Escolar Documentos
Profissional Documentos
Cultura Documentos
Introduction
ThisbookcontainscourseslessonsheldattheFreeUniversityofBolzanoBozen.Itcontainsonlythefirst
partofthecourses,namelythelessonson:
computerintroduction,
MicrosoftWindows,
computernetworks,
computerdangersandsecurity.
It does not contain the parts on Microsoft Word, Microsoft Excel, financial functions, Microsoft Access,
computer algorithms, SPSS, Visual Basic for Applications, which are very well covered by the respective
coursessuggestedbooks.
Thisbookisusuallyupdatedeveryyear,pleasetakealookattheeditiondate.
Disclaimers
This book is designed for very novice computer users. It often contains oversimplifications of reality and
everytechnicaldetailispurposelyomitted.Expertuserswillfindthisbookuselessand,forcertainaspects,
partiallywrong.
This book supposes that the user is using Microsoft Windows 7 operating system in English language.
However, most of the book is perfectly readable with other Windows versions, while some menus and
instructionscanberatherdifferentifthelanguageisnotEnglish(Windowslanguagemaybechangedon
multilanguageinstallations:seepage7forfurtherinformation).
The novice user in this book is, for simplicity, always considered male. This is not meant to be gender
discrimination.
Table of Contents
Introduction..........................................................1
1. Computers....................................................2
1.1. Storage.........................................................2
1.2. Software.......................................................3
2. MicrosoftWindows......................................6
2.1. Versionsandeditions...................................6
2.2. Regionalandlanguagesettings....................7
2.3. Filesystem....................................................8
3. Computernetworks...................................14
3.1. Technicalaspects........................................14
3.2.
3.3.
4.
4.1.
4.2.
4.3.
4.4.
4.5.
4.6.
4.7.
Communication.........................................15
Internetconnections.................................18
Computersecurity.....................................20
Encryption..................................................20
Passwords..................................................23
Viruses.......................................................25
Emails.........................................................27
Navigation..................................................29
Attacksfromoutside.................................29
Backup.......................................................30
Dr.PaoloCo
oletti
BasiccComputercoursebookk
1. Com
mputerrs
Thischapteerpresentsw
withabriefd
descriptiono fcomputermaincompo
onents,oftheemostcomm
mondevicess
andofthettypicalsoftw
warecomponentsfornovviceuser.
1.1. Sto
orage
1.1.1. Me
easures
Before starrting with the compute
er descriptioon, it is use
eful to beco
ome proficieent with th
he data sizee
terminologyy,whichwilloftenbeuse
edinthisbo ok.
Computers haveaveryelementaryywaytostorredata:theyycanremem
mberonly0oor1.Avalue
eof0or1iss
calledbitan
ndallcompu
uterdataare
estoredasseequencesofbits.Asequenceof8bittsiscalledabyte,which
h
isaquantityylargeenoughtostoreu
usuallyalettteroradigit(eventhoughsometimess2bytesare
enecessary)..
Modern co
omputers aree able to deal with ennormous quaantity of byytes, forcing
g us to intro
oduce otherr
quantities:
Kilo
obyte(KB),approximatelyy1,000bytees,
Boronemillionbytes,
Megabyte(MB)),approximately1,000KB
Gigabyte(GB),aapproximate
ely1,000MB
Boronebillio
onbytes,
Terabyte(TB),aapproximately1,000GBooronetrillio
onbytes.
Usuallythe unformatteedtextofaw
wholebook canfitinso
omeKB,whileforanimaageinagoodresolution
n
MBarerequuired,whilea
afilminhigh
h
(letssayreadytobeprrintedonA4paper)orfooramodernsongsomeM
dssomeGB.
qualityneed
1.1.2. Mo
oores law
Over the laast 40 years, computer hardware hhas been con
ntinuously im
mproving itss performan
nces with an
n
exponentialgrowth.ThisgrowthissummarizeddbythefamousMooresslawwhich saysthatthe
enumberoff
transistors in a processsor doubles every 18 moonths. This law
l
can be extended
e
to
o almost every aspect off
hardware aand we may say that the
e performannce (be it speed or capacity) of harddware doubles every 18
8
months, thus leading to
t a general exponentiaal growth. Unfortunately
U
y softwaress performance does nott
increasewitththesamerate.
1.1.3. De
evices
The compu
uter uses sevveral devices to permannently store
e and move data, whichh vary a lot in terms off
capability,ccost,speedaandportability.
Themostusedisstheinternaalharddisk,w
whichusuallyisinsidethhecomputerrboxand
cannotbemove
ed.Itssizecuurrentlyranggesfrom500
0GBto2TB.Ontheothe
erhand,an
exteernalharddiskisoutsideethecomputter,hasthessamesizeanddobviouslycanbe
movved.Itsonlydisadvantag eisbeingslightlyslowerr.
SSDSolidStateD
Drivesaresttartingtoslo
owlyinvadetthemarket.TTheyarenottdisksatall,,
but very larrge memoryy cards shape
ed like an h ard disks wh
hich can enttirely replacee the interna
al hard disk..
Theirmain advantages arethatnotthavingmovvingparts(theydonotrrotateathigghspeedlike
eharddisks))
obustandth
hatinmost situationsthheyarefaste
erthanharddisks(uptoo10timesfaster).Theirr
aremorero
disadvantaggeisthelimitedsizewhicchcurrently is500GBan
ndtheirhigh price.
Page2of322
EEdition8.0(0
05/08/2014))
BasicComp
putercoursebook
Dr.P
PaoloColettii
CD and
d DVD in an alternative way to storre data. Theyy contain abbout 700 MB and 4 GB,,
respecttively.Theya
aredividedinntoRwhichmayonlybewrittenoncceandRWw
whichmaybee
writtenarerewritttenseveralttimes.TheyrrequireaCDreaderoraDVDreaderrtoberead,,
whichaareavailableonmostcom
mputers,and
daCDwriterorDVDwrritertobewrritten,which
h
are avaailable only on some ccomputers. A new generation of hhigh capacitty discs hass
appeared
donthemarket,theBlu raywith25GBsize.
MemoryystickorUSB
Bpendriveissthemostusedwaytotemporarysttoreandmovvedata.Its
sizeisno
owupto64G
GB,howeverritsreliabilittyisnotperfect,thereforreit
isusedm
mostlytomo
ovedata.
monwaystostoreandm
movedataareethroughamemorycard,usedby
Othercomm
externaldevvicessuchassphotocameras,mobileephonesorm
musicplayers.
1.2. Sofftware
Softwarecaanbedivided
dintothreeb
bigcategoriees:operatinggsystems,prrogramsanddata.
Theoperatingsystemtaakescareofcontrollingccomputerhaardwareand humancom
mputerintera
action.Theree
arecurrentllythreewideelyusedope
eratingsystem
ms:
dows,whichisthemarkeetleader,
MicrosoftWind
Maacintoshcom
mputershave
etheirownooperatingsysstemMacOS
SX,
Linux(itisafam
milyofveryssimilaroperaatingsystems),whichisa
acostlessopperatingsyste
em,
Android,afamilyofverysimilarLinuxbbasedoperattingsystemssformobileddevices,
mobiledevicces,
iOSS,forApplem
WindowsPhon
ne,Microsofttsoperatinggsystemform
mobiledevicces.
freeeware, softw
ware which is completelyy costless. The
T producers of this sofftware are either
e
publicc
insttitutionssuchasuniversities,ordev eloperswho
odoitforpe
ersonalinterrestoradverrtisementorr
privvate compan
ny who do it for dum
mping reason
ns. Some exxamples aree Skype com
mmunication
n
pro
ogramorLinu
uxoperating system;
Edition8.0(05/08/2014
4)
Page3of32
2
Dr.PaoloColetti
BasicComputercoursebook
shareware,softwarewhichisinitiallycostlessbutafteracertainperiodtheuserisaskedtopaya
fee or delete it; or software which has two versions: a free one, but incomplete or with
advertisementbanners,andacompleteadvertisementfreeone,forwhichtheusermustpay.The
mostpopularexamplesaremobilephonesapps;
commercial, software for which the user has to pay a license to use it. Common examples are
MicrosoftWindowsoperatingsystemorPhotoshopimageeditingprogram;
subscriptionbased,softwareforwhichtheuserpaysaperiodicfeetouseit.Thissoftwaretypically
is also offered on the web and in this case the user does not have to care about installation nor
updates.AnexampleisMicrosoftOffice365;
private,softwareuniquelybuilt,underpayment,foraspecificcustomertofithisneeds.Onlythe
costumer may use it. A typical example is the universitys studentscoursesexamsprofessors
databasesystem.
The permission to be modified can seem a trivial question for the novice user, however for program
developersandcomputerexpertsbeingauthorizedtomodifyasoftwareisagreatadvantagesinceitcan
be improved, checked for errors and tailored to specific needs. The open source versus proprietary
softwareisastrongethicalandeconomicaldebateinthecomputerscientistscommunity.Subdivisionby
permissiontomodifyis:
open source software may be studied, used and especially modified by anyone. The software
developers at the same time legally authorize any modification and they distribute the source of
thesoftwaretoputotherdevelopersinaconditiontoeasilymodifyit.Opensourcesoftwareisalso
automaticallyfreeware.ThemosttypicalexampleisLinuxoperatingsystem.
copyleft software is open source but carries the restriction that any modification must be
distributed as open source and copyleft, thus impeding that software becomes, after a
modification,proprietary.ThemostfamouscopyleftcontractlicenseistheGNUPublicLicense(see
http://www.gnu.org/licenses/gpl.html).
proprietarysoftwareisdistributed(costlessasAdobeAcrobatReader,orasasharewareasWinZip,
ormostoftensoldascommercialsoftwareasMicrosoftOffice)withtheexplicitlegalwarningnot
tomodifyitandtechnicallylockedtopreventotherdeveloperstoseeormodifyitssource.
closedproprietary,aformatownedbyasoftwarecompanyandkeptasatradesecret.Inthisway
only programs build by that company can use those data files and no other company is able to
Page4of32
Edition8.0(05/08/2014)
BasicComputercoursebook
Dr.PaoloColetti
endanger its monopoly. A famous example is DOC format which, until 2007, was kept secret by
Microsoft,thuspreventingcompetitorsfrombuildingalternativestoMicrosoftWordprogram.
openproprietary,aformatpubliclyavailablebutwhoseimprovementsandcontrolareunderthe
ownershipofasoftwarecompany.AtypicalexampleisthenewWordformatDOCX.
open,apubliclyavailableformatwhichfollowsofficialstandardswhosecontrolisunderownership
of public organizations, such as American ANSI, German DIN or Italian UNI. Typical examples are
imagesformatGIForformattedtextsformatPDForwebpagesformatHTML.
Edition8.0(05/08/2014)
Page5of32
Dr.PaoloColetti
BasicComputercoursebook
2. Microsoft Windows
MicrosoftWindowsiscurrentlythemarketleaderoperatingsystem,itistheusualinterfacewhichappears
whentheuserturnsonapersonalcomputerwithWindowsoperatingsystem.
Starter and Home Basic, cheap versions with severe limitations, used
mostlyonsmallnotebooks;
HomePremium,homeusersedition;
Professional, personal business edition which includes more network
programs;
Enterprise/Ultimate, Professional edition with more network utilities
availabletocompanies/individualusers.Enterpriseeditioniscurrently
(August2014)installedatUNIBZ
MicrosoftreleasedWindows8in2013withanewuserinterfacecalledand
designedfortabletswithtouchscreen,whichwasnotwelcomedbymany
professionalusers,inordertoincreasecompatibilitywithitsmobiledevices
operatingsystemWindowsPhone8.WithitsfirstupdateMicrosoftdecided
to change name to Windows 8.1. It is installed on approximately 17% of
computers.Itisavailableinonlythreeeditions.
Starter
HomeBasic
HomePremium
Professional
Enterprise/Ultimate
Windows8
Windows8Pro Basic
Windows8Enterprise
Page6of32
Edition8.0(05/08/2014)
BasicComputercoursebook
Dr.PaoloColetti
Page7of32
Dr.PaoloCo
oletti
BasiccComputercoursebookk
Whilethekkeyboardsetttingscanbe
eadjustedfr omthismen
nu,itiseasie
ertoadjustiitdirectlyfro
omtherightt
sideoftheaapplicationb
bar,simplyclickingonkeeyboardicon andselectin
ngtheappro priateone.
2.2.1. Ke
eyboards a
and langua
ages
Before startting this secction it is necessary to t ake a close look at yourr keyboard. Locate these keys sincee
theywillbeeusedintherestofthism
manualandaareveryusefulinmanyp
programs:
Englishkeyboard Germankeyyboard Ita lianKeyboarrd
C
CTRL
A
ALT
ALLTGR
F1ttoF12
D
DEL
INS
HOM
MEor
EEND
PGaandPG
BACKSP
PACEor
STRG
ALT
ALTGR
R
F1toF1
12
ENTF
EINFG
G
POS1
1
ENDE
E
BILDandBILD
ENTEERor
TAB
Bor
SHIFFTor
CAPSLO
OCKor
ARROW
WS
Mainfuunction
CTRL
ALT
ALTGR
Produce
echaracteroonthekeysrightleft
F1toF12
CANC
Deletenexxtcharacter
INS
Toggleinsert/ooverwritemo
ode
Gotobeeginning
FINE
Gotooend
PA
AGandPAG
G
Goonepageeupordown
n
Deletelasttcharacter
Enterrdata
INVIOor
TABor
Movethroug
M
ghthewindow
Capitalizzeletters
KeepSHIFFTpressed
Movethhecursor
InthisbookktheEnglishnameforke
eyswillbeinndicated.Wh
henA+Bisindicated,itm
meansthatth
heusermustt
presskeyA,,thenpresskeyB,andth
henrelease bothkeys.
2.3. File
e system
m
Beforestarttingthissecttionitisnece
essarytodo thefollowin
ngoperationss:
1.
2.
3.
4.
5.
6.
clickontheStarrtmenuicon
n,onthelow
werleftcorne
erofthescre
een
olPanel
opeentheContro
cho
ooseAppearranceandPe
ersonalizatioon
cho
ooseFolderOptions
cho
ooseView
desselectHideeextensionsfo
orknownfileetypes.
Inthiswayeextensions(sseesection2
2.3.3)areshoownandfile
etypesarebe
etterrecognnized.
EEdition8.0(0
05/08/2014))
BasicComp
putercoursebook
Dr.P
PaoloColettii
ory,accessibblefromMy Computer
Eachstoraggedeviceisaabigdirecto
window, w
which contaains directo
ories and ffiles. Each of these
subdirectorries may con
ntain other files
f
and othher subsubd
directories,
andsooninahierarchicalway,forrmingatree withtheharddisk(or
oragedevice)astheroott,directoriessasbranche
esandfiles
anothersto
as leaves. O
On UNIBZ co
omputers, th
he usual harrd disk are C:
which
containsprograms,E:whichconttainscoursessinformatio
onandF:
whichcontaainsusersrreservedspace.DisksdirrectoriesA:andB:
areusuallyreservedforrfloppydiskss,andD:o rZ:forCD
Dreader.
information
nonfilesand
ddirectoriessuchasthei rsizeanddaateoflastmo
odification.
Eachfilean
nddirectory canbeunivo
ocallyidentiffiedbyitsabsolutepath
horaddress..Fordirecto
oriesitisthee
path which appears on
n the address bar of thhe directory window, while for filess it is the path
p
of theirr
containing directory fo
ollowed by \ and thee file name. For examp
ple, the absoolute path of directoryy
Common in HP directory in
n Program Files dire
ectory in the
t
C: hardd disk is C:\Program
m
ommonasccanbeseen fromtheadddressbar.W
While,theHP
PeDiag.dllfillehastheab
bsolutepath
h
Files\HP\Co
C:\Program
mFiles\HP\C
Common\HP
PeDiag.dll.
Notethat,fforWindowssoperatingsyystem,capittalorsmallcapslettersin
npathsarepperfectlyequ
ual.
Aspecialan
ndtrickyobjeectisthelinkorshortcutt.Althoughiitsiconlooksslikeafileiccon,
thesmallcu
urvedarrow
wontheleft cornerclearrlyindicatesthatthisob
bjectisalinkk.A
linkissimpllyanaddressstoafileordirectory,itisnotareallfileordirecctory.When the
user clicks o
on the link, the computter behaves exactly as iff the user is clicking on the
realfileor directory(if Windowsca
anfindtherrealone,wh
hichisnotth
hecaseifin the
d
or moved
m
it). H
However, anyy copy/move operation on the linkk will simplyy
meantime ssomebody deleted
copy/movethelinkand
dnottherealfileordirecctory;especiiallycopying/movingtheelinktoanottherdiskwilll
hereforeitissagoodideaafornoviceu
userstoavoiddusinglinkssatall.
probablycaauseittomalfunction.Th
Edition8.0(05/08/2014
4)
Page9of32
2
Dr.PaoloCo
oletti
BasiccComputercoursebookk
dragtheobjecttothedestination.Ifapplussymboldoesnot
app
pear, press CTRL
C
key to have it apppear while dragging.
d
Releeasetheobjectinthede
estination;
seleect the object and click the right m
mouse button. Select
copy. Point the
t mouse to
t the destinnation and click the
righ
htmousebutton.Select paste.Ift hedestinationisthe
origginallocation
n,thefilenamechanges tocopyof;
seleect the object and presss CTRL+C. Pooint the mou
use to the destination aand press CT
TRL+V. If thee
desstinationisth
heoriginallo
ocation,theffilenamechaangestoco
opyof.
Movingafiilemeansmovingittoa
anotherloca tionlosingtthefileintheoriginalpllace.Movinggadirectoryy
meansmovvingittoano
otherlocationtogetherw
withitsentirretreeofsub
bdirectories andfiles.To
omoveafilee
ordirectoryywindowsofffersseveralmethods,thhemostused
dbeing:
dragtheobjecttothedestination.Ifapplusoralinksymboldoesappear,prressCTRLorSHIFTkeyto
o
moveit.Releaasetheobjectinthedesstination;
rem
seleect the objeect and clickk the right mouse button. Select cut
Tocreatealinktoafileordirectoryy:
Deletingaffilemeanso
oftenputtinggitintothe trashcanw
whereitcan berecuperaatedunlesstthe
trashcanisemptied.Deeletingadire
ectorymean sputtingittothetrashccantogetherrwithitsentire
treeofsubd
directoriesandfiles.Payspecialatte ntion,sincenotalwaystthetrashcannworksasusser
expectsand
dsometimessfilesaredelletedwithouutpassingthroughthetrrashcan.To deleteafileordirectoryy
windowsofffersseveralmethods,th
hemostuseddbeing:
dragtheobjecttothetrashcanandreleeaseit;
seleecttheobjecctandclickth
herightmouusebutton.SSelectdelete;
Page10of332
EEdition8.0(0
05/08/2014))
BasicComp
putercoursebook
Dr.P
PaoloColettii
seleecttheobjecctandpressDELkey.
Torename afileordireectory,simp
plyselecttheeobject,clicckon
thenameaandretypeitt.UsuallyWiindowsacceeptsmostnames,
but novice users should stick with
h only letterrs, numbers and
spaces,sincceothercharractersmaybeforbiddenn.
Tocreatea newdirecto
ory,simplyriightclicktheemouseand
dchoose
NewandFolder.Aftterthecreattion,renameeit.
SSometimesfilesoccupya
alotofspaceeandneedtobereduced
dtosavedisskspaceortobesentbyy
eemail;other timesfilesm
mustbeputiinapackage
etoremaintogetherorttobesentassasinglefilee
vvia email. Th
hese two op
perations aree accomplish
hed compressing a set of files and directories,,
whichmean
nsusingasp
pecialprogram(WinZipoorIZArcorth
heoperativesystemitselff)toreduce(from0%to
o
90%dependingonthe filetype)thefilesizeanndproduceaanewsinglefilecalledzziparchiveco
ontainingalll
theselected
dfilesanddiirectories.
Tocompresssasetoffileesanddirecttories:
1. seleectthefilesaanddirectoriiesalltogethher,
2. clicktherightm
mousekey,
o the installed compreession prograam and sele
ect somethinng like Add
d to Archivee
3. seleect IzArc or
Filee,
4. adiialogboxapp
pearsasking youtochooosetheziparchivename anditsdesttination;
5. inthisdialogbo
oxyoumustalsochoosethecompre
essionmetho
od,whichissstronglysugggestedtobee
ZIPtobecompaatiblewithotherprogram
ms;
6. inthisdialogan
nencryptionmethod(se esection4.1
1onpage20
0)maybechhosen.Ifyourziparchivee
ouldbeopen
nedbyanybo
ody,thenchhooseNone
e:Otherwise,ifyouwaanttheziparchivetobee
sho
unccompressed onlybypeop
pleknowing aproperpaassword,cho
ooseanyofttheencryptio
onmethods,,
suchasAES12
28bit,andp
providetheppassword.
ordirectorieesmaybead
ddedlatertootheziparch
hivesimplyd
draggingthe monthezip
parchivefilee
Otherfileso
(thisisacop
pyandnotamoveopera
ation)ifitisnnotencrypte
ed.
Toextractffilesfromazziparchivefiile,simplycl icktherighttmousekeyonthefileaandfromthe
edropdown
n
menu choo
ose the apprropriate extrract option: the contentt will appear in the loccation you have chosen,,
togetherwiithallitsdireectoriesstru
ucture.
Whendoub
bleclickingo
onacompresssedfile,ifthhecompresssionprogram
misproperlyyinstalled,itwillopenin
n
awindowaasifitwere adirectory. Butitisnottanormaldiirectory,itisssimplyaw indow,prod
ducedbythee
compression program, with the listt of the ziparchives content: the user
u
should nnot open files from thiss
nce it is a veery unreliable way to m odify files! Files
F
can be copied from
m this windo
ow to a reall
window sin
directory siimply draggiing them to the directoory. When the entire co
ontent of thhe ziparchive has to bee
extracted o
or when the user wants to preservee the originaal tree structure, it is beetter to use
e the Extractt
buttonofth
hisspecialwindow.
Page11of32
2
Dr.PaoloCo
oletti
Filetype
BasiccComputercoursebookk
Typicallprogramsthatopenit
Program
m
itsself
Typicalexttensions
.exe.com
m.bat
Typica
alicons
The link ed image cannot be display ed. The file may hav e been mov ed, renamed, or
deleted. Verify that the link points to the correct file and location.
Compressed
WinZip
p/IZArc
.zip
p
Text
Nottepad
.txt
Documen
nt
W
Word/Acroba
at/Powerpooint
.docx.doc.rttf.pdf.ppt
Sheet
Exxcel
.xlsx.xls.csv
Image
Explorrer/PictureFaxViewer//Paint/
OfficePictu
ureManagerr
.jpg.jpeg.giff.bmp.png
Video
Media
aPlayer
.avi.mov.m
mpg.mpeg
Audio
MediaPlayer/WinAmpp
.mp3..wav
Webpagge
Exp
plorer
.html..htm
readpermission
n,tocopyan
ndopentheoobject;
readandexecute,sameasread,plusruuntheobjecttifit
isaprogram;
listcontent(forrdirectories),toseetheccontent;
writte permissio
on (for direcctories), to create files and
sub
bdirectories;
modifypermisssion(alsocallled,whenreeferredtoa file,
writte permissio
on), same as
a read andd execute, plus
deleete,move,reename,save
emodificatioons;
fullcontrol,sam
measmodifyy,pluschanggepermission
ns.
2.3.5. Ne
etwork fold
ders at UNIBZ
OnUNIBZLLANtherearesharedharddisksonw
whichcomm
moninformattionisstoredd,sothatitisaccessiblee
fromeverycomputer.TThesearecallednetworkkfolders.Som
meofthema
are:
Page12of332
EEdition8.0(0
05/08/2014))
BasicComputercoursebook
Dr.PaoloColetti
\\ubz01fst\courses\course_coletti which contains utility files that will be used during the course.
These files must never be opened doubleclicking from here, otherwise they will be locked (see
section2.3.4onpage12);theyshouldbecopiedoneachusersdesktopbeforeopeningthem;
\\ubz01fst\courses\exam_coletti\,followedbyusersloginnameortheuserslastnameandfirst
name,whichwillcontainexamfilesandwhichisaccessibleonlybytheuser;
\\ubz01fst\students\, followed by year, faculty and users login name, contains a copy of the
studentsdiskF,desktop,andconfiguration.
Edition8.0(05/08/2014)
Page13of32
Dr.PaoloColetti
BasicComputercoursebook
3. Computer networks
Thispartofthebookisdedicatedtocomputernetworksfromausersperspective.Nowadaysacomputer
is very likely to belong to some companys network, or to be connected to the Internet via an Internet
provider, and is therefore exposed to all the typical network problems. Without entering into technical
details,thissectionwillexplorethesituationsinwhichanoviceusercanfindhimselfintroublesandhow
hecantrytosurvivedialoguingwithnetworkadministratorsintheirownstrangetechnicallanguage.
3.1.2. Areas
Computernetworksarecommonlydividedintothreecategories:
Local Area Network (LAN or Intranet), usually the network of computers in the same building or
belongingto thesameowner.InsidetheLANevery computeris wellidentifiedandusuallyevery
userisknown.Itisconsideredatrustedarea.
WideAreaNetwork(WANorInternet),whichiseverythingwhichconnectsLANs.Computersand
usersidentificationisveryhardandanonymityispossible.Itisconsideredadangerousarea.
Virtual Private Network (VPN) is a way to recognize a computer outside the LAN as a trusted
computer: the user is identified with a password and his computer, even though connected via
Internet,willbeconsideredaspartoftheLAN,foraslongasitremainsconnected.VPNistypically
requiredtoidentifyportablecomputersconnectedviawirelessconnection.
Edition8.0(05/08/2014)
BasicComp
putercoursebook
Dr.P
PaoloColettii
Ethernetcablesshaveaspeedof10Mbbpsandcan thuscarry1
1.25MBeachhsecond,meaningthat,,
for example,a 600MBmovviecanbetrransferredin
n8minutesffromonecoomputertoa
anotherone,,
pposing no one
o (neither users nor ccomputers) is using that network t ract for other purposess
sup
durringthetranssfer.
FasttEthernetcaableshaveaspeedof1000Mbps.
GigaEthernetcableshavea
aspeedof1G
Gbps.
Aw
wirelessnetw
work,acable
elessnetworrkwhere computersuse
eradiosignaalstocommunicate,hass
usu
uallyaspeedaround308
80Mbps,deppendingontthewirelessgeneration.
3.2. Com
mmuniccation
Insideacom
mputernetw
workmanyco
ommunicatioonprogramssareinstalledonIntraneetcomputerstoconnectt
totheInternetoreventointernalcomputers.
3.2.1. We
eb browse
er
Awebbrow
wserisaclientprogramttonavigatettheWWWaandretrievewebpages.
Itrunsdirectlyontheu
userscomputerasacli entandcon
nnectstoextternalweb
servers, ideentified with
h the www. prefix in thhe Internet name, to re
etrieve web
pages.Themarketleaderwithabou
ut60%(inJu ne2014,see
ewww.w3scchools.com)
wserfromGo
oogleChrome,followed byMozillaFFirefox,anopensource
isthebrow
software w
with 25%, Microsoft Interrnet Exploreer, a freewarre proprietarry software
dSafari,thebrowserforMacOSX,
with9%and
3.2.2. Ma
ail reader
A mail read
der is a clien
nt program to
t send and retrieve em
mails. It runs directly on the
users computer as a client
c
and connects
c
to a mailserve
er, a progra
am in chargee of
collecting and dispatcching emails. The ma rket leaderr is Microsoft Outlookk, a
commerciallproprietaryysoftware.Itthasmanyccompetitors,,themostfa
amousbeing
gthe
opensourceeMozillaThu
underbirdan
ndthefreeW
WindowsLive
eMail.
Anotherwaaytoreadan
ndsendema
ailsisthrougghwebmailssystems,whiicharewebssiteswherettheusercan
n
enter and read his reeceived ema
ail and sendd new ones acting dirrectly on thhe mailservver, withoutt
ng them norr using any client. It caan be useful for various reasons: iit does not require thee
downloadin
installation ofamailreaaderprogram
m;oldreceivvedemailsarealwaysavvailableonthhewebsitea
andcanthuss
d from home, office and
d while traveeling, even without
w
a pe
ersonal laptoop; the mailserver takess
be accessed
careofemaailsbackup.B
Butontheotherhandit requiresaccontinuousfa
astconnectiooneventow
writeasinglee
longemail, whichcanb
becostlyand
d,insomes ituations,im
mpossibleandusuallytheeemailspacceislimited..
es arethe M
MicrosoftOutlookWebA
App, where tthewebinterfacelookss
The mostfaamouswebssiteinterface
exactly likee Microsoft Outlook, an
nd the Webbmail interfaace, used and
a
personaalized by mo
ost Internett
providers.
Edition8.0(05/08/2014
4)
Page15of32
2
Dr.PaoloColetti
BasicComputercoursebook
Edition8.0(05/08/2014)
BasicComputercoursebook
Dr.PaoloColetti
and digit the keywords, or sometimes even a complete question, and the website returns the list of
relevantwebpages.
Searchenginesuseacrawlertechnique:theycontinuouslygothroughtheknownwebpagesmemorizing
theircontentandtryingtodiscoverotherwebpagesthroughthecontainedlinks.Inthiswaytheyareable
tomemorizemostoftheWWWspages(morethan8billionpages),eventhoughsomenotlinkedwebsites
canremainunknowntosearchengines.
ThemostpopularsearchenginesareGoogle,thecurrentmarketleader,Yahoo!
andBing.Inordertochoosetheorderinwhichwebpagesaredisplayedtothe
user, search engines use scoring system. The most famous one is Googles
which relies on the idea that a linked page is very important and useful;
thereforeawebpagereceivesascoreproportionaltothenumberofwebpages
whichputalinktoit.Accordingtorecentresearches,thepercentageofuseof
theseenginesareGoogle83%,Yahoo6%,andBing4%.
Therearemanytrickstospeedupthewebsearchandarrivequicklytotherightresult:
Edition8.0(05/08/2014)
Page17of32
Dr.PaoloCo
oletti
BasiccComputercoursebookk
wheenlookingsimplyforsomeimages, itismoreco
onvenientto
ousethespeecificsearchratherthan
n
tryingtofindwebpagescon
ntainingthem
m.
3.3. Inte
ernet co
onnectio
ons
Therearem
manydifferentwaystocconnecttothheInternet. Someareoldtechnologgy,ratherslo
owandused
d
rightnowo
onlywhenno
oothermea
ansisavailabble,suchasttheoldtelep
phonelinew
withaspeedof56Kbps,,
theISDNsystem,theGP
PRSandEDG
GEmobilephhonesystemss.Modernte
echnologiesaarecalledbroadband:
ADSL(AssymmetricDiigital
SubsscriberLine)
telephonneline
modeem
500Kbpssinupload
820Mbpssdownload
Speedde
ependson
subscriptionfeeand
networktraffic
Inteernetcable
UMTS(U
UniversalMo
obile
TelecommunicationsSyystem)
3G
HSDPA(HigghSpeedDo
ownlink
PaccketAccess)
LTE(LonggTermEvolu
ution)
W
Wireless
WiFi
Specialcoontract
some
eGbps
3Gmobileephone
5Mbpsinupload
40Mbpsin
download
Speeddepends
nglyon
stron
enviro
onment
LTEmobileephone
willarrive
wirelessscard
30300
0Mbps
antennainlin
a
neofsight
modeem
40M
Mbps
Speedde
ependson
wirelessggeneration
Speeddepends
ondistance
stronglyo
WiMax
Page18of332
EEdition8.0(0
05/08/2014))
BasicComputercoursebook
Dr.PaoloColetti
Manyfastconnections,especiallyADSL,sufferfromnetworkcongestion:toomanyusersareconnectingat
thesametimeandtheInternetprovidersmaincablesarenotabletosupporttheusersmaximumspeed
multiplied bythe number ofusers,andtherefore mustreduce thepracticalconnectionspeed.Therefore
the maximum speed is often only theoretical and some providers are offering a minimum band
guaranteed:aminimumspeedunderwhichtheconnectionmayneverfall.
Unfortunately, even in technologically advanced countries, there are still many areas where nor ADSL
neitherUMTSarrives,mostlyduetothegeographicconditions(mountains,islandsorlongdesertdistances)
and to the low inhabitants density. This phenomenon is called digital divide: there are people (e.g.
5,000,000ofItalianinhabitants)thatevenwillinglytopaycannotgetabroadbandconnection,and,onthe
otherhand,InternetservicesandespeciallytheWWWiscontinuouslygoingtowardslargesizecontents,
cuttingthesepeopleoff.Inordertoovercomethissocialproblem,WiMaxisspreading,asortofverylong
rangeWirelesswhicharrivesupto10Kmbutworksonlyifthetransmittingandreceivingantennasarein
lineofsightandwhosetheoreticalspeedof70Mbpsdecreaseswithdistancestoabout40Mbps.
Edition8.0(05/08/2014)
Page19of32
Dr.PaoloCo
oletti
BasiccComputercoursebookk
4. Com
mputerr securrity
Being connected to thee Internet means
m
givingg anybody access to the
e computer. Despite the
e traditionall
onewhogoeesoutside,iitisinstead theInternettworldwhicchiscomingg
noviceuserrsbeliefthaatheistheo
inside,withallitsbeneffitsanddanggers.Knowin galittlebitofsecurityisssuesisnow
wadaysnecessaryevento
o
pertuser,toavoidbeingluredintotrrapsoradop
ptingpotentia
allydangeroousbehaviorss.
thenonexp
Moreover,ttherecentIttalianlaw19
96/2003onpprivacyissuescontainsin
ntheAllegatooBtheminimalsecurityy
techniques which musst be adopted by systtem administrators butt also by nnormal userrs. This law
w
nts
apply
cle
early
to
all
co
ompanies
an
nd
professio
onals
which
handle
data,
,
but
they
also
a
apply
to
o
requiremen
personalusserswhocom
mmunicated
data.Toperssonalusers whodonotcommunicaatedatastill thesecurityy
requiremen
ntsapply.
Law196/20003inparticu
ularsplitsdatainto:
perrsonaldata
sensitivedata:d
dataaboutraceandethnnicity,religio
ous/philosophical/politticalopinion
ns,belongingg
torreligious/ph
hilosophical//political/w
workersorgaanization
sensitivedataabouthealthandsex
justticedata,wh
hichhavethe
esamepresccriptionsasssensitivedata
a
gen
neticdata,whichneedexxtremelyparrticularproce
edureswhich
hwillnotbe describedhere.
Law196/20003prescribeesthat:
eacchusermustbeauthenticatedbyappersonaluserrnameanda passwordoorabiometriccdeviceoraa
perrsonaltoken;;
wnpermissioons,limitedo
onlytothed
dataheneeddsforhiswo
ork,andthee
eacchusermustthaveitsow
perrmissionsmu
ustberevoke
edwhentheuserdoesnotneedthem
manymore;
useersmustreceeivespecifictrainingori nstructions tobeableto
ousetheiraauthenticatio
onandtobee
awaareoftheirrresponsibilities,dutiesanndthepossib
bledangers;
alld
datamustbeebackedup(seesection4.6onpage
e29)atleasteveryweek;;
security software must be updated at least every year and orr 6 months w
when handliing sensitivee
data;
r
speccial care: theey must be stored
s
and transmitted
t
using encryption or thee
sensitive data receive
peo
ople must bee unidentifia
able, for exaample by asssigning to each
e
person s data a nu
umeric codee
instteadofhisnaameandsurrname.
4.1. Enccryption
n
Encryption isatextmaskingtechnique,deriveddfrommilitaaryuse,whicchtransform
msinformationinsuchaa
waythatit maybecorrrectlyreadonlywithasppecialpassw
wordcalledke
ey.Itusestw
wokeys,apublickeyforr
wnonlytoo
onecomputeerorperson,andaprivattekeyfordeecrypting,ussuallyknown
n
encrypting, usuallyknow
hich legitima tely may reaad the information. Thee size of thesse keys, and
d
by all the ccomputers or people wh
thus the diffficulty to be guessed, is
i expressedd in bits, witth 128 bits being
b
the ty pically mostt secure sizee
used.
ThetwofolllowingscheemasillustratteshowB,CCandDcan sendsecretmessagesu singAspub
blickey
..
Thesentmessagesare encrypteda
andlaterdeccryptedbyA
Awithhisprivatekey
Page20of332
.Incaseso
omebody
EEdition8.0(0
05/08/2014))
BasicComp
putercoursebook
Dr.P
PaoloColettii
heisunablettodecryptittcorrectlysincehedoesnothaveAssprivatekeyy
interceptsaamessage,h
isknownon
nlytoA.Even
nwhensome
ebody
,which
h
ussesthepubliickeytodeccrypt,itdoessnotwork.
Thesamep
processhappenswheneverabrowserrtriestosen
ndapassworrdorsecretiinformationtoawebsitee
usingasecu
ureconnection(seesection4.5onppage29):the
ewebsitetellsthebrowsseritspublickeyandthee
browseruseesittoencryyptinformationwhichcaanbereadon
nlybythearrivingwebsitte.
message 1
encrrypt
message 2
encrypt
message 3
encrypt
G
G#4hg!
decrypt
messaage 1
ff@d*s
decrypt
messaage 2
^(iw,
decrypt
messaage 3
message 1
encrrypt
message 2
encrypt
message 3
encrypt
G
G#4hg!
decrypt
Trb:-
ff@d*s
decrypt
Dr4^\|9
^(iw,
decrypt
%$&/L
Anotheranaalogoususaggeofencryptionistomaakestoreddaataunreadab
bleexceptbyytheowner.Inthiscasee
private and
d public keyys coincides and are keppt secret. The encryptio
on and decrryption proccess is donee
automatically by a proggram (PDF creation
c
proggrams or compression programs
p
cann do it, see page 11 forr
instructionsshowtodo it)orevenb
bytheoperaativesystem(iftheentirrediskisenccrypted),wh
hichasksthee
passwordto
otheuserevverytime.
secrett
data
enccrypt
D(
*+]dH
decrypt
seccret
daata
Edition8.0(05/08/2014
4)
Page21of32
2
Dr.PaoloCo
oletti
BasiccComputercoursebookk
secrett
data
enccrypt
D(
*+]dH
decrypt
%)((84
jhgdds?
4.1.1. Dig
gital signa
ature
Adigitalsiggnature,oreelectronicsiggnature,isannencryption
ntechniqueffordocumenntswhichgu
uarantees,att
the same tiime, the doccuments authors ident ity and that the docume
ents contennt has not been altered..
AccordingtoItalianlaw
w82/2005,digitalsignatuureisequivalenttohandw
writtensignaature.
ollowing scheemas illustra
ate instead the usage of
o encryptio
on for digita l signature. A wants to
o
The two fo
publishapubliclyavailaabledocume
entwithitsssignature.IttissufficienttforAtoenncryptitwith
hhisprivatee
d all the users can try to decrypt it with As public key
. If the result of decryption iss
key
and
somethingrreadable,it meansthattthedocume ntwasreallyyencryptedwithAsprivvatekeyandthuscomess
from A; on the other hand,
h
if the result is un readable, it means thatt encryption was not do
one with Ass
atureusedinncombinatio
onwithPEC canguaranteeealsosend
dersidentityy
privatekey..Inthisway,,digitalsigna
andemailscontent.
docum
ment
documentt
encrypt
G
G#4$h
&
&?2y
decrypt
docum
ment
docum
ment
2?=zx :-ki
false
documentt
encrypt
YY&:[
ffgj?^d
decrypt
2?=zx :-ki
2?=zxx:-ki
EEdition8.0(0
05/08/2014))
BasicComp
putercoursebook
Dr.P
PaoloColettii
4.1.2. Ke
eys expirattion
Themajord
drawbackoffencryption keysisthattifacomputeris putto
owork tryinggtoencrypttatextwith
h
insequence
many privatekeys
eandthen tto decryptittwiththe co
orrectpublicc key
,w
withinsomee
yearsitwillmanagetofindtherigh
htprivatekeyywhichlead
dstoacorrecctencryptionndecryption
n.Therefore,,
each couple of privateepublic keys has a tim
me limited duration,
d
usu
ually some yyears, after which it iss
ochangetheemandencryptagainallthepastdocuments.
necessaryto
Documents for which it is importtant to deteermine the exact date of the signaature have moreover a
a
marksignedd
directlybythecertificatioonauthority..
temporalm
Whocanveerify
Digitalsign
nature
Needskeysfromcertifficationauthority
andpropertools
Everybodyy(withpropeertools)
Verification
nreliability
Sureforso
omeyears
Temporalduration
Someyearrs(canberennewed)
Masssignattures
Someseco
ondsforalld ocuments(w
with
propertoo
ols)
Som
mesecondspperdocumen
nt
Datereliabiility
Objectiveiiftemporalm
mark
Base
edonotherssubjectiveellements
(pap
persandinkksage)
Whocansiggn
Handwrittensiggnature
Everrybodyinsta ntly
Handwritinganaalysts
Subjjectiveindu biouscases,notime
limitt
Untiilotherrelia blesignature
esare
available
4.2. Passswordss
OntheIntraanettheuseerisidentifie
edonlybyhi susername,,knowntoe
everybody,a ndhispassw
word,known
n
onlytohim.Thepasswordiswhatmakesanunnknownperssonanauthe
enticateduseer,withallh
hisprivilegess
onsibilities. If
I somebodyy else uses the
t right use
ers passworrd, for the Intranet
I
thiss
and his ideentitys respo
otherperso
onisexactly theuser.Law196/20033explicitlyfo
orbidsusersfromgiving theirpasswordtootherr
users, even
n when theyy are absent from work . These are some, often
n underestim
mated, maliggn actions a
a
passwordsthiefcando
o:
steaalpersonalin
nformation:thethiefcannreadtheussersemailsa
andpersonaalinformation;
Edition8.0(05/08/2014
4)
Page23of32
2
Dr.PaoloColetti
BasicComputercoursebook
steal privacy protected data: the thief can gain access to data about other people protected by
privacy,orreademailsreceivedfromotherpeople.Thelegalresponsibleofthisprivacyviolationis
thethiefaswellastheuserwhodidnotprotectotherpeoplesdata;
steal money: the thief can find the users bank account numbers and passwords, sometimes
directlyfromtheuserswebbrowsershistory;
deleteandmodifydata:thethiefcandeleteusersimportantdata,orevenworsehecanmodify
these data without the users knowledge (bank numbers, friends email addresses, degree thesis
content,addillegalpictures);
stealidentity:forthecomputerthethiefisnowtheuser,andthereforehecanacttotheoutside
world exactly as if it were the user, for example answering to emails, subscribing to websites,
withdrawingfromexams;
start illegal activities: anybody who wants to start an illegal Internet activity will obviously use
somebodyelseidentity,sohewillnotgetintotroubleswhentheactivityisdiscovered.
There exist automatic programs which are able to try 4 billion passwords each second, and they usually
starttryingcombinationsofwordsandnumbers(thecompletesetofallItalian,GermanandEnglishwords
canbetriedinlessthan1second).Checkonhttps://howsecureismypassword.nethowmuchtimedoesit
taketooneoftheseprogramstodiscoveryoureasypasswords.
Law196/2003explicitlyrequiresthatpassworddohavesomefeatures:
changethepasswordoften,atleasteverysixmonths(3ifsensitivedataarehandled);
avoidwordsrelatedtoyourself,suchasnames,birthdates,birthplacesandaddresses;
useminimum8characters.
Moreover,othergoodproceduresare:
useaspasswordagoodmixofnumbers,strangecharacters,smallcapsandcapitalletters,avoiding
anycommonword(otherpeoplesnamesorwordswhichcanbefoundinadictionary);
use different passwords for different purposes. Unfortunately every website asks the user to
registerwithapasswordanduserswhousealwaysthesamepasswordaregivingitawaytoevery
website they register, even untrustworthy ones. It is a good procedure to have at least three
passwords:oneforimportantuse(bankaccount),asecondoneforeverydayuseandalastonefor
unimportantuse(registeringtounknownwebsitesortoservicesthatwillnotbeusedanymore).
bewareofpasswordsstoredinprograms:mailreaders,InternetExplorerandmanyotherprograms
store your password masked with asterisks. They
seem to be unreadable, but computer experts can
reveal them instantly. Store passwords in programs
onlyifthatcomputerhasasingleuser(i.e.thehome
computerorthepersonallaptop)orifaccesstothatcomputerisonausernamebasis,butneverin
publicplacessuchasanInternetcaf.
Page24of32
Edition8.0(05/08/2014)
BasicComp
putercoursebook
Dr.P
PaoloColettii
4.2.1. Altternative p
password devices
Law 196/20003 gives th
he possibilityy to either rreplace the password authentificatiion with oth
her personall
devicesorw
withbiometrricidentificattionortosim
mplyaddthe
esetechnique
estoexistinggpasswords.
Usuallybiom
metricidenttificationiscconsideredtoo
be very seccure and th
hus it is use
ed to replac e
completely the passw
word system
m. It can b e
fingerprint recognition, handpalmbloodvessells
recognition, eyes rettina scannin
ng or voic e
identificatio
on.
For very im
mportant acctivities, succh as digitaal
signatureorbankoperaations,usuallyapersonaal
nstead addeed to the sttandard logi n
device is in
and passwo
ord system. The usual password iis
remembereed personally by the user and a
personaldeeviceprovideesthesecondpartofth e
password.TThisdeviceccanbeasmartcard,suc h
as the natiional health card, which is inserte d
into a card
d reader or a USB token and theey
provide to the program
m or web site the secon d
w
is store
ed inside th e
half of the password which
t
second part of th e
object. Alteernatively the
password is a OTP One Time
e Passwordd,
t
a te
elephone ca ll
generated eevery time through
to users m
mobile phonee or displaye
ed on a sma ll
token (whiich can be either inse
erted or noot
inserted in
n a USB plug) which is clearlly
synchronizeed with th
he website for whic h
password iss needed. Th
his big advantage of thiis
secondsysttemisthat, evenifboth
hpartsofth e
password are interceepted or guessed,
g
th e
secondparttcanbeuseedonlythat timeandwi ll
expireafterrafewsecon
nds.
4.3. Viruses
FromtheIn
nternetmanyyunauthorizedconnectioonattemptsarrive.Some
eofthesearremistakenlyyauthorized
d
and managge to reach the
t Intranett or at leastt to come in
n contact wiith programss which are behind thee
firewall.If ttheseconneectionscarry maligninteentions,usuaally theiraim
mis toexplooreanduse the Intranett
computers,todestroyIIntranetdata
aortostop someIntran
netservices(whichisad angerousattackifthesee
servicesareemanagingsstocktradesortelephonnecalls).Deffenseagainsstthesekinddsofattacks isinchargee
systemadm
ministrators.
Edition8.0(05/08/2014
4)
Page25of32
2
Dr.PaoloColetti
BasicComputercoursebook
While normal external attacks do not involve normal users, the virus is a special attack which arrives
directlyontheuserscomputerandmustbepreventedandstoppedbyhim.Thevirusisalittleprogram
whichhasthisnamebecauseitslifecycleisthesameofabiologicalorganism:surviveandduplicate.
1. Itarrivesonthecomputerthroughemailattachments,downloadedfiles,CDsandfloppydisksor
directlyfromtheIntranet.Itisoftenhiddeninsideothergoodfilesorprograms,whicharecalled
infected.
2. Assoonastheusermistakenlyrunsit(oftentryingtorunthegoodprogramortoopenthegood
file),thevirusordersthecomputertorunitselfeverytimethecomputeristurnedon,thusassuring
itssurvival.
3. Itstartsduplicatingitself,infectingotherfiles,CDsandfloppydisks,andtryingtosenditselfaround
byemailorontheIntranet.
4. Mostvirusesareprogrammedtododamagetothecomputerandtotheuser,alteringordeleting
files,sendingemailswithuserspersonaldata,preventingfirewallsandantivirusesfromrunning,or
turningthecomputeroff.Novirusesareknowntobeabletodamagehardware.
Manynamesareusedforvirusestypesaccordingtotheirdifferentbehaviors.
trojanhorseisaviruswhichlookslikeagoodprogramand,whendownloadedandrunbytheuser,
itperformstheuserswantedtaskbutatthesametimedoesotheractions;
keyloggerisaviruswhichrecordskeyboardsactivityandthensendsthekeystrokestoitscreator,
mostlytogetuserspasswords;
backdoorisaviruswhichopensaportonthecomputertoletexternalusersin;
adwareisaviruswhichdisplaysadvertisement;
spyware is a virus which spies users activity to get passwords or to target the user with specific
advertisement.
These types are not exclusive: for example a Trojan horse which is at the same time a spyware and an
adware.
Aninfectedcomputercanberecognizedbysomesymptoms.Thesearethemostfrequentones:
when the computer is turned on, unwanted programs start, advertisement appears, and the
desktoppresentssomenewbarsorfeatureswhichwerenotpresentnorinstalledbefore;
thecomputerstartsveryslowlyandunknownprogramsgivestrangeoperatingsystemerrors;
commercialorpornographicwebpagesappearonthewebbrowserwithouttheusersconsent;
theanalogicalmodemmakestypicalconnectionnoisesevenwhenthecomputerisnotconnected
or the operating system asks the user to stop the current connection and start a new one to a
strangetelephonenumber;
theTaskManagerwindow(seepage7)presentsunknownprograms.
Most of the time, a responsible users behavior it the best weapon against viruses: it protects him from
getting viruses, helps him removing them and prevents him from diffusing them. Responsible behavior
means:
neveropendownloadedfilesandemailattachments,especiallywhentheycomefromafriendwith
a text such as please open it, urgent!, since simulating to be a users friend is a typical virus
tactics.Toopenthesefiles,savethemonthedesktop,checkthemwithanantivirusandthenopen
them;
Page26of32
Edition8.0(05/08/2014)
BasicComputercoursebook
Dr.PaoloColetti
donotinsertinyourcomputerCDs,DVDsandUSBpendrivescomingfromotherpeopleorwhich
were inserted in other computers, unless you have an antivirus running or unless you scan them
immediatelywithanantivirus;
avoid visiting strange websites, especially pornographic or hackers website, or websites which
openalotofpopupwindows;
have an antivirus always running or at least run an updated antivirus on your whole hard disks
everyweek(whileItalianlawcurrentlyprescribesminimumevery6months);keepyourantivirus
alwaysuptodate:morethan50newvirusesappeareveryweek;
keep communication programs and Microsoft products up to date. Microsoft and most software
companiesofferfreeupdatesandautomaticupdatingtools.
To check the computer for viruses and to try to remove viruses from the computer, the user can run a
specialprogramcalledantivirus.Theantivirusbasicallyhasthreepossibledifferentactions:
itcanscanallthestoragedevices(harddisks,thefloppydiskinsidethecomputer,theCDorDVD
insidethereader)forviruses.Ifavirusisfound,ittriestoremoveitandtorepairdamagedfiles.
Somefilescanbeunrecoverable.Completedevicesscanningtakesusuallysomehours;
itcanscanasinglefileoranentiredirectoryforviruses.Ifthereisaninfectedfile,ittriestodelete
thevirusandrepairit.Somefilescanbeunrecoverable.Singlefilescanningtakessomeseconds;
it can be always running. In this case, whenever a virus or a suspect file is run, the antivirus
preventsitfromrunningandwarnstheuser.
A lot of antivirus programs, free and commercial, exist. Their most important feature is obviously the
possibilitytobeconstantlyupdatedthroughtheInternet.
4.4. Emails
4.4.1. Attachments
Forviruses,emailattachmentsareafirstclasswayoftraveling,sincetheyareveryoftenopenedbyusers
withoutanyprecaution.Sometimesviruseshideinsidefileswhichwerereallysentbythesender,unaware
of having an infected computer. Other times a virus takes control of the mail reader program and sends
itselftothewholeaddressbook,counterfeitingthesenderaddress(oftenusinganaddresstakenfromthe
addressbook)inordertoavoidthattherealinfectedcomputerbeidentifiedandtogainthethrustofthe
receiver,andwritingintheemailtextsmartsentencespretendingtobearegularfriendofthereceiver.The
arrivalofthiskindofemailusuallycreateshavoc,sincethereceiverissurethatthefakesenderhasavirus,
whiletheoriginalinfectedcomputerisanotherone.
Thebasicruleisneveropenanyattachmentfromthemailreaderprogram.Savetheattachedfilesonthe
desktop and run an antivirus program to check these files before opening them. Even when the email
comesfromafriend:hecannotknowthattohavegotavirus,orhecannotbetherealsender.
4.4.2. Spam
Spammessagesareunsolicitedunwantedbulkemails.Theyareunsolicited,meaningthattheuserdidnot
asktoreceivethem,theyareunwanted,meaningthattheuserdidnotwanttoreceivethem,andtheyare
bulk,meaningthattheyaresenttomillionsofaddresses.Theyareusedmainlyforfourdifferentpurposes:
Edition8.0(05/08/2014)
Page27of32
Dr.PaoloCo
oletti
BasiccComputercoursebookk
Thebestbeehaviortoad
doptagainstspammessaagesistoign
norethem.C
Complaining isworthlesss,sincetheirr
senderaddressisalwayysfalse;clickkingontheir links,especiallyiftheyssuggesttocl icktheretoberemoved
d
Page28of332
EEdition8.0(0
05/08/2014))
BasicComp
putercoursebook
Dr.P
PaoloColettii
s
know that thee users addrress is reallyy
from their lists, usuallyy has the only effect of letting the spammer
meone.
readbysom
The best w
ways to deffend from spammers
s
a re to avoid
d using the users mainn email add
dress duringg
registration
ninforums,n
newsgroupsandunnece ssarywebsittes,andtoavoidpublish ingitonthe
epersonalorr
thecompan
nyswebsite.Thesearettheplacesw
wherespamm
mersgettheirmillionsoffaddresses.Ifitisreallyy
necessary,aagoodstrateegyistohaveanalternattiveemailad
ddressforregistrations,w
whichwillre
eceiveallthee
spam.
ograms,whicchputthesuupposedspammessagessinaseparattejunkemailfolder,butt
Thereareantispampro
theyareno
otcompletelyyreliableandsometimeestheytrash evengoodmessages.TTheseprogramsrelieson
n
analysis of the emailss content and on blackklists, which
h contains the Internet mailserverss which aree
mers send th
heir emails; it may happ
pen that a good
g
mailserrver ends up
p into thosee
supposed to let spamm
blacklistsan
ndthatemailssendfrom
mcustomerssoremploye
eesofthatInternetsite aremarkedasspambyy
othersites.
4.5. Nav
vigation
n
Navigation isthesecondmostdanggerousInternnetactivity. Ithasmoreorlessthessamedangersasemails::
edfiles,and
d
theusersccomputercangetvirusesifhedoes notrunan antivirusbeforeopeninggdownloade
theusercanbeluredin
ntophishinggwebsitesif hedoesnotttypeperso
onallythebaanksaddresssintheweb
b
browser.M
Moreover,theecomputerccangetvirussesevenwhensimplyvisitingsome websites,an
ndthereforee
twogoodsuggestionsaaretoavoid visitingstraange(pornoggraphicwebsites,websitteswithalo
otofpopup
p
nd illegal websites)
w
or untrustwortthy websitess and to keep Internet Explorer an
nd Windowss
windows an
operatingsyystemalwayysuptodate.
Theothersecurityprob
blemwhilenavigatingisddatainterception.When
nconnecting
gtoawebsite,theuserss
data travelss long distances, passin
ng through aa large number of comp
puters (to coonnect from
m unibz.it to
o
www.athesia.itthedataagotoPadu
ua,MilananndBolognap
passingthrou
ughatleast 13compute
ers).Dataon
n
hout any pro
otection, anyy computer administrator can read them. Therefore, when
n
the Interneet travel with
sendingpassswordsandotherprivatedatatoa website,the
eusershouldtakespeciialcarethat theaddresss
intheaddreessbarstarttswithhttpss://(instead ofhttp://)aandonsome
ebrowsera lockiconap
ppearsinthee
lower rightt part of thee windows, while on oothers the address bar becomes grreen with a lock: thesee
indicationsmeanthatth
heconnectio
onissecure((SSL)sincedataaretrave
elingencryptted.BewarethattheSSLL
d
are nott intercepted
d and that the
t user is connected to
t the samee
connection guarantees only that data
whileitdoessnotguaranteedthisweebsiteistherrightone.
websitefromwhichhestartedthecconnection,w
Edition8.0(05/08/2014
4)
Page29of32
2
Dr.PaoloColetti
BasicComputercoursebook
The most famous attack from outside, and the one from which it is very difficult to have an appropriate
defense, is the DoS Denial of Service attack. It is an attack which does not strike private users, but
companiesofferingservicesovertheInternet.Itconsistsinsendingmillionsofincomingconnectionswhich
pretendtousetheservicebutstaysimplyconnected,insuchawaytoovercrowdtheserveranddrainall
its resources (bandwidth, speed, memory) until the server crashes. The attacker clearly does not use his
own computer to carry on a DoS
attack, otherwise his computer
would probably crash before the
server, but uses computer of
unaware users around the world,
called zombies, which have been
hackedinthepastdays.Inthisway
the attacker has the power of
severaldozencomputersconnected
from many different parts of the
world and at the same time it is
difficult to trace the responsibility
uptohim.
4.6.1. Firewall
Often programs security breaches
oncediscoveredneedsomedaysto
be fixed and somebody can take
benefit of them in this short time,
before the security update is
installed on the users computer.
Therefore on every LAN, usually in
the point where the LAN connects to the Internet, or more often on every computer a special program
calledfirewallisrunning. Thefirewall examinesall the incomingandoutgoingtraffic,usingthefollowing
analysistechniques:
whichinternalprogramisoriginating/receivingthetraffic,
from/towhichexternaladdressisthetrafficoriginated/directed,
whatamountoftrafficispassingfrom/tothesameprogramto/fromthesameexternaladdress,
whichkindofdataarepassing.
Making an analysis of these data clearly slows down the connection but lets the firewall stop potential
unauthorizedconnection,puttingtheminawaitstateuntiltheusersgiveshisapprovalordenial.
WindowsSevenoperatingsystemcomeswithafirewallpreinstalled,whichletstheusercustomizewhich
kind of programs are allowed to make or receive connections and determine rules to approve or deny
automaticallyconnections.
4.7. Backup
Backup is the process of copying important data to another location to prevent their loss. Sometimes
programsandevenentireoperatingsystemsarecopied,tobeabletoimmediatelycontinueworkingeven
whenacomputerbreaks.Therearethreeverygoodreasonstodoregularbackups:
Page30of32
Edition8.0(05/08/2014)
BasicComp
putercoursebook
Dr.P
PaoloColettii
agaainsttheuseer,whocana
accidentally deletesome
efilesorwh
hocanmodiffyfilesandtthenchangee
hismind.Havingarecentba
ackuphandyycanoftensavehoursoffwork;
agaainst the systtem, which can suddenlly break due
e to hardwarre or softwaareproblemss. Even hard
d
diskkstendtobeeunreliableaftersomeyyearsofcontinuousactivvity.Arecenntbackupsavestheuserr
from
mredoingalltheworkofthepreviouusmonths;
agaainstviruses andotherusers,which candeleteaandalterfile
es:abackup cansavea usercomingg
bacckfromvacattions.
Usuallytheoperatingsyystemsandtheprogram
msbackuparredonebysystemadminnistrators:la
aw196/2003
3
explicitlyreequiresaninsstantaneoussbackupfor allsensitive dataandtha
atdataarerrestoredwith
hin7daysin
n
caseofloss.However,ttherearesom
mefileswhicchshouldbetakenincha
argebytheuuserhimself:
Theplacew
wherethefillesarecopie
eddetermin esthereliab
bilityofthe backup.Itsshouldbea large,cheap
p
andfaststo
oragedevice..Itshouldalsobehandyy,sincethetyypicalproble
emwithbackkupisthatth
heuserdoess
nottakestimetodoit regularlyand
d,whenthe backupisto
ooold,itisw
worthless.Foorhomeorssimpleofficee
users,theFFridaymornin
ngbackupisagoodtiminngsolution.Goodstorag
gedevicesto
obeusedare
e:
aseecondhardd
disk,usedon
nlyforbackuup,whichis veryfastandverylargeandalways readytobee
useed;
onliinebackupssystems,whe
ereusersdaataareuploaadedandare
ereadyfrom
manywhereintheworld
d
(givven a broadb
band connecction), with Dropbox, Google
G
Drive,, Box and A
Amazon Clou
ud being thee
mostfamousan
ndofferingsomeGBofs paceforfree
e;
USB
Bpendrive,ttobeusedo
onlyinemerggencywhennootherapp
propriatestooragedeviceisavailable;
bigcompaniesu
usuallyhavespecialtapeedevicesforbackups.
4.7.1. RA
AID
Averypopu
ularbackupssolutionisRAID(RedunddantArrayofIndependentDisks)tecchnology,wh
hichconsistss
of several iidentical hard disks. There are diffeerent types of RAID implementatioons, which vary
v
a lot in
n
functionalittiesandsecu
urity.
JBOD (Just a Bunch Off Disks) is a primitive foorm of RAID in
which all th
he disks aree seen by th
he user simpply as disks on
which theyy can write as usual. The
T advantagge is that the
t
available sp
pace is the sum of the space of all the disks,
howeverth
hereisnoforrmofdatap
protection:iffadiskbreaks,
anythingon
nthatdiskislost.
disk 1
file
userddecides
disk 2
Edition8.0(05/08/2014
4)
Page31of32
2
Dr.PaoloCo
oletti
RAID0usestwoidenticaaldiskswhichareseenbbytheuserasa
singledisk. Everytimeh
hewritesaffile,thefirst partoftheffile
on the first disk while the
t second oon the seco
ond
is written o
this. This sttrategy has the big advantage that writing spe
eed
doubles,wiithatotalavvailablespaccewhichistthesumoftthe
size of the two disks. But
B if a disk breaks, all tthe content of
bothdisksisslost,sincettheuserwilllosehalfof allthefiles.
BasiccComputercoursebookk
fille
parrt1
file
f
pa
art2
disk 1
disk 2
disk 1
file
e
disk 2
file
f
pa
art1
disk 1
disk 3
file
pa
art2
disk 2
disk 4
Page32of332
EEdition8.0(0
05/08/2014))