1. What is spamming? Differentiate it from flaming.
Spamming is the sending of an unsolicited e-mail, generally an ad of some sort, to anyone who has not specifically requested
email from you. Spamming is flooding the Internet with many copies of the same message, in an attempt to force the message
on people who would not otherwise choose to receive it.
Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam cost
the sender very little to send; most of the costs are paid for by the recipient or the carriers rather than by the sender. Flaming is
the sending of abusive email or messages to other people or newsgroups. It is usually done when one wants to disrespect the
opinion of others, attacks others personally, calls others names or questions other’s parentage. In flaming, messages are
deliberately hostile and insulting. Such messages are called flames. A flame may have elements of a normal message, but is
distinguished by its intent.
Source:
(http://www.aweber.com/faq_spamming.htm)
(http://www.enterhost.com/supportcenter/faq/search_answer.cfm?fqid=100014)
(http://www.geocities.com/grannywyo/IllinoisSingles/Flaming.html)
2. What are computer worms and viruses? Explain how these operate. Give examples.
Computer Worms are reproducing programs that run independently and travel across network connections. It does not require
outside actions to take place. Computer Viruses are programs that reproduce its own code by attaching itself to other executable
files in such a way that the virus code is executed when the infected executable file is executed. A virus has an infection phase
during which it reproduces widely and an attack phase during which it does whatever damage it is programmed to do.
HOW THESE OPERATE
WORMS
The worm scans the computers on a network to see if there are other computers with the same security flaws. To get into a
network, a worm author releases the worm "into the wild" -- onto a networked machine that can then lead to a server and other
networks. Machines infected by the worm swiftly spam the Internet with randomly addressed traffic -- often a request for information
similar to a database inquiry -- hitting other vulnerable servers. The worm often uses randomly selected IP addresses to insert
itself into other computers by exploiting a flawed buffer overflow function. A buffer overflow is when the string of data entering a
program is written into memory without regard to its length. If the string is too long, the tail end of the data overwrites the program
's own code.
Source: (http://www.pbs.org/newshour/science/computer_worms/works.html)
VIRUS
There are two ways in which a virus operates when activated. (1) Direct Action. The virus is activated immediately, frequently
relying on other programs to infect and carry out specific behavior encoded by the author of the virus. (2) Memory Resident.
The virus is loaded into the computer’s memory and is activated by a triggering event. A triggering event can be either a date or
a certain combination of keystrokes.
The operations for each type of virus are as follows:
Boot Sector Infectors. These viruses infect the boot sector on floppy disks and hard drives. The boot sector is a small
program that initializes the operating system. By placing its virus code in the boot sector, a virus is guaranteed to be executed.
It can load itself into the memory immediately and it is able to run whenever the computer is on, infecting the entire system. Boot
sector infectors are spread through infected bootable floppy disks and can damage the entire computer system from the moment
the computer is switched on.
Macro Viruses. These viruses function by relying on the built-in (internal) programming languages used in popular applications,
such as Microsoft Word and Excel, which allow users to create macros. Macros are very simple programs that automate tasks.
Virus writers have created macros that, when opened unknowingly, replicate themselves and spread into other documents. These
can subsequently be spread via e-mail attachments and floppy disks.
File Infectors. These viruses function by modifying specific program files, such as .EXE or .COM files (the file that starts
Microsoft Word, for example, is Word.exe). When the program runs, the virus executes by loading itself into the memory and
later infects and corrupts other files. These viruses are usually spread via infected floppy disks, over networks or the Internet.
Sources: (http://www.ncte.ie/ICTAdviceSupport/AdviceSheets/ComputerViruses/)
EXAMPLES
WORMS
a. The 911 Worm. On 02 Apr 2000, the FBI discovered a malicious piece of software during the course of a criminal investigation
in the Houston area. Dubbed the "911 virus" by the media, it is more accurately described as a "worm", because it requires
no action on the part of the computer user to propagate itself. The 911 worm propagates by identifying remote computers on
the network which have shared hard disks. It looks for a shared disk with write access enabled and no password. If it finds
one, it copies itself on to the hard disk and it is executed when the remote computer is restarted. It proceeds to look for
more computers with writable shared hard disks and no password. The 911 worm only operates on computers running Windows
95 or Windows 98. Macintosh, UNIX and other computer systems cannot be infected. The 911 worm is specifically designed
to attack computers which access the Internet through the following Internet Service Providers: att.net (ATT Worldnet), bellsouth.net
(BellSouth Net), level3.net (Level3 Net), aol.com (America Online), mindspring.com (Mindspring), earthlink.net (Earthlink), air.on.ca
(Air.Internet in Canada), psi.net (PSInet). If the 911 worm does infect a computer system, it may activate on the 19th of each
month and attempt to erase the computer's hard disk. The worm will also use the computer's modem to dial the 911 emergency
number, possibly causing erroneous emergency calls or jamming the 911 emergency system.
(http://www.rice.edu/it/security/virus/worm911.html)
b. Sasser Worm (2004). The fast-spreading computer worm Sasser has wreaked more havoc on computer users worldwide,
affecting several businesses, banks and government offices, including Britain's Coastguard. Users of the Windows operating
systems reported sluggish machines and computers that quit or rebooted for no reason. "Sasser is a successful and widely
propagating worm with a somewhat benign impact to the end user," said Chris Rouland of Internet Security Systems. "But people
should absolutely remove it." In Europe, the computer security company Sophos reported the worm hit all 19 of Britain's Coastguard
control centers. The computers shut down and officers had to work with old-fashioned pen and paper. "Radio and other forms of
communication from ships at sea remain unaffected," Peter Dymond, head of Search and Rescue, said in a statement on the
Coastguard's Web site. According to the Microsoft Web site, the operating systems affected include Windows XP, Windows
XP Service Pack 1, Windows 2000 SP2, Windows 2000 SP3 and Windows 2000 SP4. Sasser does not have a malicious payload,
meaning it does not destroy or alter information within a computer. Its main irritant is that it causes significant performance
degradation by dramatically slowing even the simplest of computer chores. (http://www.cnn.com/2004/TECH/internet/05/05/sasser.worm/)
c. Love Bug. The Love Bug worm, different from a virus because of its ability to travel independently through networks, flooded the
Internet with e-mails in May 2000 with the subject, ILOVEYOU. The body of the deceptive e-mail read, "Kindly check the attached
love letter coming from me." When opened, the e-mail wreaked havoc on computers, replicating it automatically, sending copies
to everyone in the user's address book, and damaging computer files, such as MP3s. First detected in Asia, Love Bug spread
across the world, infecting U.S. government computers at Congress, the White House and the Pentagon. Officials estimated
that the worm affected 80 percent of businesses in Australia, and a similar percentage in the United States.
VIRUS
Melissa. Melissa attacked computers in March 1999, infecting machines when users opened a Word document attachment
. Though the effect the virus had on individuals' computers was minimal, users of Outlook Express unintentionally sent the virus
on to the first 50 people who were in their Global Address Book. For companies, however, the virus had a larger impact. The
virus was sent to users with the subject, "Important message from [name]." More than a million users were affected, the BBC
reported. The virus also caused $80 million in damage, and was the first virus to travel through e-mail.
Bugbear. In October 2002, the Bugbear virus infected users running Windows via a security hole in Microsoft Outlook, Microsoft
Outlook Express and Internet Explorer. The virus copied itself to the hard drive and on to other computers that shared a network.
The virus copied the passwords and credit card number a user typed. Then, it could send a file with the personal information
to several e-mail addresses. In its first week, 320,000 infected e-mails were sent. The virus spread easily because when it sent
e-mails of an infected computer's address book, the subject lines read, "just a reminder," "bad news," "interesting" and other
subjects that seemed innocent. In 2003, Bugbear reappeared, but in a far more damaging strain. In 24 hours the newer version,
Bugbear.B, caused the same damage that it had taken the previous Bugbear three days to cause. Bugbear.B claimed its
new victims quickly because a flaw in Microsoft Outlook meant the program automatically opened e-mail attachments.
Sources: http://www.pbs.org/newshour/science/computer_worms/famous.html
Others: Time Bomb, Logic Bomb
3. Choose one example of computer abuse which you think is morally wrong. Explain why you consider it morally wrong using any
of the ethical principles you have learned in the earlier modules.
Hacking is an example of computer abuse which I think is morally wrong. Hacking involves unauthorized access to computer,
its files and programs with several reasons for doing such, i.e. theft of service, taking valuable files (such as credit numbers and
list of customers), vengeance and hatred, thrill and excitement and for the sake of knowledge and experimentation. It is morally
wrong based on the following ethical principles:
a. Ethics basically concern human actions. Hacking infringes on the intellectual rights of those who designed applications; thus
it becomes morally wrong; and
b. Hacking goes beyond the Moral Law, i.e. respect for the rights of owners.
