🖥️

Computers: Chapter 5
5.1 The internet and world wide web
The internet and the world wide web are not the same thing. The internet is an infrastructure
consisting of components and cables connecting devices, and a large network called a wide
area network (WAN). It connects homes and businesses worldwide, serving millions of
people. The internet and the world wide web are not the same thing. The internet is an
infrastructure consisting of components and cables connecting devices, and a large network
called a wide area network (WAN). It connects homes and businesses worldwide, serving
millions of people.

5.2 Requesting and retrieving web pages

A URL is a crucial component of the world wide web, containing a text-based address for
each website and web page. To access a web page, a user types the URL into the address bar
of a web browser. A URL has three main components: the protocol, the domain name, and
the web page or file name.
The process of requesting and retrieving web pages involves the user opening a web browser,
typing the URL into the address bar, and sending the URL to the domain name server
(DNS).

Computers: Chapter 5 1
 The DNS stores all domain names and their equivalent IP addresses, and if it doesn't find the
domain name, it sends it to the next DNS. If the domain name isn't found, a message is sent
back to the web browser, indicating that the website is not found. The web browser then sends
a request to the web server, using the hypertext transfer protocol (HT TP). Each web page is
created using HTML, CSS, and active scripts, and the server sends the data back to the web
browser.
HTTPS is a protocol used for requesting data for web pages that requires an additional
process. It uses an additional layer of security, encrypting data using digital certificates.
Website owners need to apply for a digital certificate from a certificate authority, which
checks a website's authenticity. If the certificate authority believes the website is authentic,
they issue a digital certificate.
Before sending a request to the web server, the web browser requests a digital certificate from
the server. The server sends a copy of the digital certificate to the web browser, which checks
if the certificate is authentic. If it is, the web browser allows communication to continue and
the data is encrypted. If the certificate is not authentic, the website is not secure. To check a
website's security, check if it uses HTTPS, see a padlock at the start of the URL, and view the
digital certificate by right-clicking on the padlock.

5.3 The purpose of a web browser

A web browser is a software application that enables users to access information on the web
by requesting HTML files and data required to create a web page. It is often confused with a
search engine, as some web browser software development companies also produce search
engines. Google Chrome, produced by Google, is the browser that opens web pages, such as
Google's search engine.
A web browser has several main functions, including providing an address bar for URL
typing, keeping a record of visited web pages, allowing users to bookmark and set favorites,
opening multiple tabs at a time, navigating between web pages, using common buttons like
forward, back, and reload the page, and storing and managing cookies. It is important to note
that some web browser software development companies also produce search engines, such
as Google, which is not a browser but a search engine.
A cookie is a small text file used to store data about a user, typically about them. These
cookies can be used to store information about users, such as usernames and passwords for
accounts, bank card details for online purchases, and items in a virtual shopping cart. They
can also be used to tailor an online experience by allowing users to customize the appearance
of websites and track content. Cookies are created when a user visits a web page and are

Computers: Chapter 5 2
 stored by the browser. There are two main types of cookies: session cookies and persistent
cookies.

Session cookies are temporary files created when a user visits a web page and are deleted
when the browser is closed. They are useful for online shopping, as they allow users to add
items to their cart and then return to the same page at a later time.

Persistent cookies are permanent files created when a user visits a web page and are stored on
the user's computer's hard drive. When the user visits the same page again, the cookie file is
sent back to the web server to provide personal details or preferences. These cookies remain
stored until manually deleted or the browser deletes them due to expiration.
Internet users have mixed opinions on cookies, as they can be useful but also potentially
harmful. Some believe cookies invade privacy, while others believe they can increase identity
theft risk. To mitigate these concerns, users can adjust web browser settings.

5.4 Digital Currency

Digital currency is an electronic payment method that is similar to traditional bank notes and
coins but is exchanged digitally using computers. Popular forms include credit cards, mobile
phones, and smart watches. Data sent between computers is encrypted using the HTTPS
protocol, and payment details can be stored in persistent cookies. Bitcoin, a cryptocurrency, is
a decentralized system where there is no central authority managing the payment process.

Blockchain is a system used to track payments, consisting of a digital ledger with records
added each time a payment is made. The ledger contains a digital signature with the time and
date of the payment, and the data stored in the ledger is encrypted to prevent anyone from
changing it. However, anyone who wants to view the data can do so.

In summary, digital currency is a secure and efficient method of payment that differs from
traditional bank systems. It allows for the automatic entry of payment details and is stored
securely in a persistent cookie.

5.5 Cyber Security

The internet is a fascinating and engaging platform, but it also poses significant cyber threats.
Understanding the creation, motivations, and security solutions can help prevent these
attacks. While each solution may not be a complete prevention, having multiple is beneficial.

Computers: Chapter 5 3
 Despite the challenges, having security solutions can significantly increase the risk of
personal data being exposed to cyber threats.

Cyber threats:

•Brute-force attack is a powerful method used by attackers to gain access to a computer or

account by repeatedly entering different password combinations. This can be done manually
or through a software program that cycles through combinations. The goal is to steal personal
data for criminal activities or use the account for online purchases. To prevent brute-force
attacks, it is crucial to have a strong password, which should be a mixture of uppercase and
lowercase letters, numbers, and symbols, making it harder for the attacker to guess. Web
browsers now suggest strong passwords and save them for easy remembering. Limiting the
number of password attempts before an account is locked can help prevent brute-force
attacks. Biometric passwords, such as fingerprints, require unique biological data, making it
difficult for a perpetrator to brute-force their way into the account. Two-step verification, also
known as two-factor authentication, involves two tasks to enter an account: entering the
password and an additional input task, such as a code or word sent to your mobile phone
number or email address. This adds difficulty for a perpetrator to guess the password and
access your mobile or email. Some banks also offer card reading devices for this purpose. It is
recommended to check privacy and security settings for online accounts, especially email and
social media, and turn on two-step verification to keep personal data secure.

•Data interception is a common issue on the internet, where criminals intercept data packets
to use it for identity theft and fraud. This is often done using software called packet sniffers
installed on routers. Encryption is the main security solution to keep data secure, typically
using SSL protocol. Encrypting data before transmission ensures that it is meaningless to
anyone who tries to read it. To check if a website uses HTTPS, check if the URL uses
HTTPS, and set your web browser to only connect to websites that use encryption.

•Distributed Denial of Service (DDoS) attack involves creating a botnet by sending malware
to multiple computers, causing them to download the malware and use it as a bot. These bots,
called zombies, send multiple requests to a web server, flooding it with too many requests.
This causes the server to slow down and crash, preventing users from accessing the website.
DDoS attacks can target other server and network hardware, making them a common form of
cyberattack. DDoS attacks can occur for various reasons, including a demand for payment or
revenge or activism. To prevent DDoS attacks, companies can use a proxy server as a security

Computers: Chapter 5 4
 solution. A proxy server acts as a barrier, allowing requests to pass through first, examining
each request and forwarding it to the web server. If many requests are received, the server can
allow them to pass at a slower rate to avoid flooding the web server. Caching is another
security feature that prevents DDoS attacks from being successful. Once a request is received,
the proxy server stops repeated requests from the same IP address, making it more difficult
for a bot to flood the server. Users can prevent their computers from being used as bots in
DDoS attacks by regularly scanning their computers with anti-malware software. This
software scans all files in a computer to detect any known malware and puts them in a
quarantine area. If a file matches, the software informs the user and asks if they want to delete
it. Regular scanning ensures that a computer is free from any malware that could be used to
turn it into a bot in a DDoS attack.

•Hacking is the act of gaining unauthorized access to data by a hacker using technical skills
such as brute-force attacks or exploiting vulnerabilities in a computer or network. Hackers
can gain access for various reasons, such as identity theft, revenge, data corruption, leakage
of confidential information, or activism. To prevent computer hacking, it is essential to have
multiple security solutions in place, such as firewalls, which act as a barrier between data and
the network. Firewalls can be software-based or hardware-based, and can be set to accept or
reject data based on criteria. They can also close certain ports to prevent hackers from
exploiting open ports. Outdated software can also be exploited by hackers. Software
companies often develop updates to protect against hackers, so regular software updates are
crucial. Setting software to automatically update ensures that your computer downloads
updates automatically. Password protection with strong or biometric passwords and two-step
verification can also help prevent hackers from gaining unauthorised access to your data.
Overall, having a strong security system in place can help protect your computer from
hacking.

•Malware refers to malicious software designed to disrupt your computer or data. There are
several types of malware, including:

•Viruses are downloaded onto your hard drive and replicate, corrupting your stored data or
using up memory.

•Worms replicate, aiming to find vulnerability holes in networks to slow down the network.

•Spyware, such as keyloggers, records your actions on your computer and sends this data to
the perpetrator for analysis.

•Trojan horses disguise other malware, disguised as harmless software, and release other
malware once downloaded.

Computers: Chapter 5 5
 •Adware automatically creates pop-up and banner ads, often causing frustration and money
for the creators.

•Ransomware encrypts your data and prevents you from accessing it. The creators demand a
ransom, often demanding a set amount of money, and may threaten to release and leak all
your stored data if not paid.
Understanding these types of malware is crucial for protecting your computer and data. To
protect against malware, use various security solutions. Anti-virus software scans your
computer for viruses by comparing files against a known list of viruses. If a match is found, it
puts it in a quarantine area and asks you to delete the file. Regularly updating your anti-virus
software is crucial as perpetrators constantly develop new viruses. Anti-malware software can
scan for other types of malware, such as worms, spyware, adware, and ransomware. Anti-
spyware is a specific type of anti-malware. A firewall can prevent malware from being
downloaded onto your computer by examining both incoming and outgoing data. It may
recognize a malicious program trying to leave your computer, preventing it from being sent to
the perpetrator for analysis.
Be cautious when downloading software online, as malware can be hidden in seemingly
innocent links or games. Only download from trusted sources and store a backup of your data
to protect against damage or ransomware. Encrypt your data if necessary to prevent
unauthorized access. Use an onscreen virtual keyboard to enter passwords, as key presses
aren't recorded for the password. Some companies also offer drop-down boxes or random
characters to input passwords, preventing full passwords from being sent to the perpetrator.
Avoid keeping personal data on your computer that could be accessed and leaked by
ransomware perpetrators.

•Pharming is a scam where attackers steal personal data via redirecting a request, such as
usernames and passwords, from online accounts. They can then use these data to commit
identity theft and fraud. The attackers will entice users to click on links or icons to start
downloads, downloading malicious software onto their hard drive. This software redirects
website requests to fake websites, posing as genuine websites like PayPal or social media
pages. If the fake website appears, users should change their password immediately. Anti-
malware software can help remove the malicious code, quarantine the file, and redirect users
to the genuine website. To prevent pharming, users should only download software or click
links from trusted sources and thoroughly check websites before entering personal details. If
unsure, close the website without entering any details and scan their computer with anti-
malware software.

Computers: Chapter 5 6
 •Phishing is a scam where attackers steal personal data via fake websites etc, such as
usernames and passwords, from online accounts. They then use these data to make fraudulent
purchases and steal personal details, such as addresses, for identity theft and fraud. The
attacker then sends a fake email claiming to be from a genuine company, such as your bank,
to entice the user to click a link to a fake website. The link takes the user to a website that
looks like the genuine one, where they can input personal details to be sent to the perpetrator.
To avoid phishing scams, check the spelling, tone, professional tone, URL, security, and
appearance of the website. Most companies do not ask for personal details over the internet,
so if you are unsure about the website's authenticity, close it without entering any
information. If you suspect a phishing scam, change your password immediately.

•Social engineering involves manipulating and deceiving individuals into providing

confidential or personal data for criminal activities like identity theft, fraud, and hacking into
computers or networks. It can take various forms, such as phishing, where individuals provide
personal information to gain access to their online accounts. Privacy settings can limit a
perpetrator's access to personal data on social media, ensuring only connected individuals can
see it. Companies can also target employees for their data, allowing them to access only the
data they directly use daily. Access levels are linked to an employee's username, limiting the
data that the perpetrator can access. Companies can also train employees to recognize social
engineering to make them more aware of potential threats. To protect against social
engineering, companies should set access levels for their data and train employees to
recognize potential threats.

Computers: Chapter 5 7