- Online grade reports are working - see me if you need to be reminded of your password for this system
- Do sign-in.
- Handouts to bring every week
- Windows Common Elements
- Internet
- Forms of Computer Information
- Using WS_FTP
- The Student Evaluation of Teaching (SET) for this course will be held in class on Thursday April 6. This is an important part of the academic program at WSU, and I will appreciate your participation. Participation is fully anonymous.
- Essay 1 was due a while ago. Only two have been turned in (counting Donna).
- Essay 2: This essay should have the same length and form as Essay 1 (five pages with header, title, introduction, body and conclusion). For the topic, pick either The Lexus and the Olive Tree or Release 2.1, and choose any two of the topics from the Internet Issues handout. Integrate these two topics into a single subject for your essay, using material from the book you chose. Be sure to tell me in the header at the beginning of your essay, which book and which topics you are writing on.
- The Arizona Democratic primary was the nation's first official online vote on March 11. Turnout was heavy.
- The April issue of that weird computer magazine Wired will have an article by Bill Joy, VP for Technology at Sun Microsystems. Joy reportedly writes that, by 2030, genetic and computer technology will have possible disastrous hacking. The general argument is that these technologies, doubling in power every 12 to 18 months, will outgrow anything in our earlier experience, and could grow out of our understanding and control. Of course, many experts disagree with this, but it is an unusual state of affairs when any of the technological optimists become critics. The projection relies on Moore's Law, which states the present experience that computer power will double every eighteen months. This may not sound like very much, but it means that every decade, computers get 100 times more powerful, or one million times more powerful every three decades. This rate has been consistent for about five decades so far, and may be accelerating recently. Many aspects of the Internet are doubling every twelve months, which means 1,000 times more power every decade, or one billion times more powerful every three decades. If these rates hold, things that are difficult today will be trivial in 2030. Two comments, however: No other systems have been able to sustain these rates of growth for long, and projecting what one million or one billion times more power will actually result has not been reliable in the past.
- Michael Saylor, CEO of MicroStrategy, announced plans to spend $100 million to establish an online University. Plans a the time of the announcement were vague, but Saylor clearly has the wealth to do this.
- Microsoft, IBM and AT&T announced plans to spend $101 million to improve student computer access at the member institutions of the United Negro College Fund.
- Steven King's short novel, Riding the Bullet, sold very briskly over the Internet at $2.50 per copy, or free in some cases. The traffic level shut down many of the sites selling the book.
- The US and Thailand shut down web sites selling prescription drugs without prescriptions over the Internet. Many of these sites were in Thailand, but most of the buyers are in the US.
- Roy S. Roberts, a former GM executive, announced plans for M-Xchange.com, a web site to make it easier for auto companies to do business with minority suppliers. Roberts said that many minority suppliers are small and difficult for auto makers to identify, without such a site.
- The New York Times reported that free online courses are being developed in a number of
ways, but basically
to attract users to web sites, for various sales efforts. This is a new model of online competition for Higher Education. (Literacy, Training and Education - the Killer Ap for the Internet.) Here are some links:- http://www.acadio.com - Reading lists and a guide to online courses
- http://www.HungryMinds.com - Free tutorials and courses, and links to online credit courses
- http://www.learn2.com - Free tutorials as well as tuition-based courses and corporate training programs
- http://www.MedScape.com - Free courses for continuing medical education
- http://www.notHarvard.com - Develops free courses for other web sites, e.g. http://www.codewarrioru.com (Code Warrior is a computer programming system.)
- http://www.SmartPlanet.com - Offers courses on a subscription basis, plus some free courses
- The Internet Taxation Commission established by Congress, will fail to meet its charge of developing a recommendation supported by two-thirds (13) of its 19 members. (The Commission has reportedly changed it s bylaws so that a recommendation can be submitted by a simple majority. There was basic agreement on the present policy of not taxing Internet sales to a state or jurisdiction where the merchant does not have a brick-and-mortar presence. The main sticking point is apparently just how large that presence has to be to trigger taxation. The Republican and business members wanted not to trigger taxation if the presence was limited to customer service functions such a a return point or a service facility. The Democratic members wanted such presence to trigger taxation.
- Passwords
- Your User ID is often public, so the password is your protection
- Everyone should have their own account, no sharing or borrowing
- Passwords minimum of six characters in length
- Do not use dictionary word - can use electronic dictionary easily
- On a case-sensitive system (Unix) use both upper and lower case
- Use alphabetic, numeric and special characters (!@#$% etc.) - this means that many password guessing programs will not work, and those that will work have many more combinations to search through
- Change your password when required
- If you have so many passwords that you must write them down, keep different passwords on different lists. Do not keep the lists out in the open. Each time you are required to change your password, write a new list, so that you don't reveal patters.
- Cookies
- A cookie is...
- Cookies are stored in the file
- Netscape 4: ~\Netscape\Users\<user name>\cookies.txt
- Netscape 3: ~\Netscape\cookies.txt
- Internet Explorer 3: Each cookie in its own file in ~Windows\cookies
- Internet Explorer 4: Each cookie in its own file in ~\Windows\Profiles\<user name>\cookies\
A Netscape cookie file
# Netscape HTTP Cookie File
# http://www.netscape.com/newsref/std/cookie_spec.html
# This is a generated file! Do not edit.
www.convene.com FALSE / FALSE 1293753383 EGSOFT_ID 141.217.142.125-1703054704.29172376
.preferences.com TRUE / FALSE 1182140414 PreferencesID E2IdffK474DcHzHh+B35ja
mspress.microsoft.com FALSE / FALSE 1293753636 EGSOFT_ID 141.217.142.125-3471568240.29230935
.imgis.com TRUE / FALSE 1075947957 JEB2 035D4A55DB225B898DD98E7D3004A67F
.yahoo.com TRUE / FALSE 1271361591 B 1eg330u675o1i
.doubleclick.net TRUE / FALSE 1920499108 id af7fdfa5
.amazon.com TRUE / FALSE 2082787192 x-main cJf6dW@0qzPZl34oCBrxZg
.amazon.com TRUE / FALSE 2082787192 ubid-main 002-6336269-9683841
.netscape.com TRUE / FALSE 1293839881 UIDC 141.217.142.125:0932073186:810001
www.courseweb.wayne.edu:5001 FALSE / FALSE 2137622208 CFTOKEN 55688078
www.courseweb.wayne.edu:5001 FALSE / FALSE 2137622208 CFID 113
.netscape.com TRUE / FALSE 1293846050 HITO_VISITS A4357A03B+1DA4CB*E15EE*1
.track-star.com TRUE / FALSE 978307151 tsid M12.36762581891.15.12-160|11_36_105_12
.pparadise.com TRUE / FALSE 2051222282 SITESERVER ID=56cc24c9b0788389a4f52729ffb27749
www.pparadise.com FALSE / FALSE 2145801482 NGUserID c000008d-203-947110936-1
www.pparadise.com:80 FALSE / FALSE 2145801482 NGUserID c000008d-203-947110998-1
.valueclick.com TRUE / FALSE 953939705 b_s a0015728&1&a0016486&1- You can control how your Browser handles cookies. The method is slightly different for
each Browser and version, but generally you can opt to:
- Accept all cookies with no notice (this is always the default)
- Accept no cookies
- Accept only cookies that can only be retrieved by the originating server (this may not be foolproof, but would prevent another server from looking at all of your cookies)
- Notify you and give a choice about accepting/rejecting each cookie (this can get
annoying!)
In Netscape, choose the menu item Edit / Preferences
In Internet Explorer,
Reportedly, new versions of Internet Explorer do not let you reject all cookies, because Microsoft's Active Server Pages (.asp extension) require cookies to work.
- Keeping track of your cookies
- You can view cookie files with Notepad or Wordpad in Windows, and probably with Teachtext for the Mac. Usually viewing a cookie will not do you much good, because only the web server that set the cookie will know what each part means, and how the information is encoded.
- Users say that you can delete Netscape cookies by deleting their line in cookies.txt, or by deleting the file for Internet Explorer. This despite all of the warnings in cookies.txt. In fact, you can reportedly delete Netscape's cookies.txt altogether, and all of the files in the cookies folder for Internet Explorer. They will be regenerated during the next start-up, less all of the individual cookies.
- "Cookie Utilities" are programs that you can download to manage your cookies.
These are generally free for a trial period (say, thirty days) but may require purchase
later. I have used Cookie Pal, but it doesn't seem to do much more than I have told you
above.
- Cookie Crusher: http://www.thelimitsoft.com/cookie.html
- Cookie Pal: http://www.kburra.com/
- From the point of view of the cookie "setter" (the server which puts the
cookie on the user's computer), cookies are both good and bad:
- The World Wide Web does not connect successive "hits" from the same user (the technical language is that the Web is "stateless"). This is necessary for transactions such as choosing an article from an online catalog, and then making the purchase, or for answering a series of questions for an online test. Without this state information, any kind of dialogue with a user is impossible - which user are you talking to? Cookies preserve the state and make dialogues possible.
- Cookies only identify the computer, not the user. For example, I have Amazon.com cookies on my home and office computers. I am the same person, but Amazon.com doesn't know this. Also, if someone else is using the computer, the server thinks they are the same person.
- There are alternate methods for preserving the state information on the Web. The cookie normally happens without notice to the user. Another method is requiring a login. This does identify the person, but many users are reluctant to do this, so web sites tend not to use it. Hidden elements can also be put in web pages to track the user, but savvy users can see this tracking information (View Source).
- Credit cards Vs debit cards over the Internet. You have much more control and protection with a credit card. Your losses are limited, and your credit card company is almost forced to take your side in a dispute with a merchant, since you haven't paid them yet.
- Encryption and Certificates. These two technologies make it possible to protect
information such as a credit card number while it travels over the Internet, to identify
which computer the information comes from, and that it has not been changed during travel,
and to identify who the computer actually belongs to. These technologies are not
absolutely foolproof, but neither are their IRL equivalents absolutely foolproof either.
Security professionals claim that the digital forms are far more secure than their IRL
equivalents.
- Encryption "scrambles" information before it is put on the Internet, and
unscrambles it on the other end. Modern-day encryption systems use a "key" - a
digital number - to scramble and unscramble. The length of the key determines how
difficult it is to crack the code without having the key. Cracking the code is equivalent
to guessing the key. Current standards are 40-bit and 128-bit keys. Cracking a 40-bit key
is currently difficult for an ordinary person with a desktop computer. (My son-in-law the
computer pro says that the cracker would probably do better with a gun.) 128-bit is the
current standard for banking and equivalent information, but such a key was recently
cracked by combining something like 100,000 computers for a year during their spare time.
Of course, as computers get faster, these tasks will become easier for ordinary people,
but each additional bit makes it twice as difficult to crack the code. So security
professionals say that it is time to migrate to 512-bit keys. There are two basic forms of
key encryption.
- Private-key or symmetric encryption. The same key is used to scramble and descramble. The problem is - how does the receiver get the key? If over the ordinary Internet, the key can be intercepted and used to read the message. This is not a secure system.
- Public key, asymmetric or public key/private key encryption. These keys come in matched
pairs. One is the private key that the individual keeps secure, and the other is the
public key that is given out. If either of these keys is used to encrypt a message, only
the other can decrypt it. Cracking this system is equivalent to factoring a number with
the number of bits of the key length. This is a workable scheme, and is the scheme
currently in use. Here are some examples:
- You buy a book from Amazon.com. Amazon sends you its public key to encrypt your ordering information with. (Your Browser handles your end of this without your involvement. You can tell this is a secure transaction because the key in the lower-left hand corner, instead of being shown broken as is normal, is whole.) Use of the key is triggered by the method "shttp" (https is a less-common method). You are satisfied because you know that only Amazon's private key can decrypt your credit card number. You can trace amazon's public key back to a certifying agency which vouches that this is really Amazon. Amazon is satisfied because they know the credit card number was not altered during transmission. The credit card number is decrypted when it arrives, and stored in the decrypted form.
- You send a contract via email. You encrypt the contract with your private key. The other party decrypts it with your public key, which guarantees it came from you and was not altered during transmission. The other party can use your public key to identify you, equivalent to a notarized signature.
- Both parties to a communication can use both their private keys and public keys, guaranteeing that each is who they say they are.
- Digital Certificates are private key/public key pairs that come from a Certificate
Authority (CA), which acts like a public notary. The public key contains the public key of
the CA, and so tells your correspondent who vouches for your identity. Examples of CAs are
Thawte, VeriSign (a subsidiary of Thawte) and Truste.
Broken key icon
and fixed key icon 
https URL
- Encryption "scrambles" information before it is put on the Internet, and
unscrambles it on the other end. Modern-day encryption systems use a "key" - a
digital number - to scramble and unscramble. The length of the key determines how
difficult it is to crack the code without having the key. Cracking the code is equivalent
to guessing the key. Current standards are 40-bit and 128-bit keys. Cracking a 40-bit key
is currently difficult for an ordinary person with a desktop computer. (My son-in-law the
computer pro says that the cracker would probably do better with a gun.) 128-bit is the
current standard for banking and equivalent information, but such a key was recently
cracked by combining something like 100,000 computers for a year during their spare time.
Of course, as computers get faster, these tasks will become easier for ordinary people,
but each additional bit makes it twice as difficult to crack the code. So security
professionals say that it is time to migrate to 512-bit keys. There are two basic forms of
key encryption.
- Most computer security breaches are not due to unauthorized intrusion (cracking or hacking) but to unauthorized use by authorized users. Transmission encryption will not protect against this. Dyson in Release 2.1 writes that we should begin to require on-site encryption also. This would help, but continued commitment and training are also necessary. A lot of unauthorized use comes from human curiosity, such as the desire to see Bill Gates' income tax return, if you work in the IRS, or the curiosity perhaps to see a neighbor's grades if you work at a University.
- Identity brokers - see Release 2.1 on data intermediaries (Pg 282 ff)
- Dyson writes that individuals are afraid of being exposed to public scrutiny by
wholesale breaches of their personal information. On the other hand, the complete
opposite, anonymity, has problems also. She makes two points here:
- From the point of view of society, complete anonymity permits or at least does not restrain antisocial behavior. She cites the example of Internet communities that virtually destroyed themselves through complete anonymity. Some visibility may keep us close enough to the straight and narrow that society can be functional.
- The individual wants some information to be public, since this fosters trust and the ability to make deals, buy goods, trust information, and so on.
- Dyson predicts that there will be companies that manage this for you as a paid service, like your credit card company or the credit rating bureaus do. They will guarantee your credit, in the case of the credit card company. Dyson predicts this practice spreading to other areas. You would reveal yourself to you data management company, and in the future they would vouch for your credit, your trustworthiness, your moral character and so on, without revealing the information on which that is based. So you could subscribe for the level of service that you wanted. If the company lied about its ratings of you, it would lose its credibility, which is its source of value.
- Dyson writes that individuals are afraid of being exposed to public scrutiny by
wholesale breaches of their personal information. On the other hand, the complete
opposite, anonymity, has problems also. She makes two points here:
- Browser cache
- Cache = local special storage, in this case, for web pages you have visited
- Maintained by web browser, separate sections on hard drive and in working memory
- When Browser requests a file from server, by means of a header, it asks the Browser to return the current date of the file. If the date of the file in the cache is the same as the date of the file on the server, the Browser provides a faster response and reduces the load on the server by displaying the copy in the cache. Normally this works pretty well, but the date comparison (apparently) does not include time. So if you view a page from the server in the morning and change it on the server in the afternoon, and then view it the same day, your Browser will still display the older cache copy.
- There are solutions. Each Browser has a method for overriding the cache and forcing an
update from the web server.
- Netscape - <Shift>Reload
- Internet Explorer - Reload or <F5>
- You can also clear the cache in both Browsers to force going tot he server. Be sure to clear both the disk and RAM cache.
- If you normally work on a quickly-changing web site, you might consider zeroing the memory devoted to cache storage. Again, be sure to zero both the disk and RAM cache.
- How the web handles different file types
- When the web server receives a URL specifying a certain file, for most file types in most folders, the web server simply returns the file to the Browser, letting the Browser figure out how to handle it. Exceptions: executable files (*.exe) in specified directories (e.g. cgi-bin, cgi-win) are executed on the server with an output file returned to the Browser. "Server-side script files" (e.g. Perl, *.pl) in any folder are also executed on the server with an output file returned to the Browser. These are the mechanism for "interactivity" - taking input from the user via a form, processing that information on the server, and returning a customized file to the Browser.
- Web Browsers handle certain file types internally. These types are HTML, GIF, JPEG, PNG and a few other minor types. All of these "automatic" types are displayed on the screen by the Browser.
- For many other file types, the Browser may have been configured to use
"plug-in" or "helper" applications to handle the file type. Many of
these applications are proprietary, and may even be pre-configured in the Browser. Usually
the Browser plug-in can be downloaded for free, as a means to building traffic and
therefore sales for the server-side software. Examples:
- *.pdf (portable document format). Use Adobe Acrobat Reader to display the file on the screen.
- *.rpm. Use RealPlayer for this multimedia (sound, graphics and video) file.
- *.mov. Use QuickTime movie player
- *.wav. Use Windows sound player
- Many desktop applications will, by default, install themselves as viewers for their file types. Examples are Word (*.doc), Excel (*.xls), Access (*.mdb) and PowerPoint (*.ppt). When one of these file types is returned, the Browser starts the corresponding application to display the file. These files are not displayed in-line in the Browser window, but as separate windows. There may be a choice between saving to disk and displaying the file.
- The Browser can also be configured to execute scripts (e.g. javascript, java, vbscript) embedded within an HTML file.
- If the file type is not one of 2, 3, 4, 5 or 6, then the Browser will ask the user what to do with the file. The normal option is to save it to disk for later offline processing.