computer in order to improve targeted advertising. Other hackers are individuals searching for your private information, such as financial account access data.
Viruses are one of the most common methods of computer attack. There are some viruses circulating that are programmed to destroy your computer; these viruses can sometimes corrupt an entire network or more. Frequently, viruses come attached to an email in the form of an executable file (a file that ends with the letters ".exe").
A virus often comes in the form of a Trojan Horse- a term that means "innocent appearance, malicious intent."
Trojan Horses are malicious viruses that attach to your computer using innocent-looking means. Often, you are lured to a Trojan-infected website through a deceptive popup or email advertisement.
Another common method to receive a Trojan is through downloading free software. Manufacturers can make money from their "free" software by allowing advertisers to add a Trojan horse. Certainly not all free software is rigged with malicious content, but it's difficult to tell when the software is truly free and when you will pay for it with loss choice or loss of privacy.
One type of Trojan hijacks your homepage and search engine preference in order to lead you to their webpage; this artificially inflates their visitor numbers, adding to the hijacker's advertising revenues. (Hijackers also hope you'll eventually buy products from their advertisers since you will be stuck looking at their webpages so frequently.) A Trojan horse hijacker is much like a rude taxi driver who takes you where he wants to go instead of where you want to go, then charges you double fare.
Worms are similar to a virus but they don't attach themselves to a file or a program on their own. Worms reside in your computer's memory and replicate themselves to spread throughout your system or network. They work their way across the Internet by attaching invisible copies to your outgoing email.
The most common types of worms are called backdoor worms. These worms can be used by hackers to open ports (entryways), allowing the hacker clear access to the computer or network.
Root Kit are Trojan viruses that go deeper into your system then typical Trojans do. These hide in your computer registry. When the Trojan attaches to your system registry, it becomes much harder to detect and remove.
Some Root Kit Trojans will allow a hacker to take control of system devices-including a web cam. This will allow the hacker to view you from your own web cam without your knowledge-a visual spy. Root Kits also have the ability to erase log files, allowing the hacker to cloak his actions so that you can't see what he's been up to in your system. If the Root Kit came as a backdoor worm, it will also allow the hacker to access your system over and again and again.
Hybrids are combinations of different viruses. A hybrid takes on the characteristics of worms and Trojans and does harm at both levels-software applications and computer system. If you don't remove a hybrid virus from your system properly it will continue to infect your system until you are unable to remove it.
One of the most common hybrids is the Subseven Root Kit hybrid. The Subseven virus attaches itself to an application-a piece of software-then takes over the name of the application in order to open its own unique library in your Windows registry. The virus can then inform outside attackers (through email) that it has infiltrated your system. Then outsiders can easily gain access. In essence, this hybrid virus gets into your system with a false ID card then secretly calls malicious friends to join the party.
Scanners are tools used by hackers to detect your computer's vulnerability; they are usually attached with worms. The scanner will check your ports looking for an open one to gain access to your system.
Security systems like firewalls use scanners to detect open ports in order to secure them before they are breached.
Some people assume viruses also come in the form of cookies, but this isn't accurate. But cookies can attack you. Cookies are small packets of data that are created when you visit a website; these are made by the vendor but stored on your computer. Each time you revisit the website the cookie is read by the vendor. Cookies are the vendor's way to store information about you and your previous visits to their website so that they can customize your visit. Cookies can also store your mailing address and credit card information to make online transactions with the vendor one step easier.
Some cookies take this a step further, however, and use the opportunity to store a tidbit of data on your computer to watch your Internet surfing habits for marketing purposes since cookies can track online movement. These cookies are called spyware since they watch your actions.
Some malicious cookies, called adware, allow advertisers to target you with ads. Though cookies don't damage your computer, they can compromise your privacy. This is a good reason to consider a firewall program that allows you to monitor and block inbound and outbound cookies.
All these computer attacks are common, but many people don't realize this until after they've become victims themselves. That's why it's important for you to be prepared with a good firewall whenever you browse the Internet.
Advanced firewall programs give you extra protection through cookie control, spyware control, adware control and software application control. We recommend the most bang for your buck; get a firewall program that keeps you informed of all the conversations your computer has on the Internet so that you can be in control.
Friday, April 23, 2010
cyber law
ASSIGNMENT 14
CYBER LAW
Cyberlaw is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. It is less a distinct field of law in the way that property or contract are, as it is a domain covering many areas of law and regulation. Some leading topics include intellectual property, privacy, freedom of expression, and jurisdiction.
1.1 DIGITAL SIGNATURE ACT 1997
1.1.1 WHY THE DIGITAL SIGNATURE ACT 1997 ?
The Digital Signature Act was enforced on the 1st October 1998.
The Digital Signature Act 1997 aims at promoting the processing of transactions especially commercial transactions, electronically through the use of digital signatures.
This Act is an enabling law that allows for the development of, amongst others, e-commerce by providing an avenue for secure on-line transactions through the use of digital signatures. The Act provides a framework for the licensing and regulation of Certification Authorities, and the recognition of digital signatures.
The Controller of Certification Authority who has authority to monitor and license recognized Certification Authorities was appointed on 1st of October 1998.
1.1.2 WHAT IS DIGITAL SIGNATURE AS DEFINED BY THE ACT ?
"Digital Signature" is defined by the Act as a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key and whether the message has been altered since the transformation was made.
Essentially, what this means is that a digital signature is an electronic version of a conventional signature. It is a pair of keys created with the use of asymmetric cryptosystem and involves the use of algorithm or a specific series of algorithm. The pair of keys is made up of a private key as well as a public key. The private key is used to create the digital signature while the public key is used to verify the digital signature. While the private key cannot be known by anyone else except the subscriber, the public key is known to the public and noted in the certificate issued by the certification authority and may be retrieved from the repository.
The transaction of a digitally signed message begins with the preparation of the message. The message is then transformed or hashed into message digest with the use of a one-way hash function. The signer signs this message digest using his private key. The result of using a private key on a message digest is called digital signature.
The original message is sent through an electronic line to the receiver. The recipient of the message, uses the signer's public key to verify the digital signature - only the signer's public key will verify a digital signature created with the signer's private key. The recipient may also verify if the message has been modified, by changing/hashing the received message with the use of the same algorithm (one way hash function).
If the value of the message digest is the same as the value of the message digest in the digital signature received, then no modification has been made to the message since its transformation. Digital signature is similar to the auto teller machine (ATM) card system.
1.2 COMPUTER CRIME ACT 1997
• Gives protection against the misuses of computers & computer criminal activities such as unauthorized use of programs, illegal transmission of data or messages over computers & hacking & cracking of computer systems & networks
• By implementing Computer Crimes Act 1997 users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over the Cyber Space to reduce Cyber Crime activities.
1.3 TELEMEDICINE ACT 1997
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
1.4 COMMUNICATION AND MULTIMEDIA ACT 1998
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
CYBER LAW
Cyberlaw is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. It is less a distinct field of law in the way that property or contract are, as it is a domain covering many areas of law and regulation. Some leading topics include intellectual property, privacy, freedom of expression, and jurisdiction.
1.1 DIGITAL SIGNATURE ACT 1997
1.1.1 WHY THE DIGITAL SIGNATURE ACT 1997 ?
The Digital Signature Act was enforced on the 1st October 1998.
The Digital Signature Act 1997 aims at promoting the processing of transactions especially commercial transactions, electronically through the use of digital signatures.
This Act is an enabling law that allows for the development of, amongst others, e-commerce by providing an avenue for secure on-line transactions through the use of digital signatures. The Act provides a framework for the licensing and regulation of Certification Authorities, and the recognition of digital signatures.
The Controller of Certification Authority who has authority to monitor and license recognized Certification Authorities was appointed on 1st of October 1998.
1.1.2 WHAT IS DIGITAL SIGNATURE AS DEFINED BY THE ACT ?
"Digital Signature" is defined by the Act as a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key and whether the message has been altered since the transformation was made.
Essentially, what this means is that a digital signature is an electronic version of a conventional signature. It is a pair of keys created with the use of asymmetric cryptosystem and involves the use of algorithm or a specific series of algorithm. The pair of keys is made up of a private key as well as a public key. The private key is used to create the digital signature while the public key is used to verify the digital signature. While the private key cannot be known by anyone else except the subscriber, the public key is known to the public and noted in the certificate issued by the certification authority and may be retrieved from the repository.
The transaction of a digitally signed message begins with the preparation of the message. The message is then transformed or hashed into message digest with the use of a one-way hash function. The signer signs this message digest using his private key. The result of using a private key on a message digest is called digital signature.
The original message is sent through an electronic line to the receiver. The recipient of the message, uses the signer's public key to verify the digital signature - only the signer's public key will verify a digital signature created with the signer's private key. The recipient may also verify if the message has been modified, by changing/hashing the received message with the use of the same algorithm (one way hash function).
If the value of the message digest is the same as the value of the message digest in the digital signature received, then no modification has been made to the message since its transformation. Digital signature is similar to the auto teller machine (ATM) card system.
1.2 COMPUTER CRIME ACT 1997
• Gives protection against the misuses of computers & computer criminal activities such as unauthorized use of programs, illegal transmission of data or messages over computers & hacking & cracking of computer systems & networks
• By implementing Computer Crimes Act 1997 users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over the Cyber Space to reduce Cyber Crime activities.
1.3 TELEMEDICINE ACT 1997
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
1.4 COMMUNICATION AND MULTIMEDIA ACT 1998
• The implementation of Communications & multimedia act 1998 ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
• This act also ensures high level of users confidence in the information & communication technology industry.
proses of internet filtering
ASSIGNMENT 13
PROSES OF INETRNET FILTERING
INTERNET FILTERING
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.Internet filtering is a process that prevents or blocks access to certain materials on the Internet.
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.
What is Internet filtering?
Internet filtering is a process that prevents or blocks access to certain materials on the Internet. Filtering is most commonly used to prevent children from accessing inappropriate material and to keep employees productive on the Internet.
CONTROLLING ACCESS TO THE INTERNET
The current preferred method of choice to limit access on the Internet is to filter content either by:
• keyword blocking
• site blocking
• web rating systems
These methods require software to be installed at a client of server level.
1.1 KEYWORD BLOCKING
One of the strategies is by using the keyword blocking method. This method uses a list of banned words or objectionable terms.
As the page is downloading, the filter searches for any of these words. If found, it will block the page completely, stop downloading the page, block the banned words and even shut down the browser.
1.2 SITE BLOCKING
-software company maintains a list of ‘dubious Internet sites’
-the software prevents access to any sites on this list
‘denial lists’ regularly updated
-some software provides control over what categories of information you block
-Who decides what goes on the ‘denial list’ and what criteria are they using?
-can you keep track of the whole of the Internet?
-filters can use both site blocking and word blocking
1.3 WEB RATING SYSTEMS
Web sites are rated in terms of nudity, sex, violence and language. The Recreational Software Advisory Council (RSACI) is responsible for the rating of the websites on the content on the internet.
• ratings done either by the web page author or by the independent bureau.
• browsers set to only accept pages with certain levels of ratings.
PROSES OF INETRNET FILTERING
INTERNET FILTERING
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.Internet filtering is a process that prevents or blocks access to certain materials on the Internet.
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.
What is Internet filtering?
Internet filtering is a process that prevents or blocks access to certain materials on the Internet. Filtering is most commonly used to prevent children from accessing inappropriate material and to keep employees productive on the Internet.
CONTROLLING ACCESS TO THE INTERNET
The current preferred method of choice to limit access on the Internet is to filter content either by:
• keyword blocking
• site blocking
• web rating systems
These methods require software to be installed at a client of server level.
1.1 KEYWORD BLOCKING
One of the strategies is by using the keyword blocking method. This method uses a list of banned words or objectionable terms.
As the page is downloading, the filter searches for any of these words. If found, it will block the page completely, stop downloading the page, block the banned words and even shut down the browser.
1.2 SITE BLOCKING
-software company maintains a list of ‘dubious Internet sites’
-the software prevents access to any sites on this list
‘denial lists’ regularly updated
-some software provides control over what categories of information you block
-Who decides what goes on the ‘denial list’ and what criteria are they using?
-can you keep track of the whole of the Internet?
-filters can use both site blocking and word blocking
1.3 WEB RATING SYSTEMS
Web sites are rated in terms of nudity, sex, violence and language. The Recreational Software Advisory Council (RSACI) is responsible for the rating of the websites on the content on the internet.
• ratings done either by the web page author or by the independent bureau.
• browsers set to only accept pages with certain levels of ratings.
Subscribe to:
Posts (Atom)