Protecting Personally Identifiable Information (PII)

Questions and Answers

What is the main concept behind transposition encryption?

• It replaces letters with numbers only.
• It uses a fixed key for substitution.
• It doesn't require a specific pattern to decode.
• It alters the position of letters in a message. (correct)

Which of the following is an example of a substitution encryption method?

• Reversing the order of letters
• Dividing the text into multiple parts
• Changing the case of letters in a message
• Shifting letters to the right by a fixed number (correct)

How does the Caesar cipher determine which letters to substitute?

• By applying a designated shift value (correct)
• By counting letters to the left of the alphabet
• By replacing vowels with consonants only
• By using a random letter generator

In T9 texting, what action is taken to type the letter 'H'?

Press the 4 key twice (D)

Which of these shifts would correspond to an 'F' in the Caesar cipher if the shift is 5?

A (A)

What happens if the encryption information is easily accessible by unauthorized people?

Sensitive information may be exposed. (A)

If the Caesar cipher's shift is 3, what letter corresponds to 'I'?

L (A)

What characterizes substitution ciphers as opposed to transposition ciphers?

They replace letters with different symbols. (B)

How many times do you need to tap the button for the letter 'O' using T9 texting?

Three times (D)

What does a substitution cipher replace in a message?

Letters with other letters, numbers, or symbols (D)

What is the primary purpose of encryption methods?

To protect data from unauthorized access (D)

What is a key feature of the Caesar cipher?

It shifts letters by a fixed number of positions (C)

What is an example of a real-world application of substitution encryption?

T9 texting on early cell phones (B)

What would happen if encryption information was easily accessible by others?

Data could be compromised or stolen (B)

What is the main difference between transposition and substitution encryption methods?

Transposition methods change the position of letters, while substitution methods replace letters (B)

What is the name of the encryption method that Julius Caesar used to communicate with his generals?

Caesar Cipher (B)

How does the Caesar cipher determine the shift?

Using a fixed shift value (C)

What is a characteristic of substitution ciphers?

They replace letters with other letters or characters (D)

What is the purpose of the shift in the Caesar cipher?

To encode the message (C)

What is an advantage of using encryption methods?

Improved data security and confidentiality (D)

What is a key responsibility of citizenship in a digital world?

Safeguarding Personally Identifiable Information (PII) (C)

What is typically needed to access websites or login to online accounts?

Email and password (D)

What is an advantage of using strong passwords?

Harder to hack into the account (A)

What should you avoid including in your password?

Personal identifiable information (C)

What is the purpose of an authentication measure?

To identify the user in the virtual world (B)

How many characters should a strong password have at a minimum?

8 characters (B)

Why is it important to keep your PII safe?

So your information is protected from unauthorized access (A)

What is a characteristic of a strong password?

It is easy for you to remember but hard for others to guess (D)

What is the primary purpose of multi-factor authentication?

To safeguard against unauthorized access to accounts and PII (D)

What is a disadvantage of having accessible PII?

Risk of identity theft and stalking (C)

What can prevent infections and fix errors that could compromise a system?

All of the above (D)

What is an example of multi-factor authentication?

Security image identification (B), Answering security questions (C)

Why is multi-factor authentication more secure than one-step authentication?

It provides more than one layer of security (D)

What can password managers generate for online accounts?

Complex, random passwords (A)

What is a disadvantage of storing PII online?

It can lead to identity theft and stalking (C)

What should you do when allowing a new website access to your personal information?

Limit the permission settings and adjust them accordingly (C)

What is a characteristic of multi-factor authentication?

It uses at least two types of authentication (C)

What is the purpose of protection software?

To protect systems from cyber attacks and infections (B)

What is the primary goal of a phishing email attack?

To trick the recipient into revealing personal information (B)

What is a key indicator of a phishing email?

An unofficial 'From' address (A)

What is the primary objective of a keylogging attack?

To gather usernames and passwords (C)

Why is keylogging considered an unethical practice?

It invades users' privacy and captures sensitive information (D)

What makes public networks particularly vulnerable to cyber attacks?

They are easier to access (D)

What can happen if you respond to a phishing email?

You will unintentionally reveal personal information (C)

What is a characteristic of a phishing email?

It creates a sense of urgency (D)

What can keylogger software do?

Identify if someone is attempting to keylog (A)

Why are public networks insecure?

Because they are often unencrypted (C)

What is the primary risk of using public networks?

Data may be intercepted by hackers (D)

What is the primary function of an access point on a network?

To create a wireless local area network by connecting to a router (A)

What is a major risk associated with connecting to a rogue access point?

Loss of personally identifiable information (C)

What is a key difference between digital and manual files?

All of the above (D)

What is a benefit of using digital files?

Time savings in editing and transferring files (B)

What is a limitation of digital files?

Dependence on internet connectivity (D)

What is file insecurity?

A concept that all files have vulnerabilities (C)

What can happen to insecure files?

They can be lost, overridden, or corrupted (A)

What is a key feature of digital files?

They can be easily transferred electronically (D)

What is a benefit of using digital files in businesses?

Reduced paper costs (A)

Why should users be cautious when connecting to public networks?

To protect their personally identifiable information (B)

What is the primary objective of encrypting a hard drive and mobile device?

To ensure the confidentiality of information (B)

What is the concept that measures how unpredictable a password is based on the type and combination of characters used and the length of the password?

Password entropy (C)

What is the purpose of implementing anti-virus software?

To prevent cyber attacks and data damage (B)

What is the term for ensuring that information is not disclosed to the wrong individuals?

Confidentiality (A)

What is the result of encrypting plaintext?

Ciphertext (C)

What is the benefit of keeping your computer and devices updated?

To enhance digital security (A)

What is the primary purpose of implementing the five pillars of cybersecurity?

To maintain digital security (C)

What is the calculation for password entropy?

Log base 2 (C)

What is the term for proving the identities of the sender and recipient when transferring information?

Non-repudiation (D)

What is the benefit of restricting access to files?

To prevent unauthorized access (B)

What is the primary purpose of a white hat hacker?

To identify and report security flaws to companies. (A)

What type of hacker would likely charge a fee for reporting vulnerabilities they discover?

Grey hat hacker (C)

Which of the following is NOT a type of malware?

Firewall (B)

What is the primary characteristic of a computer virus?

It replicates itself and spreads to other systems. (D)

How can a computer virus be spread?

All of the above (D)

Which of the following is a potential consequence of a virus infection?

All of the above (D)

How can you protect yourself from malware?

All of the above (D)

Which of the following is NOT a characteristic of black hat hackers?

They use their skills for ethical purposes. (B)

What is the primary difference between a worm and a virus?

A worm spreads through networks, while a virus requires a host program to spread. (C)

Which of the following is an example of a ransomware attack?

A hacker encrypts your files and demands payment to unlock them. (D)

What is a common challenge in identifying the source of a DDoS attack?

The attack can involve many machines making requests (A)

What is an example of unintended consequences in the digital age?

Programmer bias and privacy infringement (A)

What is algorithmic bias?

A systematic error in computer systems (A)

What is the Digital Divide?

The gap between those who have access to the Internet and computers, and those who do not (D)

What can contribute to programmer bias?

The programmer's life experience and perception of the world (C)

How do algorithms on social media platforms contribute to algorithmic bias?

By adjusting what users see based on their online activity (A)

What can be used to predict the types of ads a user might want to see?

A user's digital footprint (C)

What can determine whether a person has access to the Internet and computers?

All of the above (D)

What can be a result of unchecked programmer bias?

Unintended consequences (A)

What is a potential risk of the Digital Divide?

Those without access to the Internet and computers may be left behind (A)

What happens to the letters in a message when using the transposition encryption method?

They are rearranged according to a specific pattern. (D)

What is the purpose of the shift in the Caesar cipher?

It specifies the number of positions to shift the letters. (A)

Why was the T9 method of texting used in early cell phones?

To encode messages using substitution cipher. (D)

What is a characteristic of substitution ciphers?

They replace letters with new characters or numbers. (B)

What would happen if encryption information was easily accessible by unauthorized people?

Their data could be compromised or stolen. (D)

What is the main difference between transposition and substitution encryption methods?

Transposition rearranges letters, while substitution replaces letters. (A)

What is the purpose of encryption methods like the Caesar cipher?

To encode plain text messages securely. (C)

What is a real-world application of substitution encryption?

T9 texting on early cell phones. (D)

What is a dictionary attack?

A cyber attack that uses a list of common words and phrases to try and guess a password. (D)

Which of the following is NOT a type of cybercrime?

Network security audits (D)

What is the primary goal of a Denial of Service (DoS) attack?

To disrupt the normal operation of a website or server. (B)

Why is it generally recommended to avoid using dictionary words in passwords?

Dictionary words are easily guessed by hackers using dictionary attack software. (A)

What is the key difference between a DoS attack and a DDoS attack?

A DoS attack is launched from a single source, while a DDoS attack uses multiple sources. (C)

Which of these is a common method used to gain unauthorized access to a system in order to spread malware?

Exploiting vulnerabilities in the system's software. (C)

Which of the following is NOT a type of cyber attack?

Network Security Audit (B)

What is the main reason why using personally identifiable information (PII) in passwords is strongly discouraged?

It's easier for hackers to guess passwords that contain PII. (A)

Why is it important to keep your PII safe?

All of the above. (D)

What is the primary purpose of encryption methods?

To protect data from unauthorized access. (D)

What is the primary difference between symmetric key encryption and public key encryption?

Symmetric key encryption uses one key for both encryption and decryption, while public key encryption uses separate keys for each. (B)

Which of the following is NOT a benefit of using symmetric key encryption?

High security due to the use of separate keys. (A)

In the context of encryption, what does 'ciphertext' refer to?

The encrypted message that is unreadable without the decryption key. (C)

What is the role of a certificate authority in encryption?

To verify the ownership of encryption keys used in secure communications. (A)

Which of the following best describes the process of decryption?

Converting a ciphertext message back into plain text. (D)

What is the main purpose of using encryption?

To make data more difficult to access and understand. (D)

In the context of encryption, what is a 'key'?

A code used to encrypt a message. (C)

Which of the following is a disadvantage of symmetric key encryption?

It can be vulnerable if the key is compromised. (A)

What is the purpose of a public key in public key encryption?

To encrypt the message. (A)

What is an example of a real-world scenario where encryption is essential?

Making an online purchase with a credit card. (B)

What is the primary focus of the open innovation movement?

Collaborating on projects and ideas (D)

Which of the following best describes open access?

Unrestricted online access to research materials (D)

What is one significant benefit of open access repositories?

Equitable access to information regardless of payment ability (B)

How did the Polish Cipher Bureau contribute during World War II?

Broke the German Enigma code (A)

What role does cryptography play in today's digital age?

Securing personal and financial data (C)

What is the main function of encryption in cryptography?

To obscure data to unauthorized users (B)

Which of the following is NOT a characteristic of open access repositories?

They require users to pay for access (A)

Which ancient civilization is noted for some of the earliest forms of cryptography?

Ancient Egyptians with their hieroglyphics (C)

Which of the following best describes modern cryptography?

The science of storing data securely (C)

What is a critical aspect of maintaining information security in cryptography?

Employing strong encryption methods and protocols (C)

Which of the following is NOT a factor contributing to the digital divide?

Limited access to electricity (C)

What is a key responsibility of programmers in mitigating the negative impacts of computing?

Promoting accountability and transparency in their programming solutions (A)

Which of these options is NOT a potential solution to the digital divide?

Implementing stricter government regulations on internet access (C)

What is a primary purpose of the Digital Millenium Copyright Act (DMCA)?

To protect intellectual property and copyright in the digital age (A)

Which of the following is NOT an example of infrastructure that contributes to the digital divide?

Secure financial systems (D)

How can programmers contribute to addressing the digital divide?

By developing programs that are accessible to people with varying levels of technical skills and resources (D)

What is a key element of a programmer's Code of Ethics?

Promoting transparency and accountability in their work (D)

Which of these options is a potential consequence of ignoring ethical concerns in computing?

Exploitation of privacy and other protections (D)

What is a primary challenge in addressing the digital divide?

The high cost of internet access and connected devices (D)

Which of the following is NOT a factor that can influence the digital divide?

Gender equality (B)

Flashcards are hidden until you start studying

Study Notes

Protecting Personally Identifiable Information (PII)

• PII can be collected through devices, websites, and detection hardware and software that track movements and location.
• Safeguarding PII is a key responsibility of citizenship in a digital world.

Authentication Measures

• One-step authentication measures use email and password to secure information.
• Strong passwords should be:
  • At least 8-12 characters long
  • Include capitalized letters
  • Include lowercase letters
  • Include numbers
  • Include symbols
  • Avoid personal identifiable information (e.g. birthday or name)
  • Not be words found in a dictionary
• Multi-factor authentication provides more than one layer of security, using a minimum of two steps to access a virtual space.
• Examples of multi-factor authentication include:
  • Choosing and identifying a security image
  • reCAPTCHA identification
  • Identifying pictures with a common image in them
  • Answering security questions

Disadvantages of Accessible PII

• Negative consequences of accessible PII include:
  • Credit card information getting into the wrong hands
  • Web browsers tracking search history and preferences
  • Location information being collected
  • Information being used to stalk or steal identities

Protecting PII

• All systems have flaws, so software is needed to protect against cyber attacks.
• Recommendations for protection software include:
  • Kaspersky Anti-Virus
  • AVG Anti-Virus
  • Norton 360 Deluxe Malware Protection
  • ESET Cybersecurity
• Limit permission settings when allowing websites access to personal information.
• Password managers can generate complex, random passwords for online accounts.

Cybersecurity Awareness

• Be aware of where your digital footprint is to keep data secure.
• Cyber attacks include dictionary attacks, brute force attacks, and more.
• Hackers can be categorized as:
  • White hat hackers (ethical hackers who test systems and protect against attacks)
  • Black hat hackers (criminals who use their skills for personal gain)
  • Grey hat hackers (individuals with a combination of white and black hat ethics)

Types of Attacks

• Malware refers to malicious software, including viruses, worms, spyware, and ransomware.
• Viruses are specialized computer programs that replicate and insert their code into a new host.
• Phishing is a type of cyber attack that uses disguised emails to trick recipients into providing personal information.
• Keylogging attacks use software or hardware to track keystrokes and gain access to usernames, passwords, and other information.

Public Network Insecurities

• Public networks are especially dangerous to cybersecurity because data can be easily accessed by hackers.
• Rogue access points can be created by hackers to steal personal information.

Digital Files

• Digital files have benefits, including:
  • Time-saving in editing and transferring files
  • Better efficiency in record-keeping
  • Easier access to files
• However, digital files also have limitations and risks, including:
  • Security breaches
  • File insecurity
  • Losing or corrupting information

File Security

• File security is a feature of the file system that controls access and limits what users can do to files.
• Effects of file insecurity include losing, overriding, or corrupting information.
• Steps to ensure file security include:
  • Keeping computers and devices updated
  • Using strong passwords
  • Using anti-virus software
  • Encrypting hard drives and mobile devices
  • Restricting access to files

Five Pillars of Cybersecurity

• The five pillars are:
  • Confidentiality (ensuring information is not disclosed to the wrong individuals)
  • Integrity (ensuring information is not damaged or modified during transmission)
  • Availability (ensuring services are accessible to users)
  • Non-repudiation (proving the identities of the sender and recipient)
  • Authentication (confirming identities before allowing access to cyber services)### Password Entropy
• Formula to calculate password entropy: log2(SL)
• S: Size of the pool of unique possible symbols
• L: Password Length
• Example: 6-character password with 26 possible symbols (all lowercase letters)
  • Possible combinations: 26^6 = 308,915,776
  • Bits of entropy: log2(26^6) = 28.2

Encryption and Decryption

• Encryption: process of changing plaintext (original message) to ciphertext (encrypted text) for security
• Decryption: process of converting ciphertext back to plaintext using a key

Downfalls of Computing

• Intentional misuse (cybercrime): using computing to commit crimes, e.g. fraud, hacking, identity theft, malware, phishing, cyberstalking
• Unintentional negative side effects: programmer bias, algorithmic bias, privacy infringement, inequitable access to technology and the internet

Cyber Attacks

• Dictionary attacks: using algorithms to try common words and variations for passwords
• Brute force attacks: using software to generate many password guesses based on user information
• Denial of Service (DoS) attacks: overwhelming a network server with traffic to prevent legitimate access
• Distributed Denial of Service (DDoS) attacks: using multiple devices to attack a single target

Unintended Consequences

• Programmer bias: unintended consequences due to programmers' own biases and limited testing
• Algorithmic bias: systematic errors in computer systems that create unfair outcomes
• Privacy infringement: collection and use of personal data without consent
• Digital Divide: unequal access to technology and the internet due to infrastructure, geographic barriers, government restrictions, and socioeconomic status

Solutions to the Digital Divide

• Increase affordability of internet access and devices
• Develop more infrastructure for global connectivity
• Create informational resources for low-cost devices and internet access

Programmer Responsibilities

• Code of Ethics: guidelines for programmers to promote accountability and transparency
• Mitigating negative impacts of computing: programmer bias, algorithmic bias, privacy infringement, and digital divide

Legal Issues in Computing

• Digital Millennium Copyright Act (DMCA): protects copyrighted material online and provides safe harbor for web hosts and ISPs
• Intellectual property: creative works or inventions that can be patented, copyrighted, or trademarked
• Plagiarism: taking someone else's work or ideas without proper citation
• Creative Commons: non-profit organization promoting open sharing and collaboration of creative works
• Open Source: materials and software allowing others to build upon and adapt
• Open Access: providing free online access to informational materials and research for the greater good### History of Cryptography
• During World War II, the German army used the Enigma machine to encrypt messages to their generals.
• The Polish Cipher Bureau broke the code, allowing Allied code breakers to decrypt the German messages and predict the German army's movements.

Modern Cryptography

• Cryptography is the science of storing data securely in the digital age.
• Four important categories must be maintained when storing information virtually: confidentiality, authenticity, integrity, and ownership.
• Cryptography uses concepts like encryption and decryption to store data securely.

Encryption Explained

• Encryption is the process of changing a message or information to hide its true meaning.
• Plaintext (original message) is turned into ciphertext (encrypted text) for security.
• An encrypted message requires a key to be decrypted.
• Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications.

Decryption Explained

• Decryption takes the encrypted message and converts it back to the original plaintext.
• The key is needed to decrypt the message.

Encoding and Decoding

• Encoding refers to the algorithm that changes plaintext into ciphertext.
• Decoding algorithms are used to convert ciphertext back into plaintext.
• Encoding and decoding algorithms are consistent and public information.
• Encryption keys are needed to secure the encoded data.

Symmetric Key Encryption

• Symmetric key encryption uses one key for both encryption and decryption.
• Advantages: fast and efficient for secure data storage.
• Disadvantages: trust issues and key security can be a challenge since the key can exist with multiple parties or companies.

Public Key Encryption

• Public key encryption uses different keys for encryption and decryption.
• A public key is used to encrypt a message, and a private key is used to decrypt it.
• Example: Bob sends a message to Alice, encrypting it with her public key, and she decrypts it with her private key.

Why is Encryption Necessary?

• Encryption is necessary to protect sensitive information from unauthorized access.
• Examples: ATM transactions, military communications, and website data storage.

Encryption Methods

• Transposition Encryption: changes the position of letters in a message.
• Substitution Encryption: replaces letters in a message with new letters, characters, or numbers (cipher text).
• Examples of Substitution Encryption: T9 Texting and Caesar Cipher.

Substitution Methods

• T9 Texting: uses numbers associated with letters on a telephone keypad to write words.
• Caesar Cipher: a simple encryption method that shifts letters in the plaintext by a certain number of positions.
• Caesar Cipher uses a shift as its key, and the shift determines the letter substitution.

Caesar Cipher Shift

• The shift in the Caesar Cipher determines the letter substitution.
• Example: if the shift is 3, A is substituted for D, B for E, and so on.
• If the shift is 5, F would correspond to A, G to B, and so on through the alphabet.

Protecting Personally Identifiable Information (PII)

• PII can be collected through devices, websites, and detection hardware and software that track movements and location.
• Safeguarding PII is a key responsibility of citizenship in a digital world.

Authentication Measures

• One-step authentication measures use email and password to secure information.
• Strong passwords should be:
  • At least 8-12 characters long
  • Include capitalized letters
  • Include lowercase letters
  • Include numbers
  • Include symbols
  • Avoid personal identifiable information (e.g. birthday or name)
  • Not be words found in a dictionary
• Multi-factor authentication provides more than one layer of security, using a minimum of two steps to access a virtual space.
• Examples of multi-factor authentication include:
  • Choosing and identifying a security image
  • reCAPTCHA identification
  • Identifying pictures with a common image in them
  • Answering security questions

Disadvantages of Accessible PII

• Negative consequences of accessible PII include:
  • Credit card information getting into the wrong hands
  • Web browsers tracking search history and preferences
  • Location information being collected
  • Information being used to stalk or steal identities

Protecting PII

• All systems have flaws, so software is needed to protect against cyber attacks.
• Recommendations for protection software include:
  • Kaspersky Anti-Virus
  • AVG Anti-Virus
  • Norton 360 Deluxe Malware Protection
  • ESET Cybersecurity
• Limit permission settings when allowing websites access to personal information.
• Password managers can generate complex, random passwords for online accounts.

Cybersecurity Awareness

• Be aware of where your digital footprint is to keep data secure.
• Cyber attacks include dictionary attacks, brute force attacks, and more.
• Hackers can be categorized as:
  • White hat hackers (ethical hackers who test systems and protect against attacks)
  • Black hat hackers (criminals who use their skills for personal gain)
  • Grey hat hackers (individuals with a combination of white and black hat ethics)

Types of Attacks

• Malware refers to malicious software, including viruses, worms, spyware, and ransomware.
• Viruses are specialized computer programs that replicate and insert their code into a new host.
• Phishing is a type of cyber attack that uses disguised emails to trick recipients into providing personal information.
• Keylogging attacks use software or hardware to track keystrokes and gain access to usernames, passwords, and other information.

Public Network Insecurities

• Public networks are especially dangerous to cybersecurity because data can be easily accessed by hackers.
• Rogue access points can be created by hackers to steal personal information.

Digital Files

• Digital files have benefits, including:
  • Time-saving in editing and transferring files
  • Better efficiency in record-keeping
  • Easier access to files
• However, digital files also have limitations and risks, including:
  • Security breaches
  • File insecurity
  • Losing or corrupting information

File Security

• File security is a feature of the file system that controls access and limits what users can do to files.
• Effects of file insecurity include losing, overriding, or corrupting information.
• Steps to ensure file security include:
  • Keeping computers and devices updated
  • Using strong passwords
  • Using anti-virus software
  • Encrypting hard drives and mobile devices
  • Restricting access to files

Five Pillars of Cybersecurity

• The five pillars are:
  • Confidentiality (ensuring information is not disclosed to the wrong individuals)
  • Integrity (ensuring information is not damaged or modified during transmission)
  • Availability (ensuring services are accessible to users)
  • Non-repudiation (proving the identities of the sender and recipient)
  • Authentication (confirming identities before allowing access to cyber services)### Password Entropy
• Formula to calculate password entropy: log2(SL)
• S: Size of the pool of unique possible symbols
• L: Password Length
• Example: 6-character password with 26 possible symbols (all lowercase letters)
  • Possible combinations: 26^6 = 308,915,776
  • Bits of entropy: log2(26^6) = 28.2

Encryption and Decryption

• Encryption: process of changing plaintext (original message) to ciphertext (encrypted text) for security
• Decryption: process of converting ciphertext back to plaintext using a key

Downfalls of Computing

• Intentional misuse (cybercrime): using computing to commit crimes, e.g. fraud, hacking, identity theft, malware, phishing, cyberstalking
• Unintentional negative side effects: programmer bias, algorithmic bias, privacy infringement, inequitable access to technology and the internet

Cyber Attacks

• Dictionary attacks: using algorithms to try common words and variations for passwords
• Brute force attacks: using software to generate many password guesses based on user information
• Denial of Service (DoS) attacks: overwhelming a network server with traffic to prevent legitimate access
• Distributed Denial of Service (DDoS) attacks: using multiple devices to attack a single target

Unintended Consequences

• Programmer bias: unintended consequences due to programmers' own biases and limited testing
• Algorithmic bias: systematic errors in computer systems that create unfair outcomes
• Privacy infringement: collection and use of personal data without consent
• Digital Divide: unequal access to technology and the internet due to infrastructure, geographic barriers, government restrictions, and socioeconomic status

Solutions to the Digital Divide

• Increase affordability of internet access and devices
• Develop more infrastructure for global connectivity
• Create informational resources for low-cost devices and internet access

Programmer Responsibilities

• Code of Ethics: guidelines for programmers to promote accountability and transparency
• Mitigating negative impacts of computing: programmer bias, algorithmic bias, privacy infringement, and digital divide

Legal Issues in Computing

• Digital Millennium Copyright Act (DMCA): protects copyrighted material online and provides safe harbor for web hosts and ISPs
• Intellectual property: creative works or inventions that can be patented, copyrighted, or trademarked
• Plagiarism: taking someone else's work or ideas without proper citation
• Creative Commons: non-profit organization promoting open sharing and collaboration of creative works
• Open Source: materials and software allowing others to build upon and adapt
• Open Access: providing free online access to informational materials and research for the greater good### History of Cryptography
• During World War II, the German army used the Enigma machine to encrypt messages to their generals.
• The Polish Cipher Bureau broke the code, allowing Allied code breakers to decrypt the German messages and predict the German army's movements.

Modern Cryptography

• Cryptography is the science of storing data securely in the digital age.
• Four important categories must be maintained when storing information virtually: confidentiality, authenticity, integrity, and ownership.
• Cryptography uses concepts like encryption and decryption to store data securely.

Encryption Explained

• Encryption is the process of changing a message or information to hide its true meaning.
• Plaintext (original message) is turned into ciphertext (encrypted text) for security.
• An encrypted message requires a key to be decrypted.
• Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications.

Decryption Explained

• Decryption takes the encrypted message and converts it back to the original plaintext.
• The key is needed to decrypt the message.

Encoding and Decoding

• Encoding refers to the algorithm that changes plaintext into ciphertext.
• Decoding algorithms are used to convert ciphertext back into plaintext.
• Encoding and decoding algorithms are consistent and public information.
• Encryption keys are needed to secure the encoded data.

Symmetric Key Encryption

• Symmetric key encryption uses one key for both encryption and decryption.
• Advantages: fast and efficient for secure data storage.
• Disadvantages: trust issues and key security can be a challenge since the key can exist with multiple parties or companies.

Public Key Encryption

• Public key encryption uses different keys for encryption and decryption.
• A public key is used to encrypt a message, and a private key is used to decrypt it.
• Example: Bob sends a message to Alice, encrypting it with her public key, and she decrypts it with her private key.

Why is Encryption Necessary?

• Encryption is necessary to protect sensitive information from unauthorized access.
• Examples: ATM transactions, military communications, and website data storage.

Encryption Methods

• Transposition Encryption: changes the position of letters in a message.
• Substitution Encryption: replaces letters in a message with new letters, characters, or numbers (cipher text).
• Examples of Substitution Encryption: T9 Texting and Caesar Cipher.

Substitution Methods

• T9 Texting: uses numbers associated with letters on a telephone keypad to write words.
• Caesar Cipher: a simple encryption method that shifts letters in the plaintext by a certain number of positions.
• Caesar Cipher uses a shift as its key, and the shift determines the letter substitution.

Caesar Cipher Shift

• The shift in the Caesar Cipher determines the letter substitution.
• Example: if the shift is 3, A is substituted for D, B for E, and so on.
• If the shift is 5, F would correspond to A, G to B, and so on through the alphabet.

Protecting Personally Identifiable Information (PII)

• PII can be collected through devices, websites, and detection hardware and software that track movements and location.
• Safeguarding PII is a key responsibility of citizenship in a digital world.

Authentication Measures

• One-step authentication measures use email and password to secure information.
• Strong passwords should be:
  • At least 8-12 characters long
  • Include capitalized letters
  • Include lowercase letters
  • Include numbers
  • Include symbols
  • Avoid personal identifiable information (e.g. birthday or name)
  • Not be words found in a dictionary
• Multi-factor authentication provides more than one layer of security, using a minimum of two steps to access a virtual space.
• Examples of multi-factor authentication include:
  • Choosing and identifying a security image
  • reCAPTCHA identification
  • Identifying pictures with a common image in them
  • Answering security questions

Disadvantages of Accessible PII

• Negative consequences of accessible PII include:
  • Credit card information getting into the wrong hands
  • Web browsers tracking search history and preferences
  • Location information being collected
  • Information being used to stalk or steal identities

Protecting PII

• All systems have flaws, so software is needed to protect against cyber attacks.
• Recommendations for protection software include:
  • Kaspersky Anti-Virus
  • AVG Anti-Virus
  • Norton 360 Deluxe Malware Protection
  • ESET Cybersecurity
• Limit permission settings when allowing websites access to personal information.
• Password managers can generate complex, random passwords for online accounts.

Cybersecurity Awareness

• Be aware of where your digital footprint is to keep data secure.
• Cyber attacks include dictionary attacks, brute force attacks, and more.
• Hackers can be categorized as:
  • White hat hackers (ethical hackers who test systems and protect against attacks)
  • Black hat hackers (criminals who use their skills for personal gain)
  • Grey hat hackers (individuals with a combination of white and black hat ethics)

Types of Attacks

• Malware refers to malicious software, including viruses, worms, spyware, and ransomware.
• Viruses are specialized computer programs that replicate and insert their code into a new host.
• Phishing is a type of cyber attack that uses disguised emails to trick recipients into providing personal information.
• Keylogging attacks use software or hardware to track keystrokes and gain access to usernames, passwords, and other information.

Public Network Insecurities

• Public networks are especially dangerous to cybersecurity because data can be easily accessed by hackers.
• Rogue access points can be created by hackers to steal personal information.

Digital Files

• Digital files have benefits, including:
  • Time-saving in editing and transferring files
  • Better efficiency in record-keeping
  • Easier access to files
• However, digital files also have limitations and risks, including:
  • Security breaches
  • File insecurity
  • Losing or corrupting information

File Security

• File security is a feature of the file system that controls access and limits what users can do to files.
• Effects of file insecurity include losing, overriding, or corrupting information.
• Steps to ensure file security include:
  • Keeping computers and devices updated
  • Using strong passwords
  • Using anti-virus software
  • Encrypting hard drives and mobile devices
  • Restricting access to files

Five Pillars of Cybersecurity

• The five pillars are:
  • Confidentiality (ensuring information is not disclosed to the wrong individuals)
  • Integrity (ensuring information is not damaged or modified during transmission)
  • Availability (ensuring services are accessible to users)
  • Non-repudiation (proving the identities of the sender and recipient)
  • Authentication (confirming identities before allowing access to cyber services)### Password Entropy
• Formula to calculate password entropy: log2(SL)
• S: Size of the pool of unique possible symbols
• L: Password Length
• Example: 6-character password with 26 possible symbols (all lowercase letters)
  • Possible combinations: 26^6 = 308,915,776
  • Bits of entropy: log2(26^6) = 28.2

Encryption and Decryption

• Encryption: process of changing plaintext (original message) to ciphertext (encrypted text) for security
• Decryption: process of converting ciphertext back to plaintext using a key

Downfalls of Computing

• Intentional misuse (cybercrime): using computing to commit crimes, e.g. fraud, hacking, identity theft, malware, phishing, cyberstalking
• Unintentional negative side effects: programmer bias, algorithmic bias, privacy infringement, inequitable access to technology and the internet

Cyber Attacks

• Dictionary attacks: using algorithms to try common words and variations for passwords
• Brute force attacks: using software to generate many password guesses based on user information
• Denial of Service (DoS) attacks: overwhelming a network server with traffic to prevent legitimate access
• Distributed Denial of Service (DDoS) attacks: using multiple devices to attack a single target

Unintended Consequences

• Programmer bias: unintended consequences due to programmers' own biases and limited testing
• Algorithmic bias: systematic errors in computer systems that create unfair outcomes
• Privacy infringement: collection and use of personal data without consent
• Digital Divide: unequal access to technology and the internet due to infrastructure, geographic barriers, government restrictions, and socioeconomic status

Solutions to the Digital Divide

• Increase affordability of internet access and devices
• Develop more infrastructure for global connectivity
• Create informational resources for low-cost devices and internet access

Programmer Responsibilities

• Code of Ethics: guidelines for programmers to promote accountability and transparency
• Mitigating negative impacts of computing: programmer bias, algorithmic bias, privacy infringement, and digital divide

Legal Issues in Computing

• Digital Millennium Copyright Act (DMCA): protects copyrighted material online and provides safe harbor for web hosts and ISPs
• Intellectual property: creative works or inventions that can be patented, copyrighted, or trademarked
• Plagiarism: taking someone else's work or ideas without proper citation
• Creative Commons: non-profit organization promoting open sharing and collaboration of creative works
• Open Source: materials and software allowing others to build upon and adapt
• Open Access: providing free online access to informational materials and research for the greater good### History of Cryptography
• During World War II, the German army used the Enigma machine to encrypt messages to their generals.
• The Polish Cipher Bureau broke the code, allowing Allied code breakers to decrypt the German messages and predict the German army's movements.

Modern Cryptography

• Cryptography is the science of storing data securely in the digital age.
• Four important categories must be maintained when storing information virtually: confidentiality, authenticity, integrity, and ownership.
• Cryptography uses concepts like encryption and decryption to store data securely.

Encryption Explained

• Encryption is the process of changing a message or information to hide its true meaning.
• Plaintext (original message) is turned into ciphertext (encrypted text) for security.
• An encrypted message requires a key to be decrypted.
• Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications.

Decryption Explained

• Decryption takes the encrypted message and converts it back to the original plaintext.
• The key is needed to decrypt the message.

Encoding and Decoding

• Encoding refers to the algorithm that changes plaintext into ciphertext.
• Decoding algorithms are used to convert ciphertext back into plaintext.
• Encoding and decoding algorithms are consistent and public information.
• Encryption keys are needed to secure the encoded data.

Symmetric Key Encryption

• Symmetric key encryption uses one key for both encryption and decryption.
• Advantages: fast and efficient for secure data storage.
• Disadvantages: trust issues and key security can be a challenge since the key can exist with multiple parties or companies.

Public Key Encryption

• Public key encryption uses different keys for encryption and decryption.
• A public key is used to encrypt a message, and a private key is used to decrypt it.
• Example: Bob sends a message to Alice, encrypting it with her public key, and she decrypts it with her private key.

Why is Encryption Necessary?

• Encryption is necessary to protect sensitive information from unauthorized access.
• Examples: ATM transactions, military communications, and website data storage.

Encryption Methods

• Transposition Encryption: changes the position of letters in a message.
• Substitution Encryption: replaces letters in a message with new letters, characters, or numbers (cipher text).
• Examples of Substitution Encryption: T9 Texting and Caesar Cipher.

Substitution Methods

• T9 Texting: uses numbers associated with letters on a telephone keypad to write words.
• Caesar Cipher: a simple encryption method that shifts letters in the plaintext by a certain number of positions.
• Caesar Cipher uses a shift as its key, and the shift determines the letter substitution.

Caesar Cipher Shift

• The shift in the Caesar Cipher determines the letter substitution.
• Example: if the shift is 3, A is substituted for D, B for E, and so on.
• If the shift is 5, F would correspond to A, G to B, and so on through the alphabet.