Topic 5: Issues and impact

Question 1

How does Manufacturing digital devices affect the environment?

Answer 1

• Large quantities of raw materials are needed. Some non-renewable and some highly toxic
• Mining for raw materials damages wildlife habitats
• Energy used in manufacturing process comes from non-renewable fossil fuels, which contributes to global warming

Question 2

How does the disposal of digital devices affect the environment?

Answer 2

• Discarded devices end up as e-waste
• E-waste may be illegally dumped in landfill sites, where toxic substances can get into land and water
• Many computers components cannot be recycled
• Millions of tonnes of e-waste are dumped into developing countries

Question 3

Describe the energy consumption of a digital device

Answer 3

Energy is consumed in:
- producing computer equipment
- functioning of equipment
- online data storage in data centres
- recycling of equipment

Question 4

Responsible recycling advantages

Answer 4

• reduce chemical leakage / fires in landfills
• enable the recovery of valuable metals
• reduce need for mining
• enable the recycling of plastic cases
• reduce amount of harmful toxins released into the air

Question 5

How manufacturers contribute to the short replacement cycle

Answer 5

• use embedded batteries, making difficult to replace them
• gluing components to make repair difficult
• inflating price of spare parts, to make repair expensive
• only providing software updates for a limited time

Question 6

Consequences of short replacement cycle

Answer 6

• It adds to e-waste, as more devices are thrown away
• More devices must be manufactured

Question 7

Responsible ownership

Answer 7

• keeping devices for longer
• buying a pre-owned device
• donating unwanted devices
• using energy-efficiency measures
• reducing internet usage

Question 8

Ways to reduce energy consumption

Answer 8

• Adjust energy settings into ‘sleep’ mode
• Switch off Bluetooth, Wi-Fi and GPS when not using
• Close dormant applications
• Disconnect peripherals
• Choosing devices with high energy-efficiency rate

Question 9

Positive impact

Answer 9

• Intelligent traffic control systems keep traffic moving reducing fuel consumption
• ‘Smart lighting’ switches off lights when they are not needed
• Using imnternet to work from home reduces burning of fossil fuels which reduces greenhouse gases

Question 10

What is digital footprint?

Answer 10

the trail of personal data left behind each time someone uses the internet

Question 11

Benefits of collecting personal data

Answer 11

• Personalisation: offers can be directed to an individuals preferences
• Convenience: personal details, such as credit card numbers and addresses, only need to be entered once

Question 12

Drawbacks of collecting personal data

Answer 12

• Privacy: not obvious who is collecting data and who they are passing it to
• Security: data breaches occur frequently
• Discrimination: analysis of shared data could discriminate people
• Civil liberties: analysis of shared data by police forces could wrongly associate innocent people with criminal behaviour

Question 13

Ethical issues of owning data:

Answer 13

• When posting a foto, IP is retained, but company can do what they want do with the photo
• Medical records in the UK, belong to National Health Service, and patients only have right to view them.
• User will always own their names and addresses, but not clear who owns data about their activity
• Online retailers sell shoppers’ purchase data to other retailers. Google sells people’s search histories.

Question 14

Data protection act 2018 (7 principles)

Answer 14

• Must have a reason for processing person’s data
• Only use the data for the specific purpose
• Only collect as much data as is necessary
• Ensure that the data they collect is accurate and current
• Not keep data for longer than necessary
• keep data secure and protect it against loss or damage
• Demonstrate that their data protection measures are adequate

Question 15

The DPA gives data subjects (persons whose data is stored) the right to:

Answer 15

• be informed about the collection of their data
• access their data
• have inaccurate data corrected
• have data erased
• object to how their data is processed
• withdraw consent at any time
• restrict the way in which their data is processed
• obtain and reuse their data for their own purposes
• complain to the Information Commissioner

Question 16

Computer Misuse Act 1990

Answer 16

was used to prosecute cyber criminals in the UK.

Question 17

The computer misuse act identifies 3 offences:

Answer 17

• Unauthorised acces to computer material (logging into another person’s computer)
• Unauthorised acces eith intent to commint further offences (stealing sombody’s credit card and using it for another crime)
• Unauthorised access with intent to impair the running of a computer or to damage or destroy data (planting a virus)

Question 18

Cookies

Answer 18

is a small text file that is downloaded onto a user’s computer when they visit a website. Enables website recognise and store users preferences.

Question 19

Benefit of accepting cookies

Answer 19

Saves time, because enables the website to store customers preference, delivery details, etc. so that the customer only has to supply this information once

Question 20

Aritficial intelligence

Answer 20

computer systems capable of performing tasks that typyically require human intelligence such as: pattern recognition, problem solving and decision making

Question 21

Machine learning

Answer 21

is a subset of AI, the algorithm learns by looking for rules and patterns in real-time data. They get progressively better, without having specific rules

Question 22

Narrow AI

Answer 22

a type of AI that cannot perform multiple tasks, they are able only to perform one specific task

Question 23

Examples of narrow AI

Answer 23

• email spam detctors
• facial and finger print recognition systems
• voice recognition in digital assistants
• self driving cars
• content recomendations

Question 24

Algorithmic bias

Answer 24

is when an algorithm is biased and perjudices or discriminates certain individuals.

Question 25

Reasons why algorithmic bias occurs

Answer 25

• Dataset used to train the AI system is itself biased
• there is a design flaw in the AI algorithm causing it to exaggerate bias
• the developers who design and build AI systems unintentionally incorporate their own prejudices and preconceptions into them

Question 26

Who is responsible when an AI system goes wrong?

Answer 26

Could be:
- the creator of the algorithm
- the supplier of the data
- the user of the algorithm

Question 27

What does copyright protect?

Answer 27

Novels, textbooks computer programs, images, films, music recordings

Question 28

How long lasts copyright?

Answer 28

lasts for 70 years after the death of the copyright holder

Question 29

Patents

Answer 29

• Protect new inventions, both what they do and how they work.
• protection is not automatic as copyright
• applicant has to demonstrate that their invention is different from anything else that exists.
• a patent holder has 20 years to use and sell the invention

Question 30

Disadvantage of patents

Answer 30

Patents and copyright are meant to foster innovation, but has the opposite effect

Question 31

Trademarks

Answer 31

Unique company logos, strap lines, colours and words can be registred as trademark.
® - trademark that has been officially registered
TM - trademark that has not been registered
- Companiesuse these to distinguish their goods from competitors
- Trademarks last for 10 years

Question 32

2 reasons why a company may decide to register and use a trademark to protect its logo

Answer 32

So that the company can:
- take legal action against anyone who uses its logo without permission
- put the ® symbol next to its logo to indicate ownership

Question 33

Open source software

Answer 33

Software that is distributed with a licence that allows anyone to use, view modify and share its source code.

Question 34

Advantages of open-source software

Answer 34

• Users have acces to code
• Users can modify and distribute the software
• Can be installed on any machine
• Big community of enthusiasts that provide support
• Most is free to use (there are exceptions)

Question 35

Disadvantages of open-source software

Answer 35

• May not be free of bugs or fully tested
• May need specialist knowledge to install.

Question 36

Examples of open-source softwares

Answer 36

• LibreOffice
• Linux
• Android
• Firefox
• Apache

Question 37

Proprietary software

Answer 37

Software that is owned by an individual or a company. It is protected by copyright law, making it illegal for users to modify or share it

Question 38

Advantages of proprietary software

Answer 38

• Tested by developers
• Supported by a dedicated team
• If there are any vulnerabilities or bugs, a patch will be released speedily
• Extensive support from third parties (tutorials, magazines, …)

Question 39

Disadvantages of proprietary software

Answer 39

• Users do not have acces to code
• Users do not have permission to modify the software
• Usually paid for and licensed on a per-user, per-machine basis

Question 40

Examples of proprietary software

Answer 40

Microsoft Windows
iTunes
MacOS
Adobe Photoshop

Question 41

5 conditions specified in the licecne agreement

Answer 41

• Nr of computers tha software can be installed on
• How many people can use the software at the same time
• How long the licence is valid
• Which settings the software can be used in
• Wheter the user must agree to allow automatic updates

Question 42

Cyberattack

Answer 42

a malicious attempt by a hacker to gain unauthorised access to digital system in order to cause damage or steal data

Question 43

Malware

Answer 43

general term for malicious software. Some hackers have the ability to write their own malware, others download the code from internet.

Question 44

Reasons why hackers use malware

Answer 44

1- to infect a computer with a virus or worm, to cause the computer to run slowly or crash, or just to damage / delete data.
2- To gain backdoor acces into a computer / network and then launch a ranswomware attack
3- To spy on what a user is doing
4- To create a botnet to carry out a DDS attack

Question 45

How works reason nr 1

Answer 45

• A virus inserts into a program and lies hidden. Once activated it makes copies of itself and attaches these to ther programs. Infected programs are passef on via email, messaging and social media.
• Worms infect systems by moving from one device to another. They can infect an entire network quickly.

Question 46

How works reason nr 2

Answer 46

• Trojans masquerade as legitimate software that users are tricked into downloading. It runs every time the computer is switched on, providing acces to files on hard drive and backdoor to devices in the same network
• Trojans are used to deliver ransomware, which encrypts the files on the computer. The victim must pay to get the key to decrypt them, otherwise it will be lost.

Question 47

How works reason nr 3

Answer 47

A keylogger secretly records the keystrokes a user makes, enabling the hacker to extract valuable information, such as passwords and credit card numbers.

Question 48

How does a DDS attack work (reason nr 4)

Answer 48

A DDS attack floods a network or website with huge volumes of traffic causing it to crash. They hack many many computers, just to generate traffic on a website or network, so that the victim pays in order to stop the congestion of the network / website

Question 49

black -hat hackers

Answer 49

cybercriminals that break into digital systems in order to cause harm.

Question 50

white-hat hackers

Answer 50

help organisations to strengthen their defences against cyberattacks

Question 51

What is a technical vulnerability

Answer 51

a hardware, software or configuration fault that makes it easier for a hacker to attack

Question 52

Technical vulnerabilities that hackers exploit

Answer 52

• Unpatched software
• Out-of-date anti-malware
• Open ports
• Default admin passwords

Question 53

Unpatched software

Answer 53

When a security fault is discovered, the software producer must work quickly to produce a patch that will fix the issue.
Otherwise, hackers will try to exploit it by launching a zero-day attack

Question 54

Out-of-date anti-malware

Answer 54

Malware works by scanning files and comparing with their database of malware signatures.
Anti-malware software only works if its database is up to date with the latest malware signatures. Otherwise recent malware will not be in its library and such malware will be missed.

Question 55

Open ports

Answer 55

Services that rely on internet use dedicated computer ports to transmit information. Hackers can do port scanning helping them to identify possible attack targets

Question 56

Default admin passwords

Answer 56

Some hardware devices such as routers and modems are shipped with a factory-set password. Hackers can look up default passwords on the web and use password-hacking software to crack weak passwords.

Question 57

Social engineering

Answer 57

Some hackers use techniques to make people reveal confidencial information or install harmful software on their computers. Exploits human nature

Question 58

Social engineering technique: Phishing

Answer 58

Victims receive an email from a reputable source, asking them to click on the link which seems a genuine website. But actually this website is controlled by the hacker, and asks the victim to enter ID and password or enter credit card details.

Question 59

Social engineering technique: Pretexting (blagging)

Answer 59

The hacker pretends to be from a trusted organisation, which says there is an emergency that must be dealt with. By stressing the urgency of the situation, the attacker panics the victim into divulging confidential information

Question 60

Social engineering technique: Baiting

Answer 60

Victims are offered a free giveaway, such as a music download or a movie preview. This giveaway comes with harmful malware which infects the victim’s computer. The hacker can also leave an infected USB stick, and when anyone plugs it into a computer, then it will be infected.

Question 61

Social engineering technique: Quid pro quo

Answer 61

Victims provide their login details and other security information in exchange for a service, such as a paid software. The attacker offer to help with the instalation, and gives him the opportunity to install malware.

Question 62

Social engineering technique: Shoulder-surfing

Answer 62

The hacker looks over a victim’s shoulder, uses binoculars to watch from the distance, or uses a camara to note their login name, password, PIN, etc.

Question 63

Firewall

Answer 63

acts as a barrier between the internal network and the internet, monitoring incoming and outcoming traffic.
Also spot suspicious activity within networks, such as users trying to visit harmful websites or who download files from fil-sharing sites.

Question 64

Anti-malware software

Answer 64

scans files, and compares it with a library of known malware. If any malware signature patterns are found, it is quarantined until the user decides what to do with it

Question 65

2 types of Heurestic analysis (look up behaviours that suggest malware)

Answer 65

Static heurestic analysis- compares source of code with library of known malwares, and if enough of the code matches, the file is identified as malware
Dynamic heurestic analysis - isolates the suspicious file, inside a virtual machine (sandbox) to test what would happen if it was allowed to run.

Question 66

Encryption

Answer 66

It does not prevent from being stolen, but protects confidentiality
- Converts data into a scrambled format so that it is not understandable, only the person with a key can decrypt it

Question 67

2 forms of encryption

Answer 67

Symmetric encryption- uses the same key to encrypt and decrypt
Asymmetric encryption- uses two different keys, a public key to encrypt data, and a private key to decrypt data.

Question 68

Backup procedure

Answer 68

involves making a copy of the data and storing it on a different device in a different location, offsite aor in the cloud

Question 69

Recovery procedure

Answer 69

the process of restoring data and/or system states from the backup copy

Question 70

2 ways data is backed up

Answer 70

Full backup - a full copy is made of all the data
Incremental Backup - copies of new files and those changed since the last backup

Question 71

AUP (Acceptable use policy)

Answer 71

a collection of rules and procedures that users are reuquired to follow. It spells out what constitutes appropriate and inappropriate behaviour.

Question 72

Examples of appropiate behaviour

Answer 72

• Log off or lock the screen before leaving
• Use a secure passwords and do not disclose it to others.
• Exercise caution when opening email attachments

Question 73

Examples of inappropiate behaviour:

Answer 73

• Install software downloaded from the web
• Plug a memory stick into a USB slot
• Give out confidential information over the phone or email
• Remove data from the premises without autority
• Access social media sites in work time

Question 74

2 reasons why users should have an AUP

Answer 74

• It makes users aware of what is and is not acceptable behaviour
• It stops them wasting time and network bandwidth on personal activities.