Today first we will make sure that all of you can use their student e-mail address. UW cooperates with Google to deliver its students an web mail interface. You can watch a how-to clip below.
Today we will also have some warm-up activities of using a computer and Internet. See my slides.
Under Windows you usually deal with Explorer. You can create new folder or a file of given type here. As for files, every filename has an extension. Full filename is a name dot extension. Windows by default do not show extensions and to see it you have to open file properties. Extensions just let you now what is the type of a file you are dealing with. There are quite many known filename extensions. Today we will encounter the following:
- .txt — text file, which do not include any date except from the text itself (no formatting information in particular) — we will deal with such files using Notepad,
- .odt — text document — a file is a format used by open text processors. We will use Open Office.
- .pdf — a file (which includes graphics and text), the idea of which is more or less to look the same on every computer and in every environment. Is also not easy to edit,
- .png — one of image file types.
When using a computer remember about some threats due to malware:
- viruses – pieces of code, which when run replaces pieces of code of other applications by itself to multiply itself and do further harm,
- worms – similar to viruses, but self-standing programs, which do not need a host and multiplying mainly via the Internet.
- trojan – disguising as an useful application, which users often download, apart from being useful to do something, also does something harmful without user’s awareness, e.g. sends some confidential data or opens a break-in possibility
- spyware – applications collecting data about the user without his permission or his passwords and confidential data,
- exploit – a program or piece of code, which making use of vulnerability in your software, can take over your computer.
What can you do to be safe? Quite a few things:
- install an anti-virus (some are free, e.g. Avasr). Make sure to download anti-virus software from a certified webpage or service
- turn on a firewall (an application which checks all the net traffic to and from your computer, sometimes a firewall is built in your operating system)
- do not open e-mail attachments from unidentified sources
- regular computer scans
- update your software immediately after an update is possible (in particular your operating system and web browser)
- make back-up copies of your data
Let’s now talk about the Internet. Web browsers are the applications which are intended to browse web pages. A web page is a file are few files which have been put on a server. Contents of a web page are usually written in a form of HTML/XHTML. A CSS file defines a style (e.g. in a graphics sense) telling your browser how to display the web page. Additionally in separate files also some multimedia are stored.
Finally web page are often interactive, so they make use of:
- scripts which are run on the server and generate dynamically web page to be send to your browser, e.g. PHP, DJango
Web service is a cluster of web pages interlinked by links and forming one whole.
There are also quite a few browsers used in the world and global and Polish web browsers stats are quite different. The most popular are Firefox, Chrome, Internet Explorera and Opera. We will usually use Firefox, but if you develop your own web page it is advisable to check it in other web browsers also.
Server which hosts a web page and our computer have to communicate. Therefore there have to be a language of this communication. How our web browsers asks a server for the content of a given web page? How does the server answer? Such an language is called a protocol. Often we use HTTP (HypetText Transfer Protocol) protocol, developed to transfer files and some additional information, e.g. that the user clicked on a link.
Messages in HTTP protocol are not encrypted. Everyone can read your communication with a server, when you use this protocol, and sometimes it is a bad idea. Therefore there exists an ecrypted version of this protocol — HTTPS (secure HTTP).
How does this encryption work? The simplest form is so called symmetrical encryption. Both sender and recipient have the same key, which tells how to substitute letters. The sender encrypts a message using this key and sends it. The recipient deciphers it with the key and we are done. But unfortunately the sender and the recipient have to determine their identical confidential key beforehand. They cannot send it via Internet, because everyone will be able to get it. The only way is to meet beforehand and determine it during a meeting. But obviously it is absolutely impractical.
That is why we use asymmetrical encryption. It make use of the fact that there are some mathematical problems which take a lot of time to solve, but given answer it is easy to verify it. Classic example is calculating prime factorization of a number. If I would ask you to calculate prime factors of 12166397, you would need a lot of time to determine, that . But you can check that instantly. Obviously given respectively large number even the fastest computers will need centuries to calculate their prime factorization, but checking the answer can be done instantly.
Asymmetrical cryptography make use of such problems. A server generates two keys: public and private one. Simplifying slightly, it is very difficult to decode a message encoded by a public key without a private key. It is possible but would take thousands years of calculation. The server makes its public key available to everyone, and keeps it private key private. Everyone who wants to send a message to this server encrypts it using server’s public key and only server can decrypt it because only it has its private key. Actually a symmetric key can be agreed this way and further communication uses symmetrical encryption.
Actually there is one more problem there. How can I know that a public key I have received is really a public key of a server I want to communicate with. That is the job of certificate authorities — a reliable institutions which certify ownership of public keys of other servers (usually comercialy).
Look at the URL bar in your browser’s window. If you use a secure protocol you will see a padlock instead of a a miniature of the Earth there. If the public key of a server you communicate with is not certified by a certificate authority known to your browser, then it will alert you and advice you to stop. Some institutions (like banks) buy certificates of high safety. If the server you communicate with has such an certificate, the padlock you see is green.
It is worth noticing that HTTP and HTTPS are not the only protocols. For example there is also FPT used to file transfer.
An adress, called also URLu (uniform resource locator) has the following form protocol://server-name/path. In the URL http://www.mimuw.edu.pl/~m_korch/category/ti/, http – is a protocol, www.mimuw.edu.pl — name of a server (traditionally servers hosting web pages are named www, and mimuw.edu.pl is the name of a domain) and finally /~m_korch/pl/category/ti/ is an access path on the server.
A server name is translated to an IP address by DNS servers, which know all the names of servers in given domain.
I think all of you can easily search for thing in the Internet using search engines, like Google, but few additional tricks are worth knowing:
- cheap hotel Tatry OR Mazury
- “Pan Tadeusz” — searching for the whole phrase
- + — makes a word obligatory in the search
- mobile phone -shop — web pages about mobile phones but not shops
- filetype:pdf — results only in given file type
- site:mimuw.edu.pl — results only in given domain
It is worth to know the following services:
- http://www.mimuw.edu.pl/~m_korch/pl/category/ti/ — a web page of this course
- http:/yr.no — one of the best weather forecasts
- http://maps.google.com — maps and public transport, street view
- http://geoportal.gov.pl — topographical maps and satellite views of Poland
- https://drive.google.com — joint work and sharing documents
- http://translate.google.com — automatic translations