Network Issues and Security

Should the internet be policed?

This question has been raging for a few years now. Presently, the internet does not any have controlling or monitoring body. However, there are many favouring controls with almost equal number of people opposing it.

Arguments in favour of control are:

1. It would be easy to prevent children and other vulnerable groups from being subjected to undesirable websites.
2. It would prevent incorrect information being published on websites.
3. It would prevent illegal material being posted on websites like racist or prejudiced and pornographic material, terrorist activities, etc.
4. Presently, it is very easy to find information about things that can have serious consequences like how to make bombs, how to hack computer systems and networks, etc. Although most of this information is available in books, it is much easier to find using a search engine.

Arguments against control are:

1. It is very expensive to police all websites and users would have to foot the bill for the same.
2. Laws already exist to deal with those who post illegal material/ comments on websites.
3. Material that is published on websites is already available through other sources.
4. It would be very difficult to enforce rules and regulation on a global scale.

Due to the computer technology advancement, it has created a divide called social divide or digital divide with those having the money to purchase and use computer equipment or necessary IT skills are benefitted from the new technology and those without the money or IT skills or lack of infrastructure in their country of stay, being further left behind, leading to this digital divide.

Write a note on inappropriate sites and accuracy of information available on internet.

When looking for some information on the internet using a seach engine, three main aspects needs to be considered:

1. Reliability of information
2. Undesirability of certain websites
3. Security issues

Reliability of information

1. The probablity of the information being up to date is more on the internet than it is in books, as the websites can be updated very quickly.
2. It is always easier to get information from the internet as the search engines search for the information based on the key words entered in the browsers.
3. The ease with which it is possible to fetch vast amount of data from the internet is not possible by searching the indices in several books.
4. However, the information on the internet could be incorrect, inaccurate or even biased for that matter, as there is no formal authentication process of the data.
5. There is a risk of information overload, as the search engines are likely to return millions of hits even though the key values for the search were entered properly. This could result in getting the relevant data difficult.

Undesirability of certain websites

1. There are always risks of finding undesirable websites.
2. Risk of connecting to websites which are not genuine, which in turn could lead to other problems.
3. Security issues

Security issues

Passwords are often used when accessing the internet, for example when

1. accessing your email account
2. carrying out online banking, online shopping, etc
3. accessing social networking sites

For all these you need to enter your user id and password. It is very important that passwords are protected. Some ways of doing this are:

1. Run anti-virus and anti-spyware softwares on regular basis to identify and remove any spywares that may have been put on your computer so your passwords are not being relayed back to these people.
2. Change passwords regularly so that in case they have come into the possession of another user illegally or accidentally, they cannot be misused.
3. Passwords should not be easy to guess or break (for example, don't use your favourite colour, your own name or family member's name, name of a pet, your favourite film actor's/actress's name); passwords are defined as either 'strong' (hard to break or guess) or 'weak' (relatively easy to break or guess). Strong passwords should contain:
   • at least one capital letter
   • at least one numerical value
   • at least one other keyboard character (such as @, * &, $, ~, =, ^).
     An example of a strong password would be: Dl@16=$~Rc&7^
     An example of a weak password would be: PAINTER

Write a note on Authentication

Authentication of a user can be done in various ways. E.g. user id and password is one such technique. Other techniques are:

• digital certificates
• biometrics
• magnetic stripe cards/id cards/passports

Magnetic stripe cards have a magnetic stripe on one side which are made up of tiny magnetic particles on a plastic film. Each particle can act as a north pole or a south pole corresponding to the two binary values 0 and 1.

The stripe is read using a card reader. Data such as name, id and gender may be stored on the magnetic stripe when used as device for entry into a building, etc.

Contactless cards can be read from a distance without swiping through a card reader. This technology is generally used in credit/debit cards to speed up payments in shops/stores but they can used as a security device for example, as access cards for employees entering/leaving an office.

ID cards are also being made using holographic images (holograms). This makes forgery of the card more difficult. Holographic images change colour or appear to have a moving object when the image is viewed from different angles. As these are difficult to make it stops somebody; for example, simply photocopying a card and using it illegally is not possible.

Another form of security is to have a photographic image of the card user printed on the card surface.

Passports make use of some of the technology described above. Many passports contain an RFID tag/chip, a photograph and a holographic image.

Write a note on Viruses

There are always risks involved when accessing the internet or when any data is being transferred from one computer to another or other electronic devices. Here, it is important to note that even tablets and mobile phones can be infected by viruses. Any electronic device with a storage capability can be affected by virus attacks.

However, there are some ways by which these risks can be minimised:

Antivirus software

Running antivirus software in the background on a computer will constantly check for virus attacks. Although various types of antivirus softvvare work in different ways, they all have the following common features:

1. They check software or files before they are run or loaded on a computer.
2. Antivirus software compares a possible virus against a database of known viruses.
3. They carry out heuristic checking — this is the checking of software for types of behaviour that could indicate a possible virus; this is useful if software is infected by a virus which is not yet on the database.
4. Any possible files or programs that are infected are put into quarantine that:
   • allows the virus to be automatically deleted or
   • allows the user to make the decision about deletion (it is possible that the user knows that the file or program is not infected by a virus — this is known as a false positive and is one of the disadvantages of antivirus software).
5. Antivirus software needs to be kept up to date since new viruses are constantly being discovered.
6. Full system checks need to be carried out on regular basis for example, once a week, since some viruses lie dormant and would only be picked up by this full system scan.

Avoiding viruses when accessing the internet

One way of the simple ways to help prevent virus attacks when browsing on the internet is to avoid unknown or suspicious-looking websites. If in doubt, don't access the website — always look for security indicators such as https or the padlock symbol.

Also look out for odd behaviour in the URL when accessing a new website, for example, from an advert in an email, copy and paste the URL into the address bar at the top of the page rather than just clicking on the link in the email. This can help to avoid links to bogus/fake websites.

It is also not advisable to open emails (or any attachments) from unknown sources. Essentially, the best form of defence against malicious behaviour when making use of the internet is to apply common sense.

Viruses from hardware devices

It is possible to pick up viruses from any device plugged into your computer. Apart from the obvious precaution of scanning the device for viruses, it is still unsafe to plug in a device from an unknown source. Even memory sticks or DVDs from friends or from school could still be infected unless they have also carried out all the necessary precautions.

Write a note on Data protection Acts

Data protection acts have been framed to protect individuals and to prevent storing of incorrect or inaccurate data. Most countries have some form of data protection act (DPA).

Essentially DPAs are set up to protect the rights of the individual about whom data is obtained, stored and processed (i.e., collection, use, disclosure, destruction and holding of data). Any such act applies to both computerised and paper records.

Many data protection acts are based on eight principles as given below:

1. Data must be fairly and lawfully processed.
2. The data needs to be processed and used for the stated purpose only.
3. Data must be adequate, relevant and not excessive.
4. Data must be accurate.
5. Data must not be kept longer than required.
6. Data must be processed in accordance with the data subject's rights.
7. Data must be kept secure.
8. Data must note be transferred to another country unless they also have adequate protection.

In many countries, failure to abide by these simple rules can lead to heavy fines or even imprisonment to anyone who holds data about individuals.

There are general guidelines about how to stop data being obtained unlawfully:

1. Never leave any personal information lying around on a desk unattended.
2. Always lock all filing cabinets at the end of the day or when the room is unoccupied.
3. Always lock your computer screen when not at your desk; log off from the computer if away from your desk for any length of time.
4. Use passwords and user ids, which should be kept secure, keeping passwords which are difficult to guess or break and should be changed frequently.
5. Always make sure anything sent in an email or fax (including attachments) is not of a sensitive nature.

This is the end of this guide. Hope you enjoyed it! Thanks for using www.igcsepro.org! We hope you will give us a chance to serve you again! Thank you!