Basic

Computer course book

Free University of Bolzano Bozen Dr. Paolo Coletti Edition 8.0 (5 August 2014)

Introduction
ThisbookcontainscourseslessonsheldattheFreeUniversityofBolzanoBozen.Itcontainsonlythefirst
partofthecourses,namelythelessonson:

computerintroduction,
MicrosoftWindows,
computernetworks,
computerdangersandsecurity.

It does not contain the parts on Microsoft Word, Microsoft Excel, financial functions, Microsoft Access,
computer algorithms, SPSS, Visual Basic for Applications, which are very well covered by the respective
coursessuggestedbooks.
Thisbookisusuallyupdatedeveryyear,pleasetakealookattheeditiondate.

Disclaimers
This book is designed for very novice computer users. It often contains oversimplifications of reality and
everytechnicaldetailispurposelyomitted.Expertuserswillfindthisbookuselessand,forcertainaspects,
partiallywrong.
This book supposes that the user is using Microsoft Windows 7 operating system in English language.
However, most of the book is perfectly readable with other Windows versions, while some menus and
instructionscanberatherdifferentifthelanguageisnotEnglish(Windowslanguagemaybechangedon
multilanguageinstallations:seepage7forfurtherinformation).
The novice user in this book is, for simplicity, always considered male. This is not meant to be gender
discrimination.

Table of Contents
Introduction..........................................................1
1. Computers....................................................2
1.1. Storage.........................................................2
1.2. Software.......................................................3
2. MicrosoftWindows......................................6
2.1. Versionsandeditions...................................6
2.2. Regionalandlanguagesettings....................7
2.3. Filesystem....................................................8
3. Computernetworks...................................14
3.1. Technicalaspects........................................14

3.2.
3.3.
4.
4.1.
4.2.
4.3.
4.4.
4.5.
4.6.
4.7.

Communication.........................................15
Internetconnections.................................18
Computersecurity.....................................20
Encryption..................................................20
Passwords..................................................23
Viruses.......................................................25
Emails.........................................................27
Navigation..................................................29
Attacksfromoutside.................................29
Backup.......................................................30

Dr.PaoloCo
oletti

BasiccComputercoursebookk

1. Com
mputerrs
Thischapteerpresentsw
withabriefd
descriptiono fcomputermaincompo
onents,oftheemostcomm
mondevicess
andofthettypicalsoftw
warecomponentsfornovviceuser.

1.1. Sto
orage
1.1.1. Me
easures
Before starrting with the compute
er descriptioon, it is use
eful to beco
ome proficieent with th
he data sizee
terminologyy,whichwilloftenbeuse
edinthisbo ok.
Computers haveaveryelementaryywaytostorredata:theyycanremem
mberonly0oor1.Avalue
eof0or1iss
calledbitan
ndallcompu
uterdataare
estoredasseequencesofbits.Asequenceof8bittsiscalledabyte,which
h
isaquantityylargeenoughtostoreu
usuallyalettteroradigit(eventhoughsometimess2bytesare
enecessary)..
Modern co
omputers aree able to deal with ennormous quaantity of byytes, forcing
g us to intro
oduce otherr
quantities:

Kilo
obyte(KB),approximatelyy1,000bytees,
Boronemillionbytes,
Megabyte(MB)),approximately1,000KB
Gigabyte(GB),aapproximate
ely1,000MB
Boronebillio
onbytes,
Terabyte(TB),aapproximately1,000GBooronetrillio
onbytes.

Usuallythe unformatteedtextofaw
wholebook canfitinso
omeKB,whileforanimaageinagoodresolution
n
MBarerequuired,whilea
afilminhigh
h
(letssayreadytobeprrintedonA4paper)orfooramodernsongsomeM
dssomeGB.
qualityneed

1.1.2. Mo
oores law
Over the laast 40 years, computer hardware hhas been con
ntinuously im
mproving itss performan
nces with an
n
exponentialgrowth.ThisgrowthissummarizeddbythefamousMooresslawwhich saysthatthe
enumberoff
transistors in a processsor doubles every 18 moonths. This law
l
can be extended
e
to
o almost every aspect off
hardware aand we may say that the
e performannce (be it speed or capacity) of harddware doubles every 18
8
months, thus leading to
t a general exponentiaal growth. Unfortunately
U
y softwaress performance does nott
increasewitththesamerate.

1.1.3. De
evices
The compu
uter uses sevveral devices to permannently store
e and move data, whichh vary a lot in terms off
capability,ccost,speedaandportability.
Themostusedisstheinternaalharddisk,w
whichusuallyisinsidethhecomputerrboxand
cannotbemove
ed.Itssizecuurrentlyranggesfrom500
0GBto2TB.Ontheothe
erhand,an
exteernalharddiskisoutsideethecomputter,hasthessamesizeanddobviouslycanbe
movved.Itsonlydisadvantag eisbeingslightlyslowerr.
SSDSolidStateD
Drivesaresttartingtoslo
owlyinvadetthemarket.TTheyarenottdisksatall,,
but very larrge memoryy cards shape
ed like an h ard disks wh
hich can enttirely replacee the interna
al hard disk..
Theirmain advantages arethatnotthavingmovvingparts(theydonotrrotateathigghspeedlike
eharddisks))
obustandth
hatinmost situationsthheyarefaste
erthanharddisks(uptoo10timesfaster).Theirr
aremorero
disadvantaggeisthelimitedsizewhicchcurrently is500GBan
ndtheirhigh price.
Page2of322

EEdition8.0(0
05/08/2014))

BasicComp
putercoursebook

Dr.P
PaoloColettii

CD and
d DVD in an alternative way to storre data. Theyy contain abbout 700 MB and 4 GB,,
respecttively.Theya
aredividedinntoRwhichmayonlybewrittenoncceandRWw
whichmaybee
writtenarerewritttenseveralttimes.TheyrrequireaCDreaderoraDVDreaderrtoberead,,
whichaareavailableonmostcom
mputers,and
daCDwriterorDVDwrritertobewrritten,which
h
are avaailable only on some ccomputers. A new generation of hhigh capacitty discs hass
appeared
donthemarket,theBlu raywith25GBsize.
MemoryystickorUSB
Bpendriveissthemostusedwaytotemporarysttoreandmovvedata.Its
sizeisno
owupto64G
GB,howeverritsreliabilittyisnotperfect,thereforreit
isusedm
mostlytomo
ovedata.
monwaystostoreandm
movedataareethroughamemorycard,usedby
Othercomm
externaldevvicessuchassphotocameras,mobileephonesorm
musicplayers.

1.2. Sofftware
Softwarecaanbedivided
dintothreeb
bigcategoriees:operatinggsystems,prrogramsanddata.
Theoperatingsystemtaakescareofcontrollingccomputerhaardwareand humancom
mputerintera
action.Theree
arecurrentllythreewideelyusedope
eratingsystem
ms:

dows,whichisthemarkeetleader,
MicrosoftWind
Maacintoshcom
mputershave
etheirownooperatingsysstemMacOS
SX,

Linux(itisafam
milyofveryssimilaroperaatingsystems),whichisa
acostlessopperatingsyste
em,
Android,afamilyofverysimilarLinuxbbasedoperattingsystemssformobileddevices,

mobiledevicces,
iOSS,forApplem

WindowsPhon
ne,Microsofttsoperatinggsystemform
mobiledevicces.

Programsaresoftware whichisusedtodopa rticulartasks,e.g.Word

dfordocumeentwriting, Explorerforr
Internetnavvigation,theeCalculatorfformathemaaticaloperations.
Dataiseverrythingwhicchisproduce
edeitherby theuseror byprogramss(sometimeesevenbyth
heoperatingg
system) to storeinform
mation,e.g.a
adocument fileproduce
ed by Word isdata,ad ownloaded web pageiss
data.

1.2.1. Sofftware lice

enses
Softwarecaanbedivided
d,fromacom
mmercialpoointofview,usingtwofe
eatures:the costandthe
epermission
n
tobemodiffied.
Subdivisionbycostis:

freeeware, softw
ware which is completelyy costless. The
T producers of this sofftware are either
e
publicc
insttitutionssuchasuniversities,ordev eloperswho
odoitforpe
ersonalinterrestoradverrtisementorr
privvate compan
ny who do it for dum
mping reason
ns. Some exxamples aree Skype com
mmunication
n
pro
ogramorLinu
uxoperating system;

Edition8.0(05/08/2014
4)

Page3of32
2

Dr.PaoloColetti

BasicComputercoursebook

shareware,softwarewhichisinitiallycostlessbutafteracertainperiodtheuserisaskedtopaya
fee or delete it; or software which has two versions: a free one, but incomplete or with
advertisementbanners,andacompleteadvertisementfreeone,forwhichtheusermustpay.The
mostpopularexamplesaremobilephonesapps;
commercial, software for which the user has to pay a license to use it. Common examples are
MicrosoftWindowsoperatingsystemorPhotoshopimageeditingprogram;
subscriptionbased,softwareforwhichtheuserpaysaperiodicfeetouseit.Thissoftwaretypically
is also offered on the web and in this case the user does not have to care about installation nor
updates.AnexampleisMicrosoftOffice365;
private,softwareuniquelybuilt,underpayment,foraspecificcustomertofithisneeds.Onlythe
costumer may use it. A typical example is the universitys studentscoursesexamsprofessors
databasesystem.

The permission to be modified can seem a trivial question for the novice user, however for program
developersandcomputerexpertsbeingauthorizedtomodifyasoftwareisagreatadvantagesinceitcan
be improved, checked for errors and tailored to specific needs. The open source versus proprietary
softwareisastrongethicalandeconomicaldebateinthecomputerscientistscommunity.Subdivisionby
permissiontomodifyis:

open source software may be studied, used and especially modified by anyone. The software
developers at the same time legally authorize any modification and they distribute the source of
thesoftwaretoputotherdevelopersinaconditiontoeasilymodifyit.Opensourcesoftwareisalso
automaticallyfreeware.ThemosttypicalexampleisLinuxoperatingsystem.
copyleft software is open source but carries the restriction that any modification must be
distributed as open source and copyleft, thus impeding that software becomes, after a
modification,proprietary.ThemostfamouscopyleftcontractlicenseistheGNUPublicLicense(see
http://www.gnu.org/licenses/gpl.html).
proprietarysoftwareisdistributed(costlessasAdobeAcrobatReader,orasasharewareasWinZip,
ormostoftensoldascommercialsoftwareasMicrosoftOffice)withtheexplicitlegalwarningnot
tomodifyitandtechnicallylockedtopreventotherdeveloperstoseeormodifyitssource.

1.2.2. Software naming

Software is usually identified by a name, for example Linux or Microsoft Office, sometimes by a
distribution/edition name Linux Ubuntu, Microsoft Office Professional and very often by a version
number,asequenceofnumbers,pointsandletters(sometimes,asforWindows,commercialnames)which
distinguishesthechangesmadebydeveloperswithtime,suchasLinuxUbuntu13.10orMicrosoftOffice
Professional 2013. Obviously the version numbers of open source software changes rapidly, due to the
manydevelopersworkingonthem.

1.2.3. Data format licenses

Dataneedtobesavedwithacertainstructure,calledformats.Forexample,aplaintextfilemaybesimply
saved as a sequence of letters and symbols, which corresponds to the TXT format. More complex
structures,suchasimages,videos,butalsoformattedtexts,needmoreelaboratedformatstobestored.
Theseformatsmaybe:

closedproprietary,aformatownedbyasoftwarecompanyandkeptasatradesecret.Inthisway
only programs build by that company can use those data files and no other company is able to

Page4of32

Edition8.0(05/08/2014)

BasicComputercoursebook

Dr.PaoloColetti

endanger its monopoly. A famous example is DOC format which, until 2007, was kept secret by
Microsoft,thuspreventingcompetitorsfrombuildingalternativestoMicrosoftWordprogram.
openproprietary,aformatpubliclyavailablebutwhoseimprovementsandcontrolareunderthe
ownershipofasoftwarecompany.AtypicalexampleisthenewWordformatDOCX.
open,apubliclyavailableformatwhichfollowsofficialstandardswhosecontrolisunderownership
of public organizations, such as American ANSI, German DIN or Italian UNI. Typical examples are
imagesformatGIForformattedtextsformatPDForwebpagesformatHTML.

Edition8.0(05/08/2014)

Page5of32

Dr.PaoloColetti

BasicComputercoursebook

2. Microsoft Windows
MicrosoftWindowsiscurrentlythemarketleaderoperatingsystem,itistheusualinterfacewhichappears
whentheuserturnsonapersonalcomputerwithWindowsoperatingsystem.

2.1. Versions and editions

Microsoft released Windows XP in 2001 and for many years it has been the main Microsoft operative
system.InJune2014itisstillinstalledonapproximately7%ofcomputers(sourcewww.w3schools.com).
WindowsVistawasreleasedin2007anditwasnotamarketsuccess.Currently
itisinstalledonlessthan2%ofcomputers.
MicrosoftreleasedWindows7in2009,whichisthecurrentlymorewidespread
Microsoftoperativesystem.Itisinstalledonapproximately55%ofcomputers.
Itseditionsare:

Starter and Home Basic, cheap versions with severe limitations, used
mostlyonsmallnotebooks;
HomePremium,homeusersedition;
Professional, personal business edition which includes more network
programs;
Enterprise/Ultimate, Professional edition with more network utilities
availabletocompanies/individualusers.Enterpriseeditioniscurrently
(August2014)installedatUNIBZ

MicrosoftreleasedWindows8in2013withanewuserinterfacecalledand
designedfortabletswithtouchscreen,whichwasnotwelcomedbymany
professionalusers,inordertoincreasecompatibilitywithitsmobiledevices
operatingsystemWindowsPhone8.WithitsfirstupdateMicrosoftdecided
to change name to Windows 8.1. It is installed on approximately 17% of
computers.Itisavailableinonlythreeeditions.

Starter
HomeBasic
HomePremium
Professional
Enterprise/Ultimate

Windows8
Windows8Pro Basic
Windows8Enterprise

2.1.1. Computer locking problem

MicrosoftWindowssometimesbecomesunstable:itcanunpredictably,withoutanywarningandwhenthe
user does not expect it and typically when he is doing something very important and urgent, lock and
refusetorespondtousersactions.Whenthishappens,itisusuallycausedbytheprogramthatisusedand
thereforethefirstthingtodoistotrytoclosethecurrentprogram.Ifthisdoesnotimprovethesituation,
the only other solution left is to turn off the computer. The list of operations to try until the computer
answerstouserscommandsis:

Page6of32

Edition8.0(05/08/2014)

BasicComputercoursebook

Dr.PaoloColetti

1. if the mouse works, click the X button on the

programwindoworotherwisepressALT+F4;
2. press CTRL+SHIFT+ESC; select the program from the
listandpressEndProgram;
3. pressCTRL+ALT+DELand,fromthebottomrighticon,
chooseShutDown;
4. pressthecomputeron/offbutton;
5. unplugtheelectricpower.
Inanycaseallthecurrentunsavedworkwillbelost;inthe
last two cases the operating system can sometimes be
damagedbutveryoftenitwillrepairbyitselfthenexttime
the computer is turned on. Therefore it is always a very
good idea to save very often the current work, especially
whenitisimportant,urgent,ordifficulttoredo.

2.2. Regional and language settings

With a multilanguage Windows installation, keyboard settings or menus languages may be changed
clicking on the Start icon, choosing Control panel, then Clock, Language and Region, then Change
DisplayLanguage,andmodifyingtheappropriatesetting.
Another interesting
option, available on
every
Windows
installation, is the
numbers and dates
formats. When in
Clock,Languageand
Region, choosing
Region
and
Language
and
clickingonFormats
then on Additional
Settings the user is
able to change the
format of numbers,
especially
the
decimal separator,
thecurrencyandthe
date
format,
especiallytheEnglish
(monthday)
and
European
(day
month)
formats.
Moreover,itisalwaysagoodideatocheckthatthelistseparatorbesetalwaystosemicolon,otherwise
Excelsfunctionswillnotworkproperly.
Edition8.0(05/08/2014)

Page7of32

Dr.PaoloCo
oletti

BasiccComputercoursebookk

Whilethekkeyboardsetttingscanbe
eadjustedfr omthismen
nu,itiseasie
ertoadjustiitdirectlyfro
omtherightt
sideoftheaapplicationb
bar,simplyclickingonkeeyboardicon andselectin
ngtheappro priateone.

2.2.1. Ke
eyboards a
and langua
ages
Before startting this secction it is necessary to t ake a close look at yourr keyboard. Locate these keys sincee
theywillbeeusedintherestofthism
manualandaareveryusefulinmanyp
programs:
Englishkeyboard Germankeyyboard Ita lianKeyboarrd
C
CTRL
A
ALT
ALLTGR
F1ttoF12
D
DEL
INS
HOM
MEor
EEND
PGaandPG
BACKSP
PACEor

STRG
ALT
ALTGR
R
F1toF1
12
ENTF
EINFG
G
POS1
1
ENDE
E
BILDandBILD

ENTEERor
TAB
Bor
SHIFFTor
CAPSLO
OCKor
ARROW
WS

Mainfuunction

CTRL

ALT

ALTGR
Produce
echaracteroonthekeysrightleft
F1toF12

CANC
Deletenexxtcharacter
INS
Toggleinsert/ooverwritemo
ode

Gotobeeginning
FINE
Gotooend
PA
AGandPAG
G
Goonepageeupordown
n

Deletelasttcharacter
Enterrdata
INVIOor
TABor

Movethroug
M
ghthewindow
Capitalizzeletters
KeepSHIFFTpressed
Movethhecursor

InthisbookktheEnglishnameforke
eyswillbeinndicated.Wh
henA+Bisindicated,itm
meansthatth
heusermustt
presskeyA,,thenpresskeyB,andth
henrelease bothkeys.

2.3. File
e system
m
Beforestarttingthissecttionitisnece
essarytodo thefollowin
ngoperationss:
1.
2.
3.
4.
5.
6.

clickontheStarrtmenuicon
n,onthelow
werleftcorne
erofthescre
een
olPanel
opeentheContro
cho
ooseAppearranceandPe
ersonalizatioon
cho
ooseFolderOptions
cho
ooseView
desselectHideeextensionsfo
orknownfileetypes.

Inthiswayeextensions(sseesection2
2.3.3)areshoownandfile
etypesarebe
etterrecognnized.

2.3.1. Files and dirrectories

Softwareis storedonsttoragedeviccesinaspeciialcontainerrcalledfile.T
Theoperatinngsystemusses
ndforitsdatta,aprogram
musuallyussesonefilefforitselfanddotherfilesffor
alotoffilessforitselfan
itsdata,andtheuseru
usessomefilesforhisd ata.Afileissrepresentedbyasmalllpicturecallled
icon.
Anotherspeecialobject isthedirectoryorfolde r,whichisb
basicallyaco
ontainerforffilesandoth
her
directories and is represented witth an icon ddepicting a yellow
y
close
ed or open ffolder. Doub
ble
clickingonaadirectoryo
opensanewwindowwhiichpresentsthedirectorrycontent.
Page8of322

EEdition8.0(0
05/08/2014))

BasicComp
putercoursebook

Dr.P
PaoloColettii

ory,accessibblefromMy Computer
Eachstoraggedeviceisaabigdirecto
window, w
which contaains directo
ories and ffiles. Each of these
subdirectorries may con
ntain other files
f
and othher subsubd
directories,
andsooninahierarchicalway,forrmingatree withtheharddisk(or
oragedevice)astheroott,directoriessasbranche
esandfiles
anothersto
as leaves. O
On UNIBZ co
omputers, th
he usual harrd disk are C:

which
containsprograms,E:whichconttainscoursessinformatio
onandF:
whichcontaainsusersrreservedspace.DisksdirrectoriesA:andB:
areusuallyreservedforrfloppydiskss,andD:o rZ:forCD
Dreader.

he Change your view menu of a ddirectory windows will provide

p
the user with fiive differentt
Choosing th
waystoloo
okatfilesanddirectoriess,themostiimportantw
waybeingthe
eDetailswhiichcanshow
winterestingg

information
nonfilesand
ddirectoriessuchasthei rsizeanddaateoflastmo
odification.
Eachfilean
nddirectory canbeunivo
ocallyidentiffiedbyitsabsolutepath
horaddress..Fordirecto
oriesitisthee
path which appears on
n the address bar of thhe directory window, while for filess it is the path
p
of theirr
containing directory fo
ollowed by \ and thee file name. For examp
ple, the absoolute path of directoryy
Common in HP directory in
n Program Files dire
ectory in the
t
C: hardd disk is C:\Program

m
ommonasccanbeseen fromtheadddressbar.W
While,theHP
PeDiag.dllfillehastheab
bsolutepath
h
Files\HP\Co
C:\Program
mFiles\HP\C
Common\HP
PeDiag.dll.
Notethat,fforWindowssoperatingsyystem,capittalorsmallcapslettersin
npathsarepperfectlyequ
ual.
Aspecialan
ndtrickyobjeectisthelinkorshortcutt.Althoughiitsiconlooksslikeafileiccon,
thesmallcu
urvedarrow
wontheleft cornerclearrlyindicatesthatthisob
bjectisalinkk.A
linkissimpllyanaddressstoafileordirectory,itisnotareallfileordirecctory.When the
user clicks o
on the link, the computter behaves exactly as iff the user is clicking on the
realfileor directory(if Windowsca
anfindtherrealone,wh
hichisnotth
hecaseifin the
d
or moved
m
it). H
However, anyy copy/move operation on the linkk will simplyy
meantime ssomebody deleted
copy/movethelinkand
dnottherealfileordirecctory;especiiallycopying/movingtheelinktoanottherdiskwilll
hereforeitissagoodideaafornoviceu
userstoavoiddusinglinkssatall.
probablycaauseittomalfunction.Th

Edition8.0(05/08/2014
4)

Page9of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

2.3.2. Files operattions

When doub
ble clicking on a file, Windows
W
us ually starts a program. The user i s often una
aware of an
n
importantd
difference:
doubleclickingonaaprogramrunstheprogrramwhichw
wasdoubleclicked
withthatfileandrunsit, atthesame
etimetellingg
double clickingonaafilecallstheprogramaassociatedw
the pro
ogram to opeen the file. If no progra m is associaated with that file type, Windows asks the userr
whichp
programshouldopenthe
efile.
Copying a ffile means reproducing it to anotheer location or
o to the same location with a diffe
erent name..
Copying a d
directory meeans reproducing it to aanother locaation, or to the same loocation with
h a differentt
name, togeether with itts entire tree
e of subdireectories and files. To
copyafileo
ordirectory,,Windowso
offersseveraalmethods,tthemost
usedbeing:

dragtheobjecttothedestination.Ifapplussymboldoesnot
app
pear, press CTRL
C
key to have it apppear while dragging.
d
Releeasetheobjectinthede
estination;
seleect the object and click the right m
mouse button. Select
copy. Point the
t mouse to
t the destinnation and click the
righ
htmousebutton.Select paste.Ift hedestinationisthe
origginallocation
n,thefilenamechanges tocopyof;
seleect the object and presss CTRL+C. Pooint the mou
use to the destination aand press CT
TRL+V. If thee
desstinationisth
heoriginallo
ocation,theffilenamechaangestoco
opyof.

Movingafiilemeansmovingittoa
anotherloca tionlosingtthefileintheoriginalpllace.Movinggadirectoryy
meansmovvingittoano
otherlocationtogetherw
withitsentirretreeofsub
bdirectories andfiles.To
omoveafilee
ordirectoryywindowsofffersseveralmethods,thhemostused
dbeing:

dragtheobjecttothedestination.Ifapplusoralinksymboldoesappear,prressCTRLorSHIFTkeyto
o
moveit.Releaasetheobjectinthedesstination;
rem

seleect the objeect and clickk the right mouse button. Select cut

and thhe icon

beccomes lighteer. Point the
e mouse to tthe destinattion and clicck the right mouse
buttton.Selectpaste;

seleect the objeect and pre

ess CTRL+X and the ico
on becomess lighter. Pooint the mo
ouse to thee
desstinationand
dpressCTRL+
+V.

Tocreatealinktoafileordirectoryy:

dragtheobjectttothedesttinationofthhelink.Ifa linksymbol doesnotapppear,press CTRL+SHIFTT

eobjectinthhedestinatio
on;
unttilitappears..Releasethe
seleecttheobjecctandclickttherightmo usebutton. Selectcreateshortcut.Alinkiscreatedinthee
sam
medirectory..

Deletingaffilemeanso
oftenputtinggitintothe trashcanw
whereitcan berecuperaatedunlesstthe
trashcanisemptied.Deeletingadire
ectorymean sputtingittothetrashccantogetherrwithitsentire
treeofsubd
directoriesandfiles.Payspecialatte ntion,sincenotalwaystthetrashcannworksasusser
expectsand
dsometimessfilesaredelletedwithouutpassingthroughthetrrashcan.To deleteafileordirectoryy
windowsofffersseveralmethods,th
hemostuseddbeing:

dragtheobjecttothetrashcanandreleeaseit;
seleecttheobjecctandclickth
herightmouusebutton.SSelectdelete;

Page10of332

EEdition8.0(0
05/08/2014))

BasicComp
putercoursebook

Dr.P
PaoloColettii

seleecttheobjecctandpressDELkey.

Torename afileordireectory,simp
plyselecttheeobject,clicckon
thenameaandretypeitt.UsuallyWiindowsacceeptsmostnames,
but novice users should stick with
h only letterrs, numbers and
spaces,sincceothercharractersmaybeforbiddenn.
Tocreatea newdirecto
ory,simplyriightclicktheemouseand
dchoose
NewandFolder.Aftterthecreattion,renameeit.

SSometimesfilesoccupya
alotofspaceeandneedtobereduced
dtosavedisskspaceortobesentbyy
eemail;other timesfilesm
mustbeputiinapackage
etoremaintogetherorttobesentassasinglefilee
vvia email. Th
hese two op
perations aree accomplish
hed compressing a set of files and directories,,
whichmean
nsusingasp
pecialprogram(WinZipoorIZArcorth
heoperativesystemitselff)toreduce(from0%to
o
90%dependingonthe filetype)thefilesizeanndproduceaanewsinglefilecalledzziparchiveco
ontainingalll
theselected
dfilesanddiirectories.
Tocompresssasetoffileesanddirecttories:
1. seleectthefilesaanddirectoriiesalltogethher,
2. clicktherightm
mousekey,
o the installed compreession prograam and sele
ect somethinng like Add
d to Archivee
3. seleect IzArc or
Filee,
4. adiialogboxapp
pearsasking youtochooosetheziparchivename anditsdesttination;
5. inthisdialogbo
oxyoumustalsochoosethecompre
essionmetho
od,whichissstronglysugggestedtobee
ZIPtobecompaatiblewithotherprogram
ms;
6. inthisdialogan
nencryptionmethod(se esection4.1
1onpage20
0)maybechhosen.Ifyourziparchivee
ouldbeopen
nedbyanybo
ody,thenchhooseNone
e:Otherwise,ifyouwaanttheziparchivetobee
sho
unccompressed onlybypeop
pleknowing aproperpaassword,cho
ooseanyofttheencryptio
onmethods,,
suchasAES12
28bit,andp
providetheppassword.
ordirectorieesmaybead
ddedlatertootheziparch
hivesimplyd
draggingthe monthezip
parchivefilee
Otherfileso
(thisisacop
pyandnotamoveopera
ation)ifitisnnotencrypte
ed.
Toextractffilesfromazziparchivefiile,simplycl icktherighttmousekeyonthefileaandfromthe
edropdown
n
menu choo
ose the apprropriate extrract option: the contentt will appear in the loccation you have chosen,,
togetherwiithallitsdireectoriesstru
ucture.
Whendoub
bleclickingo
onacompresssedfile,ifthhecompresssionprogram
misproperlyyinstalled,itwillopenin
n
awindowaasifitwere adirectory. Butitisnottanormaldiirectory,itisssimplyaw indow,prod
ducedbythee
compression program, with the listt of the ziparchives content: the user
u
should nnot open files from thiss
nce it is a veery unreliable way to m odify files! Files
F
can be copied from
m this windo
ow to a reall
window sin
directory siimply draggiing them to the directoory. When the entire co
ontent of thhe ziparchive has to bee
extracted o
or when the user wants to preservee the originaal tree structure, it is beetter to use
e the Extractt
buttonofth
hisspecialwindow.

2.3.3. File types

Windowsid
dentifiesafiletypebyitsextension,w
whichiseverrythingafterrthelastdottinthefilena
ame.Usuallyy
itisa3or44character acronym.Ussingthefile extension,W
Windowskno
owsthefile typeandde
ecideswhich
h
programwiillopenthat file.Ifthefileextensionndoesnotsh
howup,follo
owtheinstruuctionsatse
ection2.3on
n
page8.Theemostimporrtantfiletype
esare:
Edition8.0(05/08/2014
4)

Page11of32
2

Dr.PaoloCo
oletti

Filetype

BasiccComputercoursebookk

Typicallprogramsthatopenit

Program
m

itsself

Typicalexttensions
.exe.com
m.bat

Typica
alicons

The link ed image cannot be display ed. The file may hav e been mov ed, renamed, or
deleted. Verify that the link points to the correct file and location.

Compressed

WinZip
p/IZArc

.zip
p

Text

Nottepad

.txt

Documen
nt

W
Word/Acroba
at/Powerpooint

.docx.doc.rttf.pdf.ppt

Sheet

Exxcel

.xlsx.xls.csv

Image

Explorrer/PictureFaxViewer//Paint/
OfficePictu
ureManagerr

.jpg.jpeg.giff.bmp.png

Video

Media
aPlayer

.avi.mov.m
mpg.mpeg

Audio

MediaPlayer/WinAmpp

.mp3..wav

Webpagge

Exp
plorer

.html..htm

2.3.4. File permissions

For each fille Windows 7 operative
e system usees a permisssion.
Click the rigght button of
o the mouse on a file oor directory and
select Pro
oprieties an
nd Securityy. The secuurity dialog box
showsthellistofusers orgroupsofuserswho mayaccess this
object,whillenotlistedusersmaynotaccessit. Foreachuse
eror
group this dialog boxx displays the
t
permisssions, the most
m
being:
importantb

readpermission
n,tocopyan
ndopentheoobject;
readandexecute,sameasread,plusruuntheobjecttifit
isaprogram;
listcontent(forrdirectories),toseetheccontent;
writte permissio
on (for direcctories), to create files and
sub
bdirectories;
modifypermisssion(alsocallled,whenreeferredtoa file,
writte permissio
on), same as
a read andd execute, plus
deleete,move,reename,save
emodificatioons;
fullcontrol,sam
measmodifyy,pluschanggepermission
ns.

The owner of the file usually

u
has full control on it and may
m change permissions
p
or add new
w authorized
d
users. A speecial group iss the Adminnistrators gro
oup (contain
ning the useers involved in technicall
groups or u
administrattionofcomputers)which
hhasfullconntroloneveryobject.

2.3.5. Ne
etwork fold
ders at UNIBZ
OnUNIBZLLANtherearesharedharddisksonw
whichcomm
moninformattionisstoredd,sothatitisaccessiblee
fromeverycomputer.TThesearecallednetworkkfolders.Som
meofthema
are:

Page12of332

EEdition8.0(0
05/08/2014))

BasicComputercoursebook

Dr.PaoloColetti

\\ubz01fst\courses\course_coletti which contains utility files that will be used during the course.
These files must never be opened doubleclicking from here, otherwise they will be locked (see
section2.3.4onpage12);theyshouldbecopiedoneachusersdesktopbeforeopeningthem;
\\ubz01fst\courses\exam_coletti\,followedbyusersloginnameortheuserslastnameandfirst
name,whichwillcontainexamfilesandwhichisaccessibleonlybytheuser;
\\ubz01fst\students\, followed by year, faculty and users login name, contains a copy of the
studentsdiskF,desktop,andconfiguration.

2.3.6. Roaming user profile at UNIBZ

Whenever the user logs in on a new computer, usually he should find a complete new profile (Desktop,
icons,Documents,configuration),whichisobviouslyveryannoying.Inordertolethimfindalwayshisstuff
asithasbeenleftonthelastcomputerused,whenevertheuserlogsoffallhisprofileiscopiedondirectory
\\ubz01fst\students\, followed by year, faculty and users login name (for example, for Diana Pfeifer
enrolled in 2012 it is \\ubz01fst\students\User2012\Eco\dpfeifer). Whenever he logs in again on any
universityscomputer,thatcomputerretrievesallhisprofilesstufffromthisdirectory.
Thismechanism,calledroaminguserprofile,worksfineonlyiftheuserisnotusingtoomuchdiskspace
(whichisusually300MB,butitisagoodideatostaybelow150MB).Iftheuserisoverquota,thesystem
sendsawarningviaemailtotheuserand,iftheuserremainsoverquota,thismechanismdoesnotwork
anymore.Moreover,iftheuserstillremainsoverquota,hewillbeforbiddenfromsavinganyfileonthe
computerheiscurrentlyusing.
ThereforeitisagoodideatoalwaysworkonaUSBpendrive(whichisthencopiedonanotherpersonal
computer)andtoperiodicallycheckthediskspacelookingattheproprietiesofthisdirectory.Ifawarning
email has been received or, even worse, roaming user profile does not work anymore, files need to be
deletednotfromthecurrentcomputer(sincethemechanismisnotworkinganymore)butdirectlygoing
throughthisdirectory.

Edition8.0(05/08/2014)

Page13of32

Dr.PaoloColetti

BasicComputercoursebook

3. Computer networks
Thispartofthebookisdedicatedtocomputernetworksfromausersperspective.Nowadaysacomputer
is very likely to belong to some companys network, or to be connected to the Internet via an Internet
provider, and is therefore exposed to all the typical network problems. Without entering into technical
details,thissectionwillexplorethesituationsinwhichanoviceusercanfindhimselfintroublesandhow
hecantrytosurvivedialoguingwithnetworkadministratorsintheirownstrangetechnicallanguage.

3.1. Technical aspects

Acomputernetworkisasetofdeviceswhichcommunicateandshareresources.Thesedevicesaremostly
computers, and sometimes standalone hard disks, telephones, printers and terminals (processorless
computerswhichmustrelyonothercomputerstowork).

3.1.1. Server and client

A computer network interaction is based on the client server architecture. When considering a single
interaction,onecomputeristheserverandtheotheroneistheclient.Theserveristhecomputerwhichis
offering its resource, usually programmed to wait until someone asks for its resource. The client is the
computerwhichusestheresource,whichsendstherequesttoawaitingserver.
Forexample,whensendingadocumenttotheprinter,theuserscomputeristheclientwhiletheprinteris
the server; when retrieving personal emails, the users computer is the client which connects to the
mailserver asking for available emails. When talking to a friend on an Internet chat, the interaction is
composed of two different interactions: the users computer as a client is connected to the chat rooms
computeractingasaserver,andthefriendscomputerdoesthesameinteraction.
The same computer may be the client for a service and the server for another service. For example, a
librarycomputermayhaveaCDinsideitsreadersharedtothenetwork(serverfortheCD)andmaybeat
thesametimeusedbyausertoprinthisowndocuments(clientfortheprinter).

3.1.2. Areas
Computernetworksarecommonlydividedintothreecategories:

Local Area Network (LAN or Intranet), usually the network of computers in the same building or
belongingto thesameowner.InsidetheLANevery computeris wellidentifiedandusuallyevery
userisknown.Itisconsideredatrustedarea.
WideAreaNetwork(WANorInternet),whichiseverythingwhichconnectsLANs.Computersand
usersidentificationisveryhardandanonymityispossible.Itisconsideredadangerousarea.
Virtual Private Network (VPN) is a way to recognize a computer outside the LAN as a trusted
computer: the user is identified with a password and his computer, even though connected via
Internet,willbeconsideredaspartoftheLAN,foraslongasitremainsconnected.VPNistypically
requiredtoidentifyportablecomputersconnectedviawirelessconnection.

3.1.3. Transfer speed

Thenetworkconnectingcomponentsarethecables,whichdeterminethespeedoftheLAN.Cableshavea
speedmeasureinbps(bitspersecond)whichindicateshowmanybitscanflowthroughthecableinone
second.
Page14of32

Edition8.0(05/08/2014)

BasicComp
putercoursebook

Dr.P
PaoloColettii

Ethernetcablesshaveaspeedof10Mbbpsandcan thuscarry1
1.25MBeachhsecond,meaningthat,,
for example,a 600MBmovviecanbetrransferredin
n8minutesffromonecoomputertoa
anotherone,,
pposing no one
o (neither users nor ccomputers) is using that network t ract for other purposess
sup
durringthetranssfer.
FasttEthernetcaableshaveaspeedof1000Mbps.
GigaEthernetcableshavea
aspeedof1G
Gbps.
Aw
wirelessnetw
work,acable
elessnetworrkwhere computersuse
eradiosignaalstocommunicate,hass
usu
uallyaspeedaround308
80Mbps,deppendingontthewirelessgeneration.

To find outt how much

h time doess it take to transfer a file
f with a size
s
expresssed in bytes, divide thee
connection speedinbpsby8tofind
doutthebyyterateperssecondandtthendividetthefilesizeb
bythespeed
d
to find out the numbeer of seconds it takes foor the file trransfer. For example, too transfer a 600 MB filee
through an Fast Ethern
net connectiion, find outt the speed of 12.5 MB
B per secondd (12,500,00
00 bytes perr
dthendividee600MB(o
or600,000,0000bytes)byy12.5(orby 12,500,000))tofindouttthetimeoff
second)and
48seconds..

3.2. Com
mmuniccation
Insideacom
mputernetw
workmanyco
ommunicatioonprogramssareinstalledonIntraneetcomputerstoconnectt
totheInternetoreventointernalcomputers.

3.2.1. We
eb browse
er
Awebbrow
wserisaclientprogramttonavigatettheWWWaandretrievewebpages.
Itrunsdirectlyontheu
userscomputerasacli entandcon
nnectstoextternalweb
servers, ideentified with
h the www. prefix in thhe Internet name, to re
etrieve web
pages.Themarketleaderwithabou
ut60%(inJu ne2014,see
ewww.w3scchools.com)
wserfromGo
oogleChrome,followed byMozillaFFirefox,anopensource
isthebrow
software w
with 25%, Microsoft Interrnet Exploreer, a freewarre proprietarry software
dSafari,thebrowserforMacOSX,
with9%and

3.2.2. Ma
ail reader
A mail read
der is a clien
nt program to
t send and retrieve em
mails. It runs directly on the
users computer as a client
c
and connects
c
to a mailserve
er, a progra
am in chargee of
collecting and dispatcching emails. The ma rket leaderr is Microsoft Outlookk, a
commerciallproprietaryysoftware.Itthasmanyccompetitors,,themostfa
amousbeing
gthe
opensourceeMozillaThu
underbirdan
ndthefreeW
WindowsLive
eMail.

Anotherwaaytoreadan
ndsendema
ailsisthrougghwebmailssystems,whiicharewebssiteswherettheusercan
n
enter and read his reeceived ema
ail and sendd new ones acting dirrectly on thhe mailservver, withoutt
ng them norr using any client. It caan be useful for various reasons: iit does not require thee
downloadin
installation ofamailreaaderprogram
m;oldreceivvedemailsarealwaysavvailableonthhewebsitea
andcanthuss
d from home, office and
d while traveeling, even without
w
a pe
ersonal laptoop; the mailserver takess
be accessed
careofemaailsbackup.B
Butontheotherhandit requiresaccontinuousfa
astconnectiooneventow
writeasinglee
longemail, whichcanb
becostlyand
d,insomes ituations,im
mpossibleandusuallytheeemailspacceislimited..
es arethe M
MicrosoftOutlookWebA
App, where tthewebinterfacelookss
The mostfaamouswebssiteinterface
exactly likee Microsoft Outlook, an
nd the Webbmail interfaace, used and
a
personaalized by mo
ost Internett
providers.
Edition8.0(05/08/2014
4)

Page15of32
2

Dr.PaoloColetti

BasicComputercoursebook

3.2.3. Posta Elettronica Certificata PEC

Whensendinganemail,thesenderhasnoproofthatithasbeensent,forexampletobeusedinacourtof
justice,andnoguaranteethattheemailhasbeendispatched.Somemailreadersuseareceiptsystem,but
thereceiverisnotobligedtosendbackthereceipt.
In order to overcome these problems, many solutions have been proposed. The Italian Posta Elettronica
Certificata (PEC) system has become one of the most widespread solutions, thanks to law Decreto
Ministeriale 6 May 2009 which guarantees a free PEC email address to every citizen and thanks to law
82/2005whichdeterminesthatPECreceiptsarelegalproves.
WhenanemailissentfromaPECaddresstoanotherPECaddress,thesenderreceivestworeceipt:thefirst
oneisaproofthattheemailhasbeensentwithdateandtime,whilethesecondoneisaproofthatthe
email has been dispatched to the mailbox of the receiver (or, equivalently, received by the sender). This
does not represent a proof that the email has been actually read, but from the moment the email is
dispatched to the mailbox it is the receivers responsibility to read it. Under this circumstances, it is
perfectlyequivalenttoraccomandataconricevutadiritorno.EmailscanbesendalsofromaPECaddress
toanonPECaddress,andinthiscasethereceivergetsonlythesentproofbutnotthedispatchedreceived
proof,liketheraccomandatasemplice.WhenanemailissentfromanonPECaddresstoaPECaddress,
noreceiptisproducedandthisisequivalenttoastandardletter.
Moreover,eventhoughitisnotofficiallyrequired,PECtoPECalsoguaranteesthatcontentbenotaltered
andthatsendersemailaddressistheindicatedone.However,itisimportanttonotethatPECalonedoes
notguaranteethatthesenderisreallythepersonwhoclaimstobeandthatcontentremainsunreaduntil
itreachesdestination.Inordertoovercometheselasttwoproblems,encryptionanddigitalsignature(see
section4.1onpage20)mustbeused.

3.2.4. Voice over IP programs

Voice over IP (VoIP) programs are able to use the computer connection as a substitute for standard
telephone.Equippedwitheithermicrophoneandheadphonesorwitharealtelephonelikedevice,theuser
can send his voice through the Internet to remote computers or even to real remote telephones, thus
savingontelephonebills.
VoIPrequiresasubscriptiontoaVoIPswebsite,themostfamousbeingSkype,whodecidesthetelephone
fares.TypicallycallingotherVoIPsusersisfreeallovertheworld,whilecallingfixedtelephonesdepends
only on the destination country and is independent from the callers country, with a fare which is
comparable to the standard local telephone call (about 2 cent/minute in February 2014). On the other
hand,callingmobiletelephonesis,forthemoment,stillveryexpensive(about7cent/minuteinFebruary
2014);forthisreason,specialVoIPtelephones,whichcanbeprogrammedtoautomaticallydecidebetween
VoIPandthestandardtelephonelineaccordingtothedialednumber,areappearingonthemarket.
A similar system is WhatsApp messaging system, in practice a SMS over IP system in which people
exchangemessagesandmultimediamaterialthroughachatsysteminstalledonmobiledevices.Themajor
differencewithrespecttomostInternetcommunicationsystemsisthatWhatsAppusesafullycentralized
architecture,i.e.allcommunicationspassthroughWhatsAppcompanysserversandthereisneverareal
direct communication between two users. However, nontechnical users do not realize nor care about it
andthankstoitsverygoodusabilityitisquicklysurpassingemailsandSMSexchanges.

3.2.5. Search engines

A search engine is a special program running on a website which offers to the user the possibility of
searchingotherwebsitesforspecificwebpages.Theuserneedstoconnecttothesearchenginewebsite
Page16of32

Edition8.0(05/08/2014)

BasicComputercoursebook

Dr.PaoloColetti

and digit the keywords, or sometimes even a complete question, and the website returns the list of
relevantwebpages.
Searchenginesuseacrawlertechnique:theycontinuouslygothroughtheknownwebpagesmemorizing
theircontentandtryingtodiscoverotherwebpagesthroughthecontainedlinks.Inthiswaytheyareable
tomemorizemostoftheWWWspages(morethan8billionpages),eventhoughsomenotlinkedwebsites
canremainunknowntosearchengines.
ThemostpopularsearchenginesareGoogle,thecurrentmarketleader,Yahoo!
andBing.Inordertochoosetheorderinwhichwebpagesaredisplayedtothe
user, search engines use scoring system. The most famous one is Googles
which relies on the idea that a linked page is very important and useful;
thereforeawebpagereceivesascoreproportionaltothenumberofwebpages
whichputalinktoit.Accordingtorecentresearches,thepercentageofuseof
theseenginesareGoogle83%,Yahoo6%,andBing4%.

Therearemanytrickstospeedupthewebsearchandarrivequicklytotherightresult:

mostnovice userssearch theWWW usingonlyasingle keyword,whichoftenproduces theright

resultbutinsomecasescanresultinlonglistsofwrongresults,forexamplewhenlookingforJava
Island using simply java. Using as many keywords as possible often avoids wrong results, even
thoughsometimesreturnsnopagesiftoomanywordsareused;
putting some words between quotation marks forces the search engine to look for the exact
phrase,i.e.exactlyforthosewordsinthatorderandwithnowordsinbetween;
intheadvancedsearchmenuoftenthereareverygoodoptions,suchasthesearchofpagesonlyin
aspecifiedlanguageoronlyinaspecifiedformat,forexample.docor.pdf;

Edition8.0(05/08/2014)

Page17of32

Dr.PaoloCo
oletti

BasiccComputercoursebookk

wheenlookingsimplyforsomeimages, itismoreco
onvenientto
ousethespeecificsearchratherthan
n
tryingtofindwebpagescon
ntainingthem
m.

3.3. Inte
ernet co
onnectio
ons
Therearem
manydifferentwaystocconnecttothheInternet. Someareoldtechnologgy,ratherslo
owandused
d
rightnowo
onlywhenno
oothermea
ansisavailabble,suchasttheoldtelep
phonelinew
withaspeedof56Kbps,,
theISDNsystem,theGP
PRSandEDG
GEmobilephhonesystemss.Modernte
echnologiesaarecalledbroadband:
ADSL(AssymmetricDiigital
SubsscriberLine)

telephonneline
modeem

500Kbpssinupload
820Mbpssdownload

Speedde
ependson
subscriptionfeeand
networktraffic

Inteernetcable
UMTS(U
UniversalMo
obile
TelecommunicationsSyystem)
3G
HSDPA(HigghSpeedDo
ownlink
PaccketAccess)
LTE(LonggTermEvolu
ution)
W
Wireless
WiFi

Specialcoontract

some
eGbps

3Gmobileephone

5Mbpsinupload
40Mbpsin
download

Speeddepends
nglyon
stron
enviro
onment

LTEmobileephone

willarrive

wirelessscard

30300
0Mbps

antennainlin
a
neofsight
modeem

40M
Mbps

Speedde
ependson
wirelessggeneration
Speeddepends
ondistance
stronglyo

WiMax

Page18of332

EEdition8.0(0
05/08/2014))

BasicComputercoursebook

Dr.PaoloColetti

Manyfastconnections,especiallyADSL,sufferfromnetworkcongestion:toomanyusersareconnectingat
thesametimeandtheInternetprovidersmaincablesarenotabletosupporttheusersmaximumspeed
multiplied bythe number ofusers,andtherefore mustreduce thepracticalconnectionspeed.Therefore
the maximum speed is often only theoretical and some providers are offering a minimum band
guaranteed:aminimumspeedunderwhichtheconnectionmayneverfall.
Unfortunately, even in technologically advanced countries, there are still many areas where nor ADSL
neitherUMTSarrives,mostlyduetothegeographicconditions(mountains,islandsorlongdesertdistances)
and to the low inhabitants density. This phenomenon is called digital divide: there are people (e.g.
5,000,000ofItalianinhabitants)thatevenwillinglytopaycannotgetabroadbandconnection,and,onthe
otherhand,InternetservicesandespeciallytheWWWiscontinuouslygoingtowardslargesizecontents,
cuttingthesepeopleoff.Inordertoovercomethissocialproblem,WiMaxisspreading,asortofverylong
rangeWirelesswhicharrivesupto10Kmbutworksonlyifthetransmittingandreceivingantennasarein
lineofsightandwhosetheoreticalspeedof70Mbpsdecreaseswithdistancestoabout40Mbps.

Edition8.0(05/08/2014)

Page19of32

Dr.PaoloCo
oletti

BasiccComputercoursebookk

4. Com
mputerr securrity
Being connected to thee Internet means
m
givingg anybody access to the
e computer. Despite the
e traditionall
onewhogoeesoutside,iitisinstead theInternettworldwhicchiscomingg
noviceuserrsbeliefthaatheistheo
inside,withallitsbeneffitsanddanggers.Knowin galittlebitofsecurityisssuesisnow
wadaysnecessaryevento
o
pertuser,toavoidbeingluredintotrrapsoradop
ptingpotentia
allydangeroousbehaviorss.
thenonexp
Moreover,ttherecentIttalianlaw19
96/2003onpprivacyissuescontainsin
ntheAllegatooBtheminimalsecurityy
techniques which musst be adopted by systtem administrators butt also by nnormal userrs. This law
w
nts
apply
cle
early
to
all
co
ompanies
an
nd
professio
onals
which
handle
data,
,
but
they
also
a
apply
to
o
requiremen
personalusserswhocom
mmunicated
data.Toperssonalusers whodonotcommunicaatedatastill thesecurityy
requiremen
ntsapply.
Law196/20003inparticu
ularsplitsdatainto:

perrsonaldata
sensitivedata:d
dataaboutraceandethnnicity,religio
ous/philosophical/politticalopinion
ns,belongingg
torreligious/ph
hilosophical//political/w
workersorgaanization
sensitivedataabouthealthandsex
justticedata,wh
hichhavethe
esamepresccriptionsasssensitivedata
a
gen
neticdata,whichneedexxtremelyparrticularproce
edureswhich
hwillnotbe describedhere.

Law196/20003prescribeesthat:

eacchusermustbeauthenticatedbyappersonaluserrnameanda passwordoorabiometriccdeviceoraa
perrsonaltoken;;
wnpermissioons,limitedo
onlytothed
dataheneeddsforhiswo
ork,andthee
eacchusermustthaveitsow
perrmissionsmu
ustberevoke
edwhentheuserdoesnotneedthem
manymore;
useersmustreceeivespecifictrainingori nstructions tobeableto
ousetheiraauthenticatio
onandtobee
awaareoftheirrresponsibilities,dutiesanndthepossib
bledangers;
alld
datamustbeebackedup(seesection4.6onpage
e29)atleasteveryweek;;
security software must be updated at least every year and orr 6 months w
when handliing sensitivee
data;
r
speccial care: theey must be stored
s
and transmitted
t
using encryption or thee
sensitive data receive
peo
ople must bee unidentifia
able, for exaample by asssigning to each
e
person s data a nu
umeric codee
instteadofhisnaameandsurrname.

4.1. Enccryption
n
Encryption isatextmaskingtechnique,deriveddfrommilitaaryuse,whicchtransform
msinformationinsuchaa
waythatit maybecorrrectlyreadonlywithasppecialpassw
wordcalledke
ey.Itusestw
wokeys,apublickeyforr
wnonlytoo
onecomputeerorperson,andaprivattekeyfordeecrypting,ussuallyknown
n
encrypting, usuallyknow
hich legitima tely may reaad the information. Thee size of thesse keys, and
d
by all the ccomputers or people wh
thus the diffficulty to be guessed, is
i expressedd in bits, witth 128 bits being
b
the ty pically mostt secure sizee
used.
ThetwofolllowingscheemasillustratteshowB,CCandDcan sendsecretmessagesu singAspub
blickey

..

Thesentmessagesare encrypteda
andlaterdeccryptedbyA
Awithhisprivatekey

Page20of332

.Incaseso
omebody

EEdition8.0(0
05/08/2014))

BasicComp
putercoursebook

Dr.P
PaoloColettii

heisunablettodecryptittcorrectlysincehedoesnothaveAssprivatekeyy
interceptsaamessage,h
isknownon
nlytoA.Even
nwhensome
ebody

,which
h

ussesthepubliickeytodeccrypt,itdoessnotwork.

Thesamep
processhappenswheneverabrowserrtriestosen
ndapassworrdorsecretiinformationtoawebsitee
usingasecu
ureconnection(seesection4.5onppage29):the
ewebsitetellsthebrowsseritspublickeyandthee
browseruseesittoencryyptinformationwhichcaanbereadon
nlybythearrivingwebsitte.

message 1

encrrypt

message 2

encrypt

message 3

encrypt

G
G#4hg!

decrypt

messaage 1

ff@d*s

decrypt

messaage 2

^(iw,

decrypt

messaage 3

message 1

encrrypt

message 2

encrypt

message 3

encrypt

G
G#4hg!

decrypt

Trb:-

ff@d*s

decrypt

Dr4^\|9

^(iw,

decrypt

%$&/L

Anotheranaalogoususaggeofencryptionistomaakestoreddaataunreadab
bleexceptbyytheowner.Inthiscasee
private and
d public keyys coincides and are keppt secret. The encryptio
on and decrryption proccess is donee
automatically by a proggram (PDF creation
c
proggrams or compression programs
p
cann do it, see page 11 forr
instructionsshowtodo it)orevenb
bytheoperaativesystem(iftheentirrediskisenccrypted),wh
hichasksthee
passwordto
otheuserevverytime.

secrett
data

enccrypt

D(
*+]dH

decrypt

seccret
daata

Edition8.0(05/08/2014
4)

Page21of32
2

Dr.PaoloCo
oletti

BasiccComputercoursebookk

secrett
data

enccrypt

D(
*+]dH

decrypt

%)((84
jhgdds?

4.1.1. Dig
gital signa
ature
Adigitalsiggnature,oreelectronicsiggnature,isannencryption
ntechniqueffordocumenntswhichgu
uarantees,att
the same tiime, the doccuments authors ident ity and that the docume
ents contennt has not been altered..
AccordingtoItalianlaw
w82/2005,digitalsignatuureisequivalenttohandw
writtensignaature.
ollowing scheemas illustra
ate instead the usage of
o encryptio
on for digita l signature. A wants to
o
The two fo
publishapubliclyavailaabledocume
entwithitsssignature.IttissufficienttforAtoenncryptitwith
hhisprivatee
d all the users can try to decrypt it with As public key
. If the result of decryption iss
key
and
somethingrreadable,it meansthattthedocume ntwasreallyyencryptedwithAsprivvatekeyandthuscomess
from A; on the other hand,
h
if the result is un readable, it means thatt encryption was not do
one with Ass
atureusedinncombinatio
onwithPEC canguaranteeealsosend
dersidentityy
privatekey..Inthisway,,digitalsigna
andemailscontent.

docum
ment

documentt

encrypt

G
G#4$h
&
&?2y

decrypt

docum
ment

docum
ment

2?=zx :-ki

false
documentt

encrypt

YY&:[
ffgj?^d

decrypt

2?=zx :-ki

2?=zxx:-ki

messagesor tohideinformationsimplyrequires theuserorttheprogram

m
Whileencryyptiontorecceivesecretm
to create itts own coup
ple of private
e and publicc keys (proggrams, for exxample brow
wsers, do this operation
n
automaticallywithouttheusersinttervention),ffordigitalsiggnatureitisnotsosimplee.Sinceeverrybodymustt
al signature requires a certification
n
be sure thaat the public key is really the autthors publicc key, digita
Page22of332

EEdition8.0(0
05/08/2014))

BasicComp
putercoursebook

Dr.P
PaoloColettii

odistribute privateand publickeys.Eventhougghtheoretica

allyasimple passwordissenough,to
o
authorityto
besurethatttheuserdo
oesnotgivetheprivateppasswordarround,thece
ertificationaauthoritygive
eshim,afterr
havingiden
ntifiedhimth
hroughagovvernmentaliidentitycard
d,apasswordtogetherw
withasmartcardwhich,,
when used
d together, correspond to his privvate key. An
n automaticc signature program takes care off
automaticallyencryptin
ngdocumentts.
nstitutionsarrenowusinggthenationalhealthcarecard
SeveralItaliianpublicin
asasmart cardand,ussingitascerrtificationof usersidenttity,offeraccessto
hough they do not offeer yet the digital
d
signatture of
many services, even th
personal do
ocuments. The
T service to digitally sign docum
ments is offe
ered by
private cerrtification co
ompanies, with
w
prices currently affordable
a
also
a
by
privateusersandwith alternatived
devicessuchhassmartcardsorOTPd
devices
(seesection
n4.2.1onpaage25).

4.1.2. Ke
eys expirattion
Themajord
drawbackoffencryption keysisthattifacomputeris putto
owork tryinggtoencrypttatextwith
h
insequence
many privatekeys
eandthen tto decryptittwiththe co
orrectpublicc key
,w
withinsomee
yearsitwillmanagetofindtherigh
htprivatekeyywhichlead
dstoacorrecctencryptionndecryption
n.Therefore,,
each couple of privateepublic keys has a tim
me limited duration,
d
usu
ually some yyears, after which it iss
ochangetheemandencryptagainallthepastdocuments.
necessaryto
Documents for which it is importtant to deteermine the exact date of the signaature have moreover a
a
marksignedd
directlybythecertificatioonauthority..
temporalm

4.1.3. Comparison with hand

dwritten siignature

Whocanveerify

Digitalsign
nature
Needskeysfromcertifficationauthority
andpropertools
Everybodyy(withpropeertools)

Verification
nreliability

Sureforso
omeyears

Temporalduration

Someyearrs(canberennewed)

Masssignattures

Someseco
ondsforalld ocuments(w
with
propertoo
ols)

Som
mesecondspperdocumen
nt

Datereliabiility

Objectiveiiftemporalm
mark

Base
edonotherssubjectiveellements
(pap
persandinkksage)

Whocansiggn

Handwrittensiggnature
Everrybodyinsta ntly
Handwritinganaalysts
Subjjectiveindu biouscases,notime
limitt
Untiilotherrelia blesignature
esare
available

4.2. Passswordss
OntheIntraanettheuseerisidentifie
edonlybyhi susername,,knowntoe
everybody,a ndhispassw
word,known
n
onlytohim.Thepasswordiswhatmakesanunnknownperssonanauthe
enticateduseer,withallh
hisprivilegess
onsibilities. If
I somebodyy else uses the
t right use
ers passworrd, for the Intranet
I
thiss
and his ideentitys respo
otherperso
onisexactly theuser.Law196/20033explicitlyfo
orbidsusersfromgiving theirpasswordtootherr
users, even
n when theyy are absent from work . These are some, often
n underestim
mated, maliggn actions a
a
passwordsthiefcando
o:

steaalpersonalin
nformation:thethiefcannreadtheussersemailsa
andpersonaalinformation;

Edition8.0(05/08/2014
4)

Page23of32
2

Dr.PaoloColetti

BasicComputercoursebook

steal privacy protected data: the thief can gain access to data about other people protected by
privacy,orreademailsreceivedfromotherpeople.Thelegalresponsibleofthisprivacyviolationis
thethiefaswellastheuserwhodidnotprotectotherpeoplesdata;
steal money: the thief can find the users bank account numbers and passwords, sometimes
directlyfromtheuserswebbrowsershistory;
deleteandmodifydata:thethiefcandeleteusersimportantdata,orevenworsehecanmodify
these data without the users knowledge (bank numbers, friends email addresses, degree thesis
content,addillegalpictures);
stealidentity:forthecomputerthethiefisnowtheuser,andthereforehecanacttotheoutside
world exactly as if it were the user, for example answering to emails, subscribing to websites,
withdrawingfromexams;
start illegal activities: anybody who wants to start an illegal Internet activity will obviously use
somebodyelseidentity,sohewillnotgetintotroubleswhentheactivityisdiscovered.

Therefore it is absolutely necessary to keep passwords secret.

Unfortunatelymanypeopleuseverytrivialpasswords.Thisisthelist
of the most common passwords in 2014: password, 123456,
12345678, 1234, qwerty, dragon, pussy, baseball, football, letmein,
monkey,696969,abc123,12345.

There exist automatic programs which are able to try 4 billion passwords each second, and they usually
starttryingcombinationsofwordsandnumbers(thecompletesetofallItalian,GermanandEnglishwords
canbetriedinlessthan1second).Checkonhttps://howsecureismypassword.nethowmuchtimedoesit
taketooneoftheseprogramstodiscoveryoureasypasswords.
Law196/2003explicitlyrequiresthatpassworddohavesomefeatures:

changethepasswordoften,atleasteverysixmonths(3ifsensitivedataarehandled);
avoidwordsrelatedtoyourself,suchasnames,birthdates,birthplacesandaddresses;
useminimum8characters.

Moreover,othergoodproceduresare:

useaspasswordagoodmixofnumbers,strangecharacters,smallcapsandcapitalletters,avoiding
anycommonword(otherpeoplesnamesorwordswhichcanbefoundinadictionary);
use different passwords for different purposes. Unfortunately every website asks the user to
registerwithapasswordanduserswhousealwaysthesamepasswordaregivingitawaytoevery
website they register, even untrustworthy ones. It is a good procedure to have at least three
passwords:oneforimportantuse(bankaccount),asecondoneforeverydayuseandalastonefor
unimportantuse(registeringtounknownwebsitesortoservicesthatwillnotbeusedanymore).
bewareofpasswordsstoredinprograms:mailreaders,InternetExplorerandmanyotherprograms
store your password masked with asterisks. They
seem to be unreadable, but computer experts can
reveal them instantly. Store passwords in programs
onlyifthatcomputerhasasingleuser(i.e.thehome
computerorthepersonallaptop)orifaccesstothatcomputerisonausernamebasis,butneverin
publicplacessuchasanInternetcaf.

Page24of32

Edition8.0(05/08/2014)

BasicComp
putercoursebook

Dr.P
PaoloColettii

4.2.1. Altternative p
password devices
Law 196/20003 gives th
he possibilityy to either rreplace the password authentificatiion with oth
her personall
devicesorw
withbiometrricidentificattionortosim
mplyaddthe
esetechnique
estoexistinggpasswords.
Usuallybiom
metricidenttificationiscconsideredtoo
be very seccure and th
hus it is use
ed to replac e
completely the passw
word system
m. It can b e
fingerprint recognition, handpalmbloodvessells
recognition, eyes rettina scannin
ng or voic e
identificatio
on.
For very im
mportant acctivities, succh as digitaal
signatureorbankoperaations,usuallyapersonaal
nstead addeed to the sttandard logi n
device is in
and passwo
ord system. The usual password iis
remembereed personally by the user and a
personaldeeviceprovideesthesecondpartofth e
password.TThisdeviceccanbeasmartcard,suc h
as the natiional health card, which is inserte d
into a card
d reader or a USB token and theey
provide to the program
m or web site the secon d
w
is store
ed inside th e
half of the password which
t
second part of th e
object. Alteernatively the
password is a OTP One Time
e Passwordd,
t
a te
elephone ca ll
generated eevery time through
to users m
mobile phonee or displaye
ed on a sma ll
token (whiich can be either inse
erted or noot
inserted in
n a USB plug) which is clearlly
synchronizeed with th
he website for whic h
password iss needed. Th
his big advantage of thiis
secondsysttemisthat, evenifboth
hpartsofth e
password are interceepted or guessed,
g
th e
secondparttcanbeuseedonlythat timeandwi ll
expireafterrafewsecon
nds.

4.3. Viruses
FromtheIn
nternetmanyyunauthorizedconnectioonattemptsarrive.Some
eofthesearremistakenlyyauthorized
d
and managge to reach the
t Intranett or at leastt to come in
n contact wiith programss which are behind thee
firewall.If ttheseconneectionscarry maligninteentions,usuaally theiraim
mis toexplooreanduse the Intranett
computers,todestroyIIntranetdata
aortostop someIntran
netservices(whichisad angerousattackifthesee
servicesareemanagingsstocktradesortelephonnecalls).Deffenseagainsstthesekinddsofattacks isinchargee
systemadm
ministrators.

Edition8.0(05/08/2014
4)

Page25of32
2

Dr.PaoloColetti

BasicComputercoursebook

While normal external attacks do not involve normal users, the virus is a special attack which arrives
directlyontheuserscomputerandmustbepreventedandstoppedbyhim.Thevirusisalittleprogram
whichhasthisnamebecauseitslifecycleisthesameofabiologicalorganism:surviveandduplicate.
1. Itarrivesonthecomputerthroughemailattachments,downloadedfiles,CDsandfloppydisksor
directlyfromtheIntranet.Itisoftenhiddeninsideothergoodfilesorprograms,whicharecalled
infected.
2. Assoonastheusermistakenlyrunsit(oftentryingtorunthegoodprogramortoopenthegood
file),thevirusordersthecomputertorunitselfeverytimethecomputeristurnedon,thusassuring
itssurvival.
3. Itstartsduplicatingitself,infectingotherfiles,CDsandfloppydisks,andtryingtosenditselfaround
byemailorontheIntranet.
4. Mostvirusesareprogrammedtododamagetothecomputerandtotheuser,alteringordeleting
files,sendingemailswithuserspersonaldata,preventingfirewallsandantivirusesfromrunning,or
turningthecomputeroff.Novirusesareknowntobeabletodamagehardware.
Manynamesareusedforvirusestypesaccordingtotheirdifferentbehaviors.

trojanhorseisaviruswhichlookslikeagoodprogramand,whendownloadedandrunbytheuser,
itperformstheuserswantedtaskbutatthesametimedoesotheractions;

keyloggerisaviruswhichrecordskeyboardsactivityandthensendsthekeystrokestoitscreator,
mostlytogetuserspasswords;

backdoorisaviruswhichopensaportonthecomputertoletexternalusersin;

adwareisaviruswhichdisplaysadvertisement;

spyware is a virus which spies users activity to get passwords or to target the user with specific
advertisement.

These types are not exclusive: for example a Trojan horse which is at the same time a spyware and an
adware.
Aninfectedcomputercanberecognizedbysomesymptoms.Thesearethemostfrequentones:

when the computer is turned on, unwanted programs start, advertisement appears, and the
desktoppresentssomenewbarsorfeatureswhichwerenotpresentnorinstalledbefore;
thecomputerstartsveryslowlyandunknownprogramsgivestrangeoperatingsystemerrors;
commercialorpornographicwebpagesappearonthewebbrowserwithouttheusersconsent;
theanalogicalmodemmakestypicalconnectionnoisesevenwhenthecomputerisnotconnected
or the operating system asks the user to stop the current connection and start a new one to a
strangetelephonenumber;
theTaskManagerwindow(seepage7)presentsunknownprograms.

Most of the time, a responsible users behavior it the best weapon against viruses: it protects him from
getting viruses, helps him removing them and prevents him from diffusing them. Responsible behavior
means:

neveropendownloadedfilesandemailattachments,especiallywhentheycomefromafriendwith
a text such as please open it, urgent!, since simulating to be a users friend is a typical virus
tactics.Toopenthesefiles,savethemonthedesktop,checkthemwithanantivirusandthenopen
them;

Page26of32

Edition8.0(05/08/2014)

BasicComputercoursebook

Dr.PaoloColetti

donotinsertinyourcomputerCDs,DVDsandUSBpendrivescomingfromotherpeopleorwhich
were inserted in other computers, unless you have an antivirus running or unless you scan them
immediatelywithanantivirus;
avoid visiting strange websites, especially pornographic or hackers website, or websites which
openalotofpopupwindows;
have an antivirus always running or at least run an updated antivirus on your whole hard disks
everyweek(whileItalianlawcurrentlyprescribesminimumevery6months);keepyourantivirus
alwaysuptodate:morethan50newvirusesappeareveryweek;
keep communication programs and Microsoft products up to date. Microsoft and most software
companiesofferfreeupdatesandautomaticupdatingtools.

To check the computer for viruses and to try to remove viruses from the computer, the user can run a
specialprogramcalledantivirus.Theantivirusbasicallyhasthreepossibledifferentactions:
itcanscanallthestoragedevices(harddisks,thefloppydiskinsidethecomputer,theCDorDVD
insidethereader)forviruses.Ifavirusisfound,ittriestoremoveitandtorepairdamagedfiles.
Somefilescanbeunrecoverable.Completedevicesscanningtakesusuallysomehours;
itcanscanasinglefileoranentiredirectoryforviruses.Ifthereisaninfectedfile,ittriestodelete
thevirusandrepairit.Somefilescanbeunrecoverable.Singlefilescanningtakessomeseconds;
it can be always running. In this case, whenever a virus or a suspect file is run, the antivirus
preventsitfromrunningandwarnstheuser.
A lot of antivirus programs, free and commercial, exist. Their most important feature is obviously the
possibilitytobeconstantlyupdatedthroughtheInternet.

4.4. Emails
4.4.1. Attachments
Forviruses,emailattachmentsareafirstclasswayoftraveling,sincetheyareveryoftenopenedbyusers
withoutanyprecaution.Sometimesviruseshideinsidefileswhichwerereallysentbythesender,unaware
of having an infected computer. Other times a virus takes control of the mail reader program and sends
itselftothewholeaddressbook,counterfeitingthesenderaddress(oftenusinganaddresstakenfromthe
addressbook)inordertoavoidthattherealinfectedcomputerbeidentifiedandtogainthethrustofthe
receiver,andwritingintheemailtextsmartsentencespretendingtobearegularfriendofthereceiver.The
arrivalofthiskindofemailusuallycreateshavoc,sincethereceiverissurethatthefakesenderhasavirus,
whiletheoriginalinfectedcomputerisanotherone.
Thebasicruleisneveropenanyattachmentfromthemailreaderprogram.Savetheattachedfilesonthe
desktop and run an antivirus program to check these files before opening them. Even when the email
comesfromafriend:hecannotknowthattohavegotavirus,orhecannotbetherealsender.

4.4.2. Spam
Spammessagesareunsolicitedunwantedbulkemails.Theyareunsolicited,meaningthattheuserdidnot
asktoreceivethem,theyareunwanted,meaningthattheuserdidnotwanttoreceivethem,andtheyare
bulk,meaningthattheyaresenttomillionsofaddresses.Theyareusedmainlyforfourdifferentpurposes:

Edition8.0(05/08/2014)

Page27of32

Dr.PaoloCo
oletti

advvertisement emails are

e the most innocuous
verssion. The em
mail messagge contains commercial
info
ormation ussually on medicines, poornography,
softtware or investmentts. Sometim
mes these
messsagesarep
purposelywrrittenwithoorthographic
misstakesorwithstrangecharacters,to avoidbeing
inteerceptedbyaantispampro
ograms;
chaain letters are
a electron
nic versionss of letters
circculating in th
he XX centu
ury. They proomise good
luckktoanyoneresendingitandbadluc ktoanyone
trasshingit,orth
heycontaina
asadstoryoofanillchild
dessiring postcaards or an urgent
u
warniing about a
terrriblevirus:th
heircontentisprobably falseortoo
old,, and a search on the WWW will reveal this
imm
mediately.Seendingitaro
oundwillproobablycause
com
mplainsfrom
motherusers;
frau
udsareusuaallylonglette
ersproposinggtheusera
sem
milegalbargainorabig lotteryprizee.Theironly
aim
ms are to geet the userss bank coorrdinates for
furttherillicitacctivitiesand tolurehim intopaying
smaall expensees hoping to
t get thee promised
imaaginarymoneey;

BasiccComputercoursebookk

phisshing emailss look as co

ompletely plaausible
emaails from baanks, credit card
c
compannies or
web
bsitewhich handlemoney,askingthheuser
to enter theirr website to
t perform some
urgent actions.. They often
n carry real logos,
seem to address to the co
orrect websi te and
eveen cite the real websites antiphhishing
cam
mpaign!How
wever,thisw
websiteaddreessisa
trap
p, and the user will be sent to aa false
web
bsite, who looks
l
exactly like the ooriginal
onee,whoseonllyscopeisto
ogetpasswoordsor
cred
dit card num
mbers. Phish
hing has beccome a
big problemforrInternetba
ankingsystem
m,and
the users besst defenses are enterinng any
cruccial websitee always tyyping the aaddress
direectlyinthew
webbrowserr(neverclickkingon
add
dresses conttained in emails) and calling
imm
mediately his own bankk at the teleephone
wheenever belieeving of having been vicctim of
phisshing.

Thebestbeehaviortoad
doptagainstspammessaagesistoign
norethem.C
Complaining isworthlesss,sincetheirr
senderaddressisalwayysfalse;clickkingontheir links,especiallyiftheyssuggesttocl icktheretoberemoved
d
Page28of332

EEdition8.0(0
05/08/2014))

BasicComp
putercoursebook

Dr.P
PaoloColettii

s
know that thee users addrress is reallyy
from their lists, usuallyy has the only effect of letting the spammer
meone.
readbysom
The best w
ways to deffend from spammers
s
a re to avoid
d using the users mainn email add
dress duringg
registration
ninforums,n
newsgroupsandunnece ssarywebsittes,andtoavoidpublish ingitonthe
epersonalorr
thecompan
nyswebsite.Thesearettheplacesw
wherespamm
mersgettheirmillionsoffaddresses.Ifitisreallyy
necessary,aagoodstrateegyistohaveanalternattiveemailad
ddressforregistrations,w
whichwillre
eceiveallthee
spam.
ograms,whicchputthesuupposedspammessagessinaseparattejunkemailfolder,butt
Thereareantispampro
theyareno
otcompletelyyreliableandsometimeestheytrash evengoodmessages.TTheseprogramsrelieson
n
analysis of the emailss content and on blackklists, which
h contains the Internet mailserverss which aree
mers send th
heir emails; it may happ
pen that a good
g
mailserrver ends up
p into thosee
supposed to let spamm
blacklistsan
ndthatemailssendfrom
mcustomerssoremploye
eesofthatInternetsite aremarkedasspambyy
othersites.

4.5. Nav
vigation
n
Navigation isthesecondmostdanggerousInternnetactivity. Ithasmoreorlessthessamedangersasemails::
edfiles,and
d
theusersccomputercangetvirusesifhedoes notrunan antivirusbeforeopeninggdownloade
theusercanbeluredin
ntophishinggwebsitesif hedoesnotttypeperso
onallythebaanksaddresssintheweb
b
browser.M
Moreover,theecomputerccangetvirussesevenwhensimplyvisitingsome websites,an
ndthereforee
twogoodsuggestionsaaretoavoid visitingstraange(pornoggraphicwebsites,websitteswithalo
otofpopup
p
nd illegal websites)
w
or untrustwortthy websitess and to keep Internet Explorer an
nd Windowss
windows an
operatingsyystemalwayysuptodate.
Theothersecurityprob
blemwhilenavigatingisddatainterception.When
nconnecting
gtoawebsite,theuserss
data travelss long distances, passin
ng through aa large number of comp
puters (to coonnect from
m unibz.it to
o
www.athesia.itthedataagotoPadu
ua,MilananndBolognap
passingthrou
ughatleast 13compute
ers).Dataon
n
hout any pro
otection, anyy computer administrator can read them. Therefore, when
n
the Interneet travel with
sendingpassswordsandotherprivatedatatoa website,the
eusershouldtakespeciialcarethat theaddresss
intheaddreessbarstarttswithhttpss://(instead ofhttp://)aandonsome
ebrowsera lockiconap
ppearsinthee
lower rightt part of thee windows, while on oothers the address bar becomes grreen with a lock: thesee
indicationsmeanthatth
heconnectio
onissecure((SSL)sincedataaretrave
elingencryptted.BewarethattheSSLL
d
are nott intercepted
d and that the
t user is connected to
t the samee
connection guarantees only that data
whileitdoessnotguaranteedthisweebsiteistherrightone.
websitefromwhichhestartedthecconnection,w

4.6. Attacks fro

om outside
Any compu
uter attached
d to the Intternet, eitheer directly th
hrough a mo
odem or inddirectly insid
de a LAN, iss
subjecttoaattacksfrom
mtheoutside
eWAN.The typicalattacckconsistsinexternalccomputerstrryingtogain
n
access to tthe computeer using ope
erating systeem known problems
p
orr hoping thaat the user is currentlyy
running pro
ograms whicch open som
me computerrs parts to outside connections. Frrom the users side, thee
best defensse is keepingg the compu
uters prograam always uptodate,
u
especially
e
th e operating system and
d
communicaationprogram
ms(assuggestedinsecti on4.5onpaage29).

Edition8.0(05/08/2014
4)

Page29of32
2

Dr.PaoloColetti

BasicComputercoursebook

The most famous attack from outside, and the one from which it is very difficult to have an appropriate
defense, is the DoS Denial of Service attack. It is an attack which does not strike private users, but
companiesofferingservicesovertheInternet.Itconsistsinsendingmillionsofincomingconnectionswhich
pretendtousetheservicebutstaysimplyconnected,insuchawaytoovercrowdtheserveranddrainall
its resources (bandwidth, speed, memory) until the server crashes. The attacker clearly does not use his
own computer to carry on a DoS
attack, otherwise his computer
would probably crash before the
server, but uses computer of
unaware users around the world,
called zombies, which have been
hackedinthepastdays.Inthisway
the attacker has the power of
severaldozencomputersconnected
from many different parts of the
world and at the same time it is
difficult to trace the responsibility
uptohim.

4.6.1. Firewall
Often programs security breaches
oncediscoveredneedsomedaysto
be fixed and somebody can take
benefit of them in this short time,
before the security update is
installed on the users computer.
Therefore on every LAN, usually in
the point where the LAN connects to the Internet, or more often on every computer a special program
calledfirewallisrunning. Thefirewall examinesall the incomingandoutgoingtraffic,usingthefollowing
analysistechniques:

whichinternalprogramisoriginating/receivingthetraffic,
from/towhichexternaladdressisthetrafficoriginated/directed,
whatamountoftrafficispassingfrom/tothesameprogramto/fromthesameexternaladdress,
whichkindofdataarepassing.

Making an analysis of these data clearly slows down the connection but lets the firewall stop potential
unauthorizedconnection,puttingtheminawaitstateuntiltheusersgiveshisapprovalordenial.
WindowsSevenoperatingsystemcomeswithafirewallpreinstalled,whichletstheusercustomizewhich
kind of programs are allowed to make or receive connections and determine rules to approve or deny
automaticallyconnections.

4.7. Backup
Backup is the process of copying important data to another location to prevent their loss. Sometimes
programsandevenentireoperatingsystemsarecopied,tobeabletoimmediatelycontinueworkingeven
whenacomputerbreaks.Therearethreeverygoodreasonstodoregularbackups:
Page30of32

Edition8.0(05/08/2014)

BasicComp
putercoursebook

Dr.P
PaoloColettii

agaainsttheuseer,whocana
accidentally deletesome
efilesorwh
hocanmodiffyfilesandtthenchangee
hismind.Havingarecentba
ackuphandyycanoftensavehoursoffwork;
agaainst the systtem, which can suddenlly break due
e to hardwarre or softwaareproblemss. Even hard
d
diskkstendtobeeunreliableaftersomeyyearsofcontinuousactivvity.Arecenntbackupsavestheuserr
from
mredoingalltheworkofthepreviouusmonths;
agaainstviruses andotherusers,which candeleteaandalterfile
es:abackup cansavea usercomingg
bacckfromvacattions.

Usuallytheoperatingsyystemsandtheprogram
msbackuparredonebysystemadminnistrators:la
aw196/2003
3
explicitlyreequiresaninsstantaneoussbackupfor allsensitive dataandtha
atdataarerrestoredwith
hin7daysin
n
caseofloss.However,ttherearesom
mefileswhicchshouldbetakenincha
argebytheuuserhimself:

perrsonally creaated data file

es, includingg all docume
ents and im
mages createed by the usser, and anyy
otherfilewhich
hisaresulto
oftheusers personalwo
ork;
inccaseemailsaarenothand
dledwithannonlinesyste
em:thecontacts,calenddarandthe emails(maill
readersusuallyofferawaytosavethem
mintofilesto
obeusedforbackup);
me programss require a lot of configguration and store their configuratioon in configu
uration files,,
som
whiichareusualllyinthepro
ogramsdirecctory;
alltthestuffwh
hichisdifficu
ulttofindaggain,suchassdocumentssfromotherrpeopleord
downloaded
d
from
mforgottenwebsites.

Theplacew
wherethefillesarecopie
eddetermin esthereliab
bilityofthe backup.Itsshouldbea large,cheap
p
andfaststo
oragedevice..Itshouldalsobehandyy,sincethetyypicalproble
emwithbackkupisthatth
heuserdoess
nottakestimetodoit regularlyand
d,whenthe backupisto
ooold,itisw
worthless.Foorhomeorssimpleofficee
users,theFFridaymornin
ngbackupisagoodtiminngsolution.Goodstorag
gedevicesto
obeusedare
e:

aseecondhardd
disk,usedon
nlyforbackuup,whichis veryfastandverylargeandalways readytobee
useed;
onliinebackupssystems,whe
ereusersdaataareuploaadedandare
ereadyfrom
manywhereintheworld
d
(givven a broadb
band connecction), with Dropbox, Google
G
Drive,, Box and A
Amazon Clou
ud being thee
mostfamousan
ndofferingsomeGBofs paceforfree
e;
USB
Bpendrive,ttobeusedo
onlyinemerggencywhennootherapp
propriatestooragedeviceisavailable;
bigcompaniesu
usuallyhavespecialtapeedevicesforbackups.

4.7.1. RA
AID
Averypopu
ularbackupssolutionisRAID(RedunddantArrayofIndependentDisks)tecchnology,wh
hichconsistss
of several iidentical hard disks. There are diffeerent types of RAID implementatioons, which vary
v
a lot in
n
functionalittiesandsecu
urity.
JBOD (Just a Bunch Off Disks) is a primitive foorm of RAID in
which all th
he disks aree seen by th
he user simpply as disks on
which theyy can write as usual. The
T advantagge is that the
t
available sp
pace is the sum of the space of all the disks,
howeverth
hereisnoforrmofdatap
protection:iffadiskbreaks,
anythingon
nthatdiskislost.

disk 1
file

userddecides
disk 2

Edition8.0(05/08/2014
4)

Page31of32
2

Dr.PaoloCo
oletti

RAID0usestwoidenticaaldiskswhichareseenbbytheuserasa
singledisk. Everytimeh
hewritesaffile,thefirst partoftheffile
on the first disk while the
t second oon the seco
ond
is written o
this. This sttrategy has the big advantage that writing spe
eed
doubles,wiithatotalavvailablespaccewhichistthesumoftthe
size of the two disks. But
B if a disk breaks, all tthe content of
bothdisksisslost,sincettheuserwilllosehalfof allthefiles.

BasiccComputercoursebookk

fille
parrt1
file
f
pa
art2

disk 1

disk 2

RAID1 is the most com

mmon implem
mentation o f RAID. It usses
two identiccal disks but the user se
ees only the first one. The
T
second diskk is simply an identical and
a instantaaneous copy of
the first on
ne. The disaadvantage is that the sppeed does not
n
improve an
nd the availaable space iss the size of one disk on
nly,
butincase adiskbreakks,nofileis lostsincethheotherone
eis
its identicaal copy. Thiss is a very good backuup solution to
protectdataagainstph
hysicalfailure
e,especially suitedfor2
24h
owever,itisnotabacku
upsolutionaagainstvirusses
services.Ho
or users in
ncidental can
ncellations, since any m
modification on
thefirstdiskisimmediaatelyperform
medontheseecondone.

RAID10 is aan overlay of RAID1 and

d RAID0. It uuses four disks,
writing filess on the firsst and on the third as iff they were on
RAID0 and then dupliccating their content on disks two and
four.Thisteechniquehasthespeed ofRAID0,thhereliabilityof
RAID1, but gives the user a space equivalent to the sum of
ourdisksareeffectivelyuused.
twodiskssizes,whilefo

disk 1

file
e
disk 2

file
f
pa
art1

disk 1

disk 3

file
pa
art2

disk 2

disk 4

d at either improving the

t
speed or
o improvingg the reliab
bility againstt
All the RAIID techniquees are good
hardwarefaailure,butarenotgood againstoth erthreatsandtherefore
etheymust alwaysbeccoupledwith
h
another forrm of backu
up, such as tape
t
backupp for large companies
c
or
o weekly/daaily copy on DVD or on
n
anotherharrddiskforho
omeusers.

Page32of332

EEdition8.0(0
05/08/2014))