5.6 Safe Computing 安全计算

The use of computing innovations may involve risks to personal safety and identity.

• 计算创新的使用可能涉及个人安全和身份的风险。

核心要点 Core Points

1. Personally identifiable information (PII) is information about an individual that identifies, links, relates, or describes them. Examples of PII include:

   • 个人身份信息（PII）是识别、链接、关联或描述个人的信息。PII的例子包括：
   • Social Security number 社会保障号码
   • age 年龄
   • race 种族
   • phone number(s) 电话号码
   • medical information 医疗信息
   • financial information 财务信息
   • biometric data 生物识别数据

2. Search engines can record and maintain a history of searches made by users.

   • 搜索引擎可以记录和维护用户搜索的历史。

3. Websites can record and maintain a history of individuals who have viewed their pages.

   • 网站可以记录和维护查看其页面的个人历史。

4. Devices, websites, and networks can collect information about a user's location.

   • 设备、网站和网络可以收集用户位置的信息。

5. Technology enables the collection, use, and exploitation of information about, by, and for individuals, groups, and institutions.

   • 技术使个人、群体和机构能够收集、使用和利用信息。

6. Search engines can use search history for website suggestions or targeted marketing.

   • 搜索引擎可以使用搜索历史进行网站建议或定向营销。

7. Disparate personal data (e.g., geolocation, cookies, browsing history) can be aggregated to create a profile of an individual.

   • 不同的个人数据（例如，地理位置、cookie、浏览历史）可以聚合以创建个人档案。

8. PII and other online data can enhance user experiences.

   • PII和其他在线数据可以增强用户体验。

9. Online PII can simplify online purchases.

   • 在线PII可以简化在线购买。

10. Commercial and governmental data curation can be exploited if privacy protections are ignored.

    • 如果忽视隐私保护，商业和政府数据管理可能被利用。

11. Online information can be used in unintended ways with harmful impacts (e.g., forwarded emails, retweeted tweets, social media posts viewed by employers).

    • 在线信息可能以有害影响的方式被意外使用（例如，转发的电子邮件、转发的推文、雇主查看的社交媒体帖子）。

12. PII can be used for stalking, identity theft, or aiding criminal acts.

    • PII可用于跟踪、身份盗窃或协助犯罪行为。

13. Once information is online, it is difficult to delete.

    • 信息一旦上线，就很难删除。

14. Programs can collect and record location data (where you've been, how you got there, how long you stayed).

    • 程序可以收集和记录位置数据（你去过哪里，如何到达那里，停留了多长时间）。

15. Information posted on social media can be used by others, and combined with other sources, can deduce private information about you.

    • 在社交媒体上发布的信息可能被他人使用，并结合其他来源，可以推断出关于你的私人信息。

16. Authentication measures protect devices and information from unauthorized access. Examples of authentication measures include strong passwords and multifactor authentication.

    • 身份验证措施保护设备和信息免受未经授权的访问。身份验证措施的例子包括强密码和多因素身份验证。

17. A strong password is something that is easy for a user to remember but would be difficult for someone else to guess based on knowledge of the user.

    • 强密码是用户容易记住但其他人基于对用户的了解难以猜测的东西。

18. Multifactor authentication is a method of computer access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism, typically in at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).

    • 多因素身份验证是一种计算机访问控制方法，用户只有在成功向身份验证机制提供几个独立的证据后才能获得访问权限，通常在以下至少两个类别中：知识（他们知道的东西）、拥有（他们拥有的东西）和固有（他们是什么）。

19. Multifactor authentication requires at least two steps to unlock protected information; each step adds a new layer of security that must be broken to gain unauthorized access.

    • 多因素身份验证需要至少两个步骤来解锁受保护的信息；每个步骤都添加了一个新的安全层，必须被破坏才能获得未经授权的访问。

20. Encryption is the process of encoding data to prevent unauthorized access. Decryption is the process of decoding the data. Two common encryption approaches are:

    • 加密是编码数据以防止未经授权访问的过程。解密是解码数据的过程。两种常见的加密方法是：
    • Symmetric key encryption: involves one key for both encryption and decryption.
      • 对称密钥加密：涉及用于加密和解密的一个密钥。
    • Public key encryption: pairs a public key for encryption and a private key for decryption. The sender does not need the receiver's private key to encrypt a message, but the receiver's private key is required to decrypt the message.
      • 公钥加密：配对用于加密的公钥和用于解密的私钥。发送方不需要接收方的私钥来加密消息，但需要接收方的私钥来解密消息。

21. Certificate authorities issue digital certificates to validate the ownership of encryption keys used in secure communications and are based on a trust model.

    • 证书颁发机构颁发数字证书以验证安全通信中使用的加密密钥的所有权，并基于信任模型。

22. Computer virus and malware scanning software can help protect a computing system against infection.

    • 计算机病毒和恶意软件扫描软件可以帮助保护计算系统免受感染。

23. A computer virus is a malicious program that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer.

    • 计算机病毒是一种恶意程序，可以复制自身并以未经授权的方式访问计算机。计算机病毒经常附着在合法程序上并开始在计算机上独立运行。

24. Malware is software intended to damage a computing system or to take partial control over its operation.

    • 恶意软件是旨在损坏计算系统或部分控制其操作的软件。

25. All real-world systems have errors or design flaws that can be exploited to compromise them. Regular software updates help fix errors that could compromise a computing system.

    • 所有现实世界的系统都有错误或设计缺陷，可以被利用来破坏它们。定期软件更新有助于修复可能危及计算系统的错误。

26. Users can control the permissions programs have for collecting user information. Users should review the permission settings of programs to protect their privacy.

    • 用户可以控制程序收集用户信息的权限。用户应该审查程序的权限设置以保护其隐私。

27. Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails.

    • 网络钓鱼是一种试图欺骗用户提供个人信息的技术。然后可以使用该个人信息访问敏感的在线资源，如银行账户和电子邮件。

28. Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.

    • 键盘记录是使用程序记录计算机用户进行的每次击键，以便欺诈性地访问密码和其他机密信息。

29. Data sent over public networks can be intercepted, analyzed, and modified. One way that this can happen is through a rogue access point.

    • 通过公共网络发送的数据可以被拦截、分析和修改。发生这种情况的一种方式是通过流氓接入点。

30. A rogue access point is a wireless access point that gives unauthorized access to secure networks.

    • 流氓接入点是提供对安全网络未经授权访问的无线接入点。

31. A malicious link can be disguised on a web page or in an email message.

    • 恶意链接可以在网页或电子邮件消息中伪装。

32. Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised.

    • 未经请求的电子邮件、附件、链接和电子邮件中的表单可用于破坏计算系统的安全性。这些可能来自未知发送者或安全已受到损害的已知发送者。

33. Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.

    • 来自免费软件或共享软件站点的不可信（通常是免费的）下载可能包含恶意软件。

学生活动 Student Activities

1. Describe the risks to privacy from collecting and storing personal data on a computer system.

   • 描述在计算机系统上收集和存储个人数据对隐私的风险。

2. Explain how computing resources can be protected and can be misused.

   • 解释计算资源如何被保护以及如何被滥用。

3. Explain how unauthorized access to computing resources is gained.

   • 解释如何获得对计算资源的未经授权访问。

相关资源 Related Resources

• ACM Tech News from Association for Computing Machinery

  • ACM技术新闻 来自计算机械协会

• Public Key Encryption from CS Unplugged

  • 公钥加密 来自CS Unplugged

• Blown to Bits: Chapter 2 and 5 - Understanding the Digital World

  • Blown to Bits：第2章和第5章 - 理解数字世界