Concepts Assignment

Concept #26

“The Internet is a profoundly ‘open’ system and advanced Internet users are cautious about either accepting or sending material from and to unknown sources and are careful in releasing information about themselves in any form. Conceptually, the Internet challenges us to take greater responsibility for the protection of privacy and security than perhaps we are used to when dealing with the media.” (Allen, n.d.)

Today the greatest threat to the Internet and its users is that caused by the Botnet. What is a Botnet? A Botnet is collection of computers that have had their security compromised and are now being used for range of illegal activities. (Unknown. 2008) Botnets can range in size from hundreds to hundreds of thousands of computers.  These networks are used for a large range of illegal services from; denial-of-service (DoS) attacks, spreading viruses / trojans, sending spam, hosting phishing websites, spreading spyware and being used for identity theft.

The first Botnet was identified in 2005 and had an excess of 1.5 millions hosts. This was somewhat larger than the 100,000 computers that security researchers initially predicted it to contain. (Keizer, 2005) This network was allegedly created by infecting machines with a variant of the ToxBot Trojan. Once in control it has been identified that it was used in a number of phishing scams (to hijack Paypal and Ebay accounts) and undertake DoS attacks against companies as a way of extorting money.  (Keizer, 2005) The most troubling thing is that most Botnets have an estimated processing power available to them, which exceeds most current supercomputers due to their distributed nature. This also makes it hard to eliminate them as most of the infected computers are unaware they are indeed infected. (Dvorsky, 2007) I doubt this is what Xerox Parc intended to happen when they created the first worm in 1978 as a means of utilising unused processing power across computers on a network. (Unknown, 2007) Work is currently being undertaken on a number of fronts to contain and then eliminate the threats as they are identified.

Efforts are currently being taken by government agencies around the world to identify and prosecute the owners of these Botnets. In addition to this civilian groups such as Honeynet and Shadowserver are also working to identify and then disable networks. Everyone can do their part though. Each computer that is secure against attack is one less computer that can be infected.

Firstly you can install a web filtering software. This software connects to a server from a trusted source (Trend Micro for example), it then receives and an updated list of known dangerous websites.  It will then notify the end user of the possible dangers of visiting it and give them the choice to continue on and visit the site or to not view it.

Secondly you can ensure that you regularly update your operating system and installed programs. Many Trojans access systems through security flaws in un-patched software. For example in 2007 an exploit was uncovered in the Adobe PDF format. With this vulnerability if you opened an infected PDF document your systems security could be compromised and a 3rd party could gain access. (Gilbertson, 2007)

Thirdly you can install a security suite software package. PC-cillin Internet Security is one such package. It offers the following security tools:

• Virus protection
• Spyware protection
• Phishing protection
• Personal firewall 
• Spam protection
• Data theft prevention

These programs do contain subscription fees but considering the protection they offer it is minimal.

Lastly, be smart. Don’t give out your personal details, passwords or credit cards. Also be very careful about providing too much information to the latest Web 2.0 social network you just subscribed to. They have been the latest targets of hackers for identity theft. (York, 2006) It is a constant battle but the more people that play it smart the less of a problem Botnets will become.
Site 1:
Title:Cybercrime
Unknown. (2008). Cybercrime. Retrieved April 3, 2008, from Norton from Symantec:
http://www.symantec.com/norton/cybercrime/index.jsp

Evaluation:The cybercrime website from Symantec is a treasure trove of information regarding various forms of cybercrime and how you can be affected. It also lists what to do when you are affected and who you can contact. While the site does mention the Symantec security products a few times it is not overt and I didn’t feel that it was some shoddy attempt to sell their products. Probably the best feature of the site is that it also offers Flash demos explaining the various dangers in simple plain English in addition to more technical explainations. I found the one explaining how Bots, Trojans and Spyware work especially useful. It can be found here.  This site will definitely be useful for explaining to my parents what Phishing is next time I visit them.

Site 2:
Title:Storm Botnet storms the Net
Dvorsky, G. (2007, September 24). Storm Botnet storms the Net. Retrieved April 3, 2008, from IEET: http://ieet.org/index.php/IEET/more/dvorsky20070927/

Evaluation:I have been using the Institute for Ethics and Emerging Technologies (IEET) website for awhile as I have always found them to provide a good range of factual articles emerging technology and its impact on both individuals and society as a whole. Definitely a must read for anyone interested in the impacts in society from anything from human enhancement to World of Warcraft.

Concept #11

“Advanced Internet users learn to intuitively conceive of any document, file, message or communication as consisting of metadata and data. They then can explore the functions of various communications/information software looking for how that software can assist them in using metadata to enable sorting, processing or otherwise dealing with that data.” (Allen, n.d.)

Metadata, to put it simply is, ‘data about data’. (Garshol, 2004) Still confused, you are not the only one. Probably the easiest way to understand it is, to simply think of it as a more complex classification system. Similar in a way to the Dewey Decimal Classification (DDC) or Library of Congress Classification (LC) systems, which are in place in most libraries in Australia. What metadata does is go that extra step further and describes the documents, content, structure and its context.

The fact that our current classification and indexing systems, are unable to cope with the increasing influx of data flooding the Internet led to the creation of metadata. (Weibel, Kunze, Lagoze, & Wolf, 1998) We all know how hard it can be to find a relevant document sometimes. While many of the metadata systems available are still in their infancy stages, several have achieved wide support with the Internet community.

Currently one of the most popular metadata systems in use is the Dublin Core system. It is currently being developed during a course of workshops, which began in 1995. These workshops host a large number of specialists which hail from various information fields; from, librarians, digital library researchers, context experts and text-markup experts. The Dublin Core Metadata system most recent revision consists of 15 metadata elements. These elements are broken into three groups which list the documents; content, intellectual property and instantiation. (See Figure 1.0 for details.) (Weibel, Kunze, Lagoze, & Wolf, 1998)Even webpage’s that are created with XML are now able to utilise the Resource Description Framework (RDF). This framework enables the Dublin Core system to be applied to the webpage in question. (See Figure 1.1 for details.) (Unknown, 2008) By tagging documents this way, complex searches are possible and the results are far more accurate.

Metadata is being used in some format or another by many of the latest generation web services and programs. The latest version of Microsoft Office allows for basic metadata to be attached to documents, as does iTunes. Flickr (community photo albums), Del.icio.us (community bookmarking) and WordPress(blogging community) are some of the popular web services available that currently allow for some form of metadata to be utilised.

For now most metadata systems are still in their infancy but, as the information available to us grows the need for a reliable, accurate and standardised system of searching for documents will become more and more vital. So it might be wise to getting used to tagging your office documents, bookmarks and photos. As its only the beginning.

Figure 1.0: Dublin Core Metadata schema (Taylor, 2003)

Element
 Element description
 
Creator
 Person or organisation primarily responsible for creating the intellectual content of the resource, e.g. authors in the case of written documents, artists, photographers, etc. in the case of visual resources.
 
Publisher
 The entity (e.g. agency including unit/branch/section) responsible for making the resource available in its present form, such as a publishing house, a university department, or a corporate entity.
 
Contributor
 Person or organisation not specified in a Creator element who has made significant intellectual contributions to the resource but whose contribution is secondary to any person or organisation specified in a Creator element, e.g. editor, transcriber, illustrator.
 
Rights Management
 A rights management statement, an identifier that links to a rights management statement.
 
Title
 The name given to the resource, usually by the creator or publisher. Can be the same as the title of the resource, or may be more descriptive
 
Subject
 The topic of the resource. Typically, will be expressed as keywords or phrases that describe the subject or content of the resource. Controlled vocabularies and formal classification schemes are encouraged.
 
Date
 A date associated with the creation or availability of the resource.
 
Identifier
 A string or number used to uniquely identify the resource. Examples for networked resources include URLs, Purls and URNs. ISBN or other formal names can be used.
 
Description
 A textual description of the content of the resource, including abstracts in the case of document-like objects or content descriptions in the case of visual resources.
 
Source
 The work, either print or electronic, from which this object is derived, if applicable. Source is not applicable if the present resource is in its original form.
 
Language
 The language of the intellectual content of the resource.
 
Relation
 Relationship to other resources, e.g. images in a document, chapters in a book, items in a collection.
 
Coverage
 Spatial locations and temporal duration characteristic of the resource.
 
Type
 The category of the resource, such as home page, novel, poem, working paper, technical report, essay, dictionary.
 
Format
 The data format of the resource, used to identify the software and possibly hardware that might be needed to display or operate the resource, e.g. postscript, HTML, text, jpeg, XML.
 
Figure 1.1: XML Example  

<?xml version=”1.0″?>
<rdf:RDF
xmlns:rdf=”http://www.w3.org/1999/02/22-rdf-syntax-ns#”
xmlns:dc= “http://purl.org/dc/elements/1.1/“>
<rdf:Description rdf:about=”http://www.w3schools.com“>
  <dc:title>D-Lib Program</dc:title>
  <dc:description>W3Schools – Free tutorials</dc:description>
  <dc:publisher>Refsnes Data as</dc:publisher>
  <dc:date>1999-09-01</dc:date>
  <dc:type>Web Development</dc:type>
  <dc:format>text/html</dc:format>
  <dc:language>en</dc:language>
</rdf:Description>
</rdf:RDF>

Site 1:
Title:Metadata in the Oxford Digital Library
Unknown. (2001). Metadata in the Oxford Digital Library . Retrieved May 3, 2008, from Oxford Digital Library : http://www.odl.ox.ac.uk/metadata.htm

Evaluation:While this site was quite old (well 2001) I found it to be quite useful as an inital resource. It helped explain the basic concept of metadata and then provided a brief summary of the various standards currently available and would then link to the page for each resource. It also provided list of useful Meta tools and some further references which I also found quite useful.

Site 1:
Title:An Introduction to Metadata
Taylor, C. (2003, July 29). An Introduction to Metadata . Retrieved May 1, 2008, from University of Queensland: http://www.library.uq.edu.au/iad/ctmeta4.html

Evaluation:  Chris Taylor’s paper provides quick overview of the various schemas and implementation methods before delving into the Dublin Core method in detail. He also explains the reason why metadata is must in the information age of today and how relying simply on a search engine has its flaws. Especially with the volume of information on the internet growing every day.

Concept #7

“Good communication practice on the Internet is not something one ‘learns’, but something one ‘practices’ so as to teach others, less familiar than yourself, how it is done.” (Allen, n.d.)

Just like in real life, the Internet has a set of informal set of guidelines for allowed behaviour. These guidelines are known as Network Etiquette or netiquette and just real life much of this need to be learnt. They are especially important because while during face to face or telephone communication, both parties are able to use audible and physical cues to reinforce and clarify the message that is being sent. Communication via the Internet doesn’t have that benefit so the netiquette must be utilised to ensure the correct message is conveyed.

In 1995 the core rules were documented in RFC 1855 Netiquette Guidelines by the Responsible Use of the Network (RUN) Working Group of the Internet Engineering Task Force (IETF). This was done in an effort to educate the new users that were flocking to the Internet at the time and ensure that they followed the rules and values currently in place. Most of the rules may be seen as common sense but, others definitely need to be learnt. (Hambridge, 1995) Here are some examples of the more common rules.

Emoticons are used to express emotions and actions (:-Q is a person smoking) as are acronym (AFK – away from keyboard), just be sure you don’t overuse them. Abbreviations are also allowed (‘u’ for ‘you’), but be sure to remember that they may not be appropriate in all situations, a professional email to your manager for example. Be concise in your messages, make sure you’re using line breaks, check your subject is relevant and don’t type in caps as it is considered SHOUTING. Probably the most important thing to remember is that nothing you send is ever guaranteed to stay private, so make sure you never include any personal or confidential information. (Unknown, 2008)

All of these and more can be found under RFC 1855 and you will also find that most work places, mailing lists, and forums etc have established personalised guidelines. A Robert Jordan mailing list may have a list of common questions and answers also listed (Who killed Asmodean?) this way every new member doesn’t ask the same questions and flood the mailing list. Unfortunately many people seem unaware or simply don’t care, and we have more and more situations where people believe anything is allowed online.Two of the worst examples I remember were from last year.

Firstly in March 2007, Kathy Sierra a well know blogger and technical author received a flood of abuse and even death threats after she deleted some inflammatory comments from her personal blog. Due to these threats Kathy pulled out of speaking at a conference. (O’Reilly, 2007) Secondly in November 2007 there was the case of the suicide of a 13 year old girl in the U.S.A. The girl was allegedly driven to the act by online bullying. The worst part is this bullying appears to have been instigated by the mother of one of her friends via MySpace under the guise of a young male. (Zetter, 2007) Not exactly the actions that you would expect from your average person. While it was in reference to a game at the time, I think John Gabriel from Penny Arcade’s comment relates to general Internet use as well:

“Unreal Tournament 2004 is a great game and an almost ridiculous value. It’s only flaw isn’t in code – it’s in the human beings that feel that they have a licence to say whatever they want because they bought the copy that includes a headset.”  (Gabriel, 2004) (You can view the related comic here)

There is a silver lining on that cloud though as these and other incidents like them have helped bring the problem of poor netiquette to light. Government initiatives such as the NetAlert are definitely a step in the right direction. As they provide the tools to train everyone in the values of etiquette.

Site 1:
Title: RFC 1855 Netiquette Guidelines
Hambridge, S. (1995, October). Netiquette Guidelines. Retrieved April 15, 2008, from IETF.org: http://tools.ietf.org/rfc/rfc1855.txt

Evaluation:This document was an extremely useful resource and was created by the Responsible Use of the Network (RUN) a section of the Internet Engineering Task Force (IETF). It is targeted primarily to new Internet uses and provides a useful set of guidelines for responsible Internet use. It lists a wide range of do’s and don’ts for Internet systems and services such as; email, chat, mailing lists and newsgroups. It also mentions a few legacy systems such a gopher and wais and while these are no longer in popular use, the information provided is still applicable when using the World Wide Web (WWW).

Site 2:
Title:Call for a Blogger’s Code of Conduct
O’Reilly, T. (2007, March 31). Call for a Blogger’s Code of Conduct.Retrieved April 22, 2008, from O’Reillys radar: http://radar.oreilly.com/archives/2007/03/call-for-a-bloggers-code-of-co.html

Evaluation: This informative blog entry by Tim O’Reilly discusses the necessity of a code of conduct for bloggers and describes the challenges involved in creating a uniform system that would be effective across the globe. A definite challenge considering the fact that what may be allowed in one country may be illegal in another. This call for a code came to prominence after a well-known technical author and blogger Kathy Sierra received abuse and death threats after she deleted some inflammatory comments from her blog.  Common decency would stop most people from undertaking such acts, unfortunately the combination of anonymity and an audience seem to bring out the worst in people.

Concept #22

“Advanced Internet users are alert to regulatory processes in public discussion and ensure that they do not break them without good cause.” (Allen, n.d.)

What does Internet regulation mean? Well it is a way governments try to restrict the access to material that has been deemed inappropriate. What is inappropriate I hear you say? That depends on the country in question.

In China for example they have the most sophisticated form of internet filtering in the world. Most of the filtering happens at the backbone infrastructure as the data enters the country. This helps limit the possibilities of circumventing the system. This new Great Wall (known as the Golden Shield Project in China) enables Chinese authorities to filter content in a wide range of methods. They are able to filter web pages, blogs, forums and even private email messages. For example someone seeking access to content such as; Taiwanese and Tibetan independence, Falun Gong, the Tiananmen Square incident or anti-Communist sites will generally find they have been blocked. When the Chinese version of Google launched in 2006 it was also required to make changes to its setup to ensure that it complied with the Chinese laws and regulations.  The extent of this regulation is quite concerning. Many freedom of speech groups have expressed concerns of similar but not as extensive (at least initially) being proposed around the world. (Palfrey Jnr & Zittrain, Unknown)

The Russian government has also interest in implementing a regulation system which filters ‘extremist material’. As of yet there has been no details on how something is deemed as such. In the current political climate in Russia where much of the media is controlled by the state this is definitely a concern.  (Cheng, 2008)

In the European Union (EU) they have also put forward a proposal which will provide them with the ability to give individuals prison sentences for ‘inciting terrorism’.  Any Internet Service Provider (ISP) which hosts a site which incites violence, provides instructions on bomb making or distributes terrorist propaganda will be forced to remove the site. The owner may also face criminal charges. This proposal differs from the Chinese form of regulation though as it relies on the individual ISP to remove the site when instructed. Similar to the Digital Millennium Copyright Act (DCMA) notices that are currently sent to ISPs worldwide when a site they are hosting is found to host copyrighted content. (Anderson, 2007)

Even Australia has had various proposals put forward to ensure the internet provided to Australians is ‘clean’ before they receive it. This clean feed proposal is currently being promoted by the Australian Labor Party (ALP) as a way of blocking pornography and forcing people to opt-in in the event that they wish to have access. (Unknown, EFA Attacks Clean-Feed Proposal, 2008) There is great concern in the industry that this is simply a grab for votes, especially when parental controls promoted on NetAlert were found to be far more effective.(Unknown, Parental Controls, 2008) Only the time will tell though what the future holds.

Site 1:
Title: Internet Filtering in China in 2004-2005: A Country Study.
Palfrey Jnr, J., & Zittrain, J. (Unknown). Internet Filtering in China in 2004-2005: A Country Study. Retrieved May 5, 2008, from Open Net: http://opennet.net/studies/china/#toc5

Evaluation:  I found this site to be quite interesting. I had been aware that there was some form of filtering enabled in China but never honestly knew how it worked. This site provides some background initally on how the media is controlled and the various restrictions that are imposed. It then jumps right in and gives an indepth anyalsis on how each form of filtering works. After reading that I must say I hope nothing like that happens in Australia.

Site 1:
Title: New Iron Curtain may be draped over Russian Internet
Cheng, J. (2008, April 24). New Iron Curtain may be draped over Russian Internet. Retrieved April 29, 2008, from Ars Technica: http://arstechnica.com/news.ars/post/20080424-new-iron-curtain-may-be-draped-over-russian-internet.html

Evaluation:  Ars Technica general technology site which covers anything from business, gaming, hardware and security. In this report I  actually used this site in general for 2 article the other one was about an EU regulation proposal. Anyway this article focuses on the recent proposal by the current Russian government to amend the current laws. The outline it provides regarding the  current media control in Russia only highlights the potential problems this will have for Russians if passed.

 

Bibliography

Anderson, N. (2007, November 6). Mission Impossible: EU to ban bomb-making info and terror incitement online.Retrieved April 16, 2008, from Ars Technica: http://arstechnica.com/news.ars/post/20071106-eu-to-ban-internet-bomb-making-recipes-and-terrorist-incitement.html

Cheng, J. (2008, April 24). New Iron Curtain may be draped over Russian Internet.Retrieved April 29, 2008, from Ars Technica: http://arstechnica.com/news.ars/post/20080424-new-iron-curtain-may-be-draped-over-russian-internet.html

Dvorsky, G. (2007, September 24). Storm Botnet storms the Net.Retrieved April 3, 2008, from IEET: http://ieet.org/index.php/IEET/more/dvorsky20070927/

Gabriel, J. (2004, March 19). Green Blackboards (And Other Anomalies).Retrieved April 21, 2008, from Penny Arcade: http://www.penny-arcade.com/2004/3/19/

Garshol, L. M. (2004, 10 26). Metadata? Thesauri? Taxonomies? Topic Maps!Retrieved April 9, 2008, from ontopia: http://www.ontopia.net/topicmaps/materials/tm-vs-thesauri.html

Gilbertson, S. (2007, October 09). Adobe Confirms PDF Exploit.Retrieved April 22, 2008, from Wired.com: http://blog.wired.com/monkeybites/2007/10/adobe-confirms-.html

Hambridge, S. (1995, October). Netiquette Guidelines.Retrieved April 15, 2008, from IETF.org: http://tools.ietf.org/rfc/rfc1855.txt

Keizer, G. (2005, October 21). Dutch Botnet Bigger Than Expected.Retrieved May 6, 2008, from TechWeb Technology News: http://www.informationweek.com/news/security/government/showArticle.jhtml?articleID=172303265

Keizer, G. (2005, October 10). Dutch Police Crush Big Botnet, Arrest Trio.Retrieved April 15, 2008, from TechWeb Technology News: http://www.techweb.com/wire/security/171204478

O’Reilly, T. (2007, March 31). Call for a Blogger’s Code of Conduct.Retrieved April 22, 2008, from O’Reillys radar: http://radar.oreilly.com/archives/2007/03/call-for-a-bloggers-code-of-co.html

Palfrey Jnr, J., & Zittrain, J. (Unknown). Internet Filtering in China in 2004-2005: A Country Study.Retrieved May 5, 2008, from Open Net: http://opennet.net/studies/china/#toc5

Taylor, C. (2003, July 29). An Introduction to Metadata .Retrieved May 1, 2008, from University of Queensland: http://www.library.uq.edu.au/iad/ctmeta4.html

Unknown. (2008). Behaviour.Retrieved April 4, 2008, from Australian Government – NetAlert: http://www.netalert.gov.au/advice/behaviour.html

Unknown. (2008). Crimeware: Bots.Retrieved April 3, 2008, from Norton from Symantec: http://www.symantec.com/norton/cybercrime/bots.jsp

Unknown. (2008, January 2). EFA Attacks Clean-Feed Proposal.Retrieved May 5, 2008, from Electronic Frontiers Australia: http://www.efa.org.au/2008/01/02/media-release-efa-attacks-clean-feed-proposal/

Unknown. (2001). Metadata in the Oxford Digital Library .Retrieved May 3, 2008, from Oxford Digital Library : http://www.odl.ox.ac.uk/metadata.htm

Unknown. (2007). PARC Milestones.Retrieved May 22, 2008, from PARC.com: http://www.parc.com/about/history/

Unknown. (2008). Parental Controls.Retrieved May 4, 2008, from Australian Government – NetAlert: http://www.netalert.gov.au/advice/parental_controls.html

Unknown. (2008). RDF Dublin Core Metadata Initiative.Retrieved April 2, 2008, from w3schools: http://www.w3schools.com/rdf/rdf_dublin.asp

Weibel, S., Kunze, J., Lagoze, C., & Wolf, M. (1998, September). Dublin Core Metadata for Resource Discovery.Retrieved April 14, 2008, from IEFT.org: http://www.ietf.org/rfc/rfc2413.txt

York, W. (2006, February 21). Student arrested on identity theft charges.Retrieved May 16, 2008, from The Pacer: http://pacer.utm.edu/2946.htm

Zetter, K. (2007, November 11). Cyberbullying Suicide Stokes the Internet Fury Machine.Retrieved April 16, 2008, from Wired: http://www.wired.com/politics/onlinerights/news/2007/11/vigilante_justice

Currently listening to: Aimee Allen – Stripper Friends
 

~ by daleblakey on May 9, 2008.