Armaan-Shamsaasef-2-

Notes for Week 2

Creative Commons - Good for a project where you do not mind anyone using it any way they want
Open Source MIT - Good for a project where you can use code freely and distribute closed versions.
Open Source GPL - Good for project where people can use your code but they cannot distribute closed versions

We picked a MIT license because there is not much reason for anybody to distribute the poway CTE website and its code. Additionally, the only conditions to it are that we must disclose the license and copyright information when we distribute the website.

I have seen PII on my about me page on previous csp projects, like my name, age, facts about me, and a picture.

I think we need to be careful when disclosing personal information online, because it could get into the wrong hands. But for things like social media, I think PII is a good thing because it makes it easier to get to know people.

Good passwords are usually unique codes that consist of numbers, letters, and maybe some symbols. Bad passwords could contain personal information about you, numbers representing your birthday or other meaningful things, and other personal information. Other steps that assist in authentication include verification emails that are sent containing a 6 digit code.

Symmetric encryption uses one key that is shared by multiple users looking to recieve information. Asymmetric encryption uses a public and private key when decrypting messages.

In deployment, we used HTTPS to encrypt our website. This uses a TLS protocol to send HTTP data/files to the user that is encrypted data.

One phishing technique I could have fallen for was entering my email into a public wifi service because I needed to connect to the internet temporarily. It has not come back to bite me yet, but that information could have been stored somewhere I didn’t expect. Some other Phishing techniques could be baiting people using an input that looks like a similar, trusted program, like a fake pop up ad that looks like facebook, but is not in reality.

The use of material created by someone else without permission is plagiarism and could have legal consequences.
Material created on a computer is the intellectual property of the creator/organization.
Ease of access and distribution of digitized info raises intellectual property concerns regarding ownership, value, and use.
Measures should be taken to safeguard intellectual property.
Intellectual Property (IP): a work or invention that is the result to creativity to which one has rights.
Copyright protects your IP and keeps anyone from using it, unless you give permission.
Creative Commons: publi copyright license that enables the free distribution of an otherwise copyrighted work. Used when the content creator wants to give others the right to share, use, and build upon the work they made.
Open source: programs are made freely available and may be redistributed and modified.
Open access: online research output free of any and all restriction on access and free of many restrictions of use, like copyright/license restrictions.
The use of material created by someone else should always be cited.
Creative Commons, Open source, and Open access have enabled broad access to digital info.

Personally identifiable information (PII) is information about an individual that indentifies, links, relates, or describes them.
- Examples include: Social Security number, age, race, phone number, medical info, financial info, biometric data.
- PII can be used to enhance a user’s experience, or can be exploited if privacy and other protections are ignored.
Search engines and websites can maintain a historu of searches that individuals make.
Devices can collect information about a user’s location.
Authentication measures protect devices from unauthorized access.
- Examples include strong passwords or multifactor authentication.
Computer virus and malware scanning software can help protect a computing system against infection.
Phishing is a technique that attempts to trick a user into providing personal info. That info can then be used to access other resources like emails and bank account info.
Keylogging is the use of a program to record keystrokes made by a computer user to gain access to passswords.
Data can be intercepted when sent over public networks, like through a rogue access point, a wireless access point that gives unauthorized access to secure networks.