8 min read•june 18, 2024
Minna Chow
Minna Chow
Computers and computer systems often store the personal data of their users. Other information, such as your location, cookies, and browsing history, can also be used to identify your personal data.
This is information that can be used to identify you and includes your:
There are quite a few benefits for websites and applications to collect their user's information.
On the other hand, people are generally concerned about the rise of information collection, and with good reason. Without strong protections, this collection of information could be exploited.
For example, some personal information about your location and travel routes might be used for stalking purposes. Other pieces of personal information, especially your social security number, can be used to steal your identity. Companies that collect personal information could put their users at risk if they're hit by a data breach.
Another type of information on the internet that might harm you is the information you put online yourself. There's potentially a lot of information you can find out about someone just by looking at their social media accounts or by combining information posted on different accounts. You might be revealing things you aren’t comfortable with by accident.
** As an example: Keen-eyed viewers can sometimes tell where someone lives based on a picture of the view outside of their window. **
Information placed online can be used in unintended ways. A nasty message or unwise post can come back to bite you if it's sent to prospective employers or college admissions officers. Thanks to the power of screenshots and forwarding, it can also be very difficult to delete information once it's out there.
It's a good idea, in general, to think carefully before you put anything on the internet. When in doubt, defer to the side of caution.
** In 2000, the ILOVEYOU virus, named for the fake love-letter email it attached itself to, caused over ten billion dollars of damage across the world. In 2017, the WannaCry worm attack caused a similar amount of damage by encrypting hard drive files and holding them for ransom.**
Fortunately, these concerns haven't gone unnoticed, and today there are many systems in place to help protect you on the internet.
Authentication measures keep people from gaining unauthorized access to your accounts. We're going to look at two of them here: making a strong password and implementing a multi-factor authentication method.
A strong password is a password that's easy for you to remember but difficult for someone else to guess, regardless of how well they know you. You don't want to use a generic phrase to create your password ("password," "12345,") or something that could be easily guessed (your name, the name of your family members, etc.) Strong passwords often use a variety of characters, such as uppercase letters, numbers, and symbols (M4r13_cur13).
This website can help you determine how strong your password is, and also highlights what makes a password weak or strong.
You're mostly in charge of creating your own strong passwords, although many companies have implemented requirements for passwords to make them stronger. (They may require you to have a capital letter in your password, for example, or a symbol).
On the other hand, multifactor authentication is provided by the website you're using, although you can generally choose to opt-in or out of it. Multifactor authentication is a way to control who gets access to your accounts by requiring multiple (at least two) methods of verification.
Typically, these proofs will fall into one of three categories, and they'll usually be in two separate categories.
The more layers of verification you have, the more secure your account generally is, although there are limits and exceptions to the rule.
Encryption, another way of protecting people's data, is the process of encoding data to prevent unwanted access. (Decryption is the process of decoding data.) Traditionally, encryption was used to send and receive secret messages between spies or military generals. Coding mechanisms like the Caesar Cipher and the French Great Cipher became famous.
Both of these encryption methods use a key, or a secret piece of information, to keep their messages secret. Only the person the message is intended for should know the key.
For example, the Caesar Cipher works by shifting all the letters in a message down or up a given alphabet. In this case, the key is the number of letters that the message is shifted by. In the image below, all the letters are shifted up by 3: E becomes B, D becomes A, and so on. Therefore, the key is 3.
Two common approaches to encryption are:
The public key encryption system relies on digital certificates. These are issued by Certificate Authorities (CAs) to trusted sites. They allow other computers to verify that a website is what it says it is. These certificates are essential to the public key encryption system because they foster trust between websites. Think of the certificates to be a little like the signature on a check—once we see that signature, we know that the check is trustworthy.
A trust model is used in order to determine if a digital certificate itself is legitimate. (You won't have to understand how these models work for the AP test.)
You've made it through all five of the Big Ideas for AP CSP. 🙌
<< Hide Menu
8 min read•june 18, 2024
Minna Chow
Minna Chow
Computers and computer systems often store the personal data of their users. Other information, such as your location, cookies, and browsing history, can also be used to identify your personal data.
This is information that can be used to identify you and includes your:
There are quite a few benefits for websites and applications to collect their user's information.
On the other hand, people are generally concerned about the rise of information collection, and with good reason. Without strong protections, this collection of information could be exploited.
For example, some personal information about your location and travel routes might be used for stalking purposes. Other pieces of personal information, especially your social security number, can be used to steal your identity. Companies that collect personal information could put their users at risk if they're hit by a data breach.
Another type of information on the internet that might harm you is the information you put online yourself. There's potentially a lot of information you can find out about someone just by looking at their social media accounts or by combining information posted on different accounts. You might be revealing things you aren’t comfortable with by accident.
** As an example: Keen-eyed viewers can sometimes tell where someone lives based on a picture of the view outside of their window. **
Information placed online can be used in unintended ways. A nasty message or unwise post can come back to bite you if it's sent to prospective employers or college admissions officers. Thanks to the power of screenshots and forwarding, it can also be very difficult to delete information once it's out there.
It's a good idea, in general, to think carefully before you put anything on the internet. When in doubt, defer to the side of caution.
** In 2000, the ILOVEYOU virus, named for the fake love-letter email it attached itself to, caused over ten billion dollars of damage across the world. In 2017, the WannaCry worm attack caused a similar amount of damage by encrypting hard drive files and holding them for ransom.**
Fortunately, these concerns haven't gone unnoticed, and today there are many systems in place to help protect you on the internet.
Authentication measures keep people from gaining unauthorized access to your accounts. We're going to look at two of them here: making a strong password and implementing a multi-factor authentication method.
A strong password is a password that's easy for you to remember but difficult for someone else to guess, regardless of how well they know you. You don't want to use a generic phrase to create your password ("password," "12345,") or something that could be easily guessed (your name, the name of your family members, etc.) Strong passwords often use a variety of characters, such as uppercase letters, numbers, and symbols (M4r13_cur13).
This website can help you determine how strong your password is, and also highlights what makes a password weak or strong.
You're mostly in charge of creating your own strong passwords, although many companies have implemented requirements for passwords to make them stronger. (They may require you to have a capital letter in your password, for example, or a symbol).
On the other hand, multifactor authentication is provided by the website you're using, although you can generally choose to opt-in or out of it. Multifactor authentication is a way to control who gets access to your accounts by requiring multiple (at least two) methods of verification.
Typically, these proofs will fall into one of three categories, and they'll usually be in two separate categories.
The more layers of verification you have, the more secure your account generally is, although there are limits and exceptions to the rule.
Encryption, another way of protecting people's data, is the process of encoding data to prevent unwanted access. (Decryption is the process of decoding data.) Traditionally, encryption was used to send and receive secret messages between spies or military generals. Coding mechanisms like the Caesar Cipher and the French Great Cipher became famous.
Both of these encryption methods use a key, or a secret piece of information, to keep their messages secret. Only the person the message is intended for should know the key.
For example, the Caesar Cipher works by shifting all the letters in a message down or up a given alphabet. In this case, the key is the number of letters that the message is shifted by. In the image below, all the letters are shifted up by 3: E becomes B, D becomes A, and so on. Therefore, the key is 3.
Two common approaches to encryption are:
The public key encryption system relies on digital certificates. These are issued by Certificate Authorities (CAs) to trusted sites. They allow other computers to verify that a website is what it says it is. These certificates are essential to the public key encryption system because they foster trust between websites. Think of the certificates to be a little like the signature on a check—once we see that signature, we know that the check is trustworthy.
A trust model is used in order to determine if a digital certificate itself is legitimate. (You won't have to understand how these models work for the AP test.)
You've made it through all five of the Big Ideas for AP CSP. 🙌
© 2024 Fiveable Inc. All rights reserved.