Ictgen

UNIT NAME: ICT AND SOCIETY
UNIT CODE: DICT 009

LESSON ONE: INTRODUCTION OF INFORMATION AND
COMMUNICATION TECHNOLOGY (ICT)
How our ancestor used to disperse information to others?

o In the early year of Tanah Melayu, when there was no television or
radio. The Beduk play an important role.
o The Headman of the village was the one who announced any news,
be it birth, death, time of prayers or even when the village was in
danger.
o Different rhythms signified different events. The rhythm of the
Beduk to announce death was different from the rhythm used to
announce prayers.
What is ICT?
O ICT is the technology required for information processing, in particular, the
use of electronic computers, communication devices and software
applications to convert, store, protect, process, transmit and retrieve
information from anywhere, anytime.
A.) Information
o Information refers to the knowledge obtained from reading,
investigation, study or research.
o The tools to transmit information are the telephone, television and
radio.
o We need information to make decisions and to predict the future. For
example, scientists can detect the formation of a tsunami using the
latest technology and warn the public to avoid disasters in the affected
areas.
o Information is knowledge and helps us to fulfill our daily tasks. For
example, forecasting the stock exchange market.
B.) Communication
o Is an act of transmitting messages. It is a process whereby
information is exchanged between individuals using symbols, signs or
verbal interactions.
o Previously, people communicated through sign or symbols,
performing drama and poetry. With the advent of technology, these
older forms of communication are less utilized as compared to the
use of the internet, e-mail or video conferencing.
C.) Technology
o Is the use of scientific knowledge, experience and resources to
create processes and product that fulfill human needs.
o Aiding Communication - telephone and fax machines are the devices
used in extending communication
o Spreading Information To broadcast information such as news or
weather reports effectively. Radio, television, satellites and the World
Wide Web (www) are powerful tools that can be used.
Timeline for the Development of Technology
YEAR CREATION
3500 BC Sumerians developed cuneiform writing
1500 BC The Phoenicians developed the alphabet
105 BC Tsai Lun of China invented paper
1454 The first printing began with the creation of printing

machine.
1793 Telegraph line was invented
1876 The first telephone was introduced
1925 Television was made known to public
1941 Computer was created
1958 Photocopier machine was introduced
1963 Communication satellite was introduced
1969 The first internet known as ARPANET started
LESSON TWO: EVOLUTION OF COMPUTER
Before the era of computer begins, counting machine was invented to help
people with business industry. The usage of counting machine, begin as
early as 200 B.C. Evolution of computers can be traced at 7 stages:
a) The early years

b) First generation
c) Second generation
d) Third generation
e) Fourth generation
f) Fifth generation
g) New era generation
A. The early years
Timelines of Counting Machine
Year Invention
200 BC Chinese Abacus (First counting machine)
500 BC Egyptian Abacus
1620 John Napier invented Napiers Bone (Multiplication table

carves
on bones)
1653 Blaise Pascal invented Pascaline
1673 Gottfried Wilhelm Von Leibniz invented Leibnizs

Rechner
(which use first binary mathemathic calculating
machine)
1801 Joseph Marie Jacquard invented weaving loom (using

punch
card technology)
1823 Charles Babbage invented mechanical calculator

machine.
1941 Mark 1 was invented in Harvard University. The first

computer which is slow, expensive and unreliable. It
uses mechanical switches
B. First Generation (1940 1956)
1. Presper Eckert and William Mauchly built the ENIAC (Electronic Numerical
Integrator and Computer) in 1946.
2. ENIAC use vacuum tubes rather than mechanical switches in Mark 1.
3. In 1951, Eckert and Machly build UNIVAC (Universal automatic computer)
which can calculate at the rate of 10 thousand additions per second.
4. New technology was needed in the invention of technology. These

technologies are
a) Vacuum tube an electronic tube about the size of light bulbs. It was used
as the internal computer components. Thousands of them were used.
b) Punched card used to store data

c) Magnetic tape introduced in 1957. It is used to store data. Was a faster
and more compact method of storing data.
5. Problems:
a) The vacuum tubes generated great deal of heat causing many problems in
temperature regulation and climate control.
b) The tubes burnt out frequently.
c) People operating the computer did not know that the problem was in the
programming machine.
C. Second Generation (1956 1963)
1. The second generation computer scientists invented something new due

to lots of problem created by vacuum tubes.
2. The famous computer scientists during the second generation era were:
a) John Bardeen
b) Walter Houser Brattain
c) William Shockley
3. The creation of transistor sparks the production of second generation

computers. Transistor is a small devices use to transfer electronic signal
across a resistor.
4. The advantages of transistor:

a) Smaller than vacuum tubes
b) Need no warm up time
c) Consumed less energy
d) Generated much less heat
e) Faster
f) More reliable
D. Third Generation (1964 - 1971)
1. IBM 370 series were introduced in 1964. It came in several models and
sizes. It is used for business and scientific programs.
2. Other computer models introduced were CDC 7600, BZ 500.
3. New hardware technology:
a) Silicone chip were manufactured in 1961 at the silicone valley.
5 Form 4 Lesson Notes Part 1 ICT & Society
b) Integrated circuit technology, which had reduced the size and cost of
computers. It is a complete electronic circuit or a small chip of silicone which
is also known as semiconductor.
c) The magnetic core memory was replaced by microchip. (The first 253 bit
Ram, basis for the development of the 1K bit Ram).
4. Advantages:
a) Silicone chips were reliable, compact and cheaper.
b) Sold hardware and software separately which created the software
industry.
c) Customer service industry flourished (reservation and credit checks)
5. Software technology:
a) More sophisticated
b) Several programs run at the same time

c) Sharing computer resources
d) Support interactive processing
E. Fourth Generation (1971 Present)
1. It took only 55 years for the 4th generations to evolve.

2. The growth of the computer industry developed technologies of computer
inventions.
3. There are many types of computer models such as
a) Apple Macintosh
b) IBM
c) DELL
d) ACER
4. In 1971, Intel created first microprocessor

5. In 1976, Steve Jobs built the first Apple computer
6. In 1981, IBM introduced its first personal computer
7. Among the famous inventors in fourth generations were:
a) Bill Gates who invented Microsoft

b) Michael Dell who invented Dell Computer
8. Hardware technology invented in fourth generation were
a) Silicone chip
b) Microprocessor
a specialized chip developed for computer memory and logic
It is a large-scale integrated circuit which contained thousands of transistors.
The transistors on this one chip are capable of performing all of the functions
of a computers central processing unit.
c) Storage devices
9. Advantages:
a) 100 times smaller than ENIAC (the first computer)
b) Faster
c) Reliable
d) Greater storage capacity
e) Personal and software industry boomed
F. Fifth generation (present and beyond)
1. New hardware technology:

a) Silicone chips
b) Processor
c) Robotics
d) Virtual reality
e) Intelligent system
f) Programs which translate languages
G. New Era Computer
1. Super Computers
- Fastest, most powerful, most expensive.
- Used in applications such as sending astronauts into space, testing
safety and aerodynamic features on cars and aircraft, controlling
missile guidance systems, and weather forecasting which required
extreme accuracy and immense speed to perform the complex
calculation.
2. Mainframe computers
- Large, expensive, powerful computer that can handle hundreds or
thousands of connected user simultaneously.
- Used in large organization to handle high volume processing of
business transactions and routine paperwork.
3. Mini computer
- Medium sized computer
- Usually used as servers, with several PCs or other devices networked
to access the midrange computers resources.
4. Personal computers
- Small computer system, designed to be used by one person at a time.
- Widely used in small and large businesses. Examples: tracking
merchandise, billing customer, manage company accounts.
5. Mobile computers personal computer that you can carry from place to
place
6. Expert system teleconferencing, speech recognition system
LESSON THREE: USAGE OF ICT IN DAILY LIFE
Computer plays major roles in our daily lives. We need computers to assists
us in completing various tasks and jobs.
Among the sector where ICT is used widely are:
- education
- banking
- industry
- business
A.) Education
1. Today, most schools and higher education institution have computer in the
classroom for teachers and students.
2. Computer is used in the sector of education because they can offer
a) Enhanced learning
b) Cognitive development
c) Interactive experiences
3. User who benefits are
a) Teacher Teacher uses computers to research for teaching materials,
participate in online forums and online conferences as well as to aid their
teaching.
b) Students Students use the computers as a reference tool. They use
computers to browse the internet to look for information
c) Researchers Researchers use computers to collect and process data.
d) School administrators They use computers for administrative purposes
to make sure that the entire operation runs smoothly.
B.) Banking
1. The computer is the nerve centre of the banking system around the world. It
functions to control the entire banking system that also includes Electronic
Banking Services.
2. Electronic Banking Services provide 24 hour services. The services include

a) ATM (Automatic Teller Machine)
b) Cash deposit
c) Electronic fund transfer
d) Direct deposit
e) Pay by phone system
f) Personal computer banking
g) Internet banking
a) Customers Customers can make any transactions at the 24 hour service
centre or via online. These services allowed them to do transaction at
anytime they want.
b) Business men Businessmen can save their time by using the online
services offered by banks. They can access company accounts for loan
applications, business transactions and update on their cash flow at anytime
c.) Bank administrators Bank administrators can oversee the entire banking
activities such as reconciliations, inter-branch transaction (IBT), telegraphic
transfer and others by referring to the banking system
C.) Industry
1. Computers are used to

a) facilitate production planning and control systems,
b) to support chain management
c) to help in product design in the industrial sector

a)Workers Workers use computers to analyze and collect research data for
future reference.
b) Researchers Researchers use computers to analyze and collect research
data for future reference.
c.)Administrators Administrators use computers to oversee the entire

operations in the plant or factory to detect specific errors or defects that
occurred in the process.
D.) E-commerce
a. E-commerce helps in boosting the economy. It makes buying and selling

activities easier, more efficient and faster. For this application, computers,
internet and shared software are needed.

a) Customers Customers use computers to be connected online with
suppliers to purchase products. This method can save time and cost as they
do not have to go any outlet.
b) Suppliers Suppliers use computers to keep track of their transactions. All
products are bar coded and can be read by the computer scanner to help in
determining prices and managing inventory.
c) Employee s Employees use computers and telephones to communicate

with their customers for any enquiries. The system helps employees to get
the latest updates on inventory to be informed to the customers.
E.) Other sector that benefits from the usage of ICT

Benefit
- Architecture
Use computer graphic to experience with possible interiors to give client a
visual image.
- Arts
Modern artists use computers to express their creativity
- Career
Job opportunities that are related to ICT such as computer engineers, graphic
designer, software engineers and programmer offer more technical skill and
knowledge
- Government
To forecast weather, process immigrant
- Healthcare
Computers are use to promote telemedicine. Researchers found it useful in

information sharing. Doctors and medical practical are able to apply modern
treatment such as laser treatment.
- Home
Computers are use for record keeping, writing letters, preparing budget and
communicating with others
- Law enforcement
In maintaining national fingerprints floes, modeling DNA and others
information
- Transportation
In rapid transit system and tracking railway system
- Travel
Computers are use to do room reservation. It helps tourists to plan their
holiday well
LESSON FOUR: COMPUTERIZED AND NON-COMPUTERIZED SYSTEM
Evolution of man and machine

o The evolution of man and machine happened hundreds of years ago but
the evolution of the computerized system happened only less than a century
ago.
o Many tasks can now be accomplished easily via the computerized system.
Computer System
o A system is an arrangement of elements that when it is put together it
becomes an organized and established procedure. (In Latin-Greek, the term
system means to combine, to set up, to place together)
o
A system typically consists of components connected together in order to
facilitate the flow of information, matter or energy.
o A computer system consists of a set of hardware and software which
processes data in a meaningful way.
A.) Education
1. Education is the science of teaching and learning of specific skills.

2. It also imparts knowledge, good judgment and wisdom.
B.) Banking System
Banking before ICT Banking after ICT
Banking was done manually by All transactions are done by

taking deposits directly computers
Transactions can only be made Transaction can be done at

during working hour anytime and place
Takes time to approve any loan Online services, phone banking

applications system, credit cards are now
available
C.) Industry
Industry before ICT Industry after ICT
Industry was slow because Computers and

everything was done manually telecommunications industry
and totally depended on human became very popular and
labor. profitable since production can be
increased through an all day
operator.
D.) Commerce
1. Commerce is an activity of exchanging and buying and selling of commodities

in large scale involving transportation from place to place.
Commerce before ICT Commerce after ICT
Trading was made using the E-commerce plays an important

barter system and it was then role in the economic scene. It
later developed into currency. includes distribution, buying,
selling and servicing products that
are done electronically.
Advertisement was in the form of

word of mouth, billboards and
printed flyers.
Trading globally was extremely

slow, late and expensive. Traders
had to find ways to market global
products in the global market
LESSON FIVE: IMPACT OF ICT ON THE SOCIETY
ICT development has changed every aspect of the human society. It has
affected our life in many ways.
A.) Faster communication speed

1. In the past, it took a long time for any news or messages to be sent. Now with
the internet, news or messages are sent via e-mail to friends, business
partners or to anyone efficiently.
2. With the capability of bandwidth, broadband and connection speed on the

internet, any information can travel fast and at an instant. It saves time and
is inexpensive.
B.) Lower communication cost
1. Using the Internet is cost-effective than the other mode of communication

such as telephone, mailing or Korea Service. It allows people to have access
to large amounts of data at a very low cost.
2. With the internet we do not have to pay for any basic services provided by
the Internet. Furthermore, the cost of connection to the internet is relatively
cheap.
C.) Reliable mode of communication

1. Computers are reliable. With the Internet we can access and retrieved
information from anywhere and at anytime. This makes it a reliable mode of
communication.
2. However, the input to the computer is contributed by the human. If the

data pass through the computer is faulty, the result will be faulty as well.
This is related to the form GIGO. GIGO is a short form for Garbage In Garbage
Out. It refers to the quality of output produced according to the input.
Normally bad input produces bad output.
D.) Effective sharing of information

1. With the advancement of ICT, information can be shared by people all
around the world. People can share and exchange opinions, news and
information through discussion groups, mailing lists and forums on the
Internet. This enables knowledge sharing which will contribute to the
development of a knowledge-based society.
2. Some examples of popular discussion groups on the Internet are:

a) Google Groups (www.googlegroups.com)
b) Yahoo! Groups (www.yahoogroups.com)
c.) Classic discussion group
E.) Paperless environment
1. ICT technology has created the term paperless environment. This term means
information can be stored and retrieved through the digital medium instead
of paper. Online communication via email, online chat and instant messages
also helps in creating the paperless environment.
F.) Borderless communication

1. Through the internet, information and communication can be borderless.
2. Internet offers fast information retrieval, interactivity, accessibility and
versatility. It has become a borderless source for services and information.
G.) Social problems

1. There are some negative effects of ICT. It has created social problems in
the society.
2. Nowadays, people tend to choose online communication rather than
having real time conversations.
3. People tend to become more individualistic and introvert theft, hacking,

pornography and online gambling. This will result in moral decadent and
generate threat to the society.
H.) Health problems

1. A computer may harm user if they use it for long hours frequently.
2. Computers users are also exposed to bad posture, eyestrain, physical and
mental stress.
3. In order to solve the health problems, an ergonomic chair can reduced
back strain and a screen filter is to minimize eyestrain.
Summary
1. The advantages of ICT in the society:
a. faster speed of communication
b. lower communication cost
c. reliable mode of communication d. effective sharing of information
e. paperless environment
f. borderless communication
g. urging for research and development of new products
h. good competition among the producers
2. The disadvantages of ICT in the society:
a. social problems
b. health problems
c. changing peoples attitude and demand
LESSON SIX: COMPUTER ETHICS
A.) Ethics in general

1. We often see pirated CDs, software and VCD being sold at the night
market. Buying pirated software is an example of unethical activity in
computer ethic.
2. A guideline is needed to stop the current technology products from being
exploited, for example by replicating originals CDs and selling them as
pirated software. This unethical behavior can be controlled by the code of
conducts.
3. Under the Malaysia Copyright act 1987, any individual charge with piracy
will be fine up to 10,000 for each copy or up to 5 years imprisonment or
both.
4. Computer ethics is a system of moral standards or values used as a
guideline for computer users.
COMPUTER ETHICS
Ethics in general, is amoral philosophy where a person makes specific moral

choice and sticks to it.
In computing, ethics are the moral guidelines to referred to when using the
computer and computer networks.
Computer ethics is a system of moral standards or values used as computer

guidelines for computer users.
DIFFERENCES BETWEEN ETHICS AND LAW
Ethics Law
Guidelines - as a Control - as a rule to control computer
guidelines to computer users.
users
Judicial Standards - law is judge by
Moral standards - ethical judicial standards.
behavior is judge by moral
standards Must follow - computers user must
follow the regulations and law.
Free to follow - computer
users are free to follow or Penalties, imprisonments and
ignore the code ethics. other punishments - penalties,
imprisonments and other
No punishments - no punishments for those who break the
punishment for anyone
who violates ethics.
law.
Universals - Universals
Depends on country - depends on
can be applied anywhere,
country and state where the crime is
all over the world.
committed
Produce ethical
Prevent misusing of computers -
computer users - to
to prevent misuse of computers
produce ethical computer
users.
Crime - not honoring the law means
committing a crime.
Immoral - not honoring
computer ethics means
ignoring the moral
elements (immoral)
B.) The ten commandments of computer ethics
1. The United States Institute of Computer Ethics has come out with the Ten
Commandments of Computer Ethics.
2. These principles consider the effective code of conducts for the proper use
of information technology.
3. The ten commandments of computer ethics

i. You shall not use a computer to harm other people.
ii. You shall not interfere with other peoples computer work.
iii. You shall not snoop around in other peoples computer files.
iv. You shall not use a computer to steal.
v. You shall not use a computer to bear false witness.
vi. You shall not copy or use proprietary software for which you have not
paid.
vii. You shall not use other peoples computer resources without
authorization or proper compensation.
viii. You shall not appropriate other peoples intellectual output.
ix. You shall think about the social consequences of the program you are
writing or the system you are designing.
x. You shall always use a computer in ways that ensure consideration and
respect for your fellow humans
C.) Guidelines on the e-mail and Internet usage

1. The Department of Public Services of Malaysia has provided guidelines on
the e-mail and Internet usage as reference to the staff.
2. This guidance covers the usage of e-mail account, mailbox maintenance,
and
e- Mail preparation and delivery, mailing list and the Internet.
3. Some guidelines from the Department of Public Services of Malaysia:
a) Use only individual e-mail address to forward individual opinion.
b) Keep the identity name and password a secret to avoid the misuse of your
e-mail without your knowledge.
c) E-mail must be active to promptly reply the necessary actions needed for
any matters.
d) Ensure the total mail kept in the box is within the computer storage
capacity.
e) Scan files regularly to avoid the transmission of virus from one computer
to another.
f) Do not send e-mails that contain classified information which can be used
to tarnish other people or country.
g) Choose a suitable time to search Internet to save access time and cost.
h) Beware of prohibited sites which could affect ones moral, organization or
nation.
i) Print only relevant documents that you think can be used in future to save
cost.
D.) Unethical computer code of conducts
1. Have you copied materials from the internet and claims that it is your own
and submit them as an assignment? If you have, you are reaching the
computer code of conducts. In other word, you are breaking the law of
intellectual property by stealing someone elses idea. Intellectual property
refers to any products of human intellect that is unique and has a value in
the market place. This covers ideas, inventions, unique names, computer
program codes and many more.
2. Examples of unethical computer code of conducts include:

a) Modifying certain information on the internet, affecting the accuracy of
the information
b) Selling information to other parties without the owners permission
c) Use information without authorization.
d) Involvement in stealing software
e) Invasion of privacy
3. With the advancement of ICT, it is easy for anyone to retrieve your

information from the Internet. You may release that when you fill a form on
the Internet, your information may be exposed and stolen.
4. Kevin David Mitnick was a famous hacker. He accessed computers without
authorization. He deprived the privacy of many individuals by hacking into
network of a few companies. He also managed to get valuable data
unethically for his own usage.
E.) Ethical computer code of conducts

1. Have you ever ask for permission to download materials from the internet
such as music, articles, graphic and other material. If you have, you are
following the computer code of conducts. There are many web sites with
restriction where the public is allowed to use their material. Users may have
to pay royalty to the owner or quote the website in their assignment or
project, in order to be able to use this material.
2. Examples of ethical computer code of conducts include:
a) Sending warning about viruses to other computer users
b) Asking permission before sending any business advertisements to others
c) Using information with authorization
Summary
1. Ethics refers to a standard of moral guideline that is used to determine
proper behavior.
2. There are two codes of conducts that can be referred to which are the Ten
Commandments of Computer Ethics by the United States Institute of
Computer Ethics and the e-mails and Internet guidelines by the Department
of Public Services of Malaysia.
3. Unethical computer code of conducts include modifying the accuracy of

the information, selling information to other parties without the owners
permission, using information without authorization, involvement in stealing
software and invasion privacy.
4. Ethical computer code of conducts include sending warning about viruses

to other computer users, asking permission before sending any business
advertisements to others and using information with authorization
LESSON SEVEN: THE DIFFERENCES BETWEEN ETHICS AND LAW S
A.) Definition of Ethics

1. In general, ethics is a moral philosophy where a person makes a specific
moral choice and sticks to it.
2. On the other hand, ethics in computing means moral guidelines to refer to

when using the computer and computer networks. This includes the Internet.
B.) Definition of Law

1. Law is a legal system comprising of rules and principles that govern the
affairs of a community and controlled by a political authority.
2. Law differs from one country to another. In the era of technology, computer
law is needed to clarify goods or actions that fall under the computer law.
Computer law refers to all areas in law that requires an understanding of
computer technology such as hardware, software and Internet.
3. Examples of laws of computing in Malaysia include the Malaysian

Communication and Multimedia Act, the computer Crime Act 1997 and the
Telemedicine Act 1997.
C.) Why do we need ethics and law in computing?
1. Respecting Ownership
We must respect ownership by not stealing other peoples work either by

duplicating or distributing it. Duplicating and distributing copies of audio
tapes, video tapes and computer programs without permission and
authorization from the individual or company that created the program are
immoral and illegal.
2. Respecting privacy and confidentiality
We should respect other peoples privacy and confidentiality by refraining

ourselves from reading their mails or files without their permission. If we do
so, it is considered as violating an individuals right to privacy and
confidentiality
3. Respecting property
Property here means ownership. Since an individual data and information are
considered as property, therefore, an act of tampering and changing
electronic information is considered as vandalism and disrespect for other
peoples property.
D.) Similarities between Ethics and Law
1. Both ethics and law are complimentary to each other and are made
a. to guide user from misusing computers
b. to create a healthy computer society, so that computers are used to
contribute to a better life.
c to prevent any crime.
E.) Differences between ethics and laws
Ethics Law
1. Guideline 1. Control
As a guideline to computer users As a rule to control computer
users.
2. Moral standard 2. Judicial standard
Ethical behavior is judged by Law is judged by judicial standards
moral standard.
3. Free to follow 3. Must follow
Computer users are free to follow Computer users must follow the
or ignore the code of ethics regulations and law
4. No punishments 4. Penalties, imprisonments and
No punishments for anyone who other punishments. Penalties,
violates ethics
imprisonments and other
punishments for those who break
the law.
5. Universal 5. Depends on country
Universal, can be applied Depends on country and state
anywhere, all over the world where the crime is committed.
6. Produce ethical computer user 6. Prevent misusing of computers
To produce ethical computer users To prevent misuse of computers
7. Immoral 7. Crime
Not honoring the law means
Not honoring computer ethics committing a crime
means ignoring the moral
elements (immoral).
F.) Unethical vs. law breaking conducts
Unethical Law breaking

1. Using the office computer to do 1. Sending a computer virus via e-
personal thing mail
2. Reading your friends e-mail 2. Hacking into your school

without his or her permission. database to change your
examination results
3. Plagiarizing and using materials 3. Selling pirated software in a night
from the Internet for your class market.
assignments without giving credits
to the original author.
Summary
1. Ethics in computing means moral guidelines to refer to when using the

computer, computer networks and the Internet.
2. Computer law is a concept from existing law, which is applied to the
relatively new technologies of computer hardware and software, e-mail and
Internet.
3. Ethical behavior is judged by moral standards while law is judged by
judicial standards.
LESSON EIGHT: INTELLECTUAL PROPERTY RIGHTS
It is important to have your creation patented to protect your rights.

Reproducing other peoples inventions without their permission or piracy is
illegal. We must respect the rights of others.
A.) Definition of Intellectual Property

1. Intellectual Property (IP) refers to works created by inventors, authors and
artists. Those works are unique and have value in the market value.
2. In our daily lives, we are surrounded by things that are protected by IP.
Your school bags, your shoes and even your socks are protected by
Intellectual Property Rights. Nike, Bata or Adidas, for example, are all
protected by a group of legal rights.
B.) Intellectual Property Law

1. Intellectual property and intellectual property right can be protected under
the Intellectual Property Law.
2. Intellectual Property Laws cover ideas, inventions, literary creations,

unique names, business models, industrial processes, computer program
codes and more.
C.) Inventions Protected By Intellectual Property Laws
1. As businesses continue to expand globally, business owners must realize

the importance of getting professional advice on how to establish and
safeguard their intellectual property rights.
2. This includes Trademarks, Service marks, Trade/Company names, Domain

names, Geographical indications, Copyrights, Patents.
3. Example of creation that are covered under the Intellectual Property Law
include architectural, audio visual, sound recording, Literary, musical and
sculptural.
D.) Intellectual Property Protection
There are four types of Intellectual Property Protection. They are:
1. Patents for invention

Utility, design or plant patents that protect inventions and
improvements to the existing inventions.
It is a grant of a property right to the inventor. For example; Centrino is
a processor which introduces efficient power management. The design
of the processor is patented by Intel.
2. Trademarks for brand identity

Words, names, symbols, devices and images that represent products,
goods or services
Trademarks for brands, identity of goods and services allowed the
distinction to be made between different traders. For example: Intel
and AMD.
3. Designs for product appearance

The features of, in particular, the lines, contours, colors, shape, texture
or material of the product itself or its ornaments.
The design for product appearance covered the whole or a part of a
product resulting from the feature such as the lines, contours, colors,
shape, texture or material. For example: Apple IMAC.
4. Copyright for material

Literary and artistic material, music, films, sound recordings and
broadcast, including software and multimedia.
Copyrights protect the expression of idea in literary, artistic and
musical works. For example, you can copyright the web content you
have just designed.
Copyrights give the holder some exclusive rights to control the
reproduction of works of authorship, such as books and music for a
certain period of time.
Summary
1. Intellectual Property (IP) refers to work created by investors, authors and
artists.
2. Intellectual Property Rights are rights to which creators are entitled to for
their inventions, writings and works of art.
3. Intellectual Property Laws cover ideas, inventions, literary creations,

unique names, business models, industrial processes and computer program
codes from being manipulated by people other than the owner.
4. Why do we need intellectual property law?

o To appreciate other hard works and energy
o To safeguard one property
o To protect human relationship
LESSON NINE: PRIVACY IN COMPUTER USAGE
We should respect other peoples privacy by not invading their personal

lives. People treasure privacy as there are some things that they do not wish
to disclose to others. The same goes for privacy in ICT.
A.) What is privacy?
1. Privacy in IT refers to data and information privacy.
2. Data refers to a collection of raw unprocessed facts, figures and symbols.

Then, computer is used to process data into information. In general, data
include texts, numbers, sounds, images and video.
3. Information privacy is described as the rights of individuals and companies

to deny or restrict the collection and use of information about them.
B.) Ways computer technology threaten our privacy
1. How does computer technology threaten the privacy of our data? It is

done through:
a. Cookies
o are used to identify users by web casting, e-commerce and other web
applications.
o contain user information and are saved in the computer hard disk.
o are used by some websites to store passwords and track how regularly we
visit a website, thats how we become potential targets for web advertisers.
o enable web sites to collect information about your online activities and
store them for future use, then the collected details will be sold to any
company that requests for it.
b. Electronic profile
o electronic profile is the combining of data in a database that can be sold to
the Internet by the company to the interested parties.
o this database is in a form such as magazine subscription or product
warranty cards that had been filled by online subscribers.
o the information in electronic profile includes personal details such as your
age, address and marital status.
c. Spyware
o refers to a program that collects user information without users
knowledge.
o can enter computers, sneaking in like a virus.
o is a result of installing new programs.
o Communicates information it collects to some outside source while we are
online.
2. Computer technology threatens our privacy through electronic profiling.

For example, when we fill out a form such as a magazine subscription,
purchasing products or contest entry form on the Internet, this data is kept
in the database. It will include age, address, marital status and other
personal details.
3. Every time you click on an advertisement or register a software product

online, your information is entered into a database.
4. Computer technology can also threaten privacy through spam. Spam is

unsolicited e-mail messages, advertisements or newsgroup postings sent to
many recipients at once.
C.) Why do we need privacy?
1. We need privacy for anonymity.
2. For example, the internet creates an elaborate trail of data detailing a

person surfing on the web because all information is stored inside cookies.
We do not want our trail to be detected.
3. We also need privacy for confidentiality. For example, online information
generated in the course of a business transaction is routinely used for a
variety of other purposes without the individuals knowledge or consent.
4. We do not want our private lives and habits exposed to third parties.
D.) Can privacy be protected?
Privacy can be protected by:
1. Privacy law
The privacy laws in KENYA emphasizes on the following:

a. Security services to review the security policy
b. Security Management to protect the resources
c. Security Mechanism to implement the required security services
d. Security objects, the important entities within the system environment.
2. Utilities software
Example: anti-spam program, firewall, anti-spyware and anti-virus

Summary
1. Privacy in IT refers to data and information privacy and the right of individuals
and companies to restrict the collection and use of information to others.
2. There are three ways computes technology can threaten our privacy:
a. Cookies
b. electronic profile
c. spyware
3. Privacy can be protected by privacy law and utilities software
Identification:
-present what the user has (e.g.

smart card)
Verification:
Not
Verify the Valid
validity of the (F)
ID
VALID
(T)
Identification:
Access
-present what the user is (e.g. Denied
biometrics)
Authenticatio
n: FALSE
Authenticate
who the user is
TRU
E
Access Granted
LESSON TEN: AUTHENTICATIONS
A.) What is authentication?
1. Authentication is a process where users verify that they are who they say
they are. The user who attempts to perform functions in a system is in fact
the user who is authorized to do so.
2. For example, when you use an ATM card, the machine will verify the
validation of the card. Then, the machine will request for a pin number.
This is where the authentication takes place.
B.) Methods of Authentication
3. There are two commonly used authentication methods, which are

biometric device and callback system.
4. Biometric device is a device that translates personal characteristics into a
digital code that is compared with a digital code stored in the database.
5. Callback system refers to the checking system that authenticates the
user.
C.) Biometric devices
The examples of biometric devices are
a.) Fingerprint recognition
o A dedicated fingerprint reader is attached to a computer and takes the

image data from the scanner and sends it to the database. The user is
usually required to leave his finger on the reader for less than 5 seconds
during which time the identification or verification takes place. The data
received is compared to the information stored within the database.
o In order to prevent fake fingers from being used, many biometrics
fingerprint systems also measure blood flow, or check for correctly arrayed
ridges at the edges of the fingers.
o This authentication method is accurate and cost effective.
b.) Facial Recognition

o Facial recognition analyses the recorded information of distance between
eyes, nose, mouth and jaw edges of an individual's face images captured
through a digital video camera.
o Facial recognition is widely used, touted as a fantastic system for
recognizing potential threats (whether terrorists, scam artists, or known
criminals).
o But so far, it has been unproven in high level usage. It is currently used in
the verification only system with a good deal of success.
o The accuracy is fair and the cost involve for this method is reasonable.
c.) Hand Geometry Scanning

o Hand scanning involves the measurement and analysis of the shape of
one's hand.
o It is a fairly straight forward procedure and it is surprisingly accurate.
o Although it requires special hardware to use, it can be easily integrated
into other devices or system.
o Unlike fingerprints, the human hand is not unique. Individual hand features
are not descriptive enough for identification.
o It is possible to revise a method by combining various individual features
and measurements of fingers and hands for verification purposes.
d.) Iris Scanning
o Iris scanning analyses the features that exist in the coloured tissues
surrounding the pupil which has more than 200 points that can be used for
comparison, including rings, furrows and freckles.
o The scans use a regular video camera and can be done from further away
than a retina scan.
o It will work perfectly fine through glasses and in fact has the ability to
create an accurate enough measurement that it can be used for
identification purposes.
o The accuracy of this method is excellent while the cost involved is high.
e.) Retina Scanning
o Retina biometrics involves the scanning of retina and analyzing the layer of
blood vessels at the back of the eye.
o Retina scanning involves using a low intensity light source and an optical
coupler and can read the patterns at a great level of accuracy.
o Retina scanning requires the user to remove glasses, place their eye close
to the device and focus on a certain point.
o Whether the accuracy can overweight the public discomfort is yet to be
seen.
o The accuracy in retina scanning is very good and the cost involves is fair.
f.) Voice Recognition

o Voice recognition system compares a person's live speech with their stored
voice pattern.
o Voice recognition biometrics requires users to speak into a microphone.
What he speaks can be his password or an access phrase.
o Verification time is approximately 5 seconds. To prevent recorded voice
use, most voice recognition devices require the high and low frequencies of
the sound to match, which is difficult for many recording instruments to
recreate well. Also, some devices generate random number of sequences for
verification.
o The accuracy in voice recognition is fair and the cost involved is very
reasonable.
g.) Signature Verification System
o Signature Verification System recognizes the shape of your handwritten

signature, as well as measuring the pressure exerted and the motion used to
write the signature.
o Signature Verification System uses special pen and tablet.
o After pre-processing the signature, several features are extracted.
o The authenticity of a writer is determine by comparing an input signature
to a stored reference set (template) consisting of three signatures.
o The similarity between an input signature and the reference set is
computed using string matching and the similarity value is compared to a
threshold.
o The accuracy in Signature Verification System is fair and the cost involved
is excellent.
D.) Callback System
o The callback system is commonly used in the bank operation and business
transaction.
o For example, when you book for the taxi services, the operator will ask you
to hang up and she will call you back to confirm for the service required.
E.) Why is authentication important?
Authentication is important in order to safeguard against the unauthorized

access and use.
Summary
1. Authentication is a process where users verify that they are who they say
they are.
2. There are 2 commonly used authentication methods, which are biometric
device and callback system.
3. Biometric device is a device that translates personal characteristics into a
digital code that is compared with a digital code stored in the database.
4. Callback system refers to the checking system that authenticates the user
5. Authentication is important in order to safeguard against the unauthorized
access and use.
LESSON ELEVEN: VERIFICATION
A.)What is verification?
Verification is the act of proving or disproving the correctness of a system

with respect to a certain formal specification
B.) Methods of verification
1. There are two methods, commonly used in verification, which are user
identification and processed object.
2. User identification refers to the process of validating the user.
3. Processed object refers to something the user has such as identification
card, security token and cell phone.
C.) User identification
The examples of validating process using the user identification are:

1. Key in the user name to log-in to a system and the system will verify
whether the user is valid or invalid user.
2. Show exam slip to verify that you are the valid candidate for the exam.
3. Show a passport before departure.
D.) Processed object
The examples of validating process using the processed object are:

1. The policeman will check on the drivers license to identify the valid driver.
2. Employees have to swipe their security card to enter the building
3. Buy blouses at the mall using a credit card
Summary
1. Verification is the act of proving or disproving the correctness of a system
with respect to a certain formal specifications.
2. Two methods commonly used in verification are user identification and
processed object.
3. User identification refers to the process of validating the user. Processed
objects refer to something the user has such as identification card, security
token, key, badge and cell phone.
LESSON TWELVE: CONTROVERSIAL CONTENT
A.) Controversial content
A controversial content is information that causes disagreement in opinions

and may cause the disruption of peace because different people or culture
will have different views about the contents
B.) Issues on controversial contents
o The issues on controversial contents are always focusing on pornography

and slander. Malaysia considers pornography and slander as illegal.
o Pornographic and slanderous activities can be in the forms of plots and
actions displayed on video games, controversial rhythm or lyrics of music,
controversial contents of books and controversial issues on religion and
philosophy.
C.) Pornography
o Cute pictures of innocent babies cant be considered as pornography by

normal standards. However these pictures may attract pedophiles.
Pedophiles are people who are sexually arouse by young children. They
exploit children for sexual pleasure. Sexual acts against children are a crime
everywhere and must be curbed. These pictures are pornography to
pedophiles.
o The definition of pornography is any form of media or material (like books
or photographs) that depicts erotic behaviour and is intended to cause
sexual excitement.
o Pornography tends to exploit men, women and children in a distasteful
manner
D.) Slander
o Slander is a legal term for false and malicious statement (meaning knowing
that it is false or reckless disregard that it was false) about someone.
Examples:
You wrote an e-mail that a fellow classmate was having an affair with a
teacher, even though it was not true. You then sent it to five other friends.
Ahmad is a Muslim. One day, he received a spam e-mail stating that his
favourite soda drink Soda Moda uses non-halal food colouring, but he does
not know if the source of the content is credible or true. He decides to
forward the e-mail to 50 of his friends.
Chin Wei spreads a rumour that a Government Minister is receiving bribes

from an enemy government.
IMPACTS ON KENYAN SOCIETY
What can you conclude about the impact of controversial content on the
Kenyan society?
Pornography
can lead to criminal acts such as exploitation of women and children

can lead to sexual addiction or perversion
can develop low moral value towards other men, women or children
can erode good religious, cultural and social beliefs and behaviour
Slander
can develop into a society that disregards honesty and truth

can develop bad habit of spreading untruths and rumours
can lead to unnecessary argument
can cause people to have negative attitudes towards another person
LESSON 13: THE PROCESS OF INTERNET FILTERING
INTERNET FILTERING
It is our responsibility to ensure that the teenagers are protected from these
corruptions of the mind by filtering access to the Internet. Internet filtering is
a process that prevents or blocks access to certain materials on the Internet.
It is our responsibility to ensure that the teenagers are protected from these
corruptions of the mind by filtering access to the Internet.
What is Internet filtering?
Internet filtering is a process that prevents or blocks access to certain

materials on the Internet. Filtering is most commonly used to prevent
children from accessing inappropriate material and to keep employees
productive on the Internet.
CONTROLLING ACCESS TO THE INTERNET
Controlling access to the internet by means of filtering software has become

a growing industry in Kenya and elsewhere. Its use has increase as the
mandatory response to the current plague of society, namely internet
pornography, politically incorrect site, hatred, violence, hate and in general
anything viewed to be unpleasant or threatening.
The current preferred method of choice to limit access on the Internet is to

filter content either by:
keyword blocking
site blocking
web rating systems
These methods require software to be installed at a client of server level.
KEYWORD BLOCKING
One of the strategies is by using the keyword blocking method. This method
uses a list of banned words or objectionable terms.
As the page is downloading, the filter searches for any of these words. If the
word is found, it will block the page completely, stop downloading the page,
block the banned words and even shut down the browser.
SITE BLOCKING
software company maintains a list of dubious Internet sites

the software prevents access to any sites on this list
denial lists regularly updated
some software provides control over what categories of information
you block
Who decides what goes on the denial list and what criteria are they
using?
Can you keep track of the whole of the Internet?
filters can use both site blocking and word blocking
WEB RATING SYSTEMS

Web sites are rated in terms of nudity, sex, violence and language. The
Recreational Software Advisory Council (RSACI) is responsible for the rating
of the websites on the content on the internet.
Ratings done either by the web page author or by the

independent bureau.
Browsers set to only accept pages with certain levels of ratings.
LESSON FOURTEEN: CYBER LAW
The rapid development and implementation of the information and

communication technology ICT can result in the abuse of the World Wide
Web, a service which is provided by the internet. Information and database
in the Internet needs to be protected and secured against abuses. The
security and privacy of the data on the Internet is provided by Cyber Law.
A.) What is Cyber Law?

o Cyber Law refers to any laws relating to protecting the Internet and other
laws relating to protecting the Internet and other online communication
technologies.
B.) Needs for Cyber Law

o In the recent years, many concerns and issues were raised on the integrity
and security of information, legal status of online transactions, privacy and
confidentiality of information, intellectual property rights and security of
government data placed on the Internet.
Integrity and Security Security of
of Information Government Data
CYBER LAW
Intellectual Property
Legal Status of Online
Rights
Transactions
Privacy and
Confidentially
of Information
o These concerns and issues clearly indicate why Cyber Laws are needed in
online activities.
C) The Cyber Law Acts in Kenya

The Kenyan government has proposed cyber laws to control the internet
abuse.
The proposal looks at matters of ICT abuse in the following angle:
Identity-related Crimes: A Profile of East Africa from a

Kenyan Perspective
By resolution 2009/22, the Economic and Social Council (ECOSOC),

concerned about the serious threats posed by economic fraud and identity-
related crime and by other illicit activities that those forms of crime support
and concerned also about the use of new ICT technologies to perpetrate such
crimes, reiterated the need to have effective domestic powers to detect and
investigate, prosecute and punish as well as mechanisms for international
cooperation to prevent and combat these forms of crime.
In 2007, ECOSOC requested the United Nations Office on Drugs and Crime
(UNODC) to provide legal expertise or other forms of technical assistance to
Member States reviewing or updating their laws dealing with transnational
fraud and identity related crime.
Pursuant to that request, UNODC, in consultation with the United Nations
Commission on International Trade Law, established a Core Group of Experts
(CGE) on identity-related crime, bringing together on regular basis
representatives from Governments, private sector, international and regional
organizations and academia to pool experience, develop strategies, facilitate
further research and agree on practical action against identity-related crime.
The CGEs work is aimed at assisting the UNODC to comply with ECOSOCs
request to collect, develop and disseminate:
a. material and guidelines on the typology of identity-related crime and on

relevant criminalization issues to assist Member States in establishing new
identity-based criminal offences and the modernization of existing offences;
b. Technical assistance material for training, such as manuals, compilations
of useful practices or guidelines or scientific, forensic or other reference
material for law enforcement officials and prosecution authorities in order to
enhance their expertise and capacity.
c. A set of useful practices and guidelines to assist Member States in
establishing the impact of such crimes on victims;
d. A set of material and best practices on public-private partnerships to
prevent economic fraud and identity-related crime.
The Core Group of Experts has held five meetings; the first meeting was held
in Courmayeur, Italy, on 29 and 30 November 2007; and the other five
meetings were held in Vienna, Austria, on 2 and 3 June 2008; 20 to 22
January 2009 and most recently, 6-8 December 2010. The latter meeting
included the input of a wider group of new experts co-opted into the group,
including yours truly, who presented his assessment of identity-related crime
in East Africa in General and East Africa in particular.
East Africa has a union of five countries Burundi, Kenya, Rwanda, Tanzania
and Uganda. The East African Community (EAC) is the regional
intergovernmental organisation of the East African Union. The Treaty for
Establishment of the East African Community was signed on 30 November
1999 and entered into force on 7 July 2000 following its ratification by the
original three Partner States Kenya, Uganda and Tanzania. The Republic of
Rwanda and the Republic of Burundi acceded to the EAC Treaty on 18 June
2007 and became full Members of the Community with effect from 1 July
2007.
Progressively, the East African Region is moving towards political, social and
economic integration: it established a Customs Union in 2005, a Common
Market in 2010; a Monetary Union remains an imminent possibility by 2012
and ultimately a Political Federation of the East African States.
The Union has a combined population of more than 125 million people, a
land area of 1.82 million sq kilometers and a combined Gross Domestic
Product of $73 billion (2009). Kenya, Tanzania and Uganda have the highest
populations with each country exceeding 30 million (40 million for Kenya)
and Burundi and Rwanda having 9 and 10 million respectively.
The countries of union countries differ significantly in terms of population,

cultural, ethnic patterns, and in the availability of natural resources.
However, according to the United Nations assessment, these countries have
in common some of the lowest economic indicators and standards of living
and face severe development challenges.
Kenya, Tanzania and Uganda share a similar legal system/tradition. They are
all former colonies of Britain and their laws are largely descended from the
English Common law. Burundi and Rwanda, on the other hand, are former
colonies of Belgium and France and they both have civil law legal systems.
General Observations about the Legal Framework on Identity-

related Crime in East Africa
Generally, just like many other regions in the world, East Africa has its share
of identity related crimes, ranging from the serious and transnational to the
minor and localized offences. Money laundering and human trafficking
remains a major concern for both East Africas governments and its
international partners. New patterns of criminal activities have emerged in
the last decade due to the widespread availability and use of the mobile
phone and to a limited extent, the internet. This, among other things, have
prompted the EA countries to move towards enacting cyberlaws that define
computer and identity-related offences, including some related to identity.
However, even though the Union has adopted a general agreement of
principles on Cyberlaw and individual country commitments to the
enactment of new laws, the pace and flavour of the implementation has
hardly been uniform.
International Law
From the records of the United Nations, the following is the status of the EA
countries with respect to four major international instruments concerned
with cyber crime and identity related crime:
United Nations Convention against Transnational Organized Crime and the
Protocols thereto Kenya has signed and acceded; Tanzania & Rwanda have
ratified; Burundi and Uganda have signed
United Nations Convention against Corruption Burundi has acceded; all
the other EA states have ratified.
Council of Europe Convention on Cybercrime South Africa has for a long
time been the only African country to accede to the Convention, though to
be fair to other countries, this being by definition a European regional
convention, it has served only as a model for many non-European countries
and the failure to accede to it is not necessarily a reflection of a countrys
attitude towards combating cybercrime.
UNCITRAL Model Law on Electronic Commerce This model law has been
the touchstone of principles and practices for many countries, including East
African countries, in the formulation of cyberlaw legislation.
Municipal Law
Because of their common English descent, most of the Constitutional,
criminal and procedural laws of three of the East African countries Kenya,
Tanzania & Uganda - are similar. On August 27, Kenya promulgated a new
Constitution which replaced the old Constitution negotiated by the countrys
founding fathers with the former English colonialists in the 1960s. In the
three countries, with the new Constitution of Kenya being the recent
exception, the right to privacy has not been expressly legislated as a
constitutional or statutory right. Rather, it has been expressed as a broad
constitutional norm encompassed in the freedom from unlawful entry into
ones premises, the search and seizure of ones property and effects and
freedom from interference with ones correspondence. As a corollary, there
has been no express constitutional right to confidentiality and the protection
of personal information. The practice on the right to privacy and
confidentiality has been guided by the English Common law as applied
through judicial opinions.
However, Kenyas new Constitution expressly creates the right to privacy

(section 31) - Every person has the right to privacy, which includes the right
not to have
(a) their person, home or property searched;
(b) their possessions seized;
(c) information relating to their family or private affairs unnecessarily
required or revealed; or
(d) the privacy of their communications infringed.
Identity-related offences
In the three countries, identity-related offences are captured in the general
corpus of criminal law, in what may now be referred to as traditional
statutory offences that punish identity-related crime. These include the
following and their related offences:
o Obtaining by false pretences
o Forgery
o Fraud
o Impersonation and falsification of identity
o Theft
The East African Cyberlaw Framework was an initiative of the East African
Community with the support of UNCTAD, to develop a general framework on
legislative approaches to cyberlaw. The framework was adopted in June
2010. It seeks to promote regional harmonisation in the legal response to the
challenges raised by the increasing use and reliance on ICTs for commercial
and administrative activities and outlines agreed features to be transposed
into national legislation in order to address the various issues identified in
respect of: Electronic transactions, electronic signature and authentication,
data protection and privacy, consumer protection and computer crime.
On the subject of Data Protection and Privacy, the framework provides as

follows:
For the purposes of the Framework, data protection is used to describe

those obligations placed upon those entities that process information about
living individuals, generally referred to as personal data. A data protection
regime will also grant certain rights upon individual data subjects.
The application of data protection rules may be limited only to private sector
entities or public bodies. A sectoral regulatory response may be appropriate
to address specific uses and abuses of personal data, whether driven by
domestic or foreign concerns, such as the financial services sector.
In terms of the entity responsible for the processing, the following minimum
obligations represent international best practice in the area:
To comply with certain principles of good practice in respect of their

processing activities, including accountability, transparency, fair and lawful
processing, processing limitation, data accuracy and data security.
To supply the individual with a copy of any personal data being held and
processed and provide an opportunity for incorrect data to be amended.
The cost of regulation will be a critical factor in data protection. The cost
associated with a comprehensive or omnibus approach, specifically the
establishment of a dedicated regulatory authority, will generally be
excessive for most developing countries, especially if borne by the private
sector through licensing or notification fees. However, in terms of addressing
privacy concerns vis--vis public sector infringements, an authority
independent from government will generally be necessary in order to provide
the necessary trust and assurance in its activities. The regulatory authority
may not have an exclusively data protection remit, which mitigates the costs
involved.
Whilst a self-regulatory or co-regulatory approach may be appealing in terms

of minimising the public costs of regulation, its success depends on a
sufficiently strong and active private sector, willing and able to fund the
regulatory activity. It is also unlikely to be appropriate in terms of the public
sector use of personal data.
The Task Force recognises the critical importance of data protection and
privacy and recommends that further work needs to be carried out on this
issue, to ensure that (a) the privacy of citizens is not eroded through the
Internet; (b) that legislation providing for access to official information is
appropriately taken into account; (c) the institutional implications of such
reforms and (d) to take into account fully international best practice in the
area.
Status of implementation of cyberlaws

Any person carrying out an inquiry into this subject soon enough becomes
aware of the dearth of country information on crime statistics including the
typologies of cybercrimes and their differential distribution, the status of the
implementation of international/regional country obligations, the text of laws
and bills and even more importantly, victim data. As far as my best efforts
could establish:
Burundi is still at the stage of drafting its cyberlaws in conformity with the
Framework;
In Rwanda, a draft information and communication technology (ICT) bill
was prepared in 2009 covering e-signatures, consumer protection, privacy,
and content regulation. In early 2010, the country prepared a draft criminal
law on cybercrime. Rwandan laws on digital copyright and e-contracting
were passed in early 2010.
In Uganda, the legislature passed the Electronic Transactions Act and the
Electronic Signatures Act in October 2010. The fate of the third bill, the
Computer Misuse Act, could not be immediately established.
In Tanzania, the Law Reform Commission to the Ministry of Justice and
Constitutional Affairs has proposed separate bills on Cyber crimes, regulation
of electronic transactions and e-communications, privacy and data protection
and the amendment of the Evidence statute.
In Kenya, the Kenya Communications (Amendment) Act 2008 came into
force on January 2, 2010. This Act amended the Kenya Communications Act
of 1998 to rename it the Kenya Information and Communications Act, 1998
and to introduce to it provisions on e-transactions, e-signatures, consumer
protection, and computer crime.
Key provisions of Kenya Information & Communications Act, 1998 on

Privacy/Identity Data Protection
Ministerial regulations on privacy of telecommunication
The KIC Act empowers the Minister for Information and Communications to
make regulations with respect to the privacy of telecommunication. The
contravention of the Ministers regulation would attract a fine of USD 4,375
or imprisonment for a term of up to 3 years or to both imprisonment and
fine. However, no special regulations have been made under this section.
Prohibition against unlawful interception and disclosure of a message

The Act also makes it an offence for a telecommunications operator to
intercept or disclose a message sent through the operators system or to
disclose the statement or account of its subscriber. The prescribed
punishment for the offence is a fine not exceeding USD 4375 or to
imprisonment for a term of up to 3 years or to both imprisonment and fine.
Prohibition against disclosure of personal information through radio

communication apparatus
Except where the authority of the Minister for Internal Security has been
given, the Act forbids any person from using radio communication apparatus
with the intention of obtaining information on the contents, the sender or
addressee of any message. It also forbids, expect in the course of legal
proceedings, the disclosure by any person of any information as to the
contents, sender or addressee of any message coming to him or her through
a radio communication. A conviction for contravening any of these provisions
will lead to a fine of up to USD 12,500 or imprisonment for up to 5 years or
both fine and imprisonment.
Theft of information the legislation introduced an amendment to section

267 of Kenyas Penal Code which defines things that are capable of being
stolen for the purpose of the offence of stealing or theft. The amendment,
now in subsection (9) of the Code, states that Information is capable of
being stolen.
Unauthorised access to computer data
Access with intent to commit offences
Unauthorised access to an interception of computer service - Knowingly
securing access to a computer system for the purpose of obtaining any
computer service or intercepting any function or any data held in the
system.
Unauthorized modification of computer material - Knowingly doing an act
which causes an unauthorized modification of data held in any computer
system.
Damaging or denying access to a computer system
Unauthorized disclosure of password - Knowingly disclosing any password,
access code, or any other means of gaining access to any program or data
held in any computer system:
for any wrongful gain;
for any unlawful purpose; or
knowing that the disclosure is likely to cause prejudice to any person.
Electronic fraud - With intent to procure an advantage, fraudulently causing
loss of property to another person by an input, alteration deletion or
suppression of data; or any interference with the functioning of a computer
system.
Knowingly creating, publishing or availing an electronic signature
certificate for any fraudulent or unlawful purpose.
Unauthorized access to protected system - Securing or attempting to
secure access to a protected system in contravention of the law.
Re-programming of mobile telephone - Not being a manufacturer of mobile
phone devices or an authorized agent of such manufacturer, knowingly or
intentionally, changes or interferes with the operation of mobile telephone
equipment identity.
With the widespread use of the mobile telephone in East Africa, (for
example, over half of the Kenyan population has access to a mobile phone),
a new pattern of offences began to emerge.
o Kidnappings with the kidnappers using the convenience of the mobile
phone to get in touch with the victims family and make a ransom demand
o Hoax promotions/raffles where a subscriber is called by a person
purporting to be from a mobile service provider or a company running a
promotion and informed that they have won a prize in a draw and in order
for them to collect their money they need to pay via mobile money transfer
an administrative charge
o Or being falsely advised to dial a certain code ostensibly to register but the
effect of dialing that code transfers airtime to the criminals number
o A number of these crimes were being committed by convicts who had
unathorised access to mobile phones while in custody.
In July 2009, Kenyas President Mwai Kibaki directed the Ministry of
Information and Communication to establish a databank of all mobile
telephone subscribers. The directive was preceded by the Presidents
concern over a reported increase in phone-related crime.
Administrative/Institutional Framework for Combating Identity

Related Crime:
In Kenya, the Police Service is the principal law enforcement agent.
According to the department's website (www.kenyapolice.go.ke), it is
organized into twelve 'Formations' based on both administrative functions
and crime typologies. Out of these twelve formations, the following deal with
particular types of crimes:
General Service Unit for riots and offences of public order
Criminal Investigation Department -
Anti-stock Theft Unit for livestock theft
Traffic Police Department
Tourism Police Unit
Maritime Police Unit
Diplomatic Police Unit
Three other police units are important in discussions of identity-related

offences even though their place within the administrative structure of the
Police Service could not be immediately established:
The Serious Crimes which deals with offences such as money laundering,
kidnapping and organized crime;
The Anti-Banking Fraud Unit;
The Anti-Terrorism Unit.
Evidently, identity-related crime is not given any special treatment as a sub-

category or thematic subject both from a criminal justice or law enforcement
perspective. There is therefore no general conceptual framework or official
public study on identity-related crimes. Moreover, information on these types
of crimes is not necessarily disaggregated from the general crime statistics
that are compiled and published by the Kenya Police.
These crime statistics published by the Kenya Police for various types of
crime between 2006 and 2008 are presumably (because the report does not
say so) reports of crime incidents recorded at police stations throughout the
country and not necessarily actual convictions for the crimes.
The categories of crimes included in the table above are those that are
related to identity crime. Though I have included them in the table, it is not
clear from the statistics what ranges of crimes are covered by the
expressions other offences against persons or other Penal Code offences.
Identity crime typology and victim issues

Based on decided cases and media reports, the most common types of
identity-related crimes in East Africa (whether committed in their traditional
sense or with the aid of information and communications technology)
include:
Human trafficking
Money laundering
Terrorism
Fraud, forgery, impersonation and theft
Unlawful access to, modification, damage or theft of information in a
computer system
Unlawful modification of mobile phone equipment identity
Even far from the immediate loss and damage suffered that is the
consequence of the direct consequence of identity crimes on the part of the
victim, there are other challenges for victims of such crimes that relate to
access to legal aid and justice:
Because identity crime is not sufficiently mapped or studied by law
enforcement, there is inadequate information for both potential victims and
victims on how to avoid and mitigate the effects of such offences.
Inadequate legal framework While laws on certain aspects of identity
related crime are lacking or insufficient, existing laws focus mostly on the
punishment of the criminal and less on regulating the collection and
management of personal information.
The subject of the technical measures and minimum compliance standards
for protecting information, communications and commercial systems not
captured in legislation
East Africas governments have been challenged that they have not fully
complied with the minimum standards for the elimination of identity related
transnational crimes human trafficking, money laundering, economic fraud,
organized crime/terrorism.
Poor crime reporting and crime mapping. Though prosecutions for identity
related crimes are conducted, data on such cases is not compiled at the
provincial or national level, and any data compiled is not readily available to
the public.
Poor access to legal aid:
Poor victim access to knowledge on basic laws, prevention and self-help
High cost of professional legal aid
Poor forensic and prosecutorial knowledge and skills on the part of law
enforcement
Difficulties of jurisdiction and mutual-legal assistance in dealing with
transnational crimes
The following scenario extracted from the U.S. State Department Trafficking
in Persons Report, June 200 is illustrative of the plight of victims of identity-
related crimes:
Police reportedly arrested foreign trafficking victims for being in [the
country] without valid identity documents; in most cases, they pled guilty to
immigration violations and were quickly deported. The government did not
provide legal alternatives to the removal of victims to countries where they
would face hardship or retribution.
The way forward:

First, a baseline study on the incidence, typology and distribution of
identity-related crimes will need to be conducted in order to proved both
aggregated and disaggregating regional and country-specific information.
Such a study will provide the empirical information that will form the basis
for understanding and decision making.
There is need for improved tracking and reporting of identity-related crime
by law enforcement and other government departments in the chain of
justice and the sharing of this information with the public.
Capacity building interventions for law enforcement and civil society
groups focusing on forensics, investigative and prosecutorial techniques,
preservation of evidence and the protection of and handling of victims.
Information, education & awareness focusing on potential victims and
victims of identity-related crime will need to be developed for both victims
and law enforcement agencies.
Legislative reform The East African member states will need to follow up
on their obligations under the EA Cyberlaw Framework to prepare, sponsor
and pass legislation incorporating international best legislative standards on
data protection and identity-related crime.
Considering the important role of the private sector in the processing of
personal and financial information, in the development of technologies for
protection of personal information and ensuring the security and
confidentiality of computer-based transactions and in its ability to assist law
enforcement in the prevention, detection and punishment of identity-related
crime and the protection of victims, it is imperative that countries consider a
framework of co-operation between the public and private sectors in this
regard.
Finally, considering the trans-boundary nature of many identity-related
crimes, international legal obligations as well as mutual co-operation
between countries in dealing with trans-located victims of identity-related
crimes will need to be legislated or institutionalized.
OTHER EXAMPLES OF CYBER LAWS:
The Cyber Law Acts in Malaysia

o The Malaysian Government has already passed several Cyber Laws to
control and reduce the Internet abuse.
o These Cyber Laws include:
a. Digital Signature Act 1997

I. The Digital Signature Act 1997 secures electronic communication
especially on the Internet.
ii. Digital Signature is an identity verification standard that uses encryption
techniques to protect against e-mail forgery. The encrypted code consists of
the users name and a hash of all the parts of the messages.
iii. By attaching the digital signature, one can ensure that nobody can
eavesdrop, intersect or tamper with transmitted data.
b. Computer Crimes Act 1997
i. The computer crimes Act 1997 gives protection against the misuses of
computers and computer criminal activities such as criminal activities
unauthorized use of program, illegal transmission of data or messages
over computers and hacking and cracking of computer systems and
networks.
ii. By implementing Computer Crimes Act 1997 users can protect their rights
to privacy and build trust in the computer system. At the same time, the
government can have control at a certain level over the Cyber Space to
reduce Cyber Crime activities.
c. Telemedicine Act 1997
i. The Telemedicine Act 1997 ensures that only qualified medical practitioners
can practice the telemedicine and that their patients rights and interest are
protected.
ii. These acts provide the environment for the future development and
delivery of healthcare in Malaysia.
d. Communications and Multimedia Act 1998
i. The implementation of Communication and Telecommunication 1998
ensures that information is secure, the network is reliable and the service is
affordable all over Malaysia.
ii. This act also ensures high level of users confidence in the information and
communication technology industry.
o Besides these Cyber Laws, there are three other Cyber Laws being drafted
i. Private Data Protection Bill
ii. Electronic Government Activities Bill
iii. Electronic Transactions Bill
iv. Security Protection Bill
Summary
1. Cyber law refers to any laws relating to protecting the Internet and other
online communication technologies.
2. Cyber Law is needed to protect

i. the integrity and security of information
ii the legal status of online transactions
iii the privacy and confidentially of information
iv the intellectual property rights
v government data
3. Some examples of Cyber Laws in Malaysia

i Digital Signature Act 1997 iii Computer Crimes Act 1997
ii Telemedicine Act 1997
iv Communications and Multimedia Act 1998
4. Other Cyber Laws

i The security Protection Bill
iii The Private Data Protection Bil
ii The Electronic Transactions Bill
iv The Electronic Government ActivitiesBil
LESSON FIFTEEN: COMPUTER CRIMES
Nowadays, we found that many peoples are selling pirated computer

software to customers at a much cheaper price than the original CDs. Do you
think this is a criminal act or just a way of doing business?
COMPUTER CRIMES
1. A computer crime is defined as any criminal activity that is related to the
use of computers.
2. Any illegal act involving a computer is referred as a computer crime.
3. These activities include computer fraud, copyright infringement, and
computer theft and computer attack.
A. COMPUTER FRAUD
1. Computer fraud is defined as having an intention to take advantage over

or causing loss to other people, mainly on monetary basis through the
use of computers.
2. There are many forms of computer fraud which include e-mail hoaxes,
program fraud, investment schemes, sales promotion, and claims of
expertise on certain field, health frauds, scams and hacking.
B. COPYRIGHT INFRINGEMENT
1. Copyright infringement is defined as a violation of the right secured by a

copyright.
2. Copyright infringement involves illegal copying or reproduction of
copyright materials by the black market groups.
3. The open commercial sale of pirated items is also illegal. Copyright
infringement involves illegal copying or reproduction of copyright
4. With the current technology, the most perfect copy of the original
copyright materials can be downloaded from the Internet.
5. For example, the widespread of illegal downloading activities and sharing

of recorded music in MP3 format. Also the unauthorized copying of
movies even after the losing down of the Nepster.
C. COMPUTER THEFT
1. Computer Theft is defined as the unauthorized use of another persons
property with the intention to deny the owner the rightful possession of that
property or its use.
2. Insurance companies and drug companies have access to private medical

records. These medical records can be used to determine the ability of
employees to get an insurance policy. The drug companies may then sell and
share the information with other companies.
3. Examples of computer theft include:

a) transfer of payments to the wrong accounts
b) tap into data transmission lines on database at no cost
c) divert goods to the wrong destination
D. COMPUTER ATTACK
1. Computer Attack may be defined as any activities taken to disrupt the

equipment of computer systems, change processing control or corrupt stored
data.
2. It is very hard to trace the authors of cyber threats. Therefore, the school
authority will not know whether a virus entered their system from someones
e-mail or is generated by school hackers.
3. Computer attack can be in the forms of:

a) Physical attack that disrupt the computer facility or its transmission lines
b) Electronic attack that uses the power of electromagnet energy to overload
computer circuitry.
c) A computer network attack uses a malicious code to exploit a weakness in

software, or in the computer security practices of a computer user.
4. For example, the presence of technologically savvy young hackers in

schools that can produce damage to schools server.
5. They are capable of disabling filters and gate way software, or accessing
student information systems.
SUMMARY
1. Computer crime is any criminal activity that is related to the use of computers
such as fraud, copyright infringement, and theft and computer attack.
2. Computer fraud includes health frauds, scams and hackers.

3. Copyright infringement includes the illegal downloading and sharing of
recorded music and unauthorized copying of movies online.
4. Computer theft includes the unauthorized use of another persons property
with the intention to deny the owner the rightful possession of that property
or its use.
5. Computer attack includes any activities taken to disrupt the equipment of

computer system, change processing control or corrupt data stored.
LESSON SIXTEEN: COMPUTER SECURITY
DEFINITION OF COMPUTER SECURITY
1. Computer security means protecting our computer systems and the

information they contain against unwanted access, damage, destruction or
modification.
2. We need to protect our computer from any intruder such as hackers,

crackers and script kiddies.
3. We do not want strangers to read our email, use our computer to attack other
systems, send forged e-mail from our computer, or examine personal
information stored on our computer such as financial statements.
TYPES OF COMPUTER SECURITY

Three types of computer security are
a. hardware security
b. software security/ data security
c. network security
HARDWARE SECURITY
1. Hardware security refers to security measures used to protect the
hardware specifically the computer and its related documents.
2. The examples of security measures used to protect the hardware include
PC-locks, keyboard-lock, smart cards and biometric devices.
3. Besides these Cyber Laws, there are three other Cyber Laws being drafted
SOFTWARE AND DATA SECURITY

1. Software and data security refers to the security measures used to protect
the software and the loss of data files.
2. Examples of security measures used to protect the software are activation
code and serial number.
3. An example of security measure used to protect the loss of data files is the
disaster recovery plan method.
4. The idea of this plan is to stored data, program and other important
documents in a safe place that will not be affected by any major destruction.
NETWORK SECURITY
1. The transfer of data through network has become a common practice and
the need to implement network security has become significant.
2. Network security refers to security measures used to protect the network
system.
3. One example of network security measures is firewall. With firewall,
network resources can be protected from the outsiders.
PERSONAL COMPUTER SECURITY CHECKLIST
In order to make sure our computers are secured, here are the computers
security checklists to follow.
a) Do not eat, drink or smoke near the computer.
b) Do not place the computer near open windows or doors.
c) Do not subject the computer to extreme temperatures.
d) Clean the equipment regularly.
e) Place a cable lock on the computer.
f) Use a surge protector.
g) Store disks properly in a lock container.
h) Maintain backup copies of all files.
i) Stores copies of critical files off sites.
j) Scan a floppy disk before you open it.
k) Do not open any unknown email received.
SUMMARY
1. Computer security is a process of preventing and detecting unauthorized

use of the computer.
2. There are three types of computer, which are hardware security,
software/data security and network security.
Qn. Explain briefly the different threats to computer security:

Malicious code
Hacking
Nature/environment
Theft
LESSON SEVENTEEN: INTRODUCTION TO SECURITY THREATS
1. The computer is a great tool to store important information. In certain cases

the information is very vital that losing it will harm the computer system.
2. Computer threats can come from many ways either from human or natural
disaster. For example, when someone is stealing your account information
from a trusted bank, this threat is considered as a human threat. However,
when your computer is soaked in heavy rain, then that is a natural disaster
threat.
3. Generally, security threats include malicious code, hacking, natural

environment and theft.
A. MALICIOUS CODE
1. Malicious code is also known as a rouge program. It is a threat to
computing assets by causing undesired effects in the programmers part.
The effect is caused by an agent, with the intention to cause damage.
2. The agent for malicious code is the writer of the code or any person who
causes its distributions.
3. There are various kinds of malicious code. They include
Virus
Virus is a program that can pass on the malicious code to other
non-infected programs by modifying them.
To infect a computer, the virus needs to attaches itself to the program,
usually files with .doc (document), .xls (spreadsheet), .exe (executable
file) extensions.
It will then destroy or co-exists with the program.
Once the infected file is open; the virus will copy itself into that
particular system and perform its functions.
Eventually, it can overtake the entire computing system and spread to
other connected systems.
Trojan horse
A program which can perform useful but unexpected actions.
Must be installed by users or intruders before it can affect the systems
assets
An example of a Trojan horse is the login script that request for users
login ID and password.
The user will then successfully pass the login process, but the Trojan
horse will keep a copy of the information to be use for malicious
purposes.
Logic bomb
Logic bomb is a malicious code that goes off when a specific condition
occurs.
An example of a logic bomb is the time bomb. It goes off and causes
threats at a specified time or date.
Trapdoor or backdoor
A feature in a program that allows someone to access the program and
use it with special privileges.
Worm
A program that copies and spreads itself through a network.
Primary differences between worms and viruses
Worm Operates through the network While Virus Spreads through any
medium. (Usually copied programs or data files)
Worm Spreads copies of itself as a standalone program While Virus
Spread copies of itself as a program that attaches to other program.
B. HACKER
1. Hacking is a source of threat to security in computer. It is defined as

unauthorized access to the computer system by a hacker.
2. Hackers are persons who learn about the computer systems in detail. They
wrote program referred to as hacks. Hackers may use a modem or cable to
hack the targeted computers.
3. Kevin Mitnick is the most notorious hacker ever caught. He had stolen
millions of dollars worth of software and credit card information on the net.
He used new identities and cleverly concealed his locations. He spent 5 years
in jail for his hacking activity.
C. NATURAL AND ENVIRONMENTAL THREATS
1. Computers are also threatened by natural or environmental disaster. Be it

at home, stores, offices and also automobiles.
2. Examples of natural and environmental disasters:
a) Flood
b) Fire
c) Earthquakes, storms and tornados
d) Excessive heat
e) Inadequate power supply
D. THEFT
1. Two types of computer theft:

a. Computer is used to steal money, goods, information and resources.
b. Actual stealing of computer, especially notebook and PDA. (This type of

stealing causes loss of the expensive item and also the valuable
information.)
2. Three approaches to prevent theft
a) Prevent access by using locks, smart card application and password

activation
b) Prevent portability of your computer by restricting all hardware from
physically being moved to other places.
c) Detect and guard all exits and record any hardware (such as disk or CD)
before being transported
SUMMARY
1. Security threats include malicious code, hacking, natural environment and

theft.
2. There are various types of malicious code that include virus, Trojan horse,
logic door, trapdoor or backdoor and worm.
3. Virus is a program that can pass malicious code to other non-infected
program by modifying them.
4. Computers are also threatened by natural or environmental disaster such
as flood, fore, earthquakes, storms and tornados.
5. Computer theft includes stealing money, goods, and information and
computer resources.
LESSON EIGHTEEN: SECURITY MEASURES
1. Today, people rely on computer to create, store and manage critical

information. It is important that the computer and the data they store are
accessible and available when needed. It is also important that user take
measures to protect their computers and data from lost, damage and
misuse. How do we protect our computer from breaches of security and our
security risk? 2. Security measures mean the precautionary measures taken
to ward off possible danger or damage.
There are 6 types of security measures which are

data backup
cryptography
Antivirus,
Anti-Spyware
Firewall
Human aspects.
A.) Data backup
1. Data backup is a program of file duplication.

2. Backups of data applications are necessary so that they can be recovered
in case of an emergency.
3. Depending on the importance of the information, daily, weekly or biweekly
backups from a hard disk can be performed.
B.) Cryptography
1. Cryptography is a process of hiding information by altering the actual

information into different representation, for example APA can be written as
I?X.
2. Almost all cryptosystem depend on a key such as a password like the

numbers or a phase that can be used to encrypt or decrypt a message.
3. The traditional type of cryptosystem used on a computer network is called
a symmetric secret key system.
4. With this approach, the sender and the recipient use the same key, and
they have to keep the share key a secret from anyone else.
C.) Antivirus
1. User should install an Antivirus program and update it frequently.
2. An Antivirus program protects a computer against viruses by identifying

and removing any computer viruses found in the computer memory, on
storage media or incoming e-mail files
3. Identifying virus:
Two techniques are use to identify the virus:
a) Virus signature also called a virus definition. It is a specific
pattern of the virus code.
b) Inoculating a program file the Antivirus program records

information such as the file size and file creation date in a separate
inculcation file. The Antivirus program then uses this information to
detect if a virus tampers with the data describing the inoculated
program file.
If an Antivirus program identifies an infected file, it attempts to remove its

virus, worm or Trojan horse. If the Antivirus program cannot remove the
infection, it often quarantines the infected file. Quarantine is a separate area
of a hard disk that holds the infected file until the infection can be removed.
This step ensures other files will not become infected.
4. An Antivirus program scans for programs that attempt to modify the boot
program, the operating system and other programs that normally are read
from but not modified.
5. Many Antivirus programs automatically scan files downloaded from the
web, e-mail attachments and all types of removable media inserted into the
computer.
D.) Anti-Spyware
1. Spyware is a program placed on a computer without the users knowledge.

It secretly collects information about the user.
2. The Spyware program communicates information to the outside source.
3. An Anti-Spyware application program sometimes called tracking for threat
or a Spybot is used to remove Spyware.
4. Among the popular Anti-Spyware programs are:
o Spybot Search and destroy
o Ad-aware
o Spyware Blaster
E.) Firewall
1. Firewall is a piece of hardware or software which functions in a networked

environment to prevent some communications forbidden by the security
policy.
2. The purpose of a firewall is to keep bad thing outside a protected firewall
implement a security policy. It might permit limited access from in or outside
the network perimeters or from certain users or for certain activity.
3. There are three types of firewall
a. Screening routers
Simplest
Sees only addresses and service protocol type
Screen based on connection rules.
b. Proxy gateway
Complex
Sees full text of communication
Screen based on behaviour proxies
c. Guard
Most complex
Sees full text of communication
Screens based on interpretation of message content.
F.) Human Aspects
1. Human aspects refer to the user and also the intruder of a computer
system.
2. It is one of the hardest aspects to give protection to.
3. The most common problem is the lack of achieving a good information
security procedure.
4. There are three ways to protect computer from human aspect threat:
a. Organisation Self Awareness

Organisations need to be aware of the people they work with
Some threats also come from within the organization and not just from
the outside.
b. Organisational User Self Awareness

Provide employee with adequate training and the importance of
security and control.
Even a very high-tech protection system could not protect the system
against incompetent users.
c. Individual User Self Awareness
Threat often comes in beautiful offers and packages.
Do not download or install software from unreliable sources.
Do not expose important information to strangers.
Summary
1. Data backup is a program of file duplication.

2. Security measures mean the precautionary measures taken to ward off
possible danger or damage.
3. Cryptography is a process of hiding information by altering the actual
information into different representation.
4. An Antivirus program protects a computer against viruses.
5. Spyware is a program placed on a computer without the users knowledge
and secretly collects information about the user.
6. Firewall prevents some communications forbidden by the security policy.
7. Human aspects refer to the user and also the intruder of a computer
system which is one of the hardest aspects to give protection to.
LESSON NINETEEN: RELATIONSHIP BETWEEN SECURITY THREATS
AND
SECURITY MEASURES
Security threats may come in many forms. For example, when someone is
invading our account information from a trusted bank, this act is considered
as a security threat. Security measures can be used to prevent this invaders
from getting the getting the account information. For example, the bank can
use a firewall to prevent unauthorized access to its database.
A.) Security threats
1. Security threats causes data loss, computer damage and the misuse of
content. These threats include malicious code, hacking, natural disaster and
theft.
2. People need to apply some security measures to overcome these threats. The
examples of security measures include data backup, cryptography, Antivirus,
Anti-Spyware, firewall and human aspects.
B.) Malicious code threats Vs Antivirus and Anti-Spyware
1. Malicious code is a rogue program that threats computer assets by causing

undesired effects in the programmer part. These threats include virus, Trojan
horse, logic bomb, worm, trapdoor and back door.
2. Antivirus and Anti-Spyware can be used as security measure to protect the

computer from those threats.
3. These security measures provide protection to the computer by
a) Limiting connectivity
b) Allowing only authorized media for loading data and software

c) enforcing mandatory access controls
d) blocking the virus from the computer program
C.) Hacking VS Firewall
1. Hacking is an unauthorized access to the computer system done by a

hacker. We can use firewall or cryptography to prevent the hacker from
accessing our computers.
2. A firewall permits limited access to unauthorized users or any activities

from the network environment.
3. Cryptography is a process of hiding information by changing the actual
information into different representation, for example, an APA can be written
as 7&*.
D.) Natural disaster VS data backup

1. The natural and environmental disaster may include flood, fire,
earthquakes, storms and tornados.
2. Natural disaster may threaten a computers hardware and software easily.

Computers are also sensitive to their operating environment such as
excessive heat or the inadequacy of power supply.
3. The backup system is needed to backup all data and applications in the
computer. With the backup system, data can be recovered in case of an
emergency.
E.) Theft VS human aspects
1. Computer theft can be of 2 kinds:
a) Can be used to steal money, goods, and information and computer

resources.
b) The actual stealing of computers, especially notebooks and PDAs.
2. These threats can be handled based on the human aspects.

3. There are 3 approaches that can be taken by individuals or organizations
to prevent theft which are:
a) Prevent access by using locks, smart card or password

b) prevent portability by restricting the hardware from being moved
c) detect and guard all exits and record any hardware transported.
F.) be suspicious of all results
1. There are many instances where non-programmers develop applications

which are not built with proper understanding of software engineering
practices.
2. Data produced by such applications may not be correct and may risk
corrupting data received from other sources that are not compatible with the
application.
Summary
1. The relationship between the security threats and the security measures.
2. The appropriate security measures to use to protect the computer from
computer threats.
LESSON TWENTY: SECURITY PROCEDURES
Home alarm systems do prevent burglars from breaking in. Similarly

computers should have alarm systems to guard them from any attacks such
as viruses and data corruption. We can assume that the house is like the
computer while the alarm system is the security procedures that we take to
ensure its safety. It shows that the alarm system is the tool that prevents the
burglar from entering the house. Similarly, by taking extra safety
precautions, we can avoid any virus attacks and file corruptions in our
computers.
A.) Data protection
1. We need to protect the data in the computer as it may somehow get lost or
corrupted due to some viruses or mishap like fire, flood, lightning, machine
failures and even human errors.
2. There are a few ways to protect the information namely:

Make backup files
o Keeping the duplicated files in external storage such as in the
floppy disk and thumb drive.
o Do backup frequently to prevent data from getting lost due to
hardware or system failure.
Detect the virus and clean the computer
o A computer virus is able to infect the way the computer works
o With an Anti-Virus program, viruses can be destroyed and
eliminated quickly and efficiently.
o Viruses can be detected when we run an Anti-Virus program
o We can also delete the infected files and documents.
o Dont forget to do routine Anti-Virus checks, updates and backup
files to prevent from future virus attack.
Warn others on virus attacks
o We can warn others on virus attacks or new viruses by sending e-
mail to them.
B.) Detecting illegal access to system
1. The computer system is able to detect any illegal access to the system by
a user who does not have any authorization.
2. Basically, a corporation will simply use tcpwrappers and tripwire to detect
any illegal access to their system.
a)Tcpwrappers
Tcpwrappers will control access at the application level, rather than at the
application level, rather than at the socket level like iptables and ipchains.
The system will run tcpwrappers to log access to fttp, tftp, rch, rlogin,
rexe and telnet.
o Tcpwrappers stop the attempted connection
o examines its configuration files
o Will decide whether to accept or reject the request.
b)Tripwire
Tripwire will detect and report on any changes in the thousands of

strategic system files. The system will run tripwire to determine if system
files have changed.
3. Users access will be reviewed periodically by computer operations. On

going internal audits will be made to ensure detection of violations of
security and unauthorized modifications to software and data.
C.) Preventing illegal access to systems
1. There are things that cannot be taken inside the airplane. It is for the
purpose of security procedures. It is the same as computer systems. It would
not allow any unauthorized users to simply access the systems.
2. Ways to prevent illegal access to systems
a) Run anypassword to make password cracking difficult. Its a password

software tool to sort out this problem. And thus you can store all your passwords in
one secure place, which is protected with a strong encryption algorithm.
b) Run tcpwrappers to check if the name for an ip address can be provided
by DNC
c) Use a callback system to prevent unauthorized use of stolen passwords.
D.) Preventing illegal root access

1. To prevent any illegal root access, we should have Sudo. So that people
can perform on some machines without getting access to the entire root if
that is not require. In addition, with Sudo we do not have to give up the root
passwords.
2. Sudo stands for (Superuser do) and is a program in UNIX, Linux and similar
operating systems such as Mac OS X that allows users to run programs in the
form of another user (normally in the form of the systems superuser).
3. Sudo allows a permitted user to execute a command as the superuser or
another user, as specified in the sudoers file.
E.) Patch
1. Patch is a name of an UNIX utility. It applies a script generated by the

different program to a set of files that allows changes from one file to be
directly applied to another file.
2. Patch supplies small updates to software, provided that the source code is
available.
3. Resources are not enough to patch all security holes that we can hear
about through the bugtraq list.
4. Bugtraq is a full disclosure mailing list dedicated to the issues of computer

security. On-topic discussions are new discussions about vulnerabilities,
methods of exploitation and how to fix them. It is a high volume mailing list
and almost all new vulnerabilities are discussed there.
Summary
There are a few ways to protect information. They are
o Make backup files
o Detect the virus and clean the computer
o Warn others on virus attack
Qn. Describe the impact of ICT on society.
LESSON TWENTY-ONE: COMPUTER APPLICATIONS IN THE SOCIETY
The computer has changed the society today as much as industrial

revolution changed society in 18th and 19th century. People interact directly
with computer in education, finance, government, health care, science,
publishing, tourism, and industry.
Computers help them to do their work faster and more efficient by using the
software application that consists of special program for specific task.
SOFTWARE APPLICATIONS
Software applications are used for many reasons. Such as to:
o enhance the learning process
o to help in business activities,
o to assist the graphics and multimedia project
o To facilitate communication.
Area Examples of software applications
Home and Integrated software, Personal finance, Legal, Tax

Preparation,
Education
Clip Art/Image Gallery, Home Design/Landscaping and
Reference
Business Word Processing, Spreadsheet, Database, Presentation
Graphics, Personal Information Manager, Software Suite,
Project Management and Accounting
Graphics Computer-aided design (CAD), Desktop Publishing,
and Paint/Image Editing, Video and Audio Editing, Multimedia

Multimedia Authoring and Web Page Authoring
Communicat E-mail, Web Browsers, Chat Rooms, Newsgroups, Instant

ion
Messaging, Groupware and Video Conferencing
These software applications come in packages.
SOFTWARE APPLICATIONS PACKAGES
Software Application Examples of Popular Packages
Word Processing Microsoft Word and Lotus Word Pro
Spreadsheet Microsoft Excel and Lotus 1-2-3
Database Microsoft Access and Microsoft Visual

FoxPro
Presentation Graphics Microsoft Power Point and Lotus

Freelance Graphics
Personal Information Microsoft Outlook and Palm Desktop

Manager
Software Suite Microsoft Office and Lotus SmartSuite
Project Management Microsoft Project and Corel CATALYST
Accounting MYOB and Peachtree Complete

Accounting
A) HOME & EDUCATION

1. Today, computers are used in schools, colleges & universities in order to
promote better education by using computers.
2. Some of the software applications that usually used in schools &

universities include Microsoft Office, Adobe Photoshop, Macromedia
Flash, AutoCAD, and Macromedia Dreamweaver & Macromedia Director.
3. Computer for Higher Education
o Open Distance Learning (ODL) or On-line learning can be implemented as

computers are the main medium in delivering the knowledge from one
location to the other locations.
o This type of learning consists of online forum, discussion, quizzes,
test questions & many more. The example of the Open Distance Learning
institution is the Open University of Malaysia. (www.oum.edu.my)
B) BUSINESS
1 People use finance or accounting software to balance check books, pay

bills, track personal income & expenses, manage investments & evaluate
their financial plans.
2. Accounting software helps companies to record & report their financial

transactions. One example of these software applications includes MYOB,
Intuit Quick Books & Peachtree Complete Accounting.
3 Computers in Banking
o In the banking sector. Many financial institutions offer online banking.
People can access their financial records from anywhere in world. Example of
online banking is Maybank2u.
(www.maybank2u.com)
4 Industry
o By using the CAM system, computers record actual labour, material,
machine & computer time used to manufacture a particular product.
o Computer process this data & automatically update inventory, production,
payroll & accounting records on the companys networks.
o Examples of companies using this system are Proton
(www.proton.com.my) & Perodua (www.perodua.com.my).
C) GRAPHIC & MULTIMEDIA

1. Computers are crucial in publishing especially in the process of making
work available to the public
2. Special software applications are used to assist graphic designers to
develop graphics, texts, photographs & composing songs
3. Computer- Aided Design, Desktop Publishing, Paint/ Image Editing, Video &
audio editing & Multimedia Authoring are among the popular applications
software.
D) COMMUNICATION
1. A government provides society with direction by making & administering

policies. Most government offices or agencies have website in order to
provide citizen with up-to-date or latest information.
2. Examples of software applications used for communication include email, web
browser, newsgroups, instant messaging & video conferencing.
3. People can access government websites to:

Check information on taxes (www.hasil.org.my)
Apply for permit & licenses (www.jpj.gov.my)
Check for MyKad (www.jpn.gov.my)
Pay parking tickets & check summons (www.jpj.gov.my)
Renew vehicle registration (www.jpj.gov.my)
Register online for IPTA/IPTS application (www.moe.gov.my)
4. Computers in Tourism
Today, people will go online to get all related information about traveling.
They can visit websites to get information on destinations, prices, hotels,
flights & car rentals.
5. Computers in the Healthcare
In the medical field, computers are very important in running the

operations. Medical staffs use computers for various purposes, namely:
i. Maintaining patient records

ii. Monitoring patients vital sign
iii. Assisting doctors, nurses & technicians with medical tests by using
computer & computerized devices.
iv. Using medical software to help with researching & diagnosing health
conditions.
6. Science
o In the scientific world, computers are used in all fields of science from
biology to astronomy to meteorology and others. These are thing that can be
done by computer, namely;
i. Collecting, analyzing & modeling data
ii. Serving as medium of communication with colleagues around the
world
iii. Contributing to new inventions or breakthrough in surgery, medicine
& treatment.
iv. Imitating functions of the central nervous system, retina of the eye
& others by tiny computers.
v. Allowing a deaf person to listen through cochlear implant
SUMMARY
1. Computers help people to do their work faster & more efficient by using
the software applications that consist of special programs for specific tasks.
2. Software applications are used for many reasons such as to enhance the
learning process, to help in business activities, to assist the graphic &
multimedia projects & to facilitate communication.
3. Examples of software applications include integrated software, personal

finance, legal, word processing, spreadsheet, computer-aided design (CAD),
desktop publishing, email, web browser & chat rooms
LESSON TWENTY-TWO: COMPUTER USER
At the end of the lesson, student should be able to:

describe the various types of computer users in society.
COMPUTER USERS IN SOCIETY

The 5 categories of computer users are:
Home users
Small office/ house office (SOHO) users
Mobile users
Power users
Large business users
HOME USERS
The computer is a basic necessity. Each home user spends time on computer
for different reasons:
Business
Entertainment
Communication
Education
SMALL OFFICE/HOME OFFICE (SOHO)
These SOHO users:

Use desktop or notebook computers as well as telephone, hand-
phone and PDAs in completing their tasks and communicating
Work as a small company or works as an individual at home
MOBILE USER
Mobile users:
include real estate agents, insurance agents, metre readers and
journalists
use notebook computers, internet-enabled PDAs or smart phones
Work with basic business software such as word processing and
spreadsheet business software
use presentation graphics software to create and deliver
presentations to a large audience by connecting a mobile computer or
device to a video projector
POWER USER
Power user:
include engineers, scientists, architects and virtual reality animators
use computers with extremely fast processor, bigger storage and
customized software
Work with mini computers that uses design to meet the
organizational needs
use software such as CAD, CAM and MATLAB
LARGE BUSINESS USER

Large business users:
Bank, insurance company, hypermarket
use computers for basic business activities
have e-commerce that allows customers and vendors to interact and
do business transaction online therefore customers, vendors and other
interested parties can access information on the web
have e-mail and web browsers to enable communications among
employees, vendors and customers
provide kiosks in public locations
CURRENT AND FUTURE DEVELOPMENT
LESSON TWENTY-THREE: HOW TO CONDUCT A STUDY
At the end of this lesson, students should be able to:

Outline the basic steps of doing study
There are five basic steps to follow when we do study:
Step 1- Get an overview of the topic:
a) Familiarity: We need to familiarize ourselves with the topic before we start

doing study. This will allow us to spend more time developing a topic rather
than using more time learning about the topic.
b) Reference: Refer to a dictionary, encyclopaedia, handbook, textbook,

guide or bibliography which can provide an overview of the topic.
c) Brainstorming: Spend some time brainstorming about the topic and write
down everything that we can think of about the topic.
Step 2 - Narrow down the topic:
a) Narrow down the topic by reading the sources and form some specific
questions related to the topic. By doing this, we may have awareness of the
various aspects that we may want to study.
Step 3 - Find study materials:
a) Study materials are available offline and online. We can search for the
information that we want in books, journals, articles or other resource
materials found in the library and the internet.
Step 4 - Evaluate study materials:

All selected materials need to be evaluated in 4 aspects:
a) Relevance:
Does this publication help to answer the research question? If it does
not find something else which does?
b) Perspective:
Is this a primary source (presenting the authors own research and
ideas) or a secondary source (summarizing and discussing the
research and ideas of others)?
Is the evident biased? Does the author attempt to sway the readers
opinion?
c) Reliability/ Credibility
Is the information accurate?
Has the information been peer reviewed?
Are the authors and publishers reputable?
Do they cite their credentials?
Are there footnotes and a bibliography?
d) Update
How recent is the information published?
How recent has it been updated?
Have there been new developments on the topic?
Could the information you are using be misleading because of the
publication date?
Step 5 - Writing out the study paper:

a) When all resources are gathered, start writing the paper and cite all the
sources of information used. These may include books, journals, articles and
magazines.
LESSON TWENTY-FOUR: PRESENTING RESULTS

A presentation should contain three well-defined sections, they are:
1. Introduction
is at the beginning of the research
includes the objectives of the research
provides a clear statement on why the study was undertaken
includes the limitations/assumptions and analytical techniques
2. Content
consists of facts or arguments related to subject matter
can be presented in an argument format or just as an overview
3. Conclusion
is a review of content (not repetition of content)
relates to the statement of objectives in the introduction
should not introduce new issues
should contain judgment or decision that has been reached
BASIC NEEDS OF A GOOD STUDY PAPER
There are varieties of ways to write out your research. However, there is a
set of basic requirements that must be followed when it comes to submitting
or presenting written presentation.
BASIC NEEDS OF A GOOD STUDY PAPER
There are a variety of ways to write out your research. However, there is a
set of basic requirements that must be followed when it comes to submitting
or presenting written presentation.
1. General Points
number all pages
use one side of A4 paper
secure all pages with a staple (top left-hand corner)
dont use paper clips/pins or folders
must be typed/word processed
clear and easy to read print-out
spell check your paper
supply an estimated word count on the cover sheet
include your name, course name and teachers name
2. Style
double-spaced
12 point minimum and 14 point maximum (with the exception of
headings and footnotes)
2 spaces after a full stop and 1 space following a comma, semi-
colon or colon
no abbreviation such as e.g., & or etc. unless it is included in
a bracket. Write everything in full: for example, that is, and so
on.
numerals are used when the number is more than two words; for
tabulation; statistical discussion; sums of money; addresses;
dates; time; and page, chapter, volume numbers (for example, 2
June, 2000)
consistency in style for example in writing out headings
3. Quote
a direct quote must be placed in quotation
Block quotes are used if a direct quote is more than three lines
long.
if possible, paraphrase information in preference to using direct
quotes.
use quotes and paraphrasing to support argument
4. Clarity
helps your readers understand your paper by organizing your
paper well and dont forget to insert the page numbers
Edit your work means reading through the paper several times
before submission and dont just rely on the rough spelling and
grammar checks offered by your software.
5. Indicating your intentions
In a complex study, the introduction of every section should
inform the reader what to expect in that section should contain
judgment or decision that has been reached.
The final paragraph in each section should tie the contents of
that section together with a short conclusion.
do not use too many words to say what you are going to do and
what you have done, keep to the necessary minimum
PREPARING THE PRESENTATION
1. The style and presentation of assignments are essential

2. Presentation should be presented clearly. It should not be read out
3. Literature cited in text should be accurately documented
4. References used for presented should be clearly mentioned
LESSON TWENTY-FIVE: DELEGATION OF WORK
A WHAT IS DELEGATION?
Delegation is the ability to assign tasks to others with the authority,

responsibility and accountability to finish the tasks.
B WHY DELEGATE TASKS?

Reason why should I delegate tasks:
Will be able to save time
Help others to learn new skills, for example, how to negotiate and
cooperate
Utilize individuals additional strengths and expertise
Will be able to achieve large goals by dividing them into smaller
tasks
Promotes creativity and diversity because others may have better
way doing things
Cut down on tasks that can be done just as well by others
C WHAT TO DELEGATE
In order to complete a team project, you will be asked to use your skills in
research, presentation and task delegation. When working on a large project
you must know what task to delegate and how to assign them.
1. QUESTIONING
Discover a problem
Form a question to answer the problem
2. PLANNING
Set out steps to find answer
Select sources for possible answer
Plan a basic draft for reporting
Assign tasks to team members
Agree on contingency plans
3. GATHERING
Go to agreed sources of information
Collect information
4. SORTING
Put similar information together
Highlight valuable credible information
5. SYNTHESISING
Discuss information with others
Combine different information
6. EVALUATING
Discuss if information gathered supports the answer
Test out solution and decision that supports the answer
EXAMPLES OF TASK DELEGATION
Scenarios Good Techniques
The head librarian wants us to finish the work Set clear task deadline.
by the end of the day, which is about 5 pm.
We have to sort out these books according to Describe in detail the task
their subjects. Remember to stick the correct objective.
book codes onto the books.
I will teach you the coding system. Help team member to

perform task if needed.
Chong, you take the science books and Indra, Delegate task to those
you take the art books. qualified to do the job.
I dont know the coding system. Inform limitation of abilities

or resource to other team
members.
So, is everybody clear on what needs to be Monitor task progress.

done and when we should meet again later?
LESSON TWENTY-SIX: TOPICS FOR STUDY STEPS TO DO A STUDY

PORTFOLIO
In order to do the research,

you need to follow this 5
steps.
STUDY TOPICS
Form into groups. Discuss with the team members and choose ONE (1) of the
study topics below:
1. Copyright and piracy from a moral and legal standpoint.

2. Credit card fraud on the Internet and its implications on the industry/
economy/government.
3. Malaysian Cyber Law, Electronic Government Law.
The portfolio will contain:
1. Team journal
study project introduction page
minutes of team meetings
initial project plan/calendar
conflict resolution report
2. Initial framework for presentation
3. Final presentation
The purpose of team journal is to keep track the progress of the project.
The teams initial framework is where the team should do some basic study
on the topic and decide what should be included in the presentation.
The print out of the final presentation will be given to the teacher for final
grading.
SOURCE CITATION CARD

Source citation card is a note card in which you write the name of the article,
author, book name, page numbers, where you found it, why it is good
information and a short summary of the important points.
CREATING YOUR PRESENTATION
A presentation should:
have at least 15 slides (not including the Title slide)

have a Title slide
- introduce presentation
- include names of each member of the team
use any design templates

use at least 5 graphics (e.g.: clip art, photographs, word art and
drawings)
have some multimedia
- use animation on slides (be careful of very noisy ones!)
- use slide transitions
use less text on the slides

- try presenting the information through pictures, graphs, mind
maps or any other form of visual (as oppose to textual)
presentation
have a citation slide

- the last slide must list all of your citations and other related
resources (where you got the content)
- Remember to give credit to others!
THE FINAL PRESENTATION

Guidelines:
Each team member must speak during the presentation.

Each team will have 10 minutes to present.
Presenters should face the audience and not just read from the screen
or paper.
Tips:
Practice in advance.
Prepare notes on paper or cue cards to help you remember what you
need to say during the presentation.
Remember to speak out clearly for people at the back to hear you.
Do not shout!

Ictgen

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Ictgen

Transféré par

Droits d'auteur :

Formats disponibles

UNIT NAME: ICT AND SOCIETY

UNIT CODE: DICT 009

How our ancestor used to disperse information to others?

Timeline for the Development of Technology

1500 BC The Phoenicians developed the alphabet

105 BC Tsai Lun of China invented paper

1454 The first printing began with the creation of printing

1793 Telegraph line was invented

1876 The first telephone was introduced

1925 Television was made known to public

1941 Computer was created

1958 Photocopier machine was introduced

1963 Communication satellite was introduced

1969 The first internet known as ARPANET started

LESSON TWO: EVOLUTION OF COMPUTER

a) The early years

200 BC Chinese Abacus (First counting machine)

500 BC Egyptian Abacus

1620 John Napier invented Napiers Bone (Multiplication table

1653 Blaise Pascal invented Pascaline

1673 Gottfried Wilhelm Von Leibniz invented Leibnizs

1801 Joseph Marie Jacquard invented weaving loom (using

1823 Charles Babbage invented mechanical calculator

1941 Mark 1 was invented in Harvard University. The first

B. First Generation (1940 1956)

4. New technology was needed in the invention of technology. These

b) Punched card used to store data

C. Second Generation (1956 1963)

1. The second generation computer scientists invented something new due

3. The creation of transistor sparks the production of second generation

4. The advantages of transistor:

D. Third Generation (1964 - 1971)

b) Several programs run at the same time

E. Fourth Generation (1971 Present)

1. It took only 55 years for the 4th generations to evolve.

4. In 1971, Intel created first microprocessor

a) Bill Gates who invented Microsoft

F. Fifth generation (present and beyond)

1. New hardware technology:

G. New Era Computer

2. Electronic Banking Services provide 24 hour services. The services include

1. Computers are used to

2. User who benefits are

c.)Administrators Administrators use computers to oversee the entire

a. E-commerce helps in boosting the economy. It makes buying and selling

2. User who benefits are

c) Employee s Employees use computers and telephones to communicate

E.) Other sector that benefits from the usage of ICT

Computers are use to promote telemedicine. Researchers found it useful in

Evolution of man and machine

1. Education is the science of teaching and learning of specific skills.

Banking before ICT Banking after ICT

Banking was done manually by All transactions are done by

Transactions can only be made Transaction can be done at

Takes time to approve any loan Online services, phone banking

Industry before ICT Industry after ICT

Industry was slow because Computers and

1. Commerce is an activity of exchanging and buying and selling of commodities

Commerce before ICT Commerce after ICT

Trading was made using the E-commerce plays an important

Advertisement was in the form of

Trading globally was extremely

LESSON FIVE: IMPACT OF ICT ON THE SOCIETY