UNIT 15 Webpage Creator 73


clubs that discuss various topics using email. After a website has been created and published, it is important that the creator updatesthe webpages frequently to vary and improve the website, keep the information up to date and make sure that the hyperlinks still connect to existing websites. A static siteis a website that does not change its content. It is common for an email address to be provided on the website to allow users to contact the website creator to provide feedback about the website. Creating a professional website


involves more than just publishing webpages. The website needs to be planned carefully if it is to be a success. This involves a number of stages including analysing the demand and other related websites, designing the webpages and the overall structure of the website, publishing and advertising the website including registering it on search engines and getting other websites to create links to it, and evaluating the website after it has been published by using user feedback and statistics on the use of the website.


 



UNIT 17


 

Computing Support


INTRODUCTION


Computing supportinvolves setting up and maintaining computing systems and solving hardware(the physical components of a computer system) and software(programs and data) problems. Common problems include: dealing with viruses(programs that can reproduce themselves and are written with the purpose of causing damage or causing a computer to behave in an unusual way); fixing faulty peripheralssuch as monitors, mice or printers; dealing with computers hanging(suddenly and unexpectedly stopping processing during the execution of a program); or computers crashing(failing suddenly and completely). It is usually the failure of the hard disk inside a computer that is referred to as a crash.

New computers commonly have a one-year warrantyagreement that allows the purchaser to obtain help with computing problems by telephoning computing support staff at a help centre.Each computer has its own unique serial numberthat identifies the equipment. It also usually has a service tag numberthat identifies its warranty agreement to the support staff. A job numberis usually issued by the support staff to uniquely identify the particular fault report. Special fault report forms are often used by the support staff to record the details of the problem. To solve the problem the support staff usually need to know the type of computer, type of processor, amount of RAM(random access memory-the memory that stores the user's program and data while they are being used by the computer), the operating system and what type of LAN(local area network - a network connected over a small area) it is connected to, if any.

The problem reported to the help centre in this unit involves MIDI(musical instrument digital interface) sound files. MIDI files are


created by connecting a musical instrument to a computer system. This type of music file is commonly found on the Internet and is used in Microsoft Encarta,a multimedia encyclopaedia program produced by the Microsoft Corporation. The faulty computer has 128 megabytesof RAM (approximately 128 million bytes - a byteis the amount of memory required to store one character e.g. a letter, a number or a punctuation mark). The fault is caused by a faulty sound driver(an operating system program that controls the sound system in the computer). The help centre will usually try to solve the problem over the phone but if that is not possible, the computer may have to be returned for repair or they may send out a repair technicianto the user's location. Many simple computer problems can be fixed by simply rebootingthe computer (restarting the computer operating system). Some computers have programs for testing and diagnosing hardware faults stored in ROM(read only memory) on the motherboard(the main electronic circuit board inside a computer that holds and connects together all the main electronic components). These stored programs are known as on-board diagnostic and repair tools.To save users having to telephone the help centre to solve well known common problems, the company selling the computer may have a website with a FAQs(frequently asked questions) section that describes common problems and their solutions.

The Microsoft Corporation has a website with a section known as the Microsoft Knowledge Basethat allows Microsoft software users to find out about known problems with using Microsoft software with certain combinations of hardware. It provides a description of the problem and any known


82 UNIT 17Computing Support


solutions to the problem. The Microsoft software problems used in this unit include a problem using a free Microsoft email program called Outlook Expressand the Dial-Up Networkingfeature in a Microsoft operating system. Dial-Up Networking allows the user to connect their computer to a network using a modem. The problem occurs with a particular make of video adapter(the expansion card that provides the electronics for controlling the monitor screen). The other Microsoft software problem is with Internet


Explorer(a free browserprogram used for viewing webpages) causing the computer to hang(to suddenly and unexpectedly stop processing during the execution of a program). The solution is to change the settings in the program that determine whether the program should hang up(disconnect the telephone line when it has finished sending, receiving or downloadingi.e. copying data from a server computer to the user's computer).


 



UNIT18


 

Data Security 1


INTRODUCTION


There are a variety of different crimes that can be committed in computing, including:

Description

Computer Crime

Spreading viruses

distributing programs that
can reproduce themselves
and are written with the
purpose of causing
damage or causing a
computer to behave in an
unusual way__________

Hacking

gaining unauthorised access to a network system

Salami shaving

manipulating programs or data so that small amounts of money are deducted from a large number of transactions or accounts and accumulated elsewhere.The victims are often unaware of the crime because the amount taken from any individual is so small.

Denial of service attack

swamping a server with large numbers of requests

Trojan horse

a technique that involves
adding concealed
instructions to a computer
program so that it will still
work but will also perform
prohibited duties. In other
words, it appears to do
something useful but
actually does something
destructive in the
background.__________

Trapdoors

a technique that involves leaving, within a completed program, an illicit program that allows unauthorised -and unknown - entry

Mail bombing

inundating an email address with thousands of messages, slowing or even crashing the server


 

Software piracy unauthorised copying of a program for sale or distributing to other users
Piggybacking using another person's identification code or using that person's files before he or she has logged off(disconnected from a network account)
Spoofing tricking a user into revealing confidential information such as an access code or a credit-card number
Defacing changing the information shown on another person's website
Hijacking redirecting anyone trying to visit a certain site elsewhere

A computer virusis a program that can reproduce itself and is written with the purpose of causing damage or causing a computer to behave in an unusual way. It infectsother programs i.e. it attaches itself to other programs, known as host programs,and therefore reproduces itself. It operates by replacing the first instruction in the host program with a JUMP command.This is a command that changes the normal instruction sequence in a program, causing the virus instructions to be executed(processed by the processor) before the host program instructions. When the virus has been executed, the host program is executed in the normal way.

When it attaches to operating system programs to integrate itself with the operating system (the set of programs that control the basic functions of a computer and provide communication between the applications programs and the hardware), it is said to have


86 UNIT 18Data Security 1


patchedthe operating system. Viruses normally attach themselves to programs that have a COM extension (e.g. command.com) that are known as command files or COM files,or to programs that have an EXE extension (e.g. explorer.exe) that are known as executable files or EXE files.A virus is loadedinto memory (copied from the storage media into memory) when a program it has attached itself to is runor executed(processed by the processor). It then becomes memory residenti.e. it stays in the memory until the computer is switched off. When the virus is triggeredby a predetermined event, it operates the payload(the part of the virus that causes the damage). Although a virus is the term used to describe any program that can reproduce itself, viruses usually have four main parts:

a a misdirection routinethat enables it to

hide itself b a reproduction routinethat allows it to

copy itself to other programs


c a triggerthat causes the payload to be activated at a particular time or when a particular event takes place

d a payloadthat may be a fairly harmless joke or may be very destructive.

A program that has a payload but does not have a reproduction routine is known as a Trojan.Each virus is given a name e.g. Love Bug and can be classified as a particular type of virus. Virus types include: logic bombsthat destroy data when triggered; boot sector virusesthat store themselves in the boot sectorof a disk (the part of a disk containing the programs used to start up a computer); file virusesthat attach themselves to COM files; macro virusesthat are small macro programs that attach themselves to wordprocessor files and use the macro programming facilities provided in some wordprocessor programs.


UNIT 19


 

Data Security 2


INTRODUCTION


There are a variety of security measures that can be used to protect hardware (the physical components of a computer system) and software (programs and data) including:

1 Controlling physical accessto hardware and software.

2 Backing updata and programs (storing a copy of files on a storage device to keep them safe).

3 Implementing network controlssuch as:

a using passwords(a secret code used to control access to a network system)

b installing a firewall(a combination of hardware and software used to control the data going into and out of a network. It is used to prevent unauthorised access to the network by hackers).

c encrypting data(protecting data by putting it in a form only authorised users can understand)

d installing a callback system(a system that automatically disconnects a telephone line after receiving a call and then dials the telephone number of the system that made the call, to reconnect the line. It is used in remote access systems to make sure that connections can only be made from permitted telephone numbers).

e using signature verificationor biometric security devices(security devices that measure some aspect of a living being e.g. a fingerprint reader or an eye scanner).

4 Separating and rotating the computing
functions
carried out by employees and
carrying out periodic auditsof the system
i.e. observing and recording events on the
network systematically.


5 Protecting against natural disastersby
installing uninterruptible power supplies

(battery backup systems that automatically provide power to a computer when the normal electricity source fails) and surge protectors(electronic devices that protect equipment from damage due to a sudden surge in a power supply).

6 Protecting against virusesby using
antivirus programs(computer programs or
sets of programs used to detect, identify
and remove viruses from a computer
system) and ensuring that all software is
free of viruses before it is installed.
Particular care must be taken when using
public domain software(free software)
and shareware(software that is free to try
out but must be paid for if it is used after
the trial period).

A smart cardis a plastic card containing a processor and memory chip. It can be used to store large amounts of confidential data including coded data that can be used as digital cash(electronic currency that is used for making electronic purchases over the Internet). It can also be used as a security device to prevent or allow access to a system and allow a user to withdraw cash from a bank ATM(automatic teller machine - a type of machine used by banks for enabling customers to withdraw money from their bank accounts). A smart card readeris a device used for reading smart cards by detecting radio signals emitted from a radio antenna(aerial) in the form of a small coil inside the smart card.

An anti-virus programis a program that checks files for virus coding instructions inside another program and can be used for removing any virus coding instructions detected.


UNIT 19 Data Security 2


A backup programis a program that stores a copy of data on a storage device to keep it safe. There are different kinds of backup, including:

a Incremental backupwhich copies all the selected files that have been created or changed since the last full, differential or incremental backup. These files are identified by the fact that their archive bitwould be on. The archive bit is a digital bit stored with a file indicating if the file has been backed up since it was last edited. The archive bit is switched off when the


file is backed up using a full or

incremental backup. b Differential backupwhich copies all the

files created or modified since the last full

backup. The archive bit is not set to 'off*

by a differential backup. c Full backupwhich copies all the selected

files on a system, whether or not they

have been edited or backed up before.

A series of incremental backups and a full backup, or the most recent differential backup and a full backup, is known as a backup set.


 




UNIT 20


 

The ex-hacker


INTRODUCTION


A hackeris a person who attempts to gain unauthorised access to a network system. They are often young teenagers although they are usually fairly skilled programmers(people who write computer programs). Sometimes, the type of person who becomes a hacker is referred to as a 'geek*(an expert lacking in social skills), or as an 'anorak'(a slang term for an eccentric, socially inept person with little or no fashion sense and having an obsessive interest in a hobby or subject). Although 'geek* was originally a derogatory term it is now used in computing to mean a dedicated expert. Although it is illegal, people become hackers for different reasons including: making money, criminal purposes, or to expose political information. But often people hack(break into a computer system) just because it is an exciting challenge. Parents are often unaware that their children are hacking into computer systems although they usually receive very large telephone bills. Young hackers are often caught by boasting about their successes to their friends.

Since hacking(attempting to gain unauthorised access to a network system) is illegal, hackers want to keep their true identity secret but they often like to call themselves by special names such as 'the Analyser'. The Internet has made hacking more common and hackers are found throughout the world. They sometimes form hacking groupsor teams that work together and exchange ideas. These groups also like to be known by names such as 'Hackers Unite*.

Hackers like to attack and penetrate computer systems belonging to large, important organisations such as the Pentagon's computer systems, computer systems belonging to US military bases and Hotmail,the free email service provided by


the Microsoft Corporation. In fact, hackers compete with each other to be the first to hack into really powerful systems. Often, breaking into a system is done gradually, with the hacker gaining entry to a system then planting passwords in the system, allowing them to gain access to the system more easily in the future.

When a hacker gains access to a system they don't usually break into the system using the Internet and steal all the data on the system, as is often portrayed in the cinema. In fact, most hacks(break-ins) are done by company staff misusing the company network system. Hackers have been known to do a variety of things to computer systems, including:

a Downloadingfiles (copying files from a server computer) and leaking confidential information. Postinginformation is the term used for making information available to a large number of users in a newsgroup(an Internet discussion group that uses a restricted area on a server computer to display messages about a common interest) or on a bulletin board(an electronic noticeboard system that enables users to display messages for other users to read).

b Exposing email(electronic mail)

correspondence managed by well known email services, causing the service to be shut down while the exposed weakness in the system is repaired.

c Programming email server computers to reroute email (send to a different email address than the one it was originally sent to).

d Hijackingwebsites by redirecting the Web address(URL) to point to another website.

e Defacingwebsites by changing the text and graphics on the webpages, sometimes


UNIT 20 The ex-hacker 95


leaving very rude messages on the system. f Blackmailingthe owners of websites by threatening to damage their systems by doing something like releasing a virus(a program that can reproduce itself and is written with the purpose of causing damage or causing a computer to behave in an unusual way) onto their system, although such a threat often turns out to be nothing more than a hoax.

Sometimes, young hackers put their experience and knowledge to good use when they become older. Many former hackers have been hired by large companies as security experts.They are employed to test out the company systems by trying to hack into them to find any weaknesses in the systems. Cyberspaceis the combination of all the data on all the computer networks throughout the world, accessed using the Internet. A person who uses their skills to make cyberspace safer is referred to as a "white hat* hacker.

A computer system can be hacked(broken into) in various ways including:

a guessing somebody's password(secret code used to control access to a network system)

b finding a bug(a fault in a system) that allows certain passwords to access information they are not supposed to access

c phoning a company, pretending to be a company employee and asking for a password. People tend to be too trusting.

Connecting to a computer network involves logging in(sometimes referred to as logging on)by typing a username or ID (identification username) and a password. Usernames that are often used on networks systems include 'guest', 'demo' and 'help*.


To avoid a computer system being hacked into, the people managing the system must work hard to keep ahead of the hackers. There are different ways of avoiding being hacked into including:

a installing a firewall(a combination of hardware and software used to control the data going into and out of a network)

b using a callback system(a system that automatically disconnects a telephone line after receiving a call and then dials the telephone number of the system that made the call, to reconnect the line. It is used in remote access systems to make sure that connections can only be made from permitted telephone numbers.)

c having really secure passwords(secret codes used to control access to a network system) - don't use common names or dictionary words

d auditingthe system regularly (checking the system regularly using event logs to find failed access attempts).

Some people do not like to give out their credit card numbers on the Internet. Hackers have been known to get databases(applications programs used for storing information so that it can be easily searched and sorted) of credit card numbers by hacking computer systems. However, in the opinion of the ex-hacker in this unit, using your credit card on the Internet is no more dangerous than giving your credit card number on the telephone or throwing away a credit card receipt. There are various things you can do to avoid credit card theft on the Internet including:

a using a separate credit card for Internet

purchases b having a small credit limit on the credit

Card you use



UNIT 21


 

Software Engineering


INTRODUCTION


Software engineeringis the discipline of designing high quality software solutions. Softwareconsists of programs (sets of instructions for controlling a computer) and data(the material that has to be processed). Programs are written in computer languages by people called programmers. A systems analystis a person who designs or modifies information systems to meet users' requirements. This includes investigating feasibility and cost, producing documentation, and testing prototypes of the system. Producing a program, therefore, involves a number of stages including:

a clarifyingthe problem by considering the

requirements of the potential users b designingthe solution to the problem by

first deciding on the overall structure of

the solution c codingthe program by first choosing an

appropriate programming language and

inputting the program code d testingand debuggingthe program

(identifying and fixing any problems or

faults in the program code) e documentingand maintainingthe

program including writing instructions for

using the program.

Systems analysts first need to talk to the people involved in the computing problem, including the people managing the system and the users or potential users of the system. They need to establish factors such as:

a the nature of the problem

b what systems already exist

c to what extent any existing systems are computerised(changed so that they can be operated or controlled using a computer)


d what output(the processed data or signals that come out of a computer system) will be required from the system

e who will be using the system and what parts of the system they need to be able to use

f the computing experience of the staff and what training would be required

g what hardware(the physical components of a computer system) already exists and what would need to be added, including the specification of the hardware and whether a network systemis required (a system where a number of computers and peripheral devices are connected together).

They then have to plan the structure of the solution and check it through with the people involved to make sure it meets their requirements. Next, they have to choose a suitable programming language and write the program(a set of instructions, written in a computer language, that control the behaviour of a computer), continually testing and adapting it until it works to the satisfaction of the customer and users. The system then has to be put into service and the users have to be trained. This involves documenting the program specifications and writing instructions for using the system.

Programming languages commonly use different structures for sequencing program instructions, including:

a conditional instructionsi.e. if a certain condition is true, then process this instruction (if X then Y). Decision tables

are used to indicate how a conditional structure will process data. They show all the different inputs that might arise for each condition and the resulting outputs that would be produced by the conditional instruction.