Tianbin-GitHub Page

This GitHub project provides GitHub Pages and Data Strucutres Python code in the same Repository.

Project maintained by TianbinLiu Hosted on GitHub Pages — Theme by nighthawkcodingsociety

5.6 Safe Computing

Personally identifiable information (PII) is information about an individual that identifies, links, relates, or describes them.
Examples of PII include:

Search engines can record and maintain a history of searches made by users.
Websites can record and maintain a history of individuals who have viewed their pages.
Devices, Websites, and networks can collect information about a user’s location
Technology enables the collection, use, and exploitation of information about, by, and for individuals, groups, and institutions.
Search engines can use search history to suggest websites or for targeted marketing.
Disparate personal data, such as geolocation, cookies, and browsing history, can be aggregated to create knowledge about an individual.
PII and other information placed online can be used to enhance a user’s online experiences.
PII stored online can be used to simplify making online purchases.
Commercial and government curation of information may be exploited if privacy and other protections are ignored.
Information placed online can be used in ways that were not intended and that may have a harmful impact. For example, an email message may be forwarded, tweets can be retweeted, and social media posts can be viewed by potential employers.
PII can be used to stalk or steal the identity of a person or to aid in the planning of other criminal acts.
Once information is placed online, it is difficult to delete.
Programs can collect your location and record where you have been, how you got there, and how long you were at a given location.
Information posted to social media services can be used by others. Combining information posted on social media and other sources can be used to deduce private information about you.
Authentication measures protect devices and information from unauthorized access. Examples of authentication measures include strong passwords and multifactor authentication.
A strong password is something that is easy for a user to remember, but would be difficult for someone else to guess based on knowledge of that user.
Multifactor authentication is a method of computer access control in which a user only granted access after successful presenting several separate pieces of evidence to an authentication mechanism, typically in at least two of the following categories: knowledge (something they know), possession (something they have), and ingerence (something they are).
Multi Factor authentication requires at least two steps to unlock protected information; each step adds a new layer of security that must be broken to gain unauthorized access.
Encryption is the process of encoding data to prevent unauthorized access. Decryption is the process of decoding the data. Two common encryption approaches are:

Certificate authorities issue digital certificates that validates the ownership of encryption keys used in secure communications and are based on a trust model.
Computer virus and malware scanning software can help protect a computing system against infection
A computer virus is a malicious program that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer.
Malware is software intended to damage a computing system or to take partial control over its operation
All real-world systems have errors or design flaws that can be exploited to compromise them. Regular software updates help fix errors that could compromise a computing system.
Users can control the permissions programs they have for collecting user information. Users should review the permission settings of programs to protect their privacy,
Authentication

Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails.
Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.
Data sent over public networks can be intercepted, analyzed, and modified. One way that this can happen is through a rogue access point. A rogue access point is a wireless access point that gives unauthorized access to secure networks
A malicious link can be disguised on a web page or in an email message.
Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised.
Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.

GitHub pages action

  1. Describe PII you have seen on project in CompSci Principles.
    • In our project we had made a page to allow the user to post their Gmail on it. And the personal Gmail is also one of the PII.
  1. What are your feelings about PII and your exposure?
    • I feel like the PII is very important for us and there is more website that needs the user to create their account with PII like Gmail, credit card, ZIP. And I learned that most forums of the dark web don’t need PII to create accounts and most people who used dark web protect their PII very well. I think that is an Irony because people who are in a dangerous environment have better protection of their PII than the people who never touch the dark web because they know how important their PII is and the danger to let others know their PII. For me, when I know about the dark web is exist, I searched online to know about how to touch the dark web. And every course I found are also taught people how to protect their PII on the dark web and almost every course had talked about the danger of the dark web and losing PII. For example, they will teach people to use a Virtual Mobile phone Number to create account. And when the time goes on, I felt like there is no secret of us to the large company. More news about people using others’ PII to do wrong things and more news about the company selling or losing users’ PII. And there are websites that sell people PII even their Social Security number. I felt like people’s PII are known by more people and become cheaper when time goes on.

  2. Describe good and bad passwords? What is another step that is used to assist in authentication.
    Good password: sajdih219hs9d12@##@$$#!@#!
    Bad passwords: 123456789
    Example of another step: Face authentication

  3. Try to describe Symmetric and Asymmetric encryption.
    Symmetric key encryption involves one key for both encryption and decryption.
    Asymmetric: involves one key for each encryption and decryption(one for sender one for the receiver.)

  4. Provide and example of encryption we used in deployment.
    When we download some files from the Internet, the file may be encrypted and need a key to extract or decryption.

  5. Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.
    I learned that people may send you an email with a link and said your bank account had been frozen and need you to change the password for safety, please click the link to change the password. And if you click the link and type your account and password, the website had recorded what you type so that your information had known by the web controller.