Computer Security and Privacy on the Internet, Research Paper Example
Words: 3155Research Paper
Nowadays, computers, as well as computer networks are used actively all over the world, which means that the majority of information is stored today in an electronic form and is exchanged through the e-mail system. All this makes it possible to obtain necessary information (even confidential one) by pressing proper buttons in a proper order. The point is that one should have enough knowledge about computing to be able to handle it. Thus, the problem of computer security has become especially important today. It goes without saying that much has been done to prevent unauthorized access to the private information on computers and big success has been achieved in this area. But, at the same time, hackers become more and more inventive and each new antivirus program is followed by a new more sophisticated virus. In our research we would like to consider main aspects of computer security and privacy on the Internet, as well as means of protection from unauthorized access to the information.
The peculiarities of computer security are defined by the specific character of computer usage. As a rule, the personal computer is utilized by a limited number of users and may be connected to another computer or a local network with the help of a modem or a phone line, as well as be off the line.
The fact that the personal computer architecture, hardware and software are standardized, as well as software high mobility and some other specific features enable a relatively easy access to the information saved on the PC, especially when it concerns skilled programmers. In case the computer is used by a group of people, the may occur a necessity in access restriction for some people to prevent an unauthorized access to the information.
The unauthorized access to the information is considered to be an unarranged reading, processing, copying and employment of the data, as well as virus infection which leads to the damage, modification and elimination of software products. In the discipline of computer security one may point out the following aspects:
- Preventing the hacker from an access to the computing environment, which is based upon the utilization of user identification technological tools.
- Computing environment protection on the basis of the data security software.
- Usage of specific information security products.
Among the conventional security tools the most popular are: devices using password identification, encryption techniques, protection from copying COTS products and virus infections, archiving, etc.
The easiest way to secure the computer from unauthorized access is to set a password for starting the operating system with the help of CMOS Setup. In this case by the stating the massage “Press “DEL” if you want to run Setup ??? Press “Ctrl””Alt””Esc” if you want to run Setup” will pop up. After pressing “DEL” or “Ctrl”+”Alt”-“Esc” the menu CMOS Setup and the user will be able to enter the password by choosing the option Password Checking Option. After that the new settings must be saved and the computer rebooted. Now each time the computer system is being started, the user will be asked to enter the password. Although this means of computer security has certain advantages, its usage cannot be considered reliable, because if the universal password (AWARD_SW) is entered or an accumulator storage battery deactivated, the computer will “forget” all the CMOS Setup settings (Garfinkel & Spafford, 2005).
It is a well-known fact that the first and foremost task in computer security is protection of a hard disk drive from unauthorized invasion. There are several types of software tools that can contribute to this. They are able to provide prevention from any access to a hard disk drive, from writing and reading. Moreover, some of them can delete the remains of confidential information. The hard disk drive protection is usually performed by means of password identification. In this case the access can be gain by the entering a proper password again when the operating system is being booted. Otherwise the starting will fail and if the user attempts to boot the system from a flexible disc, the hard disk drive will become “invisible” for a user. Thus, the protection is carried out by modification of a boot sector from which the data on a disk structure is deleted. The protection like this is rather effective, as it enables to protect the hard disk drive from unauthorized users.
In addition to that, one should pay particular attention to the word he or she chooses as a password. What should be noted is that it won’t take much effort for the specialist to guess the code, especially if it is simple or closely connected to some facts from the user’s life. So, first, a password should be complicated and lengthy enough not to be guessed. Second, it should not include numbers and names which may be known to the Internet users (for instance, users often write their individual data on forums or other forms of interactive communication.
An interesting fact is that many specialists prevent users from relying upon passwords in MS Office documents. Moreover, they make an attempt to prevent them from setting it at all, as this creates an illusion of security, while it takes no effort from an experienced user to open the locked MS Office document (Donn, 1981).
To conclude privacy lock utilization have certain advantages in computer system protection, as it enables to prevent unwanted users from using private or confidential information. However, it seems evident that the experienced programmers have time-tested software, which enables them to gain access to the majority of computer systems. Moreover, there are purely psychological methods used by specialists to get the information, which may help to find out what the password is.
The ability to use computers connected to local networks, as well as the utilization of modems for data exchange impose harder requirements for security software tools. The PC users take advantage of mail system which would be absolutely transparent without additional means of protection. The most reliable form of fight against an authorized access is thought to be cryptographic techniques for information security. They are specific methods of coding or any other data modification which results in confidential information being inaccessible without a presentation of a keyword and, therefore, reverse modification. This type of data protection seems to be the most dependable, because here the information itself is protected, but not the access to it. For instance, an encrypted file can’t be read even in case the media is stolen. The cryptographic protection is performed through computer programs and program packs which expand the horizons of the conventional operating system. Moreover, the protection of the operating system should be completed with data base management system protection which enables to carry out complex access control procedures. Nowadays there is no standard classification of cryptographic methods. Nevertheless, if study the way each message character is modified, one may conditionally point out four main groups. The first one is globing, when the characters of the text to be encrypted are substituted with the same or another alphabet in accordance with a predetermined order. The second type of cryptography is interchanging, when the characters are rearranged within a definite text block according to some rules. Then, there may be an analytic transformation which suggests certain analytic rules of modification. The last type is considered to be a combined transformation, when the initial text is modified by means of two or more above mentioned tools. There are a big number of cryptographic program products which differ in the degree of reliability. In the following we will consider the most credible time-tested program – Pretty Good Privacy (PGP).
It is an extremely strong means of cryptographic protection. It is not that nobody knows how to crack it, but an elaborate mechanism of keyword processing, speed, and convenience the main benefit consists in. There are still dozens of other not less reliable ciphering algorithms, but popularity and free-of-charge distribution have made PGP in fact an e-mail standard all over the world.
Ordinary cryptographic facilities (those with the only encryption key) suggested two corresponding sides should exchange a secret key or a parole (sometimes even using a secret channel) before the beginning of communication. Thus, there seem to be a vicious circle: to deliver a secret key one should create a secret channel; to create a secret channel one should possess a key. The software tool PGP, which was developed by Philip Zimmerman, refers to the two-key systems, public and secret ones, which means that even if your public key is known, you still will be able to exchange encrypted texts that no one, except your and your partner, is enable to read, because of the fact that the other key – the secret one – is kept private. So, the point is that the text is enciphered with a public key and deciphered with a secret one. In this case even the sender is incapable of deciphering the text.
However, it should be taken into consideration that even this highly reliable means of protection does not ensure absolute privacy. Primarily, the user’s carelessness may condition the authorized access to private information. Thus, a password or a cipher can be obtained through falsification, virus infection, radio atack, cryptanalysis, or can be triggered by information disclosure.
To conclude, we viewed cryptography as a means of secure communication in the computer network and its most credible representative – the program Pretty Good Privacy. We managed to point out its main benefits and explained the way it prevents the unauthorized access. However, we emphasized that there is still danger of intrusion which may be caused by both the user’s imprudence and the hacker’s inventiveness, as well as quick development of new sophisticated hacking methods.
Archive Creation as a Means of Computer Security
By the computer handling there may occur on magnetic discs information damage or loss. The reasons for it may be physical damage of a disc, improper patching, accidental file purging, virus infection, etc. In order to decrease losses in such cases one should have archive backup of files used, which are to be consistently updated. For keeping achieves one may use high-capacity files, which enable to back up hard disk drive data.
For copying files the user may use the following methods: conventional commands (????, Xcopy, Diskcopy), software tools (PCtools, Norton Commander, Windows), or uninterruptible backup programs (Backup and Restore). Though in this case backup files require as much memory space as original ones and, therefore, it may take many flexible disks or other media.
Much more convenient is to use specific archive program, which enable to have information crunched. It also should be noted that by the achieving the degree of file compression depends upon the file format. Some formats (graphical, Page Maker, etc) are crunched by the program that created the original file, but the best archive programs are capable of crunching them also. Quite another situation is with text files, PostScript files and the like: text files become 50-70% less, programs – 20-30%. In addition, the most popular archive programs are ARJ, LHA, RAR and PKZIP (has its own un-zipper PKUNZIP).
The operation principle of archive programs is based upon the search of the “excess” information and its subsequent coding with the purpose of volume decrease. The most popular file achieving technique is compaction of identical character series, which is instead of keeping each repeated bite, the number of repeated characters is recorded.
The popular achieve programs ARJ, ???, LHARC, PKZIP are based on the Lempel-Ziv chain algorithm, which creates a string translation table from the text compressed, that is stores unique two-character strings into the table, mapping to the corresponding first character. The most important feature of this algorithm is that it suggests parsing the text and, then, phrase grouping.
There is an alternative for those not wishing to store additional information on their computers and discs. There are Internet services that enable users to save their files on another Internet computer. Some of these services provide “transparent access” to the backups. That is, they look like another hard drive attached to your computer. You use the file copy scheme that your computer provides to back up files and recover them from backed up storage. However, one should keep in mind that that the information one delivers to the Internet can be traced and captured by others. Thus, if one ventures to entrust his or her private information to the World Wide Web, one should be aware of the fact that it is vulnerable to the danger of being stolen or damaged.
To conclude, achieve programs do not only enable to save memory space, but also group them according to their characteristics, thereby making the achieve handling easier. Furthermore, they prevent the complete loss of computer data which determines their usefulness in the sphere of computer security.
Protection From Computer Viruses
A computer virus is a specific computer program which copies itself and infects other programs on the computer, as well as steals information from it. Nowadays more than 20 thousand viruses are known. They may be conditionally classified according to the environment they exist in (network, file, hard disk drive boot sector), the manner of infection (loaded into the PC memory – residential, and temporary), the capabilities, etc. We would like to dwell on the last factor and name the level of harm various types of virus are able to work. First, there are harmless viruses, which do not influence the work of a computer system. Second, there are “not dangerous” ones, which may occupy memory space and hinder the working process with audio, visual, etc. effects. Then, among harmful viruses one should distinguish dangerous viruses, which cause serious errors and disruptions, and very dangerous, which kill programs and erase data from system control areas and disable accessories.
The given classification does not appear to cover all possible viruses – in each category there may be ones which do not possess all the characteristics of viruses, though are very harmful to the software (“trojan horse”, etc.).
A Trojan Horse is a program which, at first sight, looks as if it is an ordinary computer program. The Trojan Horses are usually disguised in such a way that they are attracting users, for example, it may be popular music composition or free-of-charge program. A Trojan Horse differs from a destructive virus in that it doesn’t reproduce. “There has been a password trojan out in AOL land (the American On Line). Password30 and Pasword50 which some people thought were wav. files, but they were disguised and people did not know that they had the trojan in their systems until they tried to change their passwords” (Hanhisalo, 2008). According to an administrator of AOL, the Trojan steals passwords and sends an E-mail to the hacker’s fake name and then the hacker has your account in his hands.
The task of viruses is to move from one program to another with the speed as high as possible. Generally, viruses join to the host program in some way. Sometimes they may write over part of the host program.
A computer may be infected with a boot sector virus if it is booted from an infected floppy disk. Boot sector infections cannot normally spread across a network. These viruses spread normally via floppy disks which may come from virtually such sources as unsolicited demonstration disks, new software, disks used on PC by programmers, repaired hardware, etc (Hanhisalo, 2008).
The file infection gets activated, when the program to which it is attached is run, and afterwards a file virus starts spreading across the system very rapidly. They may be spread from both the same sources and sources such as Internet.
In order to fight computer viruses, the specialists are developing special antiviral programs, which may be classified into:
- Detectors enable to find infected files. Unfortunately, often they fail to detect “fresh” infections, though there are some in which this function is provided. The most popular detectors are ViruScan and NetScan.
- Virus killers “treat” infected programs and discs by eradicating the virus body. What should be emphasized is that some viruses can not prevent information loss and may distort so strongly, that there will be no possibility of recovering it. The most-well known programs are Clean-Up, M-Disk, and Aidstest.
- Audit programs storage the data on program system control area state and compare it to the initial one. In case they detect any mismatching, the user is informed about it.
- Audit killers combine the functions of the two above mentioned virus-protection programs, which are able to detect file and program system control area modification and, if necessary, recover it.
- Filter programs are situated memory-resident in the mainframe memory and capture the messages that may be used by viruses to harm the system and inform the user about them. These programs are controlling the actions, which are characteristic of viruses, such as upgrading program files, direct recording, disk formatting, and resident program locating in frame memory. Detecting an attempt of one of these actions, the filter program describes the situation description to the user and asks for confirmation. Among such programs there are FluShot Plus, Anti4Us, Floserum, Disk Monitor, etc.
Some antivirus functions are imbedded into modern versions of BIOS. As a rule, antivirus software products combine the main functions of detectors, killers and audit programs. In addition, they are constantly updated and are capable of protection of only those viruses, which are known at the time of antivirus invention (Garfinkel & Spafford, 2005).
To conclude, one should remember that only users themselves are able to protect their computers from virus infection. Just the proper timely application of antivirus means may prevent the system from infection and provide a minimum damage, if the computer has already been infected. It is necessary to organize a PC operation in an appropriate way, as well as avoid uncontrolled program downloading from the Internet and other computers. Primarily, it concerns entertainment programs and game programs.
To conclude, in our research work we managed to view main aspects of computer security and privacy on the Internet, as well as means of protection from unauthorized access to the information. First we numbered the most important methods of intrusion prevention, pointed out their benefits and drawbacks. Then, we dwelled upon the dangers one may face in the World Wide Web, specifically computer viruses, and offered the best ways the user may fight against them. I believe that in case one is aware of the hazards and the methods of avoiding them, he or she will unlikely be caught unawares, when the problem occurs, and will be able to do one’s best to protect one’s privacy. Moreover, being aware of what is going on in today’s network, computer users will be cautious enough not to provoke others to intrude their life and let them trespass on his or her rights.
Donn, B. (1981) Computer Security Management. Reston, VA: Reston Publishing Company Inc.
Hanhisalo, M. (2008). Computer Viruses. Retrieved April 7, 2009, from http://www.tml.tkk.fi/Opinnot/Tik-110.501/1997/viruses.html#7.
Garfinkel, S. & Spafford, G. (2005) Practical UNIX & Internet Security. Sebastopol, CA: O’Reilly.
Pfaffenberger, B. (1997). Webster’s New World Dictionary of Computing Terms. New York: Simon and Schuster.
Time is precious
don’t waste it!