Embed

ethics

Document Sample

Shared by: huanghengdong

Tags

Stats

views:: 1
posted:: 2/9/2012
language:
pages:: 27

Public Domain

Software Ethics

● Ethics = the philosophical study of morality

● Three main subdivisions:

– General study of goodness, e.g., what is the meaning

of terms like good, bad, right, wrong

– General study of right action, e.g., what moral

principles should govern our choices and pursuits

– Applied ethics, e.g.:

● Medical ethics

● Business ethics

● Environmental ethics

● Software ethics

ACM's Software Engineering Code of

Ethics and Professional Practice

(www.acm.org/serving/se/code.htm)

● Ethical conduct with regard to:

– PUBLIC

– CLIENT AND EMPLOYER

– PRODUCT

– JUDGMENT

– MANAGEMENT

– PROFESSION

– COLLEAGUES

– SELF

ACM's Software Engineering Code of

Ethics and Professional Practice:

PUBLIC

● PUBLIC - Software engineers shall act

consistently with the public interest.

– Examples:

● National security

● Privacy

Software and National Security

● Terrorist infrastructure attacks, e.g., domain name

system (DNS); bringing down power grids

● Automating nuclear war

– Ethical question: should you work on a proposal to

build a system that will automate a nuclear war after

Washington and Moscow have been destroyed?

– Ethical question: should you work on building

software for an ABM defense system when there is no

way to verify its correctness?

– The problem of program verification

Software and National Security

● Cryptography programs:

– An author of a book on applied cryptography was

prohibited by the State Department from exporting the

book because it included as an appendix a floppy

disk containing programs for encryption software.

– However, were the floppy disk not included with the

book, the book would have been freely exportable

even though the program text on the floppy disk

was also printed in the book.

●Ethical question: should algorithms or the software

that implements them be considered weapons?

Software and Privacy

● Data collection (monitoring surfing habits)

– Ethical question: Should employers have the right

to use software to know every keystroke entered

by employees?

● Email surveillance (wiretapping)

– Ethical question: Should the government have the

right to use software to snoop on suspicious email

of its citizens?

Software and Privacy

● Spamming, e.g. Alan Ralsky:

– Sends millions of messages per day

– Now does his spamming from overseas ISPs

– Slashdot published his home mail address and he is

now inundated with snail mail spam

– Spammers' rights groups are now subjecting anti-

spam groups' web sites to denial-of-service attacks

● Ethical question: Should spammers have the

right to use software to fill communication

bandwidth with unwanted email messages?

ACM's Software Engineering Code of

Ethics and Professional Practice:

CLIENT AND EMPLOYER

● CLIENT AND EMPLOYER - Software

engineers shall act in a manner that is in the best

interests of their client and employer consistent

with the public interest.

– See: PRODUCT

ACM's Software Engineering Code of

Ethics and Professional Practice:

PRODUCT

● PRODUCT - Software engineers shall ensure that

their products and related modifications meet the

highest professional standards possible.

– Software quality:

● Reliability (correctness)

● Efficiency

● Usability

● Maintainability

● Reusability

Software Reliability

● Verification: Making sure program behavior

conforms to specifications

– Formal (mathematical methods)

– Empirical (testing and observation)

● Ethical question: who should be liable for

software misbehavior?

– Program author (for example, Therac-25 disaster)

– Program user (for example, putting incorrect data into

a tax program)

– Domain expert (for example, misdiagnosis by a

medical expert system)

ACM's Software Engineering Code of

Ethics and Professional Practice:

JUDGMENT

● JUDGMENT - Software engineers shall maintain

integrity and independence in their

professional judgment.

– Examples:

● Cracking computer security

● Violating copyright using software

Hacking vs. Cracking

● Hack originally used to refer to clever way MIT

engineers used to run a model railroad

● Hacker originally meant a clever programmer

but has been co-opted by media to mean a

criminal

● Cracker is a better term for computer criminal

● Hacker's Ethic described in 1984 book by Steven

Levy, Hackers: Heroes of the Computer

Revolution

Main Tenets of The Hacker's Ethic

● Access to computers should be unlimited

● Information should be free

● Anti-bureaucracy, pro-democracy

● Mistrust authority, promote decentralization

● Judge hackers by their hacking, not degrees, age,

race, position

● You create art and beauty on a computer

● Computers can change your life for the better

Perverting The Hacker's Ethic

● If you take libertarianism too far, you get anarchy

● If you take the H.E. too far, you get criminal

behavior:

– Viruses and worms

– Website defacement

– Denial of Service attacks (EBay, Yahoo, Amazon)

– Infrastructure attacks, e.g., domain name system

(DNS); bringing down power grids

Viruses, Worms, and Cracking

● Virus: piece of code that can automatically spread

to other computers and destroy or alter files

● Worm: virus that does not alter files but resides in

memory and duplicates itself, e.g., Code Red,

Sasser

● Cracking, e.g.,

– Buffer overflow attack

– Sniffer: program that lies in wait for unencrypted data

(like passwords or credit card numbers)

● Ethical question: Is it OK for clever software

to exploit vulnerabilities just because they are

Kevin Mitnick

● Object of FBI manhunt, first arrested at age 17 in

1981

● Inspired 1982 movie War Games with alleged

NORAD hack

● Released from prison in 2000

● Now a corporate security consultant

● New book: The Art of Deception

The Hacker Ethic vs. The Protestant

Ethic

● See The Hacker Ethic and The Spirit of the

Information Age, by Pekka Himanen (prologue by

Linus Torvalds)

– Work as passion, 24-7

– Openness, enablement, cooperation

● Compare The Protestant Ethic and The Spirit of

Capitalism, by Max Weber

– Industrial Age values, 9-to-5

– Hierarchy, bureaucracy, secrecy

Violating Copyright Using Software

● DVD decryption

– Jon Johansen, now 18, circumvented DVD movie

copy protection

– Made a program, DeCSS, available for playing

movies on computer

– MPAA prosecuted him, acquitted

– Two issues:

● Intellectual property rights

● Controlling playback device

Violating Copyright Using Software

● MP3 downloading

– RIAA is prosecuting individual downloaders of

copyrighted material

● Ethical question: Does the digital nature of

contemporary media render traditional

copyright law obsolete?

ACM's Software Engineering Code of

Ethics and Professional Practice:

MANAGEMENT

● MANAGEMENT - Software engineering

managers and leaders shall subscribe to and

promote an ethical approach to the management

of software development and maintenance.

– Don't promise what you can't deliver

Bids and Budgets

● Dramatic example: in the early 1980's the IRS

hired Sperry to automate tax form processing for

$103 million. By 1985 the cost had tripled, the

system could not handle the workload, and it had

to be replaced.

● Ethical question: Should you underbid a

project because you desperately need a

contract?

● Ethical question: Should you claim you can

solve a client problem when you don't fully

understand the requirements?

ACM's Software Engineering Code of

Ethics and Professional Practice:

PROFESSION

● PROFESSION - Software engineers shall

advance the integrity and reputation of the

profession consistent with the public interest.

– Example: software copyright and intellectual property

Software and Intellectual Property

● Ethical question: Is it a fair practice of certain

software companies to quickly "clone" the look

and feel of other companies' successful products?

● Copyright laws are considered to apply to text.

● Patent laws are considered to apply to artifacts of

technology.

ACM's Software Engineering Code of

Ethics and Professional Practice:

COLLEAGUES

● COLLEAGUES - Software engineers shall be fair

to and supportive of their colleagues.

– Related issue: Open source vs. proprietary software

Open Source vs. Proprietary Software

● "Free software" (economic definition) means you

don't have to pay for it

● "Free software" (GNU definition):

– freedom to run the program, for any purpose

– freedom to study how the program works, and adapt it

to your needs (open source)

– freedom to redistribute copies so you can help your

neighbor

– freedom to improve the program, and release your

improvements to the public, so that the whole

community benefits

The GNU Public License:

Copyleft (www.gnu.org)

● Copyleft: a general method for making a program

free software and requiring all modified and

extended versions of the program to be free software

as well."

● Ethical question: Should you make available to

other software engineers (even those who work for

other companies) reusable software of your own

making?

● Ethical question: does the proprietary software

business model allow the patching of O.S. security

exploits as well as the open source model?

ACM's Software Engineering Code of

Ethics and Professional Practice:

SELF

● SELF - Software engineers shall participate in

lifelong learning regarding the practice of

their profession and shall promote an ethical

approach to the practice of the profession.