First phishing. Fishing with an F. There's a way to catch fish using bait like worms. It's fun, except for the worms. Fishing with a Ph isn't fun. It's scary internet stuff. Phishing is a way for bad people to catch your private details, like your bank account number or passwords. The bait they use is lies. Here's how phishing works, say you get an email. It looks like it's from someone you trust, like your bank, but it's not. It tells you to confirm your bank details or your account may be closed. Scary. You click on the link and go to a website. It looks like a real Bank website. But it's not. You enter your details and someone uses them to steal your identity and buy things with your money. Which is not nice. Here's how to be safe from fishing. Number one, your bank will never ask you to confirm your details via an email, like ever. This is the most obvious way to spot a fishing attempt if you receive an email like this, suspecting. Don't click it. Number two, look for your name. Phishing messages say things like, um, dear valued customer. If it doesn't say your name, don't click it. Number three. Look at the URL in your browser browser window if the URL looks like a different name from the name of the company. Don't click it. Number four. Rest your mouse pointer on the link that will show the real web address. If it doesn't look like the proper company name, don't click it. Number five, look for spelling mistakes. If there are any spelling mistakes or the email doesn't look professional? Don't click it. Number six, get security software that includes anti-phishing and identity protection features like Norton 360 or Symantec. Best of all, just don't use links in emails to get to websites like ever. Always type the URL instead. Thank you for looking at our quick guide to scary internet stuff to allow to be safe.

Would it surprise you to learn that millions of computers in the U.S are infected with malware? That's a lot of computers. So, what's malware and why should you care? Malware short for malicious software includes viruses and spyware that get installed on your computer or mobile device without you knowing it. Criminals use malware to steal personal information and commit fraud. For example, they may use malware to steal the login information for your online accounts or to hijack your computer and use it to send spam, an infected computer can lead to serious problems like identity theft. The good news? There's a lot you can do to protect yourself and your your computer. One of the most important steps you can take install security software from a reliable company and set it to update automatically. The bad guys constantly develop new ways to attack your computer, so your software must be up to date to work, set your operating system, and your web browser to update automatically, too. If you're not sure how, use the help function and search for automatic updates. Don't buy security software and response to unexpected calls or messages, especially if they say they scanned your computer and found malware scammers. Send messages like these to trick you into buying worthless software, or worse, downloading malware. What else can you do? Use a pop-up blocker and don't click on links and pop- ups. Don't click on links or open attachments and emails, unless you know what they are. Even if the emails seem to be from friends or family. Download software only from websites you know and trust. Free stuff may sound appealing, but free downloads can hide malware. Make sure your web browser security setting is high enough to detect unauthorized downloads. For example, use at least the medium security setting. Even if you take precautions, malware can find its way onto your computer. So, be on the lookout for these signs. Your computer runs slowly. Drains its battery quickly. Displays, unexpected errors or crashes. It won't shut down or restart. It serves a lot of pop-ups, takes you to web pages you didn't, visit changes your home page, or creates new icons or toolbars without your permission. If you suspect malware, stop doing things that require passwords or personal info. Such as online shopping or banking. Use a different computer, maybe one at work, or at your local library to change your passwords. Update your security software and run a system scan. Delete files that Flags as malware. If you can't fix the problem on your own? Get help from a professional. Your computer manufacturer or internet service provider may offer free tech support. If not, contact a company or retail store that provides tech support. Keep in mind the most important thing you can do to prevent malware is to keep your computer software up to date. And remember, it's easy to find trusted information about computer security

That's why Innovative startups are popping up around the world, solving the security problem with Biometrics. We actually use the vein patterns in your eye. Eye verify discovered that the blood vessels in the whites of your eyes are as unique as the worlds on the tips of your fingers. So the iris, many people know the iris. They expect that to be a good biometric, and it is but actually takes infrared light and an infrared camera. Which phones don't have? We use just an ordinary phone, enter my name. Gosh, this is fast. Done. Eye Verified caught the attention of Samsung Sprint and Wells Fargo. They all invested now. The Kansas City-based company is using that backing to crack two markets where security is Paramount. Number one is Enterprises. The companies want to protect access to their networks. There's a breach like every day, the second one is, you know, broadly, mobile banking or mobile financial Services. According to one forecast by 2019, five, and a half billion people will use Biometric authentication on mobile and wearable devices. MasterCard has been experimenting with biometrics, too, and recently tested an app using voice and facial recognition for 14, 000 e-commerce transactions. MasterCard also invested in Bionam. This Toronto-based startup has developed a wristband, the 79 Nymi that harnesses what may be the most secure Biometric of all your heartbeat. You look at all of the little Peaks and valleys in the shape of that waveform that's unique to you. We've now tied this to you. It's in an active State because it's no, it's still on your rest, right? And now, we can have it do stuff. For example, we can have it unlock a phone. That's the beauty of persistent identity. Imagine how seamless life would be if logging onto your email, unlocking your car, or checking into a flight where as easy as strapping on a wristband and verifying your ECG. The device does the rest is binary to kill the password. I don't know if you use that word too much, but probably.

If you've done this, accessing credit card through your fingerprint, you're already part of a revolution in Mobile technology, Biometrics, the science of measuring features or functions of the human body to establish your identity passwords, pins, usernames infuriatingly. Hard to remember and downright dangerous.

So, if passwords are impossible to protect on their own, what do we do? That's where two-factor authentication comes in. Two-Factor authentication or 2fa adds a second method of identity verification to secure your accounts. First, the thing you know your password, then something unique that you have, like your phone or fingerprint. By combining your password with one of these factors, attackers can't access your account, even if they have your password. The most common 2fa systems use a unique one-time code with every login attempt. This code is tied to your account and generated by a token smartphone or sent to you by text message. The more modern and most secure form of 2fa, uses a mobile app to send an approval notification to your smartphone or Smartwatch for the least hassle possible. With 95% of breaches involving account takeover, two- factor authentication is the most effective method of prevention. It's time for everybody businesses, governments, and you to take the easy and effective step of enabling two-factor authentication on all accounts. If it uses a password, it needs to use two-factor authentication

Passwords are everywhere. We use them to access our money or Communications, even our social lives. At first, we used one password for everything, but that wasn't good enough. So, we started making our passwords even more complicated and began using password managers to organize the dozens or hundreds of the unique passwords we used. But no matter how complex our password system wise, it was never enough to prevent account takeover because all it took was one fishing email or database exploit and your password was out in in the world.

Okay, now that we've seen how some of the modern cryptographic techniques work. Let's see how they work together to make our internet secure. Securing the internet involves making the https protocol and the secure socket level protocol (ssl) secure. You've all familiar with https. This is the protocol you use when, for example, you want to give Amazon your credit card number so that you can buy a book or a movie. The secure socket level is a transport level protocol that is used when the client and server want to communicate through encrypted messages. So, both of these need be made secure And what does that mean? It means two things: that the messages can be sent securely, meaning encrypted and secondly, that the identity of the server can be trusted. When we think we're communicating with Amazon, we want to make sure we're communicating with Amazon and not some rogue site. All browsers and web servers come with a suite of both symmetric and asymmetric ciphers (public key). They also use what are known as digital certificates provided by certificate authorities that enable them to confirm the identity to confirm the identity of (trusted sites, such as Google, Amazon, etc.) servers and other computers on the internet? We're going to see how all this works together.

Let's begin with a handshake that takes place whenever you request, or whenever your browser requests a secure session with a server. So, this is your browser on the left running on your laptop or your desktop computer (or even a mobile device: phones, tablets, etc. since they are smaller, confined computers). It makes a secure request to some server, using the https protocol to this server. The first thing the server does is it responds to the client by sending an x509 certificate, that's a standard certificate containing its public key. The client takes this certificate and uses one of its digital certificates that it has built into it to authenticate that the server really is who it says it is, that the server is Amazon. It also uses the certificate authorities information to confirm that the public key that was sent does belong to Amazon. So, in other words, it can be assured that when it sends an encrypted message, now back to the server that it's sending it to Amazon, and then only Amazon can read the the message. Given that once the client authenticates the server's identity and public key, it uses the publicly key to encrypt a randomly generated symmetric key. The client generates this internally encrypts it in the servers publicly and sends it back to the server. The server, of course, then uses its private key to decrypt the symmetric key. Now, at this point, both the client and server are sharing a symmetric key. And from then on, they can communicate in encrypted messages using that shared symmetric key. All the rest of the traffic between them during this session is done encrypted using that symmetric key. Now, why do they use both public key and symmetric keys in this handshake? Well, the reason is that they use the public key for exchanging the symmetric key. And they use the symmetric key for the actual encryption of the data that they're sending back and forth. And the reason for is, this is simply that symmetric key cryptography is much more efficient than public key cryptography. So, this saves time in terms of the traffic that goes on back and forth between the client and the server. Slide 87

Now, what role do the certificate authorities play? Well, first of all, a Certificate Authority is an entity like a corporation or a foundation that issues digital certificates. These certify the ownership of the public keys, so these certificate authorities need to do whatever it takes including maybe visiting the mem, visiting the organizations that say that may that create these public keys to determine that the public key really is what it says, (example) it is the public key of Google or the public key of Amazon. And the fact that they are trusted third parties, these authorities is what enables the browsers and the servers to trust them. They don't have any stake in the game other than authenticating that these public keys really do belong to who they say they belong to. So, commercial certificate authorities charge money to organizations to create browsers and so forth, and they will automatically provide a set of these certificates that are built into the browsers. For example, Mozilla maintains a list of at least 57 different trusted certificate authority corresponding certificates built right into its software.

Okay, let's summarize some of the key points that we've been discussing. Internet Security, that which means, among other things, the https and the SSL protocols is supported by both symmetric and public key cryptography. As you've seen now, some of the details about these algorithms. It's important that you recognize that they are based on solid mathematical foundations, and it's the intractability of solving certain problems like the prime factorization problem and the discrete logarithm problem that protects the security of these cryptographic algorithms. Secondly, all the deciphers that we've been discussing, all the modern cryptographic techniques Diffie Hellman, RSA, but also the but also the secure socket layer protocol, the https protocol; All of these are based on Open Standards that have been developed by committees of experts, mathematicians, cryptographers, computer scientists that are openly discussed over a period of many months and then finally adopted as standards. They are maintained by standard organizations whose job is to maintain the standards and publish them and oversee their implementations. By the way, the current symmetric standard used in some of the examples that we saw: the handshake between clients and servers is known as the advanced encryption standard. If you want to find out some of the details about how it works, it uses both substitution and transposition algorithms to create a secure symmetric cipher. And finally, certificate authorities are bodies that issue digital certificates that are used to validate the identity and authenticate the identity of servers on the internet, so that when you use your browser to give your credit card information to Amazon, you can rest assured that you are actually connected to the right server

This portion of the presentation will focus on the RSA public key encryption algorithm. As we saw at the end of the previous presentation, the Diffie Hellman algorithm has some impracticalities as we saw. It requires a setup phase, in which Alice has to exchange some public information with with Bob, not only with that Bob with with any Bob (meaning to an imposter without knowing it?) she wishes to exchange a key with. These impracticalities are avoided by another algorithm that we're going to look at RSA algorithm, which is the most widely used cryptographic algorithm. Here's the public key model that it uses. The cryptographic key is broken into two parts, a public and a private part. The public part is used for encrypting, so Bob's public key is used by Alice to encrypt the word hello, running it through the encrypt algorithm and then sending the result. This gibberish here, over to Bob. He uses the private part of his key to decrypt the word the gibberish and retrieve the word hello. The encryption happens using a key that's been divided into two, and as you can see visually, these two parts are related. There really are one key that's been divided in half. Include public model, slide 36

We'll want to see how that happens, how that works. The key is broken into a public and private part. Bob and Allice publish there's public keys, and that's the big difference between RSA and Diffie Hellman. They published them so that all people who want to encrypt messages to Bob can use Bob's public key, Alice and anyone else. Alice encrypts the word hello using Bob's public key and sends the encrypted gibberish to Bob, who decrypts it with his private key? So let's see what makes RSA hard? What protects RSA from Eve? It's also based on a one-way function, and it's our familiar modular arithmetic function, which is easy in one direction and hard, and the other.

The expression:

m^e mod N -> c

m: message (a number) <--RSA requires messages to be represented by numbers. But this is not a problem, right? Everything is binary!

In this case, the m in this expression represents the secret message that's being communicated. The e is a public exponent. It's part of the public key. The N is a public modulus, also part of the public key. And the c is the resulting encrypted message? And again, it's easy to compute m to the E mod n, knowing m, e, and N. But it's very difficult. It's intractable to find m given the encrypted message, plus the public key just e and N.

And again, the idea for the public and private key is that they are two halves of this exponent used in the expression m raised to an exponent mod n and so the trick is to mathematically to get this exponent in such a way that it's very hard to break it in half if you don't know some secrets. So that's a very high level summary of the RSA algorithm. Slide 51

Let's summarize its key features. First, like Diffie Hellman, the RSA algorithm solves the key exchange problem. Unlike Diffie Hellman, however, the RSA public Keys can be widely published and distributed rather than needing to be shared among parties in a encryption transaction and that makes it especially well suited for internet encryption. well suited for internet encryption. And finally, RSA is a secured by the intractability of the prime factorization problem. That's the problem of trying to discover the prime factors of a very, very large number. So here again, we see intractability being used to protect information, just as we did when we used it to help protect passwords from Brute Force attacks (by having too many possible options)

Public Key Cryptography

· Diffie-Hellman is the first use of asymmetric key.

. It has some impracticalities: · Setup phase: Alice has to exchange public information with

. These impracticalities are avoided by the Rivest-Shamir-Adleman (RSA) algorithm.

The first solution that was used to solve the key exchange problem is known as the Diffie Hillman key exchange algorithm. The idea behind it is to divide the key into two parts, a public part that is shared, and a private part that's kept secret. This video by Brit Cruz is one of many that he's produced to explain cryptography. It gives a nice analogy of the diffie-hellman Key Exchange using paint.

*In the video:

Imagine two people who have never met could do an amazing trick. Alice and Bob are allowed to communicate over a line which is tapped, so any message they pass will be intercepted by Eve, who is always listening. The trick is to agree on a secret numerical key without Eve also obtaining a copy. How is this possible? First, let's explore how this trick is done using colors. So, how could Alice and Bob agree on a secret color without Eve finding it out? The trick is based on two facts one. It's easy to mix two colors together to make a third color and to give it a mixed color. It's hard to reverse it in order to find the exact original colors, especially on the amount, that made the mixed color. This is the basis for a lock, easy in one direction hard in the reverse direction. This is known as a one-way function. Now, the solution works as follow. First, they publicly agree on a starting color, say yellow, next Alice and Bob both randomly select private colors and mix them into the public yellow in order to disguise their private color. Now, Alice keeps her private color and sends her mixture to Bob and Bob keeps his private color and sends his mixture to Alice. Now, the heart of the trick Alice and Bob add their private colors to the other person's mixture and arrive at a shared secret color. Notice how Eve is unable to determine this color since she needs one of the private colors to do so. This is the trick, which is a perfect analogy of the Helmen algorithm

The colors are represented by six digit hexadecimal value, an RGB value, which is the standard way colors are represented in browser languages, such as hypertext markup languages. The first two digits represent the amount of red, the second two digits represents the amount of green and the third two digits, the amount of blue

So, the key exchange problem is the problem common to all symmetric key ciphers, namely, how can Alice and Bob share a secret key without Eve getting it. The implications of this for the internet are enormous. You wouldn't be able to do banking and credit card transactions unless you were able to have encrypted communication between clients and servers. For this, they need to share an encryption key.

At some of the classical symmetric ciphers. And we ended up seeing that they all suffer from a problem, namely, the key exchange problem, the need to be able to exchange keys between Alice and Bob in order to perform encryption and decryption. In this lesson, we're going to look at some of the modern cryptographic techniques that are used to solve this problem, which is an important problem, because if you can't solve this problem, you can't really have a secure internet where we can make secure banking and credit card transactions.

One important fact to observe is that the frequencies don't change in a transposition, so there's just as many e's here as there are here, and that would be true for the entire transposition cipher so we can use frequency analysis to determine which method was used in encrypting a message. So, for example, here's two messages one was encrypted using a substitution cipher and one was encrypting using a transposition Cipher. Use this letter counter app to help you figure out which is which method

So far, we've just looked at a couple of substitution ciphers where the way you create the ciphertext is you substitute a letter from the cipher alphabet for a letter from the plain alphabet. Well, there's another type of encryption known as transposition. In that case, you don't substitute letters. You just rearrange the letters in the original message, and there's lots of rearrangements. So, for example, if you have a message with 100 letters who's basically a hundred factorial ways that those could be rearranged, so this is quite a good way to encrypt text. And, for example, if we take the the message hello world, this is a transposed message and transpose it. You would see something like this. Can you see the transposition rule? You can see it from the first word. I'm simply reversing every five letter sequence in the original message. So, hello becomes this world becomes this, and so on.

So far we've been talking about substitution ciphers, where ciphertext letters are substituted for plaintext letters. A transposition cipher is one where the letters in the message are rearranged -- the alphabet is unchanged. 。 Plaintext: hello world this is a transposed message • Transposed: olleh dlrow isiht artas sopsn semde egas

So is this simple substitution Cipher uncrackable? Well, let's wait a minute here. It's not, for example, one of the pieces of information we can use in analyzing simple substitution is the letter frequencies of the English language or any language If you looked at a histogram of English letter frequencies, you'd see that e is the most frequent letter just above 12 percent, T is the second most frequent at somewhere around nine percent, a is very frequent at more than eight percent and so forth, so you would see this familiar pattern in any text that you encrypted. For example, if you encrypted it using the simple substitution Cipher, you might get this pattern, but you'd still see a peak where the letter that was substituted for e occurs. And maybe this is the peak for T, and maybe this is the peak for a. By analyzing those peaks and valleys, you can determine how the message was encrypted, can figure out the key. But, wait a minute… frequency analysis works!<br /> Slide 21, 22 chart

E.G. If you sorted by frequencies. Now, you can see this very clearly if you sort the two histograms, they're practically identical, and that's what lets the analyst with some effort, of course, figure out the key and break the message so you can break simple substitution cipher using frequency analysis. That makes Eve happy, Alice and Bob are not very happy about that. Eve wins … you don’t need brute force. Frequency analysis will break simple substitution. slide 23, 24 chart

The last question how many keys would you have to try in order to perform a Brute Force attack on simple substitution? Let's look at that question again. The answer is an enormous number 26 factorial Keys. That's the number of ways you could shuffle the plain text alphabet of 26 letters. So that's way too hard. And that fact makes Alice and Bob happy and Eve not very happy.

Simple Substitution Cipher

Key: Randomly mix up the plain alphabet to get a cipher alphabet.

So the key basically tells what to do with getting a cipher alphabet to be able to encrypt either the key consisting of a number for shifting each letter or a keyword to put in beginning as a way of scrambling

Algorithm: Substitute plain letters with shuffled letters.

This tells how to encrypt the message using to cipher alphabet

Well, let's look at a slightly more complex Cipher, another example, of what's called a simple substitution Cipher, which means generally that you randomly mix up the alphabet to get a cipher alphabet and then you substitute plain letters with shuffled letters, so we're gonna use a little trick here that we're going to have a keyword that'll help us (one way to) construct our Cipher alphabet, which is our actual key by putting the keyword at the beginning and then putting all the letters that aren't in the word, zebrafish following it in alphabetical order. Now, obviously, there are lots of ways we could do this, but that gives us an easy way to transmit the key between Alice and Bob. Alice just tells Bob zebrafish and he knows how to construct this alphabet. But if they wanted, Alice could simply create a permutation or shuffling of this alphabet, not using the keyword and pass that along to Bob. Once you've created the cipher alphabet, encrypting and decrypting, in simple substitution cipher works the same as it did in Caesar Cypher. For each letter in the plane text message, you replace it with the corresponding letter from the cipher alphabet. Of course, you have many more possible Cipher alphabets because the alphabets aren't merely a shifting of the original plain alphabet. chart

How do you crack a Caesar Cipher? In other words, how does Eve break these messages? Well, the one question you might ask is, well, how many different keys would Eve have to try to do what's called a Brute Force attack? That means try every possible key. As you've probably discovered, the answer is 25 Keys. That's way too easy, so Eve is very happy about that because she can easily break Caesar Cypher. chart

Okay, so let's continue our discussion of how the internet works. The next important concept is that protocols that manage the internet are govern. The Internet organized into distraction levels. Here's one representation of this model. This is called a TCP IP model, so you see, there's four layers in this model application layer, transport layer, Internet layer, and link layer each plays a distinct role, and each has its Associated protocols that manage traffic and manage processing of data at that layer. Here's an example well, well, first of all, an important

8 hops, where each hop is a router on the Internet.

This connection is the impression that is given by the technology you're using, which makes it look that way. Let's now look at another network utility called Trace route that lets us Trace how packets are routed through the internet. You can also get to this through the network tools site, and this time you want to select the trace tool and suppose I want to trace packets as they travel between Network tools and MIT. I put in MIT, I click go MIT.edu, and it shows me MIT's, IP address.

Is packet switching like a landline telephone connection between A and B? One misconception that frequently found about the internet is when you're browsing a website or sending an email or talking on the phone through your smartphone. It might seem to you like, you have a channel between the between you and your destination. Well, that's not the case package switching is not like what's called circuit switching, which is the kind of switching that was done when we used land lines to communicate in circuit switching. You actually do have a channel that remains constant throughout the call between the receiver and the caller. That's a dedicated channel. Only this caller and receiver are on that channel in a packet switch Network. There is no such sustained connection, and each individual packet each little voice packet. When you're talking on, the phone is being shipped through the internet along multiple routes. What seems to you to be a continuous connection is the impression that is given by the technology you're using, which makes it look that way. Include packet vs. circuit switching picture

This sort of design and in this redundancy that you get by being able to have multiple paths through the network. It leads to a network that can withstand various kinds of outages and disasters, so for example, compare a centralized network where all the messages have to go through a central server or central router. What happens if that router gets knocked out, well, you can no longer communicate on that network. You've broken the entire network. Compare that to a decentralized network, such as this one, one path between A and B, is shown in red here. Now, if nodes get knocked out, you can still find a path from A to B. This redundant routing capability gives the network a robustness that you don't have with a centralized network. Include the centralized vs. decentralized network comparison under decentralization and redundancy

Why is this protocol used? Well, the story goes back to the Cold War in the 50s. When we were worried about nuclear attacks from enemies like the Soviet Union and the desire was to create a network architecture that withstands that. The idea was that to come up for a decentralized network with multiple paths between any two points A and B, and then you would simply divide the message into small packets and route them independently, where each router along the path simply forwards the packets to another router along the path.

how data travels through the internet. It uses a protocol called packet switching and imagine you're sending an email to your friend and it's a long email. Your email application is going to hand that off to a protocol that's going to break that message into fixed size, relatively small packets. So, those are P1, P2, P3. Here, those packets are going to be sent through the internet to the destination. So, this is the source your computer, let's say, and this is your friends. Can take different routes through the network when they arrive at their destination. Of course, they have to be gathered together there and then then reassembled, and there s no guarantee they re going to arrive in the order P1, P2, P3, but they have to be reassembled in that order in order for you to read them. Include email packet switching example

the Ping activity, which we learned about in a previous lesson to try reaching some hosts on the internet. Here's an example of a utility called Network tools.com that we can use the picture shown here is demonstrating how we use it to do ping. So, as you notice, Network tools has a bunch of tools that you can select here. The one you want to select for this activity is the Ping utility. Basically, you put in the domain name of the computer you're trying to reach or the host you're trying to reach and click the go button, and it will display this information. And then it shows you that it has sent a number of packets to this IP address, and it's reporting on the round trip time it takes for a packet to reach that host, and then for the host to reply back, that it's received it, and it then shows you here what the average latency for the round trip was for that particular ping. Include image in the ping activity

The internet uses a basic end-to-end architecture. Messages are sent from, say, a host A to host B, but messages have to travel through one or more routers, depending on where these two hosts are are located, and hosts are simply computers that are connected to the internet, so that could mean your laptop or your smartphone or tablet and hosts are given IP addresses or Internet. Hosts are reachable either by means of their IP address or by their domain name. For example, the host trincall.edu, the main computer for Trinity College, has this domain name and this IP address: 157.252.10.123. We're going to learn a lot more about how that works in a subsequent lesson. Routers compared to hosts are dedicated computers that transmit data between networks within the internet. Include diagram of hosts and routers

As you might recall, the Internet is really a network of disparate networks signified here by the different colored local networks. The different colored dots are the host computers on the network and they're connected by routers, which are special purpose computers that deliver messages through the internet. Include the diff. networks and routers diagram

In this lesson, we're going to talk about the internet's architecture and some of the protocols. As you might recall, we talked about the internet back in unit 2, where we learned that the internet and the World Wide Web were distinct things. One way to think about that is the internet is the hardware that runs applications like the World Wide Web, which is software. In this lesson, we're going to talk about basic internet architecture, Packet Switching. Packet switching, which is how information is routed through the internet. The tcpip protocol, which manages the traffic through the internet, as well as how the internet is organized into different abstraction layers. Let's

This presentation covers the following topics: ⚫ ° Basic Internet architecture ° Packet switching ° TCP/IP Internet Protocol Suite Internet abstraction layers

What is the digital divide? What are some ways to reduce the effects of the digital divide?

The digital divide is the divide on the access of the digital world of technology through the networks and the hardware where people have access to it and the Internet while some don't. Some ways to reduce the effects of the digital divide are to have places on hand where people can go for Internet and technology access, lend people with the hardware and internet access such as from schools, and provide funding to earn money for those who don't have enough to get the Wi-fi and hardware.

What do you think affects the differences in bandwidth globally as well as in different locations in the U.S.?

A main thing that directly affects the bandwidth and is so different across locations globally is access to the Internet and strength of the connectivity of the Internet, fastness, which is then affected by the location you're in or how much money one has to afford it.

Why is it a useful measure?

Bandwidth: Once measured, It tells us maximum capacity In which the data is transferred over one’s network

Latency: Allows us to know if there is a lag to then fix

As a recap, bandwidth and latency are two measures of internet performance. Bandwidth is the throughput or how much data per second can be transferred in terms of uploading and downloading. Data in latency refers to the amount of time it takes a piece of data to reach its destination

So, an example of what you might see in the results table, you can see ttl (time to live (# of hops to get to destination)), a count of how many times they did it the number of hops that it took in order to get there. And then, rtt (round trip time (time to destination + time get reply)) is the routing time or the time it took for that signal to be sent and then for us to get an acknowledgment back that they received the signal. And you can see the average time in terms of milliseconds, so there was on average 20 milliseconds for us to ping the MIT.edu server

Another term related to the internet performance is latency, so we just talked about bandwidth, which is the throughput or the speed that you can upload and download information latency, then, is a measure of the time. It takes a piece of data to reach its destination. So, it's typically measured in milliseconds or thousandths of a second. A ping activity, which will measure the latency of your network. So, ping is a networking utility used by Network administrators to measure the administrators to measure the latency on the internet. So, what you can do is, you can go to a website and use their ping utility to test the reachability of certain hosts.

Broadband Access definitely an issue in terms of thinking about if you have access to the internet, but you don't have Broadband access where broadband referring to high-speed internet service. Then, that means that you may not be able to use the web as effectively, or use the resources that are on the web as effectively. So, if you have Broadband, that usually means that you have it through a cable or DSL modem in a DSL, digital subscriber line, one that's connected via your home telephone Network. You can see here, there's about 72 percent Broadband penetration in its member. So, within the OECD (The Organization for Economic Co-operation and Development) countries, and you can see some of them listed there. You'll notice that a couple of them Finland, Australia, Japan, Sweden, Denmark, create even the United States. It's just barely over that 100 percent mark. So, what that means is that there is more than one Broadband connection for every person. So, for example, I have a connection. I have multiple connections, including my cable network here at home. I have an internet service plan for one of my tablets, and I also have cellular data plans, you know, for each of the phones that are in our house. So, if you start to think about the different plans you have four different devices. You can see how we're now getting over a hundred percent penetration, but to notice that many countries, like if you go down to the last one, they're on the list. Mexico doesn't even have 25 penetration for Broadband yet, so that means that they're using something, means if they have internet access, because more than 25 of Mexico's population has internet access. They are using something slower than Broadband access.

Let's take a look at what bandwidth is on a global scale. So, bandwidth speeds vary across the globe, depending on where you're at and what kind of internet access you have. The current Global average is about 18.4 megabit speed download. Korea leads the world with 52.4 megabits per second and in the US. The average is about 24.4 megabits per second. The higher the number is especially with the units, the faster it is.

Bandwidth or throughput is the rate at which data is downloaded or uploaded in a network, and it can be measured in bits per second, kilobits per second (thousands), megabits per second (millions). Usually you see it either in kilobits or megabits per second. There are websites for a test that you can use to measure your download speed.

Just to refresh your memory. We're looking at the differences between the internet and the World Wide Web in terms of the World Wide Web being an application that runs on top of the internet, which is a network of networks. And in that worldwide web. A lot of times, you are transferring data back and forth. You are transferring web pages and images so that you can view them in your browser. So, the question of Internet performance is really about how fast your web pages load and what goes into figuring that out.

So, let's look at how that transaction takes place. Let's suppose you're visiting a web page in your browser, and there's a link on it. www.host.edu/page.html, now your browser is viewing a document that is coded in the Hypertext Markup Language, which is the language used to code web pages. So, when you click on that link, your browser knows to send a request over the Internet for that page that you've requested to a web server at host.edu at this location www.host.edu that URI corresponds to an IP address. The IP protocol knows how to route that request to a particular server at host.edu, and that server is constantly listening on Port 80 (A port is a memory location in the server's RAM that is connected to software that listens for incoming requests.) for incoming HTTP requests. When it gets the request it needs to access the page that you requested page.html, so it goes to its disk drive, retrieves the page.html with all of its included resources. In this case, there's a picture smiley.png, and it then sends it back encoded as an HTML document, of course, to the browser that requested it. The browser then renders the page, and it appears the way you'd expect it to. So those are the seven parts of the transaction seen from a high level. We'll look in some detail later on. Another example is bring up an app in App Inventor like paint pot.

Include HTTP ans HTML model picture.

A host is a computer that is connected to the Internet. Servers are host computers.

A client computer, client software request services from a server located on the internet. For example, a client makes a request to a server over the Internet to respond to the request. So, for example, (EG: Gmail stores messages on Google's servers and processes requests to send/retrieve messages.) suppose you're running Gmail in your Firefox browser on your computer when you request that it refresh your email list. A request goes out from your browser to Google's Gmail server, and it responds by sending you an updated list of your emails (INCLUDE PICTURE OF THIS EXAMPLE)

Web resources are hosted by Web servers which respond to HTTP requests. The resources themselves are stored or hosted on computers designed with software to manage those resources. These are called web servers. They are the ones that respond to the HTTP requests that you make in the client server model,

What happens when accessing web pages using the HTTP protocol? Hypertext transfer protocol is the protocol that manages the World Wide Web. Use it in that protocol resources on the web, whether they be images or web pages or files are accessed by means of their Uniform Resource Identifiers or their Uris. For example, here's a URI for Wikipedia's English language site: http://en.wikipedia.org/index.html. Resources are accessed by means of browsers like Firefox, Chrome, Safari, IE, …

When the modulus of 2 (the remainder when dividing by 2) = 0, then it is even

When the modulus of 2 (the remainder when dividing by 2) = 1, then it is odd

https://docs.google.com/presentation/d/1VWdfhZcI20fjG9koi6hkJnW5eiA85vnoeO6RVJGD9j4/edit?slide=id.g38f2384d0_2195#slide=id.g38f2384d0_2195

I think it would be possible to have the PRNG spit out 6 nines, and that would be by choosing the input number to be a nine and manipulating the formula of the PRNG to always spit out nines. It could still be random if it spits out the same number in a row.

So to sum up, a PRNG is a computational 'model' of randomness, as such, it's an abstraction, its a simplification of true randomness. Whenever you have a model of something, you can always ask,

"Well, is it a good model?" What would that mean in this case? Well, it would mean... * How does it do when you ask it to generate a number in the range 1 to 100? Does it give us a good distribution of numbers? * If you use it to simulate a coin flip, is it going to give us a good distribution of heads and tails? Equally likely to generate “Heads” or “Tails”? 50/50? * What about drawing a card out of a deck? What are the odds gonna be 1 and 52? Is it equally likely to draw any card out of a shuffled deck of 52 cards?

So those are some of the questions that you could ask

LCGs are not the only type of PRNGs. They have some good qualities, they have pretty good randomness qualities, they're fast, and they don't require much memory, but they're not good enough for certain computing operations, such as cryptography or encryption, and certain types of simulation problems, and for those applications, stronger PRNGs are used

Going back to our Pseudo Random Number Generator random integer function or block from App Inventor, here's how things work then, whenever you say: give me a random number, and a random integer between 1 and 2, the App Inventor block will call on the PRNG to give it the next number; now remember, the PRNG is generating a huge long sequence of numbers that are very big numbers like this, so what App Inventor block does is it takes them, and depending on what you tell it here, it performs it's own mod operation on this number, to generate like 1 or 2, and what you see when you call on this block with 1 and 2 as the arguments, is a sequence of 1s and 2s as in this example

https://docs.google.com/presentation/d/1VWdfhZcI20fjG9koi6hkJnW5eiA85vnoeO6RVJGD9j4/edit?pli=1&slide=id.g38f2384d0_2175#slide=id.g38f2384d0_2175

PRNGs are an actively important research area in mathematics and computer science. This type of PRNG is called a linear congruential generator (LCG) because it uses a linear function.

The goal of the research is to find for a, c, and m, the multiplier the number we add to the result, plus the modulus. For example, the PRNG used in the Java programming language or in some implementations of it uses this big number for a, uses 11 for c, and 2 to the 48th for m, which means that you're gonna have very long sequences of numbers, very big numbers, before the numbers repeat themselves

Let’s add mod to our formula. But we’ll use mod 13 (instead of mod 12).

For example, if we had a PRNG doing X sub i is 10, then X sub i plus 1 is 10 times 2 plus 1 is 21, then mod 13 gives us 8. If X sub i is 8, X sub i times 2 plus 1 is 17 mod 13 is 4. If we take 4 as our input, we get 9 and then 6 and then 0, so forth, so if we continue in this way, we will produce another sequence of numbers.

The numbers jump around seemingly randomly between 0 and 11. But notice that the sequence repeats when it hits 10, so it repeats after a very short time. And, it can’t generate a 12. It just wouldn't be a very good PRNG.

We need a formula that calculates the next number in a sequence, given the current number.

For example, if we had a PRNG with the number 10 as the current number, it might produce the number 21. Here's the formula that will give us that result, so for example, if x1 is 10, then 10 times 2 plus 1 gives us 21, which is x2. That's the kind of formula we need. Let's generalize our formula a little bit. We'll make the notation more abstract, will let X sub i stand for the current number, and X sub i plus one stand for the next number. If X sub i is 10, then X sub i plus 1 is 10 times 2 plus 1 is 21. If X sub i is 21, X sub i plus 1 is 43. If X sub i is 43, X sub i times 2 plus 1 is 87, and so forth, so if we continue in this way, we will produce the sequence of numbers.

Now, this formula is a very simple formula we've got that produces a sequence that isn't really very random-looking. For example, the numbers keep getting larger, as you can tell from this formula. They're going to just keep getting larger, so that's not a very random-looking sequence

a # mod another # is just the remainder after dividing a # by #

Modular arithmetic is doing simple mathematics of operations, in the end, division, and repeating it enough to get a remainder, reaching a certain number.

Long division. Repeated subtraction is just division with a remainder.

So, (11 + 20) mod 12 = 31 mod 12

That’s 7 (the remainder)

Mathematicians call this modular arithmetic. It’s called the modulo (or mod) operation. We repeatedly subtract 12, our modulus, until we get a number between 1 and 12. Or 0 and 11 (0 is the same as 12).

Clock Arithmetic

In a 12 hour clock (not 24 hour clock)

9:00 o’clock + 4 hours = 1:00 o’clock (not 13 o’clock)

9 + 4 = 13 - 12 = 1

11:00 o’clock + 5 hours = 4:00 o’clock (not 16 o’clock)

11 + 5 = 16 - 12 = 4

In a 12 hour clock (not 24 hour clock)

11:00 o’clock + 20 hours = ?

11 + 20 = 31 31 - 12 = 19, but no 19 o’clock, so 19 - 12 = 7

In App Inventor, the Random Integer Block that we use, as you've seen, will give us a random number in a range, so if we say from 1 to 100, it will give us a number such as 50, and it does so by calling on the built-in PRNG in App Inventor

PRNGs are useful in Cryptography, Computer Games, Weather models, simulations, casino machines, and more

Typically, you would give the PRNG a seed that would start a sequence of numbers, and then it contains a formula to go from the current number and produce the next number. Each time you say give me the next number, it will produce another number in the sequence

Pseudo Random Number Generator * A PRNG uses an algorithm * To generate a random-looking sequence of numbers

Pseudo Randomness

• Computers simulate randomness.
• Using an algorithm.
• That generates a sequence of numbers.
• That looks random.

True Randomness

• Flipping a coin, rolling a pair of dice, drawing a card from a well-shuffled deck.

• Radioactive decay, weather.

• Hard to do on a computer.

A parity bit flip is detected when an odd number of bits in the data and parity bit are changed during transmission

A parity bit is flipped when an error occurs during transmission, causing the total number of 1s in the data to change, and the receiver detects an error because the received parity doesn't match the original parity rules