“breach of privacy” npresented by sumit yadav. computer science and engineering computer...

“Breach of Privacy”

Presented bySumit Yadav

Computer Science and Engineering

Computer security Aspects

Privacy (confidentiality )

integrity

availability


What is privacy?

For citizens and consumers, freedom from unauthorized intrusion. For organizations, privacy involves the policies that determine what information is gathered, how it is used, and how customers are informed and involved in this process. Privacy is a legal issue, but it's also an information security issue .


How your privacy can be breached?

Cookies

Keylooger

spyware (adware)


Cookies

Data files can be store and fetch by remote server

What they can store ?

How you can prevent?

Setting the Privacy level to High in the browser

Zonealarm with new privacy protection feature


Key logger

surveillance tool that records every keystroke

What it is used for ? Employer monitoring their employees. Monitoring kids activity

What if it is abused? Remotely installing key logger

Prevention Installing anti spy software


Spy ware

Spy ware modules are created by marketers who want to monitor your customer’s browsing habits.

What is ad ware?

Indication of spy ware Web sites never seen before are suddenly visible. Strange toolbar

How to protect yourself from spy ware Installing Spybot and Ad-Aware.


What to do to improve privacy?

Keep your windows up to date by installing critical updates

Back up regularly Keep security programs up to date Surf safely Be vary of attachments Don’t swallow the spam: go to http://

hoaxbusters.ciac.org for list of internet scams. Check start-up processes-Launch

Msconfig(startup) check with www.answerthatwork.com for unfamiliar entries.


What to do to improve privacy?

TOR(Open Source Project)

An open-source project, Tor seeks to provide anonymity through a technique called onion routing .Onion routing basically works by implementing numerous routers through which communications will pass.

For more info: (www.freehaven. net/tor)


What if everybody get privacy?

Positive impact People will be able to surf the web without being traced. Agents can more easily carry out research and

investigations without reveling their identity.

Negative impact Hacker steal credit card without being caught. Virus can spread with no knowledge of its origin. Negative effect on law enforcement making possible for

criminals and terrorists to elude the law.


Case Study -Google

Google’s email service (gmail) Google scan thought your emails and look for keywords Google target adds on your system according to the

keywords it has collected

Google desktop software Now you can Google your pc Google desktop can search your Outlook / Outlook

Express ,websites and other documents Risk of privacy if it’s a public computer


Gramm Leach Bliley Act (GLBA),

Financial institution must provide customers clear and conspicuous notice about its privacy policies

Institution must provide annual notices of its privacy policies and practices

Financial institution must provide customers with an opportunity to opt out of disclosures of their non-public personal information


HIPPA (Health Care Portability andAccountability Act)

patients’ access to their own medical records

Notice of privacy practices

Limitations on use of personal medical information

Restrictions on marketing medical information

Confidentiality of doctor patient communications


U.S. Privacy Act

Protects the privacy of personal data collected by the government

Allow individuals to determine what data collected and for what purpose

To whom information has been disseminated


U.S. Electronic Communications Privacy Act

Protects against wiretapping

Allows law enforcement agencies to access communicating or records of them

ISP need to install equipments to allow access to agencies

ISP can read content of communicating in order to improve security and integrity


USA Patriot Act

Knowingly causing the transmission of code resulting in damage to a protected computer is an offence

Recklessly causing damage to a computer system as a consequence of unauthorized access is also an offence

Causing damage (even unintentionally) as a consequence of unauthorized access to a protected computer is a crime


Reference

Pfleeger, Charles and Pfleeger, Shari. “Security in Computing.”

http://search.epnet.com/login.aspx?direct=true&AuthType=cookie,ip,url,uid&db=cph&an=14332860



http://search.epnet.com/login.aspx?

direct=true&AuthType=cookie,ip,url,uid&db=cph&an=4110997

“breach of privacy” npresented by sumit yadav. computer science and engineering computer...

Documents