Computer Security Ethics and Privacy

Today, many people rely on computers to do homework, work, and create or store useful information. Therefore, it is important for the information on the computer to be stored and kept properly. It is also extremely important for people on computers to protect their computer from data loss, misuse, and abuse.

For example, it is crucial for businesses to keep information they have secure so that hackers can’t access the information. Home users also need to take means to make sure that their credit card numbers are secure when they are participating in online transactions.

A computer security risk is any action that could cause lost of information, software, data, processing incompatibilities, or cause damage to computer hardware,   a lot of these are planned to do damage. An intentional breach in computer security is known as a computer crime which is slightly different from a cybercrime.

A cybercrime is known as illegal acts based on the internet and is one of the FBI’s top priorities.  There are several distinct categories for people that cause cybercrimes, and they are refereed as hacker, cracker, cyberterrorist, cyberextortionist, unethical employee, script kiddie and corporate spy.  The term hacker was actually known as a good word but now it has a very negative view. A hacker is defined as someone who accesses a computer or computer network unlawfully.  They often claim that they do this to find leaks in the security of a network. The term cracker has never been associated with something positive this refers to someone how intentionally access a computer or computer network for evil reasons. It’s basically an evil hacker.  They access it with the intent of destroying, or stealing information. Both crackers and hackers are very advanced with network skills.

A cyberterrorist is someone who uses a computer network or the internet to destroy computers for political reasons.  It’s just like a regular terrorist attack because it requires highly skilled individuals, millions of dollars to implement, and years of planning. The term cyperextortionist is someone who uses emails as an offensive force. They would usually send a company a very threatening email stating that they will release some confidential information, exploit a security leak, or launch an attack that will harm a company’s network. They will request a paid amount to not proceed sort of like black mailing in a since.

An unethical employee is an employee that illegally accesses their company’s network for numerous reasons. One could be the money they can get from selling top secret information, or some may be bitter and want revenge.

A script kiddie is someone who is like a cracker because they may have the intentions of doing harm, but they usually lack the technical skills. They are usually silly teenagers that use prewritten hacking and cracking programs.

A corporate spy has extremely high computer and network skills and is hired to break into a specific computer or computer network to steal or delete data and information. Shady companies hire these type people in a practice known as corporate espionage. They do this to gain an advantage over their competition an illegal practice. Business and home users must do their best to protect or safeguard their computers from security risks.

The next part of this article will give some pointers to help protect your computer. However, one must remember that there is no one hundred percent guarantee way to protect your computer so becoming more knowledgeable about them is a must during these days. When you transfer information over a network it has a high security risk compared to information transmitted in a business network because the administrators usually take some extreme measures to help protect against security risks. Over the internet there is no powerful administrator which makes the risk a lot higher. If your not sure if your computer is vulnerable to a computer risk than you can always use some-type of online security service which is a website that checks your computer for email and Internet vulnerabilities. The company will then give some pointers on how to correct these vulnerabilities.  The Computer Emergency Response Team Coordination Center is a place that can do this.

The typical network attacks that puts computers at risk includes viruses, worms, spoofing, Trojan horses, and denial of service attacks.  Every unprotected computer is vulnerable to a computer virus which is a potentially harming computer program that infects a computer negatively and altering the way the computer operates without the user’s consent. Once the virus is in the computer it can spread throughout infecting other files and potentially damaging the operating system itself. It’s similar to a bacteria virus that infects humans because it gets into the body through small openings and can spread to other parts of the body and can cause some damage. The similarity is, the best way to avoid is preparation.

A computer worm is a program that repeatedly copies itself and is very similar to a computer virus. However the difference is that a virus needs o attach itself to an executable file and become a part of it. A computer worm doesn’t need to do that I seems copies to itself and to other networks and eats up a lot of bandwidth.

A Trojan Horse named after the famous Greek myth and is used to describe a program that secretly hides and actually looks like a legitimate program but is a fake.  A certain action usually triggers the Trojan horse, and unlike viruses and worms they don’t replicate itself. Computer viruses, worms, and Trojan horses are all classifies as malicious-logic programs which are just programs that deliberately harms a computer.  Although these are the common three there are many more variations and it would be almost impossible to list them. You know when a computer is infected by a virus, worm, or Trojan horse if one or more of these acts happen:

  • Screen shots of weird messages or pictures appear.
  • You have less available memory then you expected
  • Music or sounds plays randomly.
  • Files get corrupted
  • Programs are files don’t work properly
  • Unknown files or programs randomly appear
  • System properties fluctuate

Computer viruses, worms, and Trojan horses deliver their payload or instructions through four common ways. One, when an individual runs an infected program so if you download a lot of things you should always scan the files before executing, especially executable files. Second, is when an individual runs an infected program. Third, is when an individual bots a computer with an infected drive, so that’s why it’s important to not leave media files in your computer when you shut it down.  Fourth is when it connects an unprotected computer to a network. Today, a very common way that people get a computer virus, worm, or Trojan horse is when they open up an infected file through an email attachment. There are literally thousands of computer malicious logic programs and new one comes out by the numbers so that’s why it’s important to keep up to date with new ones that come out each day. Many websites keep track of this. There is no known method for completely protecting a computer or computer network from computer viruses, worms, and Trojan horses, but people can take several precautions to significantly reduce their chances of being infected by one of those malicious programs.

Whenever you start a computer you should have no removable media in he drives. This goes for CD, DVD, and floppy disks. When the computer starts up it tries to execute a bot sector on the drives and even if it’s unsuccessful any given various on the bot sector can infect the computer’s hard disk. If you must start the computer for a particular reason, such as the hard disk fails and you are trying to reformat the drive make sure that the disk is not infected.

 

Hover and Active in IE CSS Specification

Pseudo-Classes Fix for Internet Explorer

Despite the fact that it has been almost six years since CSS 2 specification became a W3C recommendation, Internet Explorer, the dominating browser that is being forced
onto unsuspecting public my Microsoft Corporation, still fails to implement pseudo-classes, such as :hover and :active, for all but anchor elements.

Majority of web developers redeem this problem by polluting thier HTML with endless onmouseover and onmouseout handlers. Very few realize that the time Microsoft could not find to create a compliant browser was wasted on development of proprietory features, which often are the way to work around those limitations. In this particular case, while :hover and :active pseudo-classes do not behave as we expect them to on all but
one element, there are Internet Explorer Behaviors to add the desired functionality with little extra work. The scripting of the behavior goes into a separate .htc file which compliant
browsers would not ever see:

IEFixes.htc
<PUBLIC:ATTACH EVENT="onmouseover" ONEVENT="DoHover()" />
<PUBLIC:ATTACH EVENT="onmouseout"  ONEVENT="RestoreHover()" />
<PUBLIC:ATTACH EVENT="onmousedown" ONEVENT="DoActive()" />
<PUBLIC:ATTACH EVENT="onmouseup"   ONEVENT="RestoreActive()" />

function DoHover()
  { element.className += ' hover';
}

function DoActive()
{ element.className += ‘ active’;
}

function RestoreHover()
{ element.className = element.className.replace(/bhoverb/,”);
}

function RestoreActive()
{ element.className = element.className.replace(/bactiveb/,”);
}

The behavior is attached to the desired elements using CSS declaration:

button, tr, td
  { behavior: url('IEFixes.htc');
  }

The .hover and .active classes to be used by IE are
declared along with the :hover and :active pseudo-classes:

button:active, button.active
  { /*Active styles here */}
button:hover, button.hover
  { /*Hover styles here */}

Examples that use hover and active styling

Button

Table
Column 1 Column 2 Column 3
Cell 1:1 Cell 1:2 Cell 1:3
Cell 2:1 Cell 2:2 Cell 2:3
Cell 3:1 Cell 3:2 Cell 3:3

All about conditional comments

One of the most common operations performed in a Web page is to detect the  browser type and version. Browser detection is performed to ensure that the  content presented to the browser is compatible and renders correctly. The  browser type can be detected using many different techniques. Most methods of  browser detection make use of script on the server or client.

This article introduces conditional comments, which offer certain advantages  over scripted browser detection techniques. Conditional comments make it easy  for developers to take advantage of the enhanced features offered by Microsoft  Internet Explorer 5 and later versions, while writing pages that downgrade  gracefully in less-capable browsers or display correctly in browsers other than  Windows Internet Explorer. Conditional comments are the preferred means of  differentiating Cascading Style Sheets (CSS) rules intended for specific  versions of Internet Explorer.

Terminology

The following terms are used in this article.

Term Description
expression A combination of operators, features, and/or values used to form a       conditional statement.
downlevel browser Any browser except Internet Explorer 5 and later versions. For the       purposes of this article, downlevel refers specifically to any       browser or browser version that does not support conditional comments.
uplevel browser Internet Explorer 5 and later versions, which support conditional       comments.
downlevel-hidden A conditional comment block that is ignored by downlevel       browsers. Internet Explorer 5 and later versions render the HTML content       if the expression evaluates to true.
downlevel-revealed A conditional comment block that is parsed by downlevel       browsers. Internet Explorer 5 and later versions also render the HTML       content if the expression evaluates to true.

Benefits of Using Conditional Comments

Conditional comments have certain advantages over scripting methods of  browser detection.

  • Low client-side impact.When a downlevel browser encounters a downlevel-hidden conditional comment,   the browser skips over the HTML inside the comment, and the content elements   are not parsed, downloaded, or rendered. This saves client machine   resources.
  • No script required.Conditional comments do not require scripting and DHTML, and when no   scripting is used in a Web page, no scripting engine needs to be loaded.   Conditional comments are processed during the downloading and parsing phase,   so only the content that is targeted for the browser is actually downloaded.   Conditional comments can be combined freely with other browser detection   techniques.
  • Separate code from detection logic.Using conditional comments, script logic can be separated into smaller and   simpler segments of code, which are easier to maintain and understand. Plus,   code segments are loaded only by the browser version for which they were   intended.
  • Cross-browser.Conditional comments have been around since Internet Explorer 5, but their   use is not restricted to Internet Explorer alone. Conditional comments can be   used to customize content delivered to browsers that support conditional   comments and those that do not.

Syntax of Conditional Comments

The basic syntax of each type of comment is shown in the following table. The  first comment shown is the basic HTML Comment, which is included for the purpose of comparison and to illustrate  the different syntax used by each type of conditional comment.

Comment type Syntax or possible value
standard HTML comment <!– Comment content  –>
downlevel-hidden <!–[if expression]> HTML <![endif]–>
downlevel-revealed <![if expression]> HTML   <![endif]>

The HTML shown inside the syntax block in each of the conditional  comments denotes any block of HTML content, including script. Both types of  conditional comment use a conditional expression to indicate whether the  content inside the comment block should be parsed or ignored.

The conditional expression is formed from a combination of feature, operator,  and/or value, as shown in the following table.

Item Example Comment
IE [if IE] The only currently supported feature is the string “IE”,       corresponding to Internet Explorer.
value [if IE 7] An integer or floating point numeral corresponding to the       version of the browser. Returns a Boolean value of true if the       version number matches the browser version. For more information, see Version       Vectors.
! [if !IE] The NOT operator. This is placed immediately in front of the       feature, operator, or subexpression to reverse the       Boolean meaning of the expression.
lt [if lt IE 5.5] The less-than operator. Returns true if the first argument is less       than the second argument.
lte [if lte IE 6] The less-than or equal operator. Returns true if the first argument is       less than or equal to the second argument.
gt [if gt IE 5] The greater-than operator. Returns true if the first argument is       greater than the second argument.
gte [if gte IE 7] The greater-than or equal operator. Returns true if the first argument       is greater than or equal to the second argument.
( ) [if !(IE 7)] Subexpression operators. Used in conjunction with boolean operators to       create more complex expressions.
& [if (gt IE 5)&(lt IE     7)] The AND operator. Returns true if all subexpressions evaluate to     true
| [if (IE 6)|(IE 7)] The OR operator. Returns true if any of the subexpressions evaluates       to true.
true [if true] Always evaluates to true.
false [if false] Always evaluates to false.

Downlevel-hidden Conditional Comments

The following sample shows a downlevel-hidden conditional comment, which  contains a short paragraph of text

<!--[if IE 5]>
<p>Welcome to Internet Explorer 5.</p>
<![endif]-->

The downlevel-hidden conditional comment contains hyphens (“–“) in the  opening and closing tag, similar to the basic HTML Comment. The condition  appears in the opening portion of the tag, and [endif] is placed prior to the  closing portion of the tag. The content is placed inside the comment tags.

Because the first four characters and the last three characters of the  comment are identical to a basic HTML Comment element, downlevel browsers  ignore the HTML content inside the comment block. Since content is effectively  hidden from browsers that do not support conditional comments, this type of  conditional comment is called downlevel-hidden.

If the result of the conditional expression is true, the content inside the  comment block is parsed and rendered by Internet Explorer 5 and later versions.  This behavior makes the downlevel-hidden conditional comment particularly useful  for content that has been specifically designed for Internet Explorer.

The following sample illustrates how a client-side script block can be placed  inside a conditional comment; in this case, a message is displayed in Internet  Explorer 5 and later.

<!--[if gte IE 5]>

alert("Congratulations! You are running Internet Explorer 5 or greater.");

<P>Thank you for closing the message box.</P>
<![endif]-->

In the preceding example, only the major digit of the browser version is  compared because it is the only digit specified in the conditional expression.  To compare both major and minor version numbers, specify both digits. For  further explanation and examples on specifying the browser’s version number, see Version  Vectors.

Downlevel-revealed Conditional Comments

The downlevel-revealed conditional comment enables you to include content in  browsers that do not recognize conditional comments. Although the conditional  comment itself is ignored, the HTML content inside it is not. Internet Explorer  5 and later versions also parse and render the content if the conditional  expression evaluates to true. The downlevel-revealed conditional comment  complements the downlevel-hidden conditional comment.

The following snippet shows a typical downlevel-revealed conditional  comment.

<![if lt IE 5]>
<p>Please upgrade to Internet Explorer version 5.</p>
<![endif]>

When comparing this type of comment to the basic HTML Comment, notice  that there are no hyphens (“–“) immediately after the opening “<!” or  immediately before the closing “>” of the comment block; therefore, the  comment delimiters are treated as unrecognized HTML. Because the browser does  not recognize the downlevel-revealed conditional comment, it does nothing with  it.

Version Vectors

Conditional expressions are often used to determine the version of the  browser. The format of the version vector number must be defined correctly to  obtain the desired result.

When testing the major browser version number, the version vector is an  integer. To check for a minor browser version, follow the version vector by a  decimal point and four digits. For example, the version vector for the release  build of Internet Explorer 5.5 is 5.5000.

In the following example, only the major version number is specified;  therefore, the sample evaluates as true for both Internet Explorer 5 and  Internet Explorer 5.5.

<!--[if IE 5]>
<p>Welcome to any incremental version of Internet Explorer 5!</p>
<![endif]-->

The following test correctly identifies Internet Explorer 5.

<!--[if IE 5.0000]>
<p>Welcome to Internet Explorer 5.0!</p>
<![endif]-->
Note  Internet Explorer 5, which shipped  with Microsoft Windows 2000, has a version vector equal to 5.0002. Therefore,  the conditional expression [if lte IE 5.0000] returns false when evaluated in  the release build of Internet Explorer 5.

Examples

Here are some more examples of  conditional comments.

<!--[if IE]><p>You are using Internet Explorer.</p><![endif]-->
<![if !IE]><p>You are not using Internet Explorer.</p><![endif]>

<!--[if IE 7]><p>Welcome to Internet Explorer 7!</p><![endif]-->
<!--[if !(IE 7)]><p>You are not using version 7.</p><![endif]-->

<!--[if gte IE 7]><p>You are using IE 7 or greater.</p><![endif]-->
<!--[if (IE 5)]><p>You are using IE 5 (any version).</p><![endif]-->
<!--[if (gte IE 5.5)&(lt IE 7)]><p>You are using IE 5.5 or IE 6.</p><![endif]-->
<!--[if lt IE 5.5]><p>Please upgrade your version of Internet Explorer.</p><![endif]-->

<!--[if true]>You are using an <em>uplevel</em> browser.<![endif]-->
<![if false]>You are using a <em>downlevel</em> browser.<![endif]>

<!--[if true]><![if IE 7]><p>This nested comment is displayed in IE 7.</p><![endif]><![endif]-->