Book 1.3 Ict&ScietyEthics
Book 1.3 Ict&ScietyEthics
Book 1.3 Ict&ScietyEthics
Define computer ethics, code of ethics, intellectual property, privacy, Computer Crime and Cyber Law.
ETHICS IN GENERAL
A guideline is needed to stop the current technology products from being exploited for example replicating original CDs and selling them as pirated software, this unethical behaviour can be controlled by the code of conducts. Unethical refers to any code of conducts that are not conforming to approved standards of social or professional behaviour. Computer ethics is a system of moral standards or values used as a guideline for computer users.
The United States Institute of Computer Ethics has come out with the Ten Commandments of Computer Ethics. These principles consider the effective code of conducts for the proper use of information technology. The Ten commandments of computer ethics are : 1. 2. 3. 4. 5. 6. You shall not use a computer to harm other people. You shall not interfere with other people's computer work. You shall not snoop around in other people's computer files. You shall not use a computer to steal. You shall not use a computer to bear false witness. You shall not copy or use proprietary software for which you have not paid. 7. You shall not use other people's computer resources without authorisation or proper compensation. 8. You shall not appropriate other people's intellectual output. 9. You shall think about the social consequences of the program you are writing or the system you are designing. 10. You shall always use a computer in ways that ensure consideration and respect for your fellow humans.
use only individual e-mail address to forward individual opinion keep the identity name and password a secret to avoid the misuse of your e-mail without your knowledge e-mail must be active to promptly reply the necessary actions needed for any matters ensure the total mail kept in the box is within the computer storage capacity scan files regularly to avoid the transmission of virus from one computer to another do not send e-mails that contain classified information which can be used to tarnish other people or country choose a suitable time to search the Internet to save access time and cost beware of prohibited sites which could affect one's moral, organisation or nation print only relevant documents that you think can be used in future to save cost
With the advancement of ICT, it is easy for anyone to retrieve your information from the Internet. You may not realise that when you fill a form on the Internet, your information may be exposed and stolen. Examples of unethical computer code of conducts include: modifying certain information on the Internet, affecting the accuracy of the information selling information to other parties without the owners permission using information without authorization involvement in stealing software invasion of privacy
Intellectual property refers to any product of human intellect that is unique and has value in the market place. This covers ideas, inventions, unique name, computer program codes and many more.
1.2.1.2
DEFINITION OF ETHICS
In general, ethics is a moral philosophy where a person makes a specific moral choice and sticks to it. On the other hand, ethics in computing means moral guidelines to refer to when using the computer and computer networks. This includes the Internet.
DEFINITION OF LAW
Law is a legal system comprising of rules and principles that govern the affairs of a community and controlled by a political authority. Law differs from one country to another. In the era of technology, computer law is needed to clarify goods or actions that fall under the computer law. Computer law refers to all areas in law that requires an understanding of computer technology such as hardware, software and Internet. Examples of laws of computing in Malaysia include the Malaysian Communication and Multimedia Act, the Computer Crime Act 1997 and the Telemedicine Act 1997. 1.2.1.3
RESPECTING OWNERSHIP We must respect ownership by not stealing other peoples work either by duplicating or distributing it. Duplicating and distributing copies of audio tapes, video tapes and computer programs without permission and authorisation from the individual or company that created the program are immoral and illegal. RESPECTING PRIVACY AND CONFIDENTIALITY 26
We should respect other people's privacy and confidentiality by refraining ourselves from reading their mails or files without their permission. If we do so, it is considered as violating an individuals rights to privacy and confidentiality. RESPECTING PROPERTY Property here means ownership. Since an individual data and information are considered as property, therefore, an act of tampering and changing electronic information is considered as vandalism and disrespect for other peoples property.
Both ethics and law are complimentary to each other and are made: guide user from misusing computers create a healthy computer society, so that computers are used contribute to a better life prevent any crime
LAW
CONTROL JUDICIAL STANDARDS MUST FOLLOW As a rule to control computer users. Law is judged by judicial standards. Computer users must follow the regulations and law. PENALTIES, IMPRISONMENTS Penalties, imprisonments and other AND OTHER PUNISHMENTS punishments for those who break the law. DEPENDS ON COUNTRY Depends on country and state where the crime is committed. PREVENT MISUSING OF COMPUTERS To prevent misuse of computers. 27
CRIME
Law breaking: sending a computer virus via e-mail hacking into your schools database to change your examination results. selling pirated software in a night market
Intellectual Property refers to works created by inventors, authors and artists. These works are unique and have value in the market place. In our daily lives, we are surrounded by things that are protected by IP. Your school bags, your shoes and even your socks are protected by Intellectual Property rights. Nike, Bata or Adidas, for example, are all protected by a group of legal rights.
Intellectual Property laws cover ideas, inventions, literary creations, unique names, business models, industrial processes, computer program codes and more.
As businesses continue to expand globally, business owners must realise the importance of getting professional advice on how to establish and safeguard their intellectual property rights. These include : Trademarks Service marks Trade/company names Domain names Geographical indications Copyrights 28
Patents
There are four types of Intellectual Property protection. They are patents for invention, trademarks for brand identity, designs for product appearance and copyright for material. Patents for inventions Trademarks for brand identity Design for product appearance Copyright for material
Patents for inventions Utility, design or plant patents that protect inventions and improvements to existing inventions Trademarks for brand identity Words, names, symbols, devices and images that represent products, goods or services. Design for product appearance Literary and artistic material, music, films, sound recordings and roadcasts, including software and multimedia. Copyright for material The features of, in particular,the lines, contours, colours,shape, texture or material of the product itself or its ornamentation.
29
WHAT IS PRIVACY?
Privacy in IT refers to data and information privacy. Data refers to a collection of raw unprocessed facts, figures and symbols. Then, computer is used to process data into information. In general, data include texts, numbers, sounds, images and video. Information privacy is described as the rights of individuals and companies to deny or restrict the collection and use of information about them. 1.2.2.1
Every time you click on an advertisement or register a software product online, your information is entered into a database. Computer technology can also threaten privacy through spam. Do you know what spam is? Spam is unsolicited e-mail messages, advertisements or newsgroup postings sent to many recipients at once. How does computer technology threaten the privacy of our data? It is done through: Cookies Electronic profile Spyware
Computer technology threatens our privacy through electronic profiling. For example, when we fill out a form such as a magazine subscription, purchasing products or contest entry form on the Internet, this data is kept in the database. It will include age, address, marital status and other personal details. Cookies are used to identify users by web casting, ecommerce and other web applications contain user information and are saved in the computer hard disk are used by some websites to store passwords and track how regularly we visit a website, thats how we become potential targets for web advertisers 30
enable web sites to collect information about your online activities and store them for future use, then the collected details will be sold to any company that requests for it.
Electronic profile electronic profile is the combining of data in a database that can be sold to the Internet by the company to the interested parties. this database is in a form such as magazine subscription or product warranty cards that had been filled by online subscribers. the information in electronic profile includes personal details such as your age, address and marital status. Spyware refers to a program that collects user information without the users knowledge. can enter computers, sneaking in like a virus. is a result of installing new programs. communicates information it collects to some outside source while we are online.
We need privacy for anonymity. For example, the Internet creates an elaborate trail of data detailing a person surfing on the Web because all information is stored inside cookies. We do not want our trail to be detected. We also need privacy for confidentiality. For example, online information generated in the course of a business transaction is routinely used for a variety of other purposes without the individuals knowledge or consent. We do not want our private lives and habits exposed to third parties.
Verificatio n verify the validity of the ID Valid (T) Identification present what the user is (e.g. biometric)
Valid (T)
False
Access granted
32
METHODS OF AUTHENTICATION
There are two commonly used authentication methods, which are biometric device and callback system. Biometric device is a device that translates personal characteristics into a digital code that is compared with a digital code stored in the database. Callback system refers to the checking system that authenticates the user.
BIOMETRIC DEVICES
Fingerprint Recognition
In order to prevent fake fingers from being used, many biometrics fingerprint systems also measure blood flow, or check for correctly arrayed ridges at the edges of the fingers.
Facial Recognition
Facial recognition analyses the characteristics of an individual's face images captured through a digital video camera. Facial recognition is widely used, touted as a fantastic system for recognising potential threats (whether terrorists, scam artists, or known criminals).
Iris Scanning
Iris scanning analyses the features that exist in the coloured tissues surrounding the pupil which has more than 200 points that can be used for comparison, including rings, furrows and freckles. The scans use a regular video camera and can be done from further away than a retinal scan.It will work perfectly fine through glasses and in fact has the ability to create an accurate enough measurement that it can be used for identification purposes. The accuracy of this method is excellent while the cost involved is high.
Retinal Scanning
Retinal biometrics involves the scanning of retina and analysing the layer of blood vessels at the back of the eye. Retinal scanning involves using a low-intensity light source and an optical coupler and can read the patterns at a great level of accuracy. Retina scanning requires the user to remove glasses, place their eye close to the device, and focus on a certain point. Whether the accuracy can outweigh the public discomfort is yet to be seen. The accuracy in retinal scanning is very good and the cost involved is fair.
Voice Recognition
Voice recognition system compares a persons live speech with their stored voice pattern. Voice recognition biometrics requires user to speak into a microphone. What he speaks can be his password or an access phrase. Verification time is approximately 5 seconds. To prevent recorded voice use, most voice recognition devices require the high and low frequencies of the sound to match, which is difficult for many recording instruments to recreate well. Also, some devices generate random number of sequences for verification. The accuracy in voice recognition is fair and the cost involved is very reasonable.
Signature verification system uses special pen and tablet. After pre-processing the signature, several features are extracted. The authenticity of a writer is determined by comparing an input signature to a stored reference set (template) consisting of three signatures. The similarity between an input signature and the reference set is computed using string matching and the similarity value is compared to a threshold. The accuracy in signature verification system is fair and the cost involved is excellent.
CALLBACK SYSTEM
The callback system is commonly used in the bank operation and business transaction. For example, when you book for the taxi service, the operator will ask you to hang up and she will call you back to confirm for the service required.
LESSON 11 VERIFICATIONS
VERIFICATION
Verification is the act of proving or disproving the correctness of a system with respect to a certain formal specification. IDENTIFICATION present what the user has (e.g ATM card) Access Granted Valid
Not Valid IDENTIFICATION present what the user has (e.g pin number)
Access Denied
METHODS OF VERIFICATION
35
There are two methods commonly used in verification, which are user identification and processed object. User identification refers to the process of validating the user. Processed object refers to something the user has such as identification card, security token and cell phone.
USER IDENTIFICATION
The examples of validating process using the user identification are: Key in the user name to log-in to a system and the system will verify whether the user is valid or invalid user Show the exam slip to verify that you are the valid candidate for the exam. show a passport before departure.
PROCESSED OBJECT
The examples of validating process using the processed object are: the policeman will check on the drivers license to identify the valid driver employees have to swipe their security card to enter the building buy blouses at the mall using a credit card
CONTROVERSIAL CONTENT
A controversial content is information that causes disagreement in opinions and may cause the disruption of peace because different people or culture will have different views about the contents.
The issues on controversial contents are always focusing on pornography and slander. Malaysia considers pornography and slander as illegal. 36
Pornographic and slanderous activities can be in the forms of plots and actions displayed on video games, controversial rhythm or lyrics of music, controversial contents of books and controversial issues on religion and philosophy. Pornography Creative activity (writing or pictures or films etc.) of no literary or artistic
value other than to stimulate sexual desire.
PORNOGRAPHY
Both pictures are very cute pictures of innocent babies. Neither can be considered pornographic by normal standards.
DEFINITION OF PORNOGRAPHY
The definition of pornography is any form of media or material (like books or photographs) that depicts erotic behaviour and is intended to cause sexual excitement. Pornography tends to exploit men, women and children in a distasteful manner.
SLANDER
Slander is another example of controversial content. Slander is a legal term for false and malicious statement (meaning knowing that it is false, or reckless disregard that it was false) about someone. Examples : You wrote an e-mail that a fellow classmate was having an affair with a teacher, even though it was not true. You then sent it to five other friends. Ahmad is a muslim. One day, he received a spam e-mail stating that his favourite soda drink Soda Moda uses non-halal food colouring, but he does not know if the source of the content is credible or true. He decides to forward the e-mail to 50 of his friends. 37
Chin Wei spreads a rumour that a Government Minister is receiving bribes from an enemy government.
What can you conclude about the impact of controversial content on the Malaysian society? Pornography can lead to criminal acts such as exploitation of women and children can lead to sexual addiction or perversion can develop low moral value towards other men, women or children can erode good religious, cultural and social beliefs and behaviour Slander can can can can develop into a society that disregards honesty and truth develop bad habit of spreading untruths and rumours lead to unnecessary argument cause people to have negative attitudes towards another person
INTERNET FILTERING
It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet.Internet filtering is a process that prevents or blocks access to certain materials on the Internet. It is our responsibility to ensure that the teenagers are protected from these corruptions of the mind by filtering access to the Internet. What is Internet filtering? Internet filtering is a process that prevents or blocks access to certain materials on the Internet. Filtering is most commonly used to prevent children from accessing inappropriate material and to keep employees productive on the Internet.
Controlling access to the internet by means of filtering software has become a growing industry in Malaysia and elsewhere. Its use has increase as the mandatory response to the current plague of society, namely internet 38
pornography, politically incorrect site, hatred, violence, hate and in general anything viewed to be unpleasant or threatening. The current preferred method of choice to limit access on the Internet is to filter content either by: keyword blocking site blocking web rating systems These methods require software to be installed at a client of server level.
KEYWORD BLOCKING
One of the strategies is by using the keyword blocking method.This method uses a list of banned words or objectionable terms. As the page is downloading, the filter searches for any of these words. If found, it will block the page completely, stop downloading the page, block the banned words and even shut down the browser.
SITE BLOCKING
software company maintains a list of dubious Internet sites the software prevents access to any sites on this list denial lists regularly updated some software provides control over what categories of information you block Who decides what goes on the denial list and what criteria are they using? can you keep track of the whole of the Internet? filters can use both site blocking and word blocking
Web sites are rated in terms of nudity, sex, violence and language. The Recreational Software Advisory Council (RSACI) is responsible for the rating of the websites on the content on the internet. ratings done either by the web page author or by the independent bureau. browsers set to only accept pages with certain levels of ratings.
39
Cyber law refers to any laws relating to protecting the Internet and other online communication technologies.
In the recent years, many concerns and issues were raised on the integrity and security of information, legal status of online transactions, privacy and confidentiality of information, intellectual property rights and security of government data placed on the Internet. Integrity and Security of Information CYBER LAW Legal Status of Online Transactions Privacy and Confidentially of Information These concerns and issues clearly indicate why cyber laws are needed in online activities. Intellectual Property Rights Security of Government Data
The Malaysian Government has already passed several cyber laws to control and reduce the Internet abuse. These cyber laws include: Digital Signature Act 1997 Computer Crimes Act 1997 Telemedicine Act 1997 Communications and Multimedia Act 1998
Beside these cyber laws, there are three other cyber laws being drafted. Private Data Protection Bill Electronic Government Activities Bill Electronic Transactions Bill 40
The Digital Signature Act 1997 secures electronic communications especially on the Internet. Digital Signature is an identity verification standard that uses encryption techniques to protect against e-mail forgery. The encrypted code consists of the users name and a hash of all the parts of the message. By attaching the digital signature, one can ensure that nobody can eavesdrop, intercept or temper with transmitted data.
The Computer Crimes Act 1997 gives protection against the misuses of computers and computer criminal activities such as unauthorised use of programmes, illegal transmission of data or messages over computers and hacking and cracking of computer systems and networks. By implementing the Computer Crimes Act 1997, users can protect their rights to privacy and build trust in the computer system. At the same time, the government can have control at a certain level over cyberspace to reduce cyber crime activities.
The Telemedicine Act 1997 ensures that only qualified medical practitioners can practice telemedicine and that their patient's rights and interests are protected. These act provides the future development and delivery of healthcare in Malaysia.
This Act also ensures high level of user's confidence in the information and communication technology industry.
41
1.2.4.2 - Explain briefly the computer crimes below : Fraud Copyright Infringement Theft Attacks
LESSON 15 COMPUTER CRIMES
COMPUTER CRIMES
A computer crime is defined as any criminal activity that is related to the use of computers. These activities include computer fraud, copyright infringement, computer theft and computer attack.
COMPUTER FRAUD
Computer fraud is defined as having an intention to take advantage over or causing loss to other people, mainly on monetary basis through the use of computers. There are many forms of computer fraud which include e-mail hoaxes, programme fraud, investment schemes, sales promotions and claims of expertise on certain fields. Students need to be aware of other computer frauds such as health frauds, scams and hacking. Students will also most likely get false information while researching information on the Internet.
COPYRIGHT INFRINGEMENT
Copyright infringement is defined as a violation of the rights secured by a copyright. Copyright infringement involves illegal copy or reproduction of copyrights material by the black market group. The open commercial sale of pirated item is also illegal. With the current technology, the most perfect copy of the original copy can be downloaded from the internet.
COMPUTER THEFT
Computer theft is defined as the unauthorised use of another persons property with the intention to deny the owner the rightful possession of that property or its use. 42
Examples of computer theft include: transfer of payments to the wrong accounts tap into data transmission lines on database at no cost divert goods to the wrong destination
COMPUTER ATTACK
Computer attack may be defined as any activities taken to disrupt the equipment of computer systems, change processing control or corrupt stored data. Computer attack can be in the forms of: physical attack that disrupt the computer facility or its transmission lines. an electronic attack that uses the power of electromagnetic energy to overload computer circuitry. a computer network attack that uses a malicious code to exploit a weakness in software, or in the computer security practices of a computer user
43
COMPUTER SECURITY
LESSON 16 COMPUTER SECURITY
a) HARDWARE SECURITY
Hardware security refers to security measures used to protect the hardware specifically the computer and its related documents. The examples of security measures used to protect the hardware include PC-locks, keyboard-locks, smart cards and biometric devices.
44
Examples of security measures used to protect the software are activation code and serial number.
An example of security measure used to protect the loss of data files is the disaster recovery plan method. The idea of this plan is to store data, program and other important documents in a safe place that will not be affected by any major destruction.
c) NETWORK SECURITY
The transfer of data through network has become a common practice and the need to implement network security has become significant. Network security refers to security measures used to protect the network system. One example of network security measures is firewall. With firewall, network resources can be protected from the outsiders.
In order to make sure our computers are secured, here are the computer security checklist to follow. Do not eat, drink or smoke near the computer Do not place the computer near open windows or doors Do not subject the computer to extreme temperatures Clean the equipment regularly Place a cable lock on the computer Use a surge protector Store disks properly in a locked container Maintain backup copies of all files Stores copies of critical files off sites Scan a floppy disk before you open it Do not open any unknown email received
45
1.3.2.1 -
Explain briefly the different threats to computer security : Malicious code Hacking Nature/environment Theft
MALICIOUS CODE
Malicious code is also known as a rogue program. It is a threat to computing assets by causing undesired effects in the programmers part. The effect is caused by an agent, with the intention to cause damage. The agent for malicious code is the writer of the code, or any person who causes its distribution. There are various kinds of malicious code. They include virus, Trojan horse, logic door, trapdoor and backdoor, worm and many others.
a) VIRUS
a program that can pass on the malicious code to other programs by modifying them attaches itself to the program, usually files with .doc, .xls and .exe extensions 46
destroys or co-exists with the program can overtake the entire computing system and spread to other systems
b) TROJAN HORSE
a program which can perform useful and unexpected action must be installed by users or intruders before it can affect the systems assets an example of a Trojan horse is the login script that requests for users login ID and password the information is then used for malicious purposes
c) LOGIC BOMB
logic bomb is a malicious code that goes off Virus Spreads through any medium Spreads copies of itself as a program that attaches to other programs when a specific condition occurs. an example of a logic bomb is the time bomb it goes off and causes threats at a specified time or date Worm Operates through the network Spreads copies of itself as a standalone program
e) TRAPDOOR OR BACKDOOR
a feature in a program that allows someone to access the program with special privileges
f) WORM
a program that copies and spreads itself through a network
HACKER
47
Hacking is a source of threat to security in computer. It is defined as unauthorised access to the computer system by a hacker. Hackers are persons who learn about the computer system in detail. They write program referred to as hacks. Hackers may use a modem or cable to hack the targeted computers.
Computers are also threatened by natural or environmental disaster. Be it at home, stores, offices and also automobiles.Examples of natural and environmental disasters: Flood Fire Earthquakes, storms and tornados Excessive Heat Inadequate Power Supply
THEFT
Two types of computer theft: 1) Computer is used to steal money, goods, information and resources. 48
2) Stealing of computer, especially notebook and PDAs. Three approaches to prevent theft: 1) prevent access by using locks, smart-card or password 2) prevent portability by restricting the hardware from being moved 3) detect and guard all exits and record any hardware transported
1.3.3.1 - Select appropriate security measures to overcome the identified computer threats.
LESSON 18 SECURITY MEASURES
Today, people rely on computers to create, store and manage critical information. It is important that the computer and the data they store are accessible and available when needed. It is also important that users take measures to protect their computers and data from lost, damage and misused. Security measures mean the precautionary measures taken toward possible danger or damage. There are 6 type of security measures.
1.3.3.2 - Apply the correct security procedures. Antivirus Anti-Spyware Cryptography Firewall Data backup
49
1) DATA BACKUP
Data Backup is a program of file duplication. Backups of data applications are necessary so that they can be recovered in case of an emergency. Depending on the importance of the information, daily, weekly or biweekly backups from a hard disk can be performed.
2) CRYPTOGRAPHY
Cryptography is a process of hiding information by altering the actual information into different representation, for example, an APA can be written as I? X. Almost all cryptosystems depend on a key such as a password like the numbers or a phrase that can be used to encrypt or decrypt a message. The traditional type of cryptosystem used on a computer network is called a symmetric secret key system. 50
3) ANTIVIRUS
An antivirus program protects a computer against viruses by identifying and removing any computer viruses found in the computer memory, on storage media or incoming e-mail files. An antivirus program scans for programs that attempt to modify the boot program, the operating system and other programs that normally are read from but not modified. IDENTIFYING VIRUS Two technique are used to identify the virus. VIRUS SIGNATURE Also called a virus definition is a specific pattern of the virus code. INOCULATING A PROGRAM FILE The antivirus program records information such as the file size and file creation date in a separate inoculation file. The antivirus program then uses this information to detect if a virus tampers with the data describing the inoculated program file. If an antivirus program identifies an infected file, it attempts to remove its virus, worm or Trojan horse. If the antivirus program cannot remove the infection, it often quarantines the infected file. Quarantine is a separate area of a hard disk that holds the infected file until the infection can be removed. This step ensures other files will not become infected. Patents for inventions Utility, design or plant patents that protect inventions and improvements to existing inventions
4) ANTI-SPYWARE
Spyware is a program placed on a computer without the users knowledge. It secretly collects information about the user. The spyware program communicates information to the outside source. An anti-spyware application program sometime called tracking software or a spybot is used to remove spyware. Among of the popular anti-spyware programs are: Spybot Search and Destroy Ad-aware Spyware Blaster 51
5) FIREWALL
Firewall is a piece of hardware or software which functions in a networked environment to prevent some communications forbidden by the security policy. Firewall implement a security policy. It might permit limited access from in or outside the network perimeters or from certain user or for certain activities.
52
SECURITY THREADS
Security threats may come from in many forms. For example, when someone is invading your account information from a trusted bank, this act is considered as a security threat. Security measures can be used to prevent this invader from getting the account information. For example, the bank can use a firewall to prevent unauthorised access to its database.
Antivirus and anti-spyware can be used to protect the computer from the threats by: 53
limiting connectivity allowing only authorised media for loading data and software enforcing mandatory access controls blocking the virus from the computer program
Hacking is an unauthorised access to the computer system done by a hacker. We can use firewall or cryptography to prevent the hacker from accessing our computers. A firewall permits limited access to unauthorised users or any activities from the network environment. Cryptography is a process of hiding information by changing the actual information into different representation, for example, an APA can be written as 7&*.
Natural disasters may threaten a computers hardware and software easily. Computers are also sensitive to their operating environment such as excessive heat or the inadequacy of power supply. The backup system is needed to backup all data and applications in the computer. With the backup system, data can be recovered in case of an emergency.
54
prevent access by using locks, smart-card or password prevent portability by restricting the hardware from being moved detect and guard all exits and record any hardware transported
There are many instances where non-programmers develop applications which are not built with proper understanding of software engineering practices. Data produced by such applications may not be correct and may risk corrupting data received from other sources that are not compatible with the application.
Computers should have alarm systems to guard them from any attacks such as viruses and data corruption. The alarm system is the security measures that we take to ensure its safety.
DATA PROTECTION
We need to protect the data in the computer as it may somehow get lost or corrupted due to some viruses or mishap like fire, flood, lightning, machine failures and even human errors. There are a few ways to protect the information namely: make backup files detect the virus and clean the computer warn others on virus attacks
1) BACKUP FILES
Users can do backups of file systems by: keeping the duplicated files in external storage such as in the floppy disk and thumb drive 55
do backup frequently
We can warn others on virus attacks or new viruses by sending e-mails to them.
The computer system is able to detect any illegal access to the system by a user who does not have any authorisation. Basically, a corporation will simply use tcpwrappers and tripwire to detect any illegal access to their system. User's access will be reviewed periodically by computer operations. On going internal audits will be made to ensure detection of violations of security and unauthorised modifications to software and data .
TCPWRAPPERS
Tcpwrappers stop the attempted connection examines its configuration files will decide whether to accept or reject the request. Tcpwrappers will control access at the application level, rather than at the socket level like iptables and ipchains. The system will run tcpwrappers to log access to ftp, tftp, rch, rlogin, rexec and telnet.
TRIPWIRE
Tripwire will detect and report on any changes in the thousands of strategic system files. The system will run tripwire to determine if system files have changed. 56
PATCH
Patch supplies small updates to software, provided that the source code is available. Patch is a name of an UNIX utility. It applies a script generated by the different program to a set of files that allows changes from one file to be directly applied to another file. Resources are not enough to patch all security holes that we hear about through the bugtraq list. (Bugtraq is a full disclosure mailing list dedicated to the issues of computer security. On-topic discussions are new discussions about vulnerabilities, methods of exploitation and how to fix them. It is a high volume mailing list and almost all new vulnerabilities are discussed there.) 57
SOFTWARE APPLICATIONS
Software applications are used for many reasons. Such as to enhance the learning process, to help in business activities, to assist the graphics and multimedia project and to fasilitate communication. Area Home and Education Business Graphics and Multimedia Communication Examples of software applications Integrated software, Personal finance, Legal, Tax Preparation, Clip Art/Image Gallery, Home Design/Landscaping and Reference Word Processing, Spreadsheet, Database, Presentation Graphics, Personal Information Manager, Software Suite, Project Management and Accounting Computer-aided design (CAD), Desktop Publishing, Paint/Image Editing, Video and Audio Editing, Multimedia Authoring and Web Page Authoring E-mail, Web Browsers, Chat Rooms, Newsgroups, Instant Messaging, Groupware and Video Conferencing
Today, computers are used in schools, colleges and universities in order to promote better education by using computers. In the labs, students use software packages to complete their assignments. At the same time, some educators use the computer-based training and web-based training as replacements for lecture presentation. Some of the software applications that are usually used in schools and universities include Microsoft Office, Adobe Photoshop, Macromedia Flash, AutoCAD, Macromedia Dreamweaver and Macromedia Director.
BUSINESS
People use finance or accounting software to balance check books, pay bills, track personal income and expenses, manage investments and evaluate their financial plans. Accounting software helps companies to record and report their financial transactions. Examples of these software applications include MYOB, Intuit Quick Books and Peachtree Complete Accounting. 59
COMPUTERS IN BANKING In the banking sector, many financial institutions offer online banking. People can access their financial records from anywhere in the world. One example of online banking is Maybank2u. (www.maybank2u.com) Most of the packages on banking offer a variety of online services. Which requires access to the web. For example we can track our investment online, compare insurance rates and do online banking.
INDUSTRY
By using the CAM system, computers record actual labour, material, machine and computer time used to manufacture a particular product. Computers process this data and automatically update inventory, production, payroll and accounting records on the companys network. Examples of companies using this system are Proton(www.proton.com.my) and Perodua (www.perodua.com.my).
Computers are crucial in publishing especially in the process of making works available to the public. These works include magazines, books, newspapers, music and film production. Special software applications are used to assist graphic designers to develop graphics, texts, photographs and composing songs. Computer-Aided Design, Desktop Publishing, Paint/Image Editing, Video and Audio Editing and Multimedia Authoring are among the popular applications software.
COMMUNICATION
A government provides society with direction by making and administering policies. Most government offices or agencies have websites in order to provide citizens with up-to-date or latest information. Examples of software applications used for communication include e-mail, web browsers, newsgroups, instant messaging and video conferencing. 60
People can access government websites to: check information on taxes (www.hasil.org.my) apply for permits and licenses (www.jpj.gov.my) check for MyKad (www.jpn.gov.my) pay parking tickets and check summons (www.jpj.gov.my) renew vehicle registration (www.jpj.gov.my) register online for IPTA/IPTS application (www.moe.gov.my)
COMPUTERS IN TOURISM
Today, people will go online to get all related information about traveling. They can visit websites to get information on destinations, prices, hotels, flights and car rentals. They can also purchase ticket online, all payments can be made by using credit card.
In the medical field, computers are very important in running the operations. Medical staffs use computers for various purposes, namely: maintaining patient records monitoring patients vital sign assisting doctors, nurses and technicians with medical tests by using computer and computerised devices . using medical software to help with researching and diagnosing health conditions.
Furthermore, computers and the internet are important sources for people to get all information on medical, nutrition, fitness and other tips from several available websites. The latest development in the medical field is telemedicine. This technology is meant to help professional to conduct live conference in separate locations around the globe.
SCIENCE
In the scientific world, computers are used in all fields of science from biology to astronomy to meteorology and others. These are things that can be done by computers, namely: collecting, analyzing and modelling data serving as medium of communication with colleagues around the world contributing to new inventions or breakthrough in surgery, medicine and treatment 61
imitating functions of the central nervous system, retina of the eye and others by tiny computers allowing a deaf person to listen through cochlear implant
HOME USER
The computer is a basic necessity. Each home user spends time on the computer for different reasons: business communication entertainment education
To save cost, SOHO connects one printer to many employees to share. SOHO also have their own basic business software such as word processing and spreadsheet software to assist them in documents preparation and their financial tasks. Small Office or Home Office users include: accounting firms, travel agencies, florists and many more These SOHO users: 62
use desktop or notebook computers as well as telephone, handphones and PDAs in completing their tasks and communicating work in a small company or work as an individual at home
MOBILE USER
Network services are expanding to serve people across the country and the world. More users are becoming mobile users, who work on computer while they are away from their home or main offices. Mobile users: include real estate agents, insurance agents, meter readers and journalists use notebook computers, Internet-enabled PDAs or smart phones work with basic business software such as word processing and spreadsheet business software use presentation graphics software to create and deliver presentations to a large audience by connecting a mobile computer or device to a video projector
POWER USER
Power users require the capabilities of workstation computers or other types powerful computers. The software that is used by power users is normally expensive because of their specialize design. Their computer have network access connections and internet connections. Power users: include engineers, scientists, architects and virtual reality animators use computers with extremely fast processor, bigger storage and customised software work with mini computers that uses design to meet the organisational needs use software such as CAD, CAM and MATLABExamples :
Each employee or customer who uses computer in large offices of company is a large business user. Large business users use a large network of computers. Use computers for basic business activities such as preparing bills for millions of customers, preparing payroll and managing thousands of items in the inventory. Large business users: bank, insurance company, hypermarket use computers for basic business activities 63
have e-commerce that allow customers and vendors to interact and do business transactions online therefore customers, vendors and other interested parties can access information on the web have e-mail and web browsers to enable communications among employees, vendors and customers provide kiosks in public locations
Many employees of large business telecommute, which means they work away from their offices workstation. They also have flexible schedule.
STEP 1 - GET AN OVERVIEW OF THE TOPIC Familiarity We need to familiarise ourselves with the topic before we start doing a study. This will allow us to spend more time developing a topic rather than using more time learning about the topic. We also have to get a broader picture of the subject by focusing on the who, when, why, how and where questions. 64
Reference Refer to a dictionary, encyclopedia, handbook, textbook, guide or bibliography which can provide an overview of the topic. Brainstorming Spend some time brainstorming about the topic and write down everything that we can think of about the topic. STEP 2 - NARROW DOWN THE TOPIC Narrow down the topic by reading the sources and form some specific questions related to the topic. By doing this, we may have awareness of the various aspects that we may want to study. However we need to understand that not all information is reliable and we have to differentiate between facts and opinions. Objective Information based on facts which can be verified presents results of original study often the view from experts in the subject area presents analysis of facts from all sides of issue Subjective Information based on what seems to be true reflects personal views or judgment often the views of individuals or groups may present an analysis of the facts from one side of an issue STEP 3 - FIND STUDY MATERIALS Study materials are available offline and online. We can search for the information that we want in books, journals, articles or other resource materials found in the library and the Internet. A list of all the books, journals and electronic materials are available from the library. We can use the online databases to find the most useful materials for our study. STEP 4 - EVALUATE STUDY MATERIALS All selected materials need to be evaluated in four aspects: Aspects Sample Relevance Does this publication help to answer the research question? If it does not find something else which does. Reliability/Credibility is the information accurate? has the information been peer reviewed? are the authors and publishers reputable? do they cite their credentials? are there footnotes and a bibliography? 65
Perspective
Update
is this a primary source (presenting the author's own research and ideas) or a secondary source (summarising and discussing the research and ideas of others)? is the evident biased? Does the author attempt to sway the reader's opinion? how recent is the information published? how recent has it been updated? have there been new developments on the topic? could the information you are using be misleading because of the publication date?
STEP 5 - WRITING OUT THE STUDY PAPER When all resources are gathered, start writing the paper and cite all the sources of information used. These may include books, journals, articles and magazines.
There are a variety of ways to write out your research. However, there is a set of basic requirements that must be followed when it comes to submitting or presenting written presentation. 1. General Points number all pages use one side of A4 paper 66
secure all pages with a staple (top left-hand corner) dont use paper clips/pins or folders must be typed/word processed clear and easy to read print-out spell check your paper supply an estimated word count on the cover sheet include your name, course name and teachers name
2. Style double-spaced 12 point minimum and 14 point maximum (with the exception of headings and footnotes) 2 spaces after a full stop and 1 space following a comma, semicolon or colon no abbreviation such as e.g., & or etc. unless it is included in a bracket. Write everything in full: for example, that is, and so on. numerals are used when the number is more than two words; for tabulation; statistical discussion; sums of money; addresses; dates; time; and page, chapter, volume numbers (for example, 2 June, 2000) consistency in style for example in writing out headings 3. Quote a direct quote must be placed in quotation block quotes are used if a direct quote is more than three lines long. if possible, paraphrase information in preference to using direct quotes. use quotes and paraphrasing to support argument 4. Clarity helps your readers understand your paper by organizing your paper well and dont forget to insert the page numbers edit your work means reading through the paper several times before submission and dont just rely on the rough spelling and grammar checks offered by your software. 5. Indicating your intentions in a complex study, the introduction of every section should inform the reader what to expect in that section should contain judgment or decision that has been reached. the final paragraph in each section should tie the contents of that section together with a short conclusion. do not use too many words to say what you are going to do and what you have done, keep to the necessary minimum
67
PREPARING A PRESENTATION
WHAT IS DELEGATION?
Delegation is the ability to assign tasks to others with the authority, responsibility and accountability to finish the tasks. This means it is not enough to just give out orders to people but as a team leader you also need to give specific instructions on what to do. Tell your team members that they are responsible for the task given to them and explain to them what would happen to the project if they failed to finish the task.
Reasons why should I delegate tasks: will be able to save time help others to learn new skills, for example, how to negotiate and cooperate utilise individual's additional strengths and expertise will be able to achieve large goals by dividing them into smaller tasks promotes creativity and diversity because others may have better way doing things cut down on tasks that can be done just as well by others 68
WHAT TO DELEGATE?
In order to complete a team project, you will be asked to use your skills in research, presentation and task delegation. When working on a large project you must know what task to delegate and how to assign them.
1. Questioning Discover a problem Form a question to answer the problem 2. Planning Set out steps to find answers Select sources for possible answers Plan a basic draft for reporting Assign tasks to team members Agree on contingency plans 3. Gathering Go to agreed sources of information Collect information 4. Sorting Put similar information together Highlight valuable credible information 5. Synthesizing Discuss information with others Combine different information 6. Evaluating Discusses if the information gathered supports the answer Test out solution and decision that supports the answer 7. Reporting Write or type out the report Create an appropriate graphic or media Prepare for Q & A Prepare research
69
Help team member to perform task if needed. Chong, you take the science books and Indra, Delegate task to those you take the art books. qualified to do the job. I dont know the coding system. Inform limitation of abilities or resource to other team members. So, is everybody clear on what needs to Monitor task progress. be done and when we should meet again later.
STUDY
70
TOPICS
Form into groups. Discuss with the team members and choose ONE (1) of the study topics below: 1. Copyright and piracy from a moral and legal standpoint. 2. Credit card fraud on the Internet and its implications on the industry/ economy/government. 3. Malaysian Cyber Law, Electronic Government Law. The portfolio will contain: 1. Team journal study project introduction page minutes of team meetings initial project plan/calendar conflict resolution report 2. Initial framework for presentation 3. Final presentation The purpose of team journal is to keep track the progress of the project. The teams initial framework is where the team should do some basic study on the topic and decide what should be included in the presentation. The print out of the final presentation will be given to the teacher for final grading.
Source citation card is a note card in which you write the name of the article, author, book name, page numbers, where you found it, why it is good information and a short summary of the important points.
71
72