• Home
• Current Project
  • Team Project
  • Collegeboard
  • Replit
  • Create Task
  • Time Box
  • Code
  • Study Plan
  • PBL Final

5.6 Safe Computing

• Personally Identifiable Information (PII) can be used by people to steal someone’s identity, bank funds, or to impersonate someone in order to gain access to an organization
• PII considerations
  • Things that will be known by everyone: Name, Email (suggest a junk email), Picture, High School attended, College Attended, Properties you own, State-City of residence, all State-City of previous residence, Credit Report
  • Gray are items, more cautious: Birthdate, Place of Birth, Street Address, Phone Number, Maiden names of Mother and Grandmother, Drivers License Number
  • Things that you should strive to keep absolutely secret: Credentials for Access, Two-Factor Authentication on Financial accounts, Social Security Number, Tax records
• Search engines maintain a history of what you search
  • This info can be used to suggest other websites or products you may like
  • Targeted ads and marketing
• PII can be used to enhance a user’s online experience, but it can also cause their privacy to be exploited and personal info to be stolen
  • Information placed online can be used in ways that were not intended and may have a harmful impact
  • Travel sites and dozens of advertising and marketing firms have also begun tracking online behavior with cookies
  • Google, Facebook, and Twitter gather more info about user behavior with their share, retweet, and like buttons, along with other personalization features they have on their respective sites
• The picture of you created by all this activity is very detailed and you have very little control over it
• The information placed online is difficult to delete, and when posted to social media, can be used by others and combined with other sources to deduce private information about you, which could lead to harmful consequences
• Authentication measures protect devices and information from unauthorized access
  • Strong passwords
  • Multi-factor authentication
    • What you know
    • What you are
    • What you have
• Biometrics is something that is used secure systems, fingerprints or facial recognition
• Once legit access to a system is gained, it’s important to ensure data sent to and from the system remains uncompromised
  • Encryption - the process of encoding data to prevent unauthorized access
• Symmetric encryption is a type of encryption where only one key (a secret key) is used to both encrypt and decrypt electronic information.
• Asymmetric cryptography, also known as public-key cryptography, is a process that uses a pair of related keys – one public key and one private key – to encrypt and decrypt a message and protect it from unauthorized access or use.

• SSL Uses both Asymmetric and Symmetric Encryption

• Viruses are malicious programs that can copy themselves and gain access to systems that they’re not supposed to be allowed in
  • Virus scans often prevent malicious code from getting into and affecting your system
• Malware are malicious programs that are often intended to damage a computing system or take partial control over its operation
  • Can infiltrate a system by posing as legitimate programs or attaching itself to legit programs
• Phishing is a risk to personal safety, and it’s an attempt to trick a user into providing personal information online
  • Phishing emails often look like they’re from a company you know and trust
  • They trick you into clicking a link or opening an attachment
    • This can cause unexpected harm such a installing a virus or keylogger
• A keylogger - records every keystroke made by a user in order to gain fraudulent access to passwords or other confidential information
• A rogue access point - a wireless network that can give unauthorized access to secure networks

GitHub Pages actions:

• Describe PII you have seen on project in CompSci Principles.
  • In the project last tri in csp, we have our name, email on the contact info and our name and picture in the about us page.
• What are your feelings about PII and your exposure?
  • I was pretty cautious and careful about not to give out my PII so I don’t really reveal too much PII online.
• Describe good and bad passwords? What is another step that is used to assist in authentication.
  • A good password should contain a mixture of numbers, letters (uppercase and lowercase), special characters and the more characters, the better. Bad password is easy, short, and contains no special characters, which people can easily guessed the password.
  • Another step that is used to assist in authentication is email/message verification code authentication.
• Try to describe Symmetric and Asymmetric encryption.
  • Symmetric encryption only has one key used to encrypt and decrypt information while Asymmetric encryption used two keys, a public key and a private key to prevent unauthorized access to the information.
• Provide an example of encryption we used in deployment.
  • I think we didn’t incoperate any encryption in our previous deployment.
• Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.
  • A email that trick you to click a link or attachment, and if you click the link, a virus or keylloger may be installed in your computer and will steal your information later on. Message that’s alerting you for suspicious activity and asks you click on a link.