Lesson 3: Internet Issues

Because the design and use of computer networks are human activities, computer networking will exhibit
both the redeemed and fallen nature of humankind. The Internet is an astonishing product of God-given
abilities and can clearly be used for the glory of God. At the same time, the Internet is subject to the
effects of human sinfulness. In other words, the same human vices that occur in physical space have the
potential to exist in "cyberspace." These include computer viruses, online pornography, electronic theft,
and more.

Viruses
In the 1980s microcomputer programs called rogue software began to appear
that would secretly hide themselves within a user's program (e.g., a game).
When a user ran the program (e.g., played the game), the hidden program
would "infect" other programs on the user's computer by secretly copying itself
into them. Since these hidden programs mimic the spread of biological viruses,
they were dubbed computer viruses. Some computer viruses are benign, but
others behave maliciously, most often by erasing or destroying data. One virus
alone (the "Love Bug" of 2000) was estimated to have cost businesses $2.6
billion worldwide.

Most viruses were limited to personal computers (PCs), whose operating systems contained no memory-
protection mechanisms to prevent a program from altering other programs. Early viruses thus spread from
PC to PC as people used floppy disks containing infected files on different computers. As computer
networks became more common, they provided new ways for viruses to spread.

As computer networks, e-mail, and the Internet became increasingly popular, programs containing
viruses could be downloaded or sent as e-mail attachments, making it even easier for viruses to spread.
However, the program containing a virus must be run in order for the virus to spread. Various companies
sell virus-protection software, including a program called a virus scanner that can be used to scan a
program, determine whether it contains a virus, and remove the virus if necessary. To avoid being
infected, you should always use a virus scanner to scan disks and/or programs received from someone
else before you use them.

In the mid-1990s, Microsoft added to its office suite software a feature that allows users to record a
sequence of commands and store this sequence within a document. Such command sequences are
called macros. When malicious individuals discovered that a macro can be set to run automatically when
the document containing it is opened, a whole new class of viruses appeared called macro viruses.
Macro viruses can be just as destructive as traditional viruses and can be hidden within Microsoft Office
documents received as e-mail attachments. To avoid being vulnerable to such viruses, users should
make sure they have anti-virus software running before opening e-mail attachments. Also, they should
continue to install the latest updates available for both their Microsoft products and anti-virus software.

Another category of assaults upon a network are denial-of-service (DoS) attacks. In this case, the
software is designed to engineer the flooding of a network with useless traffic, thereby rendering it unable
to operate.

An agency called the Computer Emergency Response Team (CERT) has the responsibility of
monitoring Internet activities, serving as a central site where information about computer security
problems can be reported and disseminated. It is also responsible for dealing with Internet-related crises
as they arise.
Symantec Corporation also maintains a comprehensive website dedicated to
computer viruses.

Grisoft Corporation makes available an excellent and free anti-virus program called AVG.

Hoaxes
Some viruses are perpetuated by human means rather than by software means.

It is increasingly common for e-mail users to receive warnings about viruses that do not exist, urging them
to follow enclosed instructions and to forward them to everyone they know. In response, the unsuspecting
users follow the instructions to delete certain files, which actually has the effect of damaging their
computer's operations. Thus, users are tricked into inflicting damage on their own computer.

Here, the underlying mechanism is a shrewd one: a viral idea moves from the message into the reader's
mind, which, if the reader acts on the message and forwards it to everyone they know, also serves to
replicate the message. Such messages that behave like an idea-virus are known as memes.

E-mail chain letters work according to the same mechanism. In this case, they prey upon human
emotions:

 sympathy ("Please send an e-mail message to this dying boy, and forward this message to
everyone you know.")

 greed ("Every tenth person who forwards this will receive a free trip to Disneyland!")

 revenge ("I was billed $250 instead of $2.50 for this cake recipe; please forward it to everyone
you know so that I can get back at Niemann-Marcus.")

 justice ("Please add your name to this petition to save PBS and forward it to everyone you
know.")

 fear ("If you are visiting the Chicago area, look out! There are gangs that drive with their lights off
at dusk and will run off the road and kill any other drivers who flash their headlights to signal to
them that their lights are off!")

 spirtuality ("Send this prayer request to everyone you know.")

What's so bad about e-mail chain letters?

Phishing

Phishing is a fraudulent attempt to acquire personal information by posing as a legitimate organization

(usually a bank or eBay). In a sense, these frauds are "fishing" for account numbers and passwords. The
most common phishing approach is to send official-looking e-mails that link to official-looking webpages
asking people to update or confirm account numbers and passwords. These scams used to be easy to
identify, as they usually contained numerous misspellings, grammatical errors, or inappropriate wording
(would your bank address you as "Dear Honey"?), but now the e-mails and phony webpages look
increasingly genuine.

As a general rule, never log in to your account at a bank, eBay, Amazon.com, etc., via a link in an e-mail
that claims to have been sent by them: always open up a Web browser and go to the site directly (though
even this not always safe: using "pharming," some criminals can alter Internet settings so that you are
automatically redirected to their phony—but genuine-looking—website).

For more information on phishing, see Microsoft's website.

Spam
Sadly, e-mail chain letters are a favorite mechanism of "spammers." Spam is
unsolicited e-mail that is broadcast to a large number of e-mail addresses for the
purpose of advertising.

According to some accounts, the term was taken from the

classic Monty Python sketch in which the word spam is repeated
to the point of absurdity—not unlike the e-mail message a
spammer sends.)

In order to create spam, however, a list of valid e-mail addresses is required. E-mail chain letters provide
a highly effective way to collect e-mail addresses. So do "virtual cards"—greeting cards that are sent via
the Internet.

Symantec maintains an excellent website regarding Internet hoaxes

Cookies
When a customer visits an online retailer such as Amazon.com, they may be welcomed by name, and
they may be presented with a list of books, movies, and other items that might interest them. How does
Amazon.com's Web server know what they like?

With the help of a Web browser, many websites deposit a file called a cookie on
your computer when you visit their site. At its simplest, a cookie may just contain a
unique name by which a company can identify who you are. If you revisit their
website, they can retrieve their cookie and use the unique name to access your
record in their membership database. More precisely, each time you click on a link
at a company's website, a cookie allows the software at that site to record the
following about you in the company's membership database:

What They Can Track What It Can Tell Them

The ID number they assigned What they already know about you
you (from their database)
 The date How long it has been since you last
visited their site (a possible measure
of how actively interested you are in
their site and what they sell)

What page you're visiting The topics/items that interest you at

their site

The timing of your mouse-clicks How long you spend on a page (a

on links possible measure of how interested
you are in what's on it )

What you buy Things in which you are sufficiently

interested to spend money

A cookie thus provides the means by which an e-commerce business can tell who is interested in what at
their site. An e-business can use such information to determine which products are generating interest
and which products are not. In addition, by storing this information in their database, a business can:

 welcome you back to their site;

 look up in their database the things in which you have previously shown an interest, and refer to
you the kinds of things they think might interest you;
 based on the information they collect during your visit, refine their demographic profile of you and
then sell this profile to other e-tailers.

On the good side, cookies can be convenient for people who frequently visit a website. The site may
remember the user's login and/or preferences, thereby customizing the site for the user.

On the bad side, cookies allow a website to collect information about you that you might rather they didn't
have. Moreover, they can sell this information about you to anyone they wish, without your consent.

This issue of convenience vs. privacy is the essence of the controversy over cookies. Most Web
browser software allows the turning off of cookies. However, this will render some sites inaccessible:
some sites insist that you allow cookies in order to user their website.

To begin addressing privacy issues, the World Wide Web Consortium (W3C) has recently defined its
Protocol for Privacy Protection (P3P), which would allow users to specify some privacy-related
parameters via their browser settings. Upon visiting a P3P-compliant website, a P3P-compliant browser
matches the user's preferences against the privacy policies of that site and informs the user of any
discrepancies. Unfortunately, P3P does not allow a user to hide their identity. It thus lets websites
continue to collect information about their visitors.

Digital Divides
With the world at their fingertips, people who have access to the Internet enjoy
a wealth of advantages over people who do not. This partitioning of people into
information-haves and information-have-nots has been termed the digital
divide. Access to the Internet enables people to find information quickly and efficiently.

Access to the Internet holds benefits for everyday life. A traveler who wants to book airline reservation
can save money by booking through a lowest-fare service like that of travelocity.com. A reader looking for
an out-of-print book can often find it through bibliofind.com. A person wanting to find all of the Bible
verses that mention a particular word or words can quickly do so using the Bible Gateway at
gospelcom.net. The Internet thus provides a wide variety of services, both general and specialized.

In today's world of information, access to the resources of the Internet represents power. For example:

 The ability to use the Internet to find information faster than another person represents power to
determine how you will spend the time you saved.
 The ability to use the Internet to find better information than another person represents power to
use that information to your advantage (e.g., by writing a better paper, by getting into a better
college or university, by getting a better job, by making better investments, etc.).
 The ability to use the Internet to purchase services at lower costs than another person represents
power to use the saved money for other things.
 The ability to use the Internet to find items that another person cannot represents power to make
use of those items.

Because people with access to information have more power than those who do not, access to
information has become an issue of social justice. Put differently, access to the Internet is a two-edged
sword, empowering those who have access and placing at a significant disadvantage those who do not
have access.

In today's information age, such access represents power.

The digital divide separates those who have such access and those who do not.