Project 3 Presentation Power Point
Download
Report
Transcript Project 3 Presentation Power Point
Privacy, Security, and
Copyright in the Digital Era
By Ben Shaw, Mike Vaneman,
and Mike Kozak
Digital Era
New tool set
Digital data
Fingerprint scan
0110100011110101100111001110001
Digital equipment
Software
Hardware
Advances in digital technology
Privacy
Define privacy
Self-value
Is our privacy at stake?
Privacy in the Digital Era
Digital Technologies
Biometrics
Identification
Authentication
Location tracking
“Always -On”
New advancements
Electronic communications
Internet
Biometrics
What are biometrics?
Different types of biometric systems
Iris
Fingerprint
Voice
Facial
Biometric Identification
Super Bowl XXXV
People are identified
based on facial
characteristics
Samples are compared to
biometric data stored in
large database, referred
to as “one-to-many”
Employed by police and
government officials
Biometric Authentication
Individual verification
technique used by
government agencies
Individual’s biometric
data is stored on a
smart card
FacePASS
Privacy issues
Location Tracking
Advancements in cell
phone technology
Cell phone tracking
“Always-On”
On-demand tracking
Provide emergency
locations
New advancements
RFID
Implanted radio chips
License plate cameras
Privacy Issues
Electronic Communications
Internet
Advancements in information and
communication technologies have
significantly raised the acceptance rate of
Internet-based applications and services
Multiple privacy threats on the WWW
Anonymity
Anonymizer
Privacy Threats on The Web
Cookies
Those darn things
Browsers
Security flaws
Email
[email protected]
Spam
Pain in the you no what
Search engines
Google
Google
Google’s immortal
cookie
Google records
everything they can
Google retains all
data indefinitely
Google won’t say why
they need this data
Google hires ex-NSA
Google’s toolbar is
spyware
Google’s cache copy
is illegal
Google is not your
friend
Google is a privacy
time bomb
Anonymity
Anonymizer
Web anonymity tool
Acts as a link between user and the website
he or she is trying to access
Third party
Digital Security
Security Types
Internet Security
Network Security
Computer Security
Router Usage
A router acts as a junction between two or more
networks to transfer data packets among them
Greatly reduces risk of being hacked when using
Network Address Translation (NAT)
NAT is the re-writing of the source and/or destination
addresses of IP packets as they pass through a router
or firewall
Allows for multiple hosts on a private network to
access the internet through the use of a single public
IP address
Router Usage
NAT also typically has the effect of preventing
connections from being established inbound
into your computer, whilst permitting
connections out
Firewall
Blocks traffic to all unauthenticated ports on your
computer, thus restricting access
Firewall Usage
Firewalls use one or more of three methods to control
traffic flowing in and out of the network:
Packet filtering - Packets (small chunks of data) are analyzed
against a set of filters. Packets that make it through the filters are
sent to the requesting system and all others are discarded.
Proxy service - Information from the Internet is retrieved by the
firewall and then sent to the requesting system and vice versa.
Stateful inspection - A newer method that doesn't examine the
contents of each packet but instead compares certain key parts
of the packet to a database of trusted information. Information
traveling from inside the firewall to the outside is monitored for
specific defining characteristics, then incoming information is
compared to these characteristics. If the comparison yields a
reasonable match, the information is allowed through. Otherwise
it is discarded.
Software Security Risks
Viruses
A virus is a small piece of software that piggybacks on
real programs. For example, a virus might attach itself
to a program such as a spreadsheet program or
email. Each time the spreadsheet program runs, the
virus runs, too, and it has the chance to reproduce (by
attaching to other programs) or wreak havoc.
Worms
A worm is a small piece of software that uses
computer networks and security holes to replicate
itself. A copy of the worm scans the network for
another machine that has a specific security hole. It
copies itself to the new machine using the security
hole, and then starts replicating from there, as well.
Software Security Risks
Spyware
Spyware is a category of computer programs that attach themselves to your
operating system in nefarious ways. They can suck the life out of your
computer's processing power. They are designed to track your Internet habits,
nag you with unwanted sales offers or generate traffic for their host Web site.
According to recent estimates, more than two-thirds of all personal computers
are infected with some kind of spyware
Trojan Horses
A Trojan horse is simply a computer program. The program claims to do one
thing (it may claim to be a game) but instead does damage when you run it (it
may erase your hard disk). Trojan horses have no way to replicate automatically.
Adware
Adware is software integrated into or bundled with a program. It is usually seen
by the programmer as a way to recover programming development costs, and in
some cases it may allow the program to be provided to the user free of charge or
at a reduced price. The advertising income may allow or motivate the
programmer to continue to write, maintain and upgrade the software product.
Virus Statistics
Past 7 days
#
Virus Name
Infected Computers
Scanned
Computers
% Infected
1
Exploit-WMF
43,451
955,481
4.55
2
JS/Wonka
40,810
955,481
4.27
3
Exploit-ByteVerify
34,966
955,481
3.66
4
Exploit-ANIfile
31,114
955,481
3.26
5
Adware-Url.gen
29,956
955,481
3.14
6
Downloader-ZQ
27,797
955,481
2.91
7
Generic Downloader.z
27,545
955,481
2.88
8
Adware-Boarim
20,991
955,481
2.2
9
Adware-Cometsys
17,779
955,481
1.86
10
JV/Shinwow
15,491
955,481
1.62
Spyware Example
Many Internet Explorer add-on toolbars monitor the user's
activity. When installed and run without the user's consent,
such add-ons count as spyware. Here multiple toolbars
(including both spyware and innocuous ones) overwhelm an
Internet Explorer session.
Phishing Security Risk
Phishing is a form of criminal activity using
social engineering techniques. It is
characterized by attempts to fraudulently
acquire sensitive information, such as
passwords and credit card details, by
masquerading as a trustworthy person or
business in an apparently official
electronic communication. It is typically
done through email and the end result if
successful is identity fraud
Phishing Facts
13,776 phishing attacks linked to 5,259
Web sites took place in August of 2005.
They targeted 84 different businesses, but
three businesses received 80 percent of
the attacks.
85 percent of the attacks targeted banks
and other financial institutions.
Phishing Trend
A chart showing the increase in phishing reports from October 2004 to June 2005.
Copyright
Copyright and Copyright
Infringement
Copyright
Laws
Digital Rights Management
MPAA and RIAA
Copyright Infringement
BitTorrent
Contributions
Copyright
“Copyright is a set of exclusive rights
granted by governments to regulate the
use of a particular expression of an idea or
information. At its most general, it is
literally "the right to copy" an original
creation. In most cases, these rights are of
limited duration
(http://en.wikipedia.org/wiki/Copyright)
Copyright Laws
Copyright Act of 1790
"sole right and liberty of printing, reprinting,
publishing and vending"
maps, charts, and books
14 year term
Copyright Laws
Copyright Act of 1976
Copyright of expression
literary, dramatic, and musical works;
pantomimes and choreography; pictorial,
graphic and sculptural works; audio-visual
works; sound recordings; and architectural
works
eligible for copyright protection as soon as it is
fixed in a tangible form
Copyright Laws
Established the fair use policy for
copyright holders
Defines conditions under which individuals
may use copyrighted material without
permission
Possible to quote from a copyrighted work
Fair use is a "defense" to copyright
infringement, not a right.
Copyright Laws
Digital Millennium Copyright Act, DMCA
The act criminalizes production and
dissemination of technology that can
circumvent measures taken to protect
copyright
heightens the penalties for copyright
infringement on the Internet
Limited the liability of Online Providers
MPAA
Motion Picture Association of America
protect member interests through political
lobbying for changes in copyright and criminal
law
Responsible for the film rating system
Setting DMCA regulations
RIAA
Recording Industry Association of America
Responsible for setting technical recording
standards
Collection of music licenses and royalties
Setting DMCA regulations
Digital Rights Management
To date all DRM methods have failed
Physical protection
DIVX
CSS
Product activation
Digital watermarking
Copyright Infringement
“Copyright infringement is the
unauthorized use of copyrighted material
in a manner that violates one of the
copyright owner's exclusive rights, such as
the right to reproduce or perform the
copyrighted work, or to make derivative
works that build upon it.
(http://en.wikipedia.org/wiki/Copyright_infri
ngement)
Copyright Infringement
BitTorrent
Azureus, BitComet, BitLord, uTorrent
EDonkey, FastTrack and Gnutella
EDonkey 2000
KaZaA, Grokster
Bearshare, Gnucleus, LimeWire, Morpheus,
Phex, Shareaza
BitTorrent
.torrent files
Trackers
Seeders
Completed file
Leachers
Downloaders
BitTorrent
Protocol breaks the file(s) down into
smaller fragments
Requests from peers the fragments that
are most rare
Uploading fragments to their peers before
the entire file is downloaded
Chooses the peer with the best network
connections for the fragments that it is
requesting
BitTorrent
uTorrent
Advancements
MPAA and RIAA followed in the footsteps
of file sharing software
Napster, ITunes
Warner Brothers
Network Television Stations
This Concludes Our
Presentation
Any Questions?