Communication & the Internet – Chapter 5 | Painless Programming

Computer networks and the internet are now ubiquitous. Our increasing reliance on them makes us vulnerable to attacks from cyber criminals. Students must understand network principles, current IT security threats, and appropriate protection methods.

5.1

Networks

Why Network Computers? (5.1.1)

Resource sharing — share printers, scanners, storage devices and internet connections rather than one per device
File sharing — access the same files from multiple devices; centralised file storage ensures everyone works on the latest version
Communication — email, instant messaging, video conferencing across the network
Centralised management — IT staff can manage software installations, security settings and backups from one location
Remote access — users can access their files and applications from anywhere in the world
Cost efficiency — fewer devices needed when resources are shared

Types of Networks (5.1.2)

LAN (Local Area Network) — covers a small geographical area (one building or site). Typically owned by one organisation. Uses Ethernet or Wi-Fi. High data speeds. Low cost to set up. Examples: school network, office network.
WAN (Wide Area Network) — covers a large geographical area (cities, countries, worldwide). Uses infrastructure provided by telecommunications companies (phone lines, fibre optic cables, satellites). The internet is the world’s largest WAN.
PAN (Personal Area Network) — very small network centred around an individual person. Typically uses Bluetooth or Wi-Fi. Range typically under 10 metres. Examples: phone connected to smartwatch, laptop connected to wireless headphones.
Client-server model — dedicated server provides services (files, email, web pages, databases) to client devices. Server is powerful and managed centrally. Used in businesses and schools.
Peer-to-peer model — all devices (peers) have equal status. Each can act as both client and server. Simple to set up, no dedicated server needed. Used in small networks, file sharing (BitTorrent), blockchain. Less secure and harder to manage than client-server.

Wired vs Wireless (5.1.3)

Wired (Ethernet) — physical cables (copper twisted pair, fibre optic). Faster, more reliable, more secure. Cables can be inconvenient. Less subject to interference. Good for fixed locations (desktops, servers).
Wireless (Wi-Fi) — uses radio waves. No cables needed — flexible and convenient. More susceptible to interference (walls, other devices). Data can be intercepted if not encrypted. Slower than wired. Good for mobile devices and areas where cables are impractical.

Network Speeds & Mobile Standards

Network speed (5.1.4) is measured in bits per second:

Mbps (megabits per second) — broadband home networks typically 50–1000 Mbps
Gbps (gigabits per second) — data centre networks, fibre to home

Mobile standards (5.1.8):

3G — enabled mobile internet browsing, video calls. ~2 Mbps typical
4G (LTE) — much faster mobile broadband. ~20–100 Mbps. Enabled HD video streaming on mobile
5G and beyond — very high speeds (Gbps), very low latency. Enables IoT, autonomous vehicles, augmented reality

Network Protocols (5.1.5)

A protocol is a set of rules that defines how data is formatted, transmitted and received over a network. Protocols ensure different devices from different manufacturers can communicate.

Protocol	Full Name	Purpose
Ethernet	–	Standard for wired LAN communication. Defines how data is physically transmitted on cables.
Wi-Fi	IEEE 802.11	Standard for wireless LAN communication using radio waves.
TCP/IP	Transmission Control Protocol/Internet Protocol	The core internet protocols. IP handles addressing/routing; TCP ensures reliable, ordered delivery.
HTTP	HyperText Transfer Protocol	Transfers web pages between web server and browser. Data is unencrypted.
HTTPS	HTTP Secure	Encrypted version of HTTP using TLS/SSL. Protects data in transit. Shown as padlock in browser.
FTP	File Transfer Protocol	Transfers files between computers on a network. Uploads/downloads to web servers.
POP3	Post Office Protocol 3	Downloads email from server to client device. Email is removed after download.
SMTP	Simple Mail Transfer Protocol	Sends email from client to server and between mail servers.
IMAP	Internet Message Access Protocol	Accesses email stored on server without downloading. Sync across multiple devices.

Packet Switching and the 4-Layer TCP/IP Model (5.1.6)

Data is broken into small chunks called packets for transmission. Each packet contains: the data being sent, the sender’s IP address, the recipient’s IP address, a sequence number (to reassemble in order), and error-checking data. Packets may take different routes and are reassembled at the destination.

Application Layer

Protocols for applications — HTTP, FTP, SMTP, DNS, IMAP. Formats data for the user application.

Transport Layer

Breaks data into packets, numbers them, ensures all arrive and reassembles at destination — TCP/UDP.

Network Layer

Routes packets between networks using IP addresses. Determines best path — IP protocol.

Data Link Layer

Transmits packets as signals over physical hardware — Ethernet, Wi-Fi. Handles MAC addressing.

Network Topologies (5.1.7)

〰️

Bus

All devices connect to a single backbone cable. Simple and cheap. A break in the backbone stops all communication. Collisions possible. Not used in modern networks.

🔄

Ring

Devices connect in a closed loop. Data travels in one direction. Equal access for all devices. A single device failure can break the network unless dual rings are used.

⭐

Star

All devices connect to a central switch or hub. Most common in modern LANs. If one cable fails, only that device is affected. Hub/switch failure affects all. Easy to manage and expand.

🕸️

Mesh

Devices have multiple connections to other devices. Full mesh: every device to every other. Highly resilient — multiple paths available. Expensive to install. Used in WANs and critical systems.

5.2

Network Security

Security Techniques (5.2.1)

Access control — usernames and strong passwords limit who can log into the system. Multi-factor authentication (MFA) adds another layer (e.g. password + SMS code).
Physical security — server rooms locked, CCTV, biometric door access, equipment tethered. Prevents unauthorised physical access.
Firewalls — hardware or software that monitors and filters incoming and outgoing network traffic based on predefined security rules. Blocks unauthorised access while allowing legitimate traffic. First line of defence.
Validation and authentication — verifying user identity through passwords, biometrics, security certificates, or hardware tokens before granting access.
Encryption — encrypting all data in transit (HTTPS, VPN) so intercepted data is useless without the decryption key.

Cyber Attack Types (5.2.3)

Phishing

Deceptive emails, texts or websites that appear legitimate (from a bank, employer) to trick users into revealing passwords, card numbers or installing malware. Targets human trust.

Shoulder Surfing

Physically watching someone enter a password or PIN. Can happen in public places — cafés, ATMs, open offices. Low-tech but effective.

Pharming

Redirects web traffic from a legitimate site to a fraudulent copy by corrupting DNS records or the hosts file. User types the correct address but is sent to a fake site.

Unpatched Software

Software with known vulnerabilities that has not been updated. Attackers exploit these known weaknesses. Regular security updates are essential.

Infected USB Devices

Malware pre-loaded on USB drives deliberately left for victims to find (“USB drop attack”). When plugged in, malware executes automatically.

Digital Device Attacks

Attacks via any connected digital device — IoT devices with default credentials, smart TVs, printers — often overlooked and poorly secured.

Eavesdropping

Intercepting data transmitted over a network. Particularly effective on unencrypted Wi-Fi. Attacker captures packets to extract passwords and data.

Identifying Vulnerabilities (5.2.4)

Penetration testing — authorised, simulated attack on a system to identify weaknesses before malicious actors do.
Ethical hacking — broader practice where security experts attempt to hack systems to expose vulnerabilities.
Commercial analysis tools — automated scanners that check systems for known vulnerabilities, open ports.
Review of network and user policies — auditing whether security policies are adequate and being followed.

Protecting Software Systems (5.2.5)

Secure design — consider security at the design stage, not as an afterthought.
Audit trails — logs that record all access and changes to the system.
Securing operating systems — keep OS patched; disable unnecessary services.
Secure coding — input validation, parameterised queries, avoiding buffer overflows.
Code reviews — peer review to identify security vulnerabilities before deployment.
Modular testing — test each component independently to catch bugs early.

Cloud Security Issues (5.2.2)

Storing data in the cloud introduces specific security concerns:

Unauthorised access — weak passwords on cloud accounts can expose vast amounts of data.
Data breaches — cloud providers themselves can be hacked; a breach at the provider affects all customers.
Legal jurisdiction — data may be stored in another country, subject to different laws.
Service outages — if the provider goes down, all users lose access.
Insider threats — staff at cloud providers have access to customer data.

5.3

The Internet and the World Wide Web

Internet vs World Wide Web — A Critical Distinction

The Internet is the global network of interconnected computers and devices using the TCP/IP protocol suite. It is the physical and logical infrastructure — the cables, routers, servers and protocols that allow billions of devices to communicate.

The World Wide Web (WWW) is a service that runs on top of the internet. It is a collection of interlinked web pages and resources accessed via web browsers using the HTTP/HTTPS protocol and HTML.

5.3.1

Internet structure:

IP addressing — every device on the internet has a unique IP address.
DNS (Domain Name Service) — translates human-friendly domain names into IP addresses. Acts like a phone book for the internet.

5.3.2

WWW components:

Web server — stores and serves web pages
URL — unique address for a resource on the web
ISP — company providing internet access
HTTP/HTTPS — protocol for transferring web pages
HTML — standard language for creating web pages

5.3.3

IPv4 vs IPv6:

IPv4 — 32-bit addresses, ~4.3 billion possible (exhausted).
IPv6 — 128-bit addresses, effectively unlimited (3.4×10³⁸).

5.3.4

Internet access components:

Modem — connects to ISP via phone/cable lines
Router — routes packets between local network and internet
Switch — connects devices within a LAN
WAP — connects wireless devices to a wired LAN