Identity fraud its impact and the case for prevention Essay

Identity fraud its impact and the case for prevention - Essay Example The paper describes and shows identify fraud from all sides. Identify fraud could be said to be crimes committed through impersonation. The most common bad act is the crime of credit card fraud, but mortgage fraud, and also gaining access to the finances of a specified targeted person or a frame of a targeted person falls within what mass media reports of identity theft have included. Identity fraud is one of the crimes which spread widely. For every one identity is important. In the present time it is a valuable commodity. Importance of identity protection needs to be reinforced with time. That means the introduction of internet banking, debit or credit cards, E-commerce etc. need to be doubly protected against infiltrators or fraudsters who design to commit large scale fraud through misuse and misrepresentation of true identities. Though the internet creates milestones in the milieu of information technology, it could often fall prey to criminal brains and their perpetrations. Thus, the propensity for thefts is on the increase and the chances of detection are also on the increase. So the user must be aware of identity fraudsters and the scam in their field. Users need to stake their true identity to prove who are authorized to use credit cards, operate bank accounts, and obtain bank loans, or to claim any other benefits. Lack of proper and due care with respect to identity protection could make one an unsuspecting victim of identity theft, and even when this is detected, it may be too late to remedy.

Attack Tree Of Computer Security

Attack Tree Of Computer Security This report is introduces about the possible attack for company and it represent by the attack tree diagram. In the company have six computer and internal server. Each computer is using Microsoft window 7. They are using the DVD to store the backup and the router is default setting. Each employee has the email address. Firstly, I will attack the workstation, try to obtain the password illegally and attack the security such as install virus, Trojan, worm and DOS attack. After that, I will attack the dvd to get the dvd and do some malicious action. Obtain the DVD can through the employee, such as bribe or threaten. Malicious action will install the threats into the DVD and spread to other computer when they are using the backup. Then, we will attack the router which is change the WEP or filter the mac address to cause the computer cannot connect to the network. We also can using threats through the router to install into the system, e.g plashing, pharming, DNS cache poisoning and spoof ing. However, I will attack the server using the internal threats and external threats, such as ask a person to disguise a customer to get the information from company, or ask the temporarily customer to be a spy to do some malicious action. Moreover, attack the email using the security threats like phishing, email spam, virus and spam. Then, obtain the email password from the target. Finally, attack the window 7 using hacking tools to destroy the host file from the system and using physical attack to the system and obtain the important data or change the data to make a big lose for the company. All of these attacks will discuss in this report. Introduction and scope Attack tree helps one to understand security issue better, from the stand point of an attacker. Attack trees are a graphical and mathematical construct used to identify most of the attack that will cause the greatest risk to the defender, determine effective strategies decrease the risk in a acceptable level for the defender, describe the potential attack between the adversary and the defender, provide a communication mechanism for security analysts, capture what is known and believed about the system and its adversaries, and store the information in a diagram that can be understood for the subsequently defenders. Although it is very hard to identify the entire possible factor that leads to intuition, it is based on the experiences and the ability to extrapolate how the experiences apply on the new situation.  For example, the effectiveness of internet security, network security, banking system security, installation and personnel security may all be modelled using attack trees. Th e ideal of attack tree is that an equipment, software, process could have vulnerabilities that when successful, they could compromise the entire system. Scope There are six computers and one internal server and each computer encompasses Microsoft Window 7 and Microsoft Office 2007. Each workstation has been patched with all updates of March 25, 2010. They are using ADSL 2+ connection. The server and workstation backup is store in a DVD. All the employees have email addresses and there share the document through a D-Link DNS-323 NAS. The router is utilising default settings and consists of a D-Link DSL G604t. Each workstation is utilising Microsoft Windows Malicious Software Removal Tool. Assumptions -The room houses the server is not locked or well protected with access key. -The router is not updated with the latest patches and set the default setting. -The workstations are not created with user login account. -No legal antivirus software is installed. Attack tree for compromising availability Spyware Trojan Virus Worm DOS attack Security attack Attack workstation Description: Due do the workstation do not have any legal antivirus software, so the security of the workstation is weak. We can use different threats to attack the workstation. We will install spyware to the workstation through email, when the employee clicks on the email. Spyware will collect some information from there without their knowledge. It is hard to detect, unless the user install the anti spyware software. We also use the same way to install the Trojan, virus and worm into the workstation. Trojan will format the hard drive when the user runs it. Virus will spread from one device to another, when they are connecting to another computer or device. Most of the virus will destroy the data or cause the computer keep reboot. Worm will use up the computer resources and possibly shutting down the system. Install the DOS (Denial of service) attack to prevent the user to access information or service, such as access email, website, etc. Attack workstation Steal Get password from employee Bribe Threaten Find written password Obtain login password illegally Use widely known password Learn password Guess password Description: The other way to attack the workstation is obtain the administrator login password illegally. First of all, we can try to guess the password or use the widely known password, because most of the users usually use the password to easy memories. After that, we also can learn the password such as find the written password from the user. We also can get the password from the employee. There are many ways to get from them. Firstly, we can threaten the employee, like find out some secret from the employees. However, we can bribe the employees to give them some advantages, such as money or something they like. Finally, we can steal from the employee, like install remote password stealer computer and receive the password through email. Blackmail Bribe Employee Copy Steal Exchange DVD Obtain DVD Attack backup Description: The backup of company is store in a DVD, so there are many possible ways to obtain the DVD. Firstly, we can use another DVD to exchange with the DVD backup, so they cannot find out any problem before they use the DVD. After that, we also can steal the DVD or copy the DVD. Finally, we can bribe the employee or blackmail the employee to let him get the DVD. Attack backup Malicious action Spyware Virus Trojan Destroy DVD Description: Another way to attack the backup is do malicious action. We can destroy DVD, like burn or break it. We also can put the threats through email or employee to the workstation, so after they backup the threats also in the DVD. When they use the backup DVD, the Trojan will install in the system, and format the hard drive of the system. Virus will spread into the system to destroy the data or make the system error. Spyware will install into the system and collects some information from the system, so we can know what is the user doing in the system. Filter the mac address Set the WEP Get in the router Attack router Change router login password Block the website Description: Because of the router is using the default setting, so they do not change the login password. So we can get in the router using the default password. After that, we can change the login password and set a WEP to ignore the employee using the wireless. However, we can filter the mac address to disable employees computer to connect internet. Furthermore, we also can block some URL about the company, so the employee cannot access the website. Phlashing Pharming DNS cache poisoning Spoofing Attack router Security attack Description: There is some security attack to the router. We can use the spoofing attack to masquerades as another program to falsifying data and gaining some advantages. Furthermore, DNS cache poisoning will corrupts the DNS table and cache, so the domain name will assign with a malicious IP address. When the employee use the malicious IP address, the computer will infected by worm, viruses or spyware. Moreover, we also can use pharming to attack the router. Pharming is redirecting the website traffic to a bogus website. When the employee get in the website, pharming will conducted to change the hosts file or exploitation the vulnerability in DNS server software. Finally, phlashing will exploit vulnerability in network based firmware update, it will permanently disable the hardware by loading corrupted BIOS onto the hardware. Attack server Trojan Worm Virus Check for the security protection Install remote access Disguise Eavesdrop Security attack Espionage Temporarily employee Customer Internal threats Description: There are two internal threats to attack the server. Due to the room of server is do not lock properly, so the temporarily employee can easily get in the room. Temporarily employee maybe is espionage to get the information from the server. They will install remote access to control the server, such as delete the data or destroy the server. They also will attack the security and install virus, worm and Trojan to exploit the server and cause the server crash. Attacker also will disguise be a customer, so they can go to the company easily. They can be eavesdrop in the company, and they can check for the security protection of the company, find out the vulnerability, so they can easily get into the company when nobody inside. Attack server Internal threats Across to the computer room power Across to the power switch Turn off security protection Rename server Turn the power off Steal data Employee Description: Another internal threat is employee. We can bribe the employee, because employees already work in the company for a long time, so we can ask them to steal important data or some secret data of the company. However, we also can ask them to turn off the power of the server room, so some document have not save will missing. Employees can across the power switch or across to the computer room power to turn off the power. Then, turn off the security protection in the server, so we can easily to hack into the server. Finally, rename the server and cause all computer cannot connect to the server. Obtain password from target Threats Trojan Viruses Email spam Phishing Security attack Attack email Description: Email will attack by the threats and obtain the password illegally from the target. We can threaten or blackmail the target to get the email password, so we can send email for others and provide wrong information to them. There are four types of threats send to the email and bluff the employee to click it, so the threats will install into the system. First, phishing will send by the email and come out well known website, then the employee go to the website and key in the username and password, their information will obtain by attacker. Moreover, the email spam will send the message to numerous recipients by email, and it is unsolicited. However, viruses are dangerous because they often deliver extremely destructive payloads, destroying data, and bringing down entire mail systems. Finally, use email installs Trojan to obtain confidential information or gain control of the server. Attack Microsoft Window 7 Change the document Destroy host file Spyware Malware Hacking tools Turn off power supply Disguise Cleaner Destroy computer Description: Microsoft window 7 is the widely operating system in the world, so there are many hacking tools to hack into the system. Attacker can pretend be a cleaner, and using the tools to hack into the system, after that install the malware to destroy the host file or change the important document, effects the company process. Then, install the spyware to spy the user work in the system and obtain the login password. Furthermore, we also can destroy the computer such as use water or burn it. Finally, turn off the power supply and cause the system lost the data before the user save it. Attack Microsoft Window 7 Physical attack Security attack Teardrop Remote access trojan Worm Virus Crash Win 7 Description: Microsoft window 7 also can attack physically. Because of the window 7 is widely use, so attacker are found many security vulnerability. Teardrop attack is a form of denial of service (DOS) attack, it will exploit the system when the internet protocol requires that a packet too big for the next router to handle has to split into fragments. In the teardrop attack, attackers IP puts an odd and confusing offset value in the second fragment or in a fragment thereafter. If the operating system under the teardrop attacks, the system will crash. Another is security attack, we can ask the employee or using the email to install virus, worm and spread all of these threats to the entire computer in the company on the network, and make the system down. Another threat is using remote access Trojan to control the system. This type of Trojan creates a backdoor into the system. We can use the client to control the server, this can allow to almost completing control over the victims system. Attack Microsoft Office 2007 Confidential loss Threats of document Integrity loss Altered data Corrupt data Sell data Broadcast data Description The method of attack the Microsoft Office 2007 is threats the document. Firstly, we can get the document from employee or using the Trojan or virus through email send to the system to obtain the document. Then, it will cause the integrity loss and confidential loss. In the integrity loss, we will altered the data and corrupt the data. In the confidential loss, we will broadcast the data or sell the data to another company, so the secret of the company will know by everyone. These two type of method will cause big loss for the company. Conclusion As you can seem that from the diagram, there are many attack come from many different ways such as internal threats, external threats. Internal threats are cause by the employee, customer and the worker in the company. External threats are cause by the attacker using different method to hack into the system to do malicious action. But comparatively, the attacking from internal is easier, because the employee is know more about the company and can get the data easily, but that is dangerous, if the company found that, they will get catch. In the other hand, the attacking from external is difficult but safe, because they do not know where is the data and also need to avoid the security protection, but if the company found that, they is hard to track the attacker. All of the diagram above is some of the possible attack, there are still have many possible attack. Indeed, with the technological advancements, it is likely that the computer threats will emerge in endlessly, so the possible a ttack will come out more and more in the future. Glossary Virus- A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting i.e., inserting a copy of itself into and becoming part of another program. A virus cannot run by itself; it requires that its host program be run to make the virus active. Trojan- A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program. Worm- A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively. Spyware- Spyware is a type of malware that can be installed on computers and collects little bits of information at a time about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the users personal computer. Spam-Electronic junk mail or junk newsgroup postings. Spoofing-Attempt by an unauthorized entity to gain access to a system by posing as an authorized user. Pharming-This is a more sophisticated form of MITM attack. A users session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading websites IP. Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website. Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website. At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website. Phishing-The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site looks like they are part of a bank the user is doing business with. Denial of service-The prevention of authorized access to a system resource or the delaying of system operations and functions. Malware-A generic term for a number of different types of malicious code. DNS cache poisoning-DNS poisoning is also called DNS cache poisoning, and refers to the corruption of DNS tables and caches so that a domain name points to a malicious IP address. Once the user is re-directed to the malicious IP address his/her computer can be infected with worms, viruses, spy ware etc. Phlashing- Phlashing is a permanent denial of service (DoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable. Teardrop-Teardrop is a program that sends IP fragments to a machine connected to the Internet or a network. Teardrop exploits an overlapping IP fragment bug present in Windows 95, Windows NT and Windows 3.1 machines. The bug causes the TCP/IP fragmentation re-assembly code to improperly handle overlapping IP fragments. This attack has not been shown to cause any significant damage to systems, and a simple reboot is the preferred remedy. It should be noted, though, that while this attack is considered to be non-destructive, it could cause problems if there is unsaved data in open applications at the time that the machine is attacked. The primary problem with this is a loss of data.

Competitive Sports at an Early Age :: essays research papers

Name Subject Date Should Children Participate in Competitive Sports at an Early Age? Many American parents struggle to answer the puzzling question of what the appropriate age children should start to participate in competitive sports. A subject like this is puzzling because there are many issues that must be addressed, because it is controversial. Some American parents push their children too far, too young. The average American child usually will start to participate actively in competitive sports between the ages of six and twelve and can be unhealthy to a child’s development (CWG 131). The question at what age a child should start, has a different answer for each individual child. Parents often fail to realize that their child may not be physically ready for competitive sports, even though the child is ready. I believe that a child should participate in sports only if he is wanting too participate and is not pushed by their parents. Every parent has a different way of looking at, if their child is ready to start. If a six year little boy wanted to start playing football, the child may not be fully capable of handling such strength and tension that might cause a life long injury (Koppett 294). Some parents may think he is ready, but is probably not. Determining whether or not a child is ready for competitiv! e sports can sometimes be difficult to answer, because to determine if they are ready a child must be mentally ready also. Sports not only take physical strength, but a child must have psychological capacity to get them through such strenuous activity. A child may sometimes become scared when participating in sports. For example, A mother of an eight-year-old Peewee Football player explained, "The kids get so scared. They get hit once and they don’t want anything to do with football anymore. They’ll sit on the bench and pretend their leg hurts†¦"(qtd. In Tosched A32). This quote is a true statement because if a six-year-old child is playing peewee football with an eight-year-old, the eight-year old is a lot bigger that the six year old is and he could cause physical hurt to the six-year-olds tiny body. The psychological part of the story would be that the child would be so scared that he might get hurt which causes physical hurt as well as mental hurt and may scar the ! child for the rest of their life, when that child could of been the next pro- football player of the next century.

An audience’s responce to Hedda gabler Essay

Hedda Gabler is a dramatic, exciting, confusing and at times unpleasant character, who is frustrated by a lack a freedom where she cannot be the wild and unstable free spirit that she wishes and this shines through throughout the play. From this frustration comes immense boredom which is in her case very deadly. She embodies some of the typical Aristotelian qualities of a tragic protagonist but Ibsen has put a strange twist on it. For example she is a woman of fortune. It has been made clear in the book that she was born into this high class lifestyle and has this fortune by no endeavour of her own. Therefore, by being placed at the top of the hierarchy, she has further to fall and there is more at risk than the average person. However, she is not really someone that people can identify or can have sympathy for, as neither generous nor courageous. Also, as is common her fatal flaw is her snobbery or pride. However, Aristotle’s notion of hamarita states that it is a ‘ matter of action’ not the character themselves. I don’t believe this applies her and agree with the 20th century interpretation. This is not brought about by the unfortunate circumstances more than the character themselves. This applies very much to Hedda as her ‘conflicted individual moral psychology which brings about the opposite of what the character intends’. The Norwegian playwright, Henrik Ibsen was very specific about the time when he set Hedda Gabler. The late 19th century was a time where woman were secluded and deluded into an oppressive and subjugate lifestyle. Ibsen puts Hedda in this male dominated were she challenges the conventional middle class bourgeois housewife by acting in a dictating and manly way witch were to shock the 19th century audience at this truly outrageous and outspoken character. The audience can therefore not identify with Hedda because in more ways than one she brings about her own demise. The local newspapers and media were disgraced; such as the daily telegraph which said ‘What a horrible story! What a hideous play! †¦ The play is simply a bad escape of moral sewage-gas’ Describing Hedda’s feelings as ‘the foulest passions in humanity’. This shows that the most tragic thing to me is that there are people her in this world. The play is started off with the stage layout, witch Ibsen perceptibly and carefully layout, giving a very bourgeois atmosphere each object has a lot of meaning to show the tragic nature of the play and Hedda. For example there are a lot of dark and dull colours hinting to things; such as saying ‘autumn colours’. Ibsen is using pathetic fallacy to show Hedda’s state of mind. Autumn is a time were everything around us is dying, dead leaves on the floor and animals hibernating. A time were there seems to be a deafening silence in the air following the summer which is usually buzzing with life. This could mean that maybe Hedda has passed the summer time in her life. A time when she was herself bloom perhaps and a time when she was also buzzing with colourful life. It is mentioned that Hedda used to go to parties and be a socialite. Then we see her state of mind at the present which is autumn. This already sets the scene of this play as pessimistic and cold. This is unusual for Ibsen’s targeted audience as they were used to cheerful and uplifting entertainment. Something to bewitch them into thinking their lifestyle was perfect as it was, which Hedda Gabler does not do in the slightest. Another thing that might have stunned the audience is Hedda’s awkwardness towards Miss Tesman and Mrs Elvsted. At a time were woman only socialized with woman it is interesting to see how she treats her fellow females in such a horrible manner. This is shown towards the beginning of Act1 were she call’s Miss Tesman’s hat to be servants hat. As Miss Tesman is Mr Tesman’s mother figure she should also traditionally be Hedda’s too, so by disrespecting like that would cause the audience to empathise with Miss Tesman and detest Hedda and her behaviour. Hedda also has a very unusual characteristics she presented by Ibsen in a very masculine way. By doing this she is emasculating George Tesman. To begin with he does this himself with Mrs Tesman, the keyword for the first is claustrophobic for Hedda; witch, with me, causes some sympathy for Hedda. With a combination of the childish nicknames (like Georgie and aunty juju) and the dreaded flowers make it as much cringe worthy to the audience as it was to Hedda, which is shown when they leave when The most prominent way that this is done is through the pistols, General Gabler’s pistols.

Wage Gap Between Genders

Earnings often signify how in dividends are valued socially and economically, therefore earning ratios between men and omen have been essential for social movements. The remaining is often wage discriminate ion since it is the difference in earnings between identical males and females. Women with equal 1 credentials should be paid equal as men Pay Equity & Discrimination Women should be paid equally as men because gender makes no difference I n what a person can do on the job.The resulting â€Å"urban legends† of gender difference can affect men and women at work and at home, as parents and as partners. When it co mess to personal relationships, bestselling books and popular magazines often claim t at women and men don't get along because they communicate too differently. A lot of people believe that just being female they can not do the same as males. The fact that people belie eve females to be physically and mentally shows discrimination in genders. Women are been g put dow n because of their gender but can be physically and mentally better than men.As stated in Human Psychology 101 most discrimination is due to past prejudice. Whooped and ‘Pay Equity & Discrimination Institute for women's policy 201 1. 9 DCE. 20 14 others were regarded as women's most significant professions. Since e early times women have been uniquely viewed as a creative source of human life. Women should be paid equally as men because historically the inequality has proven to be pure discrimination.Discrimination between genders is deeply rooted in our modern society. The gender pay gap affects all Women, but for Women Of cool r the wage gap is worse. Asian American women's salaries show the smallest gender pay gap, at 90 percent of white men's earnings. Hispanic women's salaries show the largest gap, at 5 4 percent of white men's earnings. White men are used as a benchmark because they make e up the largest demographic group in the labor force. Let is unlawful to harass a person because of that person's sex.Harassment can include â€Å"sexual harassment† or unwelcome sex al advances, requests for sexual favors, and other verbal or physical harassment of a sex al nature. Harassment does not have to be of a sexual nature, however, and can include offensive remarks about a person's goalmouths the law doesn't prohibit simple teasing g, offhand comments, or isolated incidents that are not very serious, harassment is illegal I when it is so request or severe that It creates a hostile or offensive work environment or when it results in an adverse employment decision..Most discrimination is caused due to either peer pressure to curry favor with their friends around them, or because they have a total lack k of selectors and selfsame, and they can't feel good about who they are unless they are p outing down someone else, or making another person feel badly. In the past most believed that the male gender was the superior gender and put women down to keep it that way. W omen were first thought to only be made to carry children and do household chores.Before it as prohibited for women to have professions except for teaching and writing. Some feared t hat the female gender would take over. It is unlawful to harass a person because of that person's sex. Discrimination between genders is nothing new; it all goes back to before cool nail times. In the 1 9th century the medical profession was an example of a change d attitude. Beginning in the 19th century education was required but, women were bare d from attending colleges for any profession other than teaching.This usually proven Ted women that married and bore child's at young ages to begin any professional career they c SSE. Around this time discrimination rose. For example in 1846 the American Medical Sass conation barred women from being members. It wasn't until 1915 that the American Medical a association began to allow female admittance-Since the signing Of the equal pay act Of 1 9 63, it is now illegal to pay men and women substantially different wages for equal work (N WAC, 2013).Pay difference between men and women remains a hot topic that keeps resume facing over the years and reasons behind the gap are highly debated. Gendered violence (GOB) is violence that is directed against a person on t he basis of gender. It constitutes a breach of the fundamental right to life, liberty, security, dignity, equality between women and men, nondiscrimination and physical an d mental integrity. Gendered violence and violence against women are often used indistinguishable as most gendered violence is inflicted by men on women and girls.Gendered violence includes: domestic violence, sexual harassment, rape, sexual violence during conflict an d harmful customary or traditional practices such as female genital mutilation, f arced marriages and honor crimes trafficking in women, forced prostitution and violations of human rights in AR De conflict (in particular murder, sys tematic rape, sexual slavery and forced pregnancy) ; forced sterilization, forced abortion, coercive use of contraceptives, female infanticide and prenatal sex selection. Domestic violence remains one of the most widespread forms of genders violence.Battering, often referred to as domestic violence happens to women of every age, race, class, and nationality. Battering takes many forms and includes a RA Eng of threatening and harmful behavior. It may take the form of verbal and emotion anal abuse, with the direct or implied threat of violence. Gender equality is a human right. Gender Equality is not only a fundamental human right, but a necessary foundation for the creation of sustainable and p useful societies. Women are entitled to live with dignity and with freedom from want and from fear.Women are treated in many other aspects Of life as equals so why not be paid equally also. Gender equality is at the very heart of human rights and United Nations values. A fundamental principle of the United Nations Charter adopted by woo RL leaders in 1945 is â€Å"equal rights for men and women†, and protecting and promoting woo men's human rights is the responsibility of all States. Empowered women contribute o the health and productivity of whole families and communities, and they improve pros sects for the next generation.All women and girls have equal access to quality education, employment, housing, and health, irrespective of race, class, income, immigrant Zion Status or involvement with the criminal justice system. For more than 30 years, LINEN A has advocated for women and girls, promoting legal and policy reforms and gene resistive data collection, and supporting initiatives that improve women's health and e expand their choices in life. Protecting and promoting her reproductive rights is essential t ensuring her freedom to participate more fully and equally in society.The UCLA has alls o been working to secure gender rights and ensure all women's are abl e to lead lives of dignity free from violence and discrimination. They have been making sure that educe action privileges are equal between genders. They keep all job opportunities the as me. All opportunities are being kept equal yet women still haven't been given an ex. al and fair amount of pay. Women have been in the workforce for generations. They strives to be equal to men and gain the same rights as them.