5.5 Github Pages Action

1. When you create a GitHub repository it requests a license type. Review the license types in relationship to this Tech Talk and make some notes in GitHub pages.

  • Creative Commons - Good for a project where you do not mind anyone using it any way they want
  • Open Source MIT - Good for a project where you can use code freely and distribute closed versions.
  • Open Source GPL - Good for project where people can use your code but they cannot distribute closed versions

Make a license for your personal and Team project. Document license you picked and why.

  • We picked a MIT license because there is not much reason for anybody to distribute the poway CTE website and its code. Additionally, the only conditions to it are that we must disclose the license and copyright information when we distribute the website.

5.6 Github Pages Action

Describe PII you have seen on project in CompSci Principles.

  • PII that I have seen on previous CompSci projects include my name, my google account, my github account, a picture of myself.

    What are your feelings about PII and your exposure?

  • I think that PII is not always a bad thing, it is good to get yourself out there for people that may be looking for you (job opportunities, old friends). However, it is also important to manage that PII properly and make sure it does not get into the wrong hands and it is not easy to find.

    Describe good and bad passwords? What is another step that is used to assist in authentication.

  • Good passwords are usually random combinations of letters and numbers and symbols, while bad passwords may include PII about you or easily identifiable numbers and patterns. A step that is used to assist in authentication is multi-factor authentication. This can include a text, email, or code sent to you that you can use to log in, increasing security on such a password.

    Try to describe Symmetric and Asymmetric encryption.

  • Symmetric encryption uses one key that both/all of the specified users have that can be used to decrypt a message. Asymmetric encryption involves encryption using a public key and decryption using a unique private key, which are connected mathematically.

    Provide and example of encryption we used in deployment.

  • In deployment, we used HTTPS to encrypt our website. This uses a TLS protocol to send HTTP data/files to the user that is encrypted data.

    Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.

  • A phishing scheme I have learned about the hard way included an email to my youtube account saying that it was hacked and I need to reverify it. However, I was not actually hacked until I entered my information to secure my account, not realizing that it was not the official google account site.

5.5 to 5.6 Notes

  • Intellectual Property(IP) - Creation or invention from creativity to which one has rights
  • Copyright protects your IP
    • Prevent people from using it without permission
    • Prevents plagiarism
  • Legal ways to use something
    • Open Source
    • Creative Commons
    • Open Access
  • Creative Commons provides licenses for free that also tells you what you can or can’t do with your IP
  • Open Access - Free of any restrictions, free of copyright or license

  • Digital Divide - Unequal access to tech

  • Personally Identifiable Information (PII)
    • SSN
    • Age
    • Race
    • Phone Number
    • Email
    • Bank Information
  • PII only shared with trusted individuals or sites
  • Search engines record history of what you browsed
  • PII can enhance user experience
    • Also can be exploited if privacy protections ignored
    • Can have harmful impacts
  • Info hard to delete
    • Info on social media can be easily used by others and other sources to get info on you
  • Strong Passwords - >10 characters, symbol, #s, casing variation, and no identifiable info
  • Multi Factor Authentication - Info you know, what you are, or things you have
    • Includes 2FA like email, text, authenticator app
  • Malware - damages computer by taking it over, can infiltrate in different ways
    • Do virus scans to prevent malware
  • Encryption ensures safety and message sent over system, encodes the data to prevent unauthorized access
    • Symmetric - One key to encrypt and decrypt data
    • Asymmetric (Public Key Encryption) - two keys
      • Public for encrypting
      • Private for decrypting (required)
  • Digital Certificates - validates ownership of encryption keys
  • Phishing - trick for personal information through emails from something you trust, usually has malware that infiltrates your PC
    • Keylogger - Records keystroke made from user to gain info on passwords, PII, etc.
    • Rogue Access Point - Wireless network point that gives unauthorized access to secure networks