Download Ethics - Computer Science

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
Document related concepts

Malware wikipedia , lookup

Computer security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Cybercrime wikipedia , lookup

Transcript 
Cosc 4765
Ethics and security
Security
• Computer security crosses over legal and
ethics lines in many places.
– Hacking is pretty much always illegal.
• See next slides for some legal issues
– Hacking by some is considered ethical.
• Depending on how it is done
• This topic and more is covered by the rest of the
lecture.
Legal acts and computers
• Federal: US computer fraud and abuse
act, 1984, prohibits
– Unauthorized access to a computer
containing data protected by national defense
or foreign relations concerns
• Also computers containing certain banking or
financial information
• Access, use, modifications, destruction, or
disclosure of a computer or information in a
computer operated on behalf of the US
government.
Legal acts and computers (2)
• Accessing without permission a “protected
computer”
– The courts now interprets to include any
computer connected to the Internet.
• Computer fraud
• Transmitting code that causes damage to
a computer system or network
• Trafficking in computer passwords
Legal acts and computers (3)
• USA Patriot Act of 2001
– Amendment to computer fraud and abuse act
– Knowing causing the transmission of code resulting in
damage to a protected computer is a felony
– Recklessly causing damage to a computer system as
a consequence of unauthorized access is a felony
– Causing damage (even unintentionally) as
consequence of unauthorized access to a protected
computer is a misdemeanor.
Legal acts and computers (4)
• US Electronic communications Privacy
act, 1986
– Protects against electronic wiretapping
• Allows law enforcement agencies to ask for a court
ordered wiretap
• Requires ISPs to have equipment to allow for
wiretapping
– Allows ISPs to read communications to
maintain service or protect itself from damage
Law vs. Ethics
Law
Ethics
Described by formal, written
documents
Described by unwritten principles
Interpreted by courts
Interpreted by each individual
Established by legislatures
Presented by philosophers, religions,
professional groups
Applicable to everyone
Personal choice
Priority determined by courts if 2 laws
conflict
Priority determined by an individual if 2
principles conflict
Court is the final arbiter of “right”
No external arbiter
Enforceable by police and courts
Limited enforcement
Ethics
• Ethical pluralism recognizes that more
than one position may be ethically
justifiable.
– In fields of Science and Tech, this type of
statement seems illogical.
– There is no higher authority and there are no
“correct” answers.
Examining ethical issues
1. Understand the situation
– Learn the facts of the situations
2. Know a several theories for ethical reasoning
– You need to be able to justify your choices
3. List the ethical principles involved
– What can be applied to the case?
4. Determine which principles outweigh others.
– Subjective, but we need a logical conclusion or
determination.
Ethical principles and theories
•
Most ethics break down into 2 school of
thought.
1. Based on the good that results from the
actions
– Consequence-based principles
2. Based on certain prima facie duties of people
•
Rule-Based Principles
Consequence-Based principles
• Teleological theory focuses on consequences of
an action
– A action is chosen which results in the “greatest”
future good and least harm.
• Egoism
– Based on positive benefits to person taking the
action.
• Utilitarianism
– Based on positive benefits of everyone (entire
Universe actually).
• “The good of the many outweighs the good of the few or the
one.” --Spock
Rule-based principles
• Deontology: which is founded in a sense
of duty. Certain things are good in and of
themselves, they need no higher
justification
– To name a few: truth, justice, peace, security,
freedom, honor, love, friendship, happiness,
consciousness, beauty.
– Often stated as rights:
• Right to know, right to privacy, right to fair
compensation for work.
Rule-based principles (2)
• Various duties incumbent on all human beings:
– Fidelity, or truthfulness
– Reparation, duty to recompense for a previous
wrongful act
– Gratitude, thankfulness for previous services or kind
acts
– Justice, distribution of happiness in accordance with
merit
– Beneficence, the obligation to help other people or to
make their lives better
– Nonmaleficence, not harming others
– Self-improvement, to become continually better.
Applying ethics to security
• Many things are legal or illegal, The
questions here are Ethical.
– While it is legal of ISPs to read
communications, when is it ethical?
– Security will at some point intrude on issues
of privacy.
• When can you ethically read someone e-mail, look
through their files, etc, pretty much invade their
privacy.
Applying ethics to security (2)
• What are the ethics of vulnerabilities
– Searching for them
– Reporting them to everyone, not just the
vendor.
• There ethical arguments that vulnerabilities should
not be reported until a patch is available
• And that vulnerabilities should be reported as soon
as possible
– Full disclosure – including how it vulnerability works.
– Partial disclosure – only how to protect the system.
Applying ethics to security
• Can they be an ethical argument for
writing worms and viruses?
• How about password sniffing?
• And hacking: ethical hacking?
– You look around and do not intend to damage
the system.
• What is the case for ethical hacking?
• What is the case where hacking is unethical?
Code of Ethics
• Varying computer groups have developed
a code of ethics:
– IEEE: Code of ethics
– ACM: Code of Ethics and Professional
Conduct
• to long to reprint in this lecture.
– The Computer Ethics Institute.
• The Ten Commandments of Computer Ethics.
IEEE Code of ethics
1.
2.
3.
4.
5.
To accept responsibly in making engineering decisions
consistent with the safety, health, and welfare of the
public, and to disclose promptly factors that might
endanger the public or the environment
To avoid real or perceived conflicts of interest
wherever possible, and to disclose them to affected
parties when they exist.
To be honest and realistic in stating claims or
estimates based on available data
To reject bribery in all of it forms
To improve understanding of technology, its
appropriate application, and potential consequences
IEEE Code of ethics (2)
6.
To maintain and improve our technical competence
and to undertake technological tasks for others only if
qualified by training or experience, or after full
disclosure of pertinent limitations
7. To seek, accept, and offer honest criticism of technical
work, to acknowledge and correct errors, and to credit
properly the contributions of others
8. To treat fairly all persons regardless of such factors as
race, religion, gender, disability, age, or national origin
9. To avoid injuring others, their property, reputation, or
employment by false or malicious actions
10. To assist colleagues and coworkers in their
professional development and to support them in
following this code of ethics.
Ten Commandments of Computer Ethics
1. Thou shalt not use a computer to harm other
people.
2. Thou shalt not interfere with other people’s
computer work.
3. Thou shalt not snoop around in other people’s
computer files.
4. Thou shalt not use a computer to steal.
5. Thou shalt not use a computer to bear false
witness
6. Thou shalt not copy or use proprietary
software for which you have not paid
Ten Commandments of Computer Ethics (2)
7. Thou shalt not use other people’s computer
resources without authorization or proper
compensation.
8. Thou shalt not appropriate other people
intellectual output
9. Thou shalt think about the social
consequences of the program you are writing
or the system you are designing.
10. Thou shalt always use a computer in ways that
insure consideration and respect for your
fellow humans.
Q&A
Related documents
1960s Ethical Climate
1960s Ethical Climate
ethical contexts - University of Dayton
ethical contexts - University of Dayton
Social Responsibility and Ethics Notes
Social Responsibility and Ethics Notes
Chapter 3
Chapter 3
Ethics - Typepad
Ethics - Typepad
Chapter Seven
Chapter Seven
SOCIAL AND ETHICAL ENVIRONMENT OF BUSINESS
SOCIAL AND ETHICAL ENVIRONMENT OF BUSINESS
Do you display ethical deeds?
Do you display ethical deeds?
Chapter Three
Chapter Three
Minorities in Advertising
Minorities in Advertising