Transcript 16.4 Computer Crimes What are Computer Crimes?

16.1 Intellectual Property Rights
 What are Intelligent Property Rights?
 The rights granted to inventors, writers, artists
and other talents for the protection of their
inventions and products
 IPRs consists of intangible property rights,
such as:
Design
Trademark
a sign which
distinguishes
the product or
service form
that provided
by other
traders
Patent
a legal right to
protect your
inventions
after gaining
monopoly of
your products
products can
be registered
to protect their
appearances
Copyright
and designs
the right
from being
gained by the
copied by
owners of the
others
original design
16.1 Intellectual Property Rights
 Copyright Issues
 Copyright is the right given to the owners
of an original work.
 Only the copyright owners can legally
reproduce, sell and distribute the
copyrighted work.
 Protects original literary works as well as
computer works, like computer programs
and materials on the Web.
 We must gain permission of the owners of
rights in the materials before distributing or
downloading them.
16.1 Intellectual Property Rights
 Copyright Issues
 Illegal copies of software are called
pirated software
 Illegal in Hong Kong to install pirated
software in computers for commercial
purpose
The Hong Kong
Customs strives
to eradicate
software piracy
16.1 Intellectual Property Rights
 What has the HKSAR Government
done on the Copyright Issues?
 Hong Kong’s Copyright Ordinance
Prohibits unauthorized copying and use
of computer programs
Protects the copyright of software
programs, materials and related books
as literary works
Gives penalties for unauthorized use and
duplication of software
16.1 Intellectual Property Rights
 Software Licence
 A legal contract defining the ways in which
a user may use a computer program
 Single-user licence
Limits the use of software to only one
machine at a time
 Multi-user licence (site licence)
Permits the use of software by more
users at a specific location
16.1 Intellectual Property Rights
 Software Licence
 Shareware
A freely distributed copyright software
that can be used within the trial period
Generally allows the user to reproduce
and distribute the software
A users need to pay if he wants to use
the software beyond the trial period
WinZip, a popular
shareware
16.1 Intellectual Property Rights
 Software Licence
 Types of software
Method of distribution
Commercial
software
Shareware



Distribute free of charge, mainly downloaded from the
Internet
Commonly accompanied with books or magazines
Users allowed to transfer the software to others

Same as shareware


Freeware
Open
source
software
Through resellers
Downloaded from software, publisher's web site or
authorized online stores


Same as shareware
Distribute with source code
16.1 Intellectual Property Rights
 Software Licence
 Types of software
Cost
Commercial
software
Shareware



Freeware


Open
source
software

More user support → more expensive
Usually developed by smaller developers or independent
writers → relatively cheaper
Payment required after the trial period
Free to use for personal purpose
May not be free to be copied, studied, modified or
redistributed
Free of charge
16.1 Intellectual Property Rights
 Software Licence
 Types of software
Trial period
Commercial
software
Shareware




Freeware
Open
source
software
Some have a trial period (normally ≦2 months)
Some only provide a demo version with limited functions
Usually have a trial period
Some allow the user to use continuously, with the display
of random advertisements on the screen

No trial period

No trial period
16.1 Intellectual Property Rights
 Software Licence
 Types of software
Licence
Commercial
software

Different types of licence are offered
to suit different users’ needs
Examples



Shareware

Similar to commercial software


Freeware


Open
source
software

Copyright software carries a
restricted licence
Free to use under certain conditions
The source code is available a an
open source under an open source
licence for studying, changing and
improving the software




Microsoft Office
Macromedia
Dreamweaver
Adobe Photoshop
WinZip
Flashget
Ad-Aware SE
personal
MySQL
KOffice
Freemind
16.1 Intellectual Property Rights
 Software Licence
 Types of software
Licence
Commercial
software

Different types of licence are offered
to suit different users’ needs
Examples



Shareware

Similar to commercial software


Freeware


Open
source
software

Copyright software carries a
restricted licence
Free to use under certain conditions
The source code is available a an
open source under an open source
licence for studying, changing and
improving the software




Microsoft Office
Macromedia
Dreamweaver
Adobe Photoshop
WinZip
Flashget
Ad-Aware SE
personal
MySQL
KOffice
Freemind
16.2 Data Privacy
 Data Privacy
 Refers to the public expectation of privacy
in the collection, holding, processing and
use of personal data
 Personal Data (Privacy) Ordinance (PD(P)O)
Legislation related to privacy of personal
data
Enforced by the Privacy Commissioner’s
Office (PCO)
16.2 Data Privacy
 Data Privacy
The Privacy Commissioner’s Office homepage
16.2 Data Privacy
 Personal Data
 Common personal data
Types of personal data
Examples
About yourself
A person’s name, sex, age,
photo, religion, marital status
About your contract details
Phone number, e-mail address,
ICQ number, fax number, home
address
About your job
Occupation, salary, employment
records
Other personal data
Financial status, medical
records
16.2 Data Privacy
 Personal Data
 Many companies use their web sites to
collect personal data of their visitors
 Concerned about sharing of personal data
with other companies
 PD(P)O gives rights to individuals to know
The kinds of personal data held
The main purposes of keeping one’s
personal data
16.2 Data Privacy
 Spyware
 A kind of software that performs
unauthorized tasks secretly
 Usually collects personal data for
commercial gains
Stealing personal data, especially
financial information
Monitoring user’s browsing habits for
marketing purposes
16.2 Data Privacy
 Non-personal Data
 Data that is not personally identifiable
 Ranges from user traffic to browser
characteristics
 Examples of non-personal data
Types of non-personal data
User traffic statistics
Examples
Total visitors, page views, firsttime visitors, returning visitors
Browser characteristics statistics Screen resolution, colour depth,
web browser, operating system
 Companies may use the information to
evaluate their web sites, improve design
and enrich the content
16.2 Data Privacy
 Cookies
 A small text file storing information from
the web sites you have visited before
 A web site we have viewed may store
information on our computers in a ‘cookie’
 This allows them to automatically recognize
you when you revisit the site.
16.2 Data Privacy
 Advantages and Disadvantages of
Internet Cookies
Advantages



Store user’s preferences about
the web site.
For simple authentication, e.g.
saving a password that we do
not have to reenter it every
time.
Trace the path of a user while
visiting a web site. This helps
the web site to improve the
navigation functions.
Disadvantages


Inaccurate identification as
the computer may be shared
by multiple users and the user
may browse the same web
site at different locations
The user’s browsing activities
have been logged in the
computer
16.2 Data Privacy
 Advantages and Disadvantages of
Internet Cookies
Advantages



Store user’s preferences about
the web site.
For simple authentication, e.g.
saving a password that we do
not have to reenter it every
time.
Trace the path of a user while
visiting a web site. This helps
the web site to improve the
navigation functions.
Disadvantages


Inaccurate identification as
the computer may be shared
by multiple users and the user
may browse the same web
site at different locations
The user’s browsing activities
have been logged in the
computer
16.3 Unauthorized Access
 What is Unauthorized Access?
 The use of computer data for unapproved
or illegal activities, such as hacking and
cracking
16.3 Unauthorized Access
 The Intentions of Hacking
 Hacking – an illegal access to data in a
computer system
 Common intentions of hacking
Browse information in computer systems
for curiosity or fun
Damage computer data and files
Change content of other’s web site, e.g.
deface a web site
Launch denial of service (DoS) attack on
a web site or network
Steal sensitive information from
computer network
16.3 Unauthorized Access
 Differences between Hacker and
Cracker
 Hacker
May not have commercial interest
 Cracker
Criminal hackers
Use hacking to practice illegal activities
called cracking
16.3 Unauthorized Access
 Measures Against Hacking
 Hacking Offences
Unauthorized access to computer
systems by telecommunication
Access to computer systems with
criminal or dishonest intention
16.3 Unauthorized Access
 Measures Against Hacking
 Protection from Unauthorized Access
Use antivirus software with regular
updates
Use firewall and intrusion detection
systems
Check for spyware on your system
Learn how to choose passwords and
change them regularly
Update operating systems with security
patches provided by software developers
16.3 Unauthorized Access
 Firewall
 Checks the incoming and outgoing data of
the computer
 Prevents outsiders from obtaining
unauthorized access to internal resources
ZoneLab’s
ZoneAlarm is
free for
personal use.
(http://zonel
abs.com)
16.3 Unauthorized Access
 Firewall
 The data allowed into a protected computer
is set by one’s policy
 Too strict a policy will lead to increased
security but access to some useful web
sites may be excluded
Security
When we set
the policy for a
firewall, we
Convenience should balance
security with
convenience
16.3 Unauthorized Access
 Firewall
 A firewall should
Allow users to implement security
policies
Be able to monitor all the suspicious
incoming and outgoing data of the
computer
Be able to alert and provide related
information to the network
administration if there is any intrusion
16.3 Unauthorized Access
 Firewall
 A firewall should
Allow users to implement security
policies
Be able to monitor all the suspicious
incoming and outgoing data of the
computer
Be able to alert and provide related
information to the network
administration if there is any intrusion
16.4 Computer Crimes
 What are Computer Crimes?
 Traditional crimes that are committed
through the Internet, e.g. Internet
gambling and publishing indecent materials
 Illegal activities that are committed using
computers, e.g. hacking and cracking
 Common computer crimes
Type of computer crime
Detail and example
Hacking
Please refer to Section 16.3 for
details.
Criminal damage
It may involve
 physical damage of a computer
system
 disruption or destruction of
computer data files
16.4 Computer Crimes
 What are Computer Crimes?
 Common computer crimes
Type of computer crime
Detail and example
Criminal damage
Damage can be caused by
 web site defacement
 denial of service (DoS) attack
 spread of virus
Internet fraud
Examples are
 Internet shopping / auction fraud
 online lottery fraud
 fake web sites
Misuse of Internet access
accounts
It may involve
 abuse of Internet service
 abuse of online game service
16.4 Computer Crimes
 What are Computer Crimes?
 Common computer crimes
Type of computer crime
Detail and example
Online theft
Common criminal activities are
 abuse of password (Theft of
personal identity number (PIN))
 theft of virtual property used in
online games
 theft of corporate information
 Internet banking theft
Illegal materials/web sites
It usually involves
 Internet pornography
 Unauthorized Internet gambling
16.4 Computer Crimes
 What are Computer Crimes?
 Common computer crimes
Type of computer crime
Offences relating to the use
of instant messaging tools
Detail and example


abuse of instant messaging tools
such as ICQ, MSN
abuse by criminals to make contact
with users especially women and
children and then attempt to
commit crimes, such as unlawful
sexual intercourse and robbery
16.4 Computer Crimes
 What are Computer Crimes?
 Common computer crimes
Type of computer crime
Offences relating to the use
of instant messaging tools
Detail and example


abuse of instant messaging tools
such as ICQ, MSN
abuse by criminals to make contact
with users especially women and
children and then attempt to
commit crimes, such as unlawful
sexual intercourse and robbery
16.5 Indecent and Deceitful
Materials
 Indecent Materials
 Statements, articles or photos that are
vulgar or ungracious to people
 Ways to prevent the immature to access
indecent materials on the Internet
Parental guidance
Filtering software
 Can screen out material inappropriate for
children
16.5 Indecent and Deceitful
Materials
 Deceitful materials
 Untrue remarks or statements made with
the intention of deceiving the others
 Students should learn how to evaluate the
information on the Web
A hoax about ‘AIDS’
Virus spreading through
e-mails
Body of the hoax email
16.5 Indecent and Deceitful
Materials
 Deceitful materials
 Untrue remarks or statements made with
the intention of deceiving the others
 Students should learn how to evaluate the
information on the Web
A hoax about ‘AIDS’
Virus spreading through
e-mails
Body of the hoax email
16.6 Spam
 What is spam?
 Unwanted e-mail or newsgroup postings,
mostly advertising commercial products or
services.
An e-mail inbox full of spams
16.6 Spam
 Problems Created by Spam
 Occupies storage space in e-mail boxes
 Takes users’ time to remove them
 Slows down Internet traffic
 Irrelevant newsgroup postings change the
original purpose of the newsgroups and
even stop normal operations.
16.6 Spam
 Measures to Fight Against Spam
 Never reply to junk e-mail
Spammers usually send junk e-mails to
a big pool of untargeted recipients.
Replying to junk e-mail would imply you
are interested in it.
 Use spam-filtering software
Spam-filtering software permit a range
of user defined actions to block
unwanted emails.
Examples: Spam Weasel, MailWasher,
SpamAgent and MailShield
16.6 Spam
 Measures to Fight Against Spam
An e-mail generated by an anti-spam software,
which lists out the blocked e-mails.
16.6 Spam
 Measures to Fight Against Spam
An e-mail generated by an anti-spam software,
which lists out the blocked e-mails.
16.7 Ways to Protect Ourselves
 Importance of Information
Security
 To companies
Profit severely affected if financial status
and customer data were stolen by its
competitors
 To individuals
Abuse of personal data may cause
Internet banking theft and fraudulent
purchases
16.7 Ways to Protect Ourselves
 Preventive Measures
Scan all incoming e-mails.
Never reply to a junk e-mail.
Backup files regularly.
Delete all kinds of Internet
tracks.
16.7 Ways to Protect Ourselves
 Preventive Measures
Install an antivirus program and
update the virus detection
signature regularly.
Turn off file and printer sharing
on your Internet connection.
Take extra care with your
login name and password.
16.7 Ways to Protect Ourselves
 Preventive Measures
Scan all files downloaded from
the Internet and do not install
any doubtful programs.
Install a personal firewall and
apply updates.
Limit the amount of
information you provide to
the web site.
16.7 Ways to Protect Ourselves
 Preventive Measures
Scan all files downloaded from
the Internet and do not install
any doubtful programs.
Install a personal firewall and
apply updates.
Limit the amount of
information you provide to
the web site.