My (then home educated) daughter used the Hodder Computer Science text book for CIE IGCSEs last year. It was good but we found a number of mistakes. It is still a current textbook so I am noting down some corrections.
The corrections are mostly from Lucy’s notes, but I have looked at the textbook too. Not all are important for the exam, but most could be.
Most of the problems are in Chapter 8. These are what is covered below. If I find any more relevant notes, or find any other issues, I will add them below. If you spot anything I have missed please let me know.
Hacking has meaning other than breaking into a computer system. It can also mean ingenious or cobbled together use of technology. The book’s definition is a common usage.
Cracking means maliciously breaking in into computers. The book’s definition is simply incorrect.
Viruses and malware
- Viruses embed themselves in other software, altering the executable (program) files them selves. This may include documents that can contain software, such as office documents that allow macros.
- A worm is a free standing executable that replicates itself.
- A trojan is disguised as, or inserted into something else, but does not usually replicate itself. For example, a user may install an apparently useful application and find that the developer (or someone else tampering with the distributed code) has added malicious functionality.
Pharming redirects users from a website they want to use to another one. This may be done by editing the hosts file on the user’s own computer, compromising DNS servers, or compromising routers.
WEP should no longer be used. It has been replaced by WPA
Spyware and keylogging
Spyware is much broader than keylogging. Spyware might record web browser history, track media usage, and more.
Keylogging is hard to spot, and may be done with hardware (typically a recording device plugged into a USB port, with the keyboard plugged into that) as well as malicious software. Wireless keyboards may also be monitored in other ways.
- Are not the only mechanism for storing data in a web browser: there are also flash cookies and HTML5 storage, for example.
- While anonymous per se, they can be used to store personal information, or to store IDs that can be linked to personal information.
SSL and TLS
Most current web browsers no longer support SSL, or even early versions of TLS.
The term SSL is still used to refer to things associated with this layer: e.g “SSL certificates”.
MD4 is very old and rarely used. MD5, SHA-1 and other more recent algorithms are more common.
Denial of service attacks (DOS)
Attacks that flood the target usually use large numbers of machines to simultaneously attack it. These are often huge networks of PCs compromised by malware. These are called Distributed Denial of Service Attacks (DDOS).
There are may other attacks. For example, Slowloris (see proof of concept code) can bring down a web server by making more requests can many web servers can handle from a single attacking machine, but being more efficient at making requests than the servers are at handling them.
The book’s definition of free software is essentially based on one type of open source license, the GPL, but with an odd explanation of restrictions and the bizarre addition of one about “not producing software that is deemed offensive by third parties”).
Open source includes free software, but not vice versa. The key difference is that free software can only be included in or modified to produce other free software. Some open source licenses allow proprietary to incorporate the code and remain closed: such software is widely used, for example in Apple’s MacOS X (and iOS) and Google Chome web browser.
Free software is subject to copyright laws – that is why the restrictions in the license are enforceable.
The important difference between open source software (including free software) and freeware is that users cannot redistribute (usually) or modify it.