MIS QUIZ 4 STUDY GUIDE EVERYTHING HIGHLIGHTED IS WHAT SHE STRESSED ON THE QUIZ REVIEW As well for Chapters 1 7 and Appendix A B I went through the quiz review and included everything she said would be on the quiz from those chapters Chapter 8 Ethics Privacy and Security 1 Ethics a DEF The principles and standards that guide our behavior toward other people b What does it mean to act ethically c Minor vs Serious vs Very Serious Ethical Violations d How do individuals decide ethical issues i Your basic ethical structure that develops as you grow up ii All the practical issues involved in making a particular decision iii Ethical decisions are complex decisions iv Your personal ethics should guide you v Practical circumstances may come into play 1 Consequences 2 Society s opinion 3 Likelihood of effect 4 Time to consequences 5 Relatedness 6 Reach of result 2 IT Related Ethical Issues a Intellectual Property i DEF Any type of intangible creative work that is embodied in a physical form ii Are creations of the mind iii Music software novels product sketches symbols images etc iv IP is worth more than the physical form in which it is delivered b Copyright i Protects literary musical dramatic and artistic works sound recordings films broadcasts cable programs etc ii Fair Use Doctrine Says that you may use copyrighted material in certain situations iii Pirated software is the unauthorized use duplication distribution or sale of copyrighted software c Trademarks i Symbol used to identify goods and services ii Domain names are a type of trademark cybersquatting just hoarding a bunch of domain names and then selling them at high prices d Patents i Rights over inventions ii Amazon com s One click ordering vs Barnes Noble 3 Privacy a DEF Right to be left alone and to be free of unreasonable intrusions b Nothing is private on the Internet i Email ii Color printer copies iii Digital photos c How is your privacy protected on websites i Notice of site s information practices ii Opt out clauses vs Opt in clauses iii Provide the individual access to personal data iv Assurance of integrity and security of data v Offer method of enforcement and redress of possible violations 4 Online Threats to your Privacy keystroke a Keylogger software a program that when installed on your computer records every click and b Phishing technique to gain personal info usually through fraudulent e mail c Pharming rerouting of your request for a legit website to a fake site that collets info from you d Cookies a small record deposited on your hard disk by a website containing info about you e Spam unsolicited email from businesses advertising stuff junk email f Adware and spyware installs itself on your computer and collets info about you to give to someone else g One way to protect yourself anonymous Web browsing i It s not always as anonymous as it appears h What are your options if your privacy has been compromised i Law enforcement ii There are some laws in place but they are not comprehensive 5 Security a What threatens the security of your information i Employees internal ii Hackers external b Types of cybercrime i Computer virus ii Worm iii Denial of service attack DoS c Securing against cybercrime i Anti virus software ii Firewalls iii Access authentication passwords biometrics 1 Something you know 2 Something you have 3 What you look like iv Encryption 6 Why you should care about password security a From http onemansblog com 2007 03 26 how id hack your weak passwords b Some of the passwords you think matter least actually matter most i For example some people think that the password to their e mail box isn t important because I don t get anything sensitive there ii Well that e mail box is probably connected to your online banking account If I can compromise it then I can log into the Bank s Web site and tell it I ve forgotten my password to have it e mailed to me iii Often times people also reason that all of their passwords and logins are stored on their computer at home which is save behind a router or firewall device iv Of course they ve never bothered to change the default password on that device v Someone could drive up and park near the house use a laptop to breach the wireless network and then try passwords from this list until they gain control of your network after which time they will own you vi There are at least 50 other ways you can be compromised 7 Make your password more secure a Top 10 list of insecure passwords i Your partner child or pet s name possibly followed by a 0 or 1 because they re always making you use a number aren t they ii The last 4 digits of your social security number iii 123 or 1234 or 123456 iv password v Your city or college football team name vi Date of birth yours your partner s or your child s vii god viii letmein ix money x love 8 How can a hacker get your password a Brute force attack i You probably use the same password for lots of stuff right ii Some sites you access such as your Bank or work VPN probably have pretty decent security so I m not going to attack them iii However other sites like the Hallmark e mail greeting cards site an online forum you frequent or an e commerce site you ve shopped at might not be as well prepared So those are the ones I d work on iv So all we have to do now is unleash Brutus wwwhack or THC Hydra on their server with instructions to try say 10 000 or 100 000 whatever makes you happy different usernames and passwords as fast as possible v Once we ve got several login password pairings we can then go back and test them on targeted sites vi But wait How do I know which bank you use and what your login ID is for the sites you frequent All those cookies are simply stored unencrypted and nicely named in your Web browser s cache 9 How long does it take a Depends on three main things i length and complexity of your password ii speed of the hacker s computer iii speed of the hacker s Internet connection 10 Some Password Tips a Randomly substitute numbers for letters that look similar The letter o becomes the number 0 or even better an or i e m0d3ltf0rd like modelTford b Randomly throw in capital letters i e Mod3lTF0rd c Think of something you were attached to when you were younger but DON T CHOOSE A PERSON S NAME Every name plus every word in the dictionary will fail under a simple brute force attack d Maybe a place you loved or a specific car an attraction from a vacation or a favorite restaurant e You really need to have different username