Set 2 _.pptx_ - Ethics by niusheng11


   Steps in
    ◦   Free try on inettest Algorithms test
    ◦   Study CSILM’s on => CS3
    ◦   Fill out CSILM survey on survey monkey
    ◦   Attend Algorithms review
    ◦   Take Algorithms test
    ◦   Fill out CSILM survey on survey monkey
    ◦   5 points added to score on Ethics test

   We, as computer scientists, have the
    following basic areas of concern
    ◦ Obligation for safe, functional products
    ◦ Management & control of information
      Acquisition – how do I get it?
      Access – who can use it?
      Stewardship – how should I protect it
       and keep it accurate?

   What type of information will be gathered
    and stored, and how will it be collected
    ◦ Should the student database include your SS#?
    ◦ Why not just get the student’s name and then go
      to another database, e.g. government, and look
      up their social security number?
    ◦ Why do we collect your age?
    ◦ For Aggie card users, should we collect purchase
      How would we use it?

   Who will have access
   Should we sell information we collect?
   Do we own it, or do you own it?
   How will information be protected from
    unauthorized access
    ◦ Am I responsible if someone illegally accesses it,
      or changes it
   How will accuracy be maintained
    ◦ Do I have to verify its accuracy when collected?
      Who is responsible?

 How do companies protect
their software?
 ◦ Nondisclosure agreements
   Prevents employees from leaving
    and using what they know
 ◦ Copyrights
 ◦ Patents

 Copyrights   and patents can
  inhibit standards
  ◦ Visicalc was not copyrighted or
 Taiwan is not a signatore of the
  Berne Convention

◦ Copyright
  Raises question of “look & feel”
  Reverse Engineering
  Apple once tried to sue Microsoft
   for “copying” windows
    Apple had copied from Xerox

 International
 ◦ Different countries have
   different philosophies on
   patents and copyrights
    e.g. Japan encourages
     diffusion of knowledge for
     greater good

   Worker loss (hiring away)
   Ignorance
    ◦ “mailing” of NetTest
 Case     History – IBM Fujitsu
    ◦ “IBM isn’t the opposition, it’s the
 Mid  1990’s, software piracy =

 Question – As a company, what
 is the best way to protect your
 ◦ NEVER give access to source
     does this do to the
 What
 ◦ WP & DLL naming conventions
   (load it first or load it second)
   Is it really free?
   Is it ethical to make something free today
    with the intention of charging for it in the

   Piracy
   Break-ins
    ◦ Includes Spam
   Sabotage
   Different states have different laws
    ◦ In Virginia, it’s a crime to alter the
      return address of an unsolicited e-
       How do you enforce this law?

   Viruses, worms, etc.
    ◦ First Internet worm created by a
      Cornell graduate student – shut
      down several company networks
   Hackers, intruders
    ◦ Sabotage
    ◦ Challenge
   Use of system for illegal benefit
   Denial of service

 ~10   port scans of USU/day
 ◦ That’s a scan of all “boxes” at USU
   (there are hundreds)
 ◦ Most common approach is to do a
   TCIP connection to port 21 and look
   at the ftp server information (is it up
   to date, etc.)
 Whatis the life span of an
 “unprotected” box at USU is ????

One   Hour

 monitors outgoing attacks
 monitors incoming attacks
   Real question is what defines an attack
    ◦ Network managers must “tune” these
      systems to define an attack.
    ◦ If hackers get this information, can
      tune their attack to go undetected

   You’re building a database system
    which will have information about
    individuals. To meet your ethical
    responsibilities, what security
    measures should you implement?
    ◦ Access control
    ◦ Preservation of system and data
    ◦ Provide for recovery and backup

 Companies  have a moral and
 legal obligation to maintain
 ◦ DNA information
 ◦ Health records
 Question
 ◦ When you get a ticket, your
   insurance company is notified (or
   finds out) and raises your rate. Is
   this ok?

   Should I put a GPS device in every new car

 Technology  is now in use in
 mission critical systems
 ◦ Hospital
 ◦ Airplane/airport
 Hardware   reliability
 ◦ Redundancy
 ◦ Intel & the Pentium bug

 Who   is liable?
 ◦ Company that wrote software
 ◦ Computer scientist
 ◦ User beware?
 ◦ In networked environments, is
   CompuServe liable for libelous
   material posted on a bulletin

 According   to Aristotle
 ◦ We are responsible for voluntary
   actions but not involuntary ones
 ◦ Involuntary actions
    Performed under compulsion
    The result of ignorance

 Ignorance is excusable when
  through no fault of the person’s,
  one is ignorant of the
  circumstances or consequences of
  an action
 Ignorance is not excusable if that
  ignorance is the result of
  carelessness or neglect or it is
  deliberately willed
   Ignorance in the eyes of the law is
    no excuse

  PM software marketed a product
  for project management
 Market growth and share had been
 Competitor was rumored to be
  coming out with a new product
 Needed/wanted to know about new

    If you were with this company and
    your boss told you to find out
    about the product, how would you
    do it?

    Develop a database of repair
    information for all of the trucks in
    the fleet

 What    are the ramifications of this
    ◦ Good
    ◦ bad

 Once type & scope of information
  to be collected is determined, must
  decide on who has access.
 What is an individual’s right to
  privacy? – to be left alone (Supreme
  court rule)
 Does information gathered from a
  purchase belong to the company? –
  It has value so why isn’t the
  consumer compensated?

 More and more, companies are
  using micromarketing – targeting
  their advertising to specific
 Example
    ◦ A company wants to offer special
      prices on meals at a restaurant
       Is there some place or way to target
        my advertising?
       Name some

 Public   sources
 ◦ Computerized real estate record
 ◦ DMV records (some states sell
 Generated by commercial
 ◦ Telephone, mail order, rebate
   coupons, …

Johnson & Johnson ran a
 promotion giving away a female
 product. All people had to do
 was call or write. What J&J did
 not tell was that they were
 compiling a database of these
 people, and were marketing this
 database to other health
 product companies

 Stewardship   involves
  ◦ Protecting information from
    unauthorized access
  ◦ Keeping information as up to date
    as possible
  ◦ Keeping information accurate
   a company sells data, do they
 If
 have a responsibility as to
 whom they sell it?

 Wasn’t until after WWII that credit
  rating companies came into
 There are now only 3
    ◦ TRW(Experian), Equifax, Trans Union
   In addition to credit information,
    they are becoming more value
    added, e.g. software has been
    developed to give a
    recommendation of whether or not
    to grant a loan

   A 1998 study by the Public Interest Research
    Group found that 29% of credit reports
    contained errors that could result in the
    denial of credit (defined as false
    delinquencies, or reports listing accounts or
    public records that did not belong to the

   The study also found that 41% of reports had
    incorrect demographic identifying
    information, and 20% were missing major
    credit cards, loans, or mortgages.
   In total, 70% of reports contained an error of
    some kind.

 In 1999 Consumer reports
  analyzed 1500 randomly
  selected credit reports
 What do you think was the error

       43% had errors

 Whatis the most “sensitive”
 information maintained on you?

 Physicians’Computer Network
 weekly interrogates patient files
 of several thousand doctors for
 medication information. It sells
 this data to pharmaceutical

   Disgruntled consultant
    ◦ Called in at 11:00 and told to leave
      by noon
    ◦ Had just completed a major software
      project and the software was on his
      system waiting to be uploaded
    ◦ To work longer hours, company
      allowed him access to system from

 Bank  to receive software had
  been told that it was complete
 Consultant took home only
  backup copy of software
 When consultant got home, he
  logged into system and added
  “bugs” to software, then erased
  any log files for this work

 When company ran final test on
 software, it did not work

 Whatwent wrong at this
 Who was liable?

 Student is told by a professor that
  the University’s payroll system
  cannot be accessed without
 Student takes 4 hours one evening
  and accesses the payroll file, but
  then is so tired he simply logs off
  and goes to bed

 University arrests student
 Student confesses and even
  tells how to fix security hole

 Whatshould be done to the

 Therac-25   radiation therapy
 Developed by a Canadian
  Government corporation –
  Atomic Energy of Canada
 Therac – 25 was an extension of
  the Therac-20, with computer
  control added
 Operated    in two modes
 ◦ X-ray for internal or deep cancers
   High intensity electron beam is
    deflected by a special tungsten target
    to give proper level of radiation
 ◦ Electron
   Tungsten element removed and
    intensity reduced for skin lesions

 The  Therac-20 had mechanical
  interlocks for safety
 All safety for the Therac-25 was
  included in the assembly
  language software
 Error messages were cryptic and
  usually meant nothing – just
  being cautious

 The  basic problem with the
  therac was that the two modes
  could get mixed and thus give a
  high dose without the shield –
  initially could not be detected
 1985 –
 ◦ woman receives overdose
 ◦ Company informed but no steps
 ◦ Woman sues, but settled out of
 Next   month, man receives
  overdose, and dies, but cause of
  death was cancer
 AECL determines that problem
  is in the turntable switch and
  “fixes” it – announces
 ◦ New solution indicates an
   improvement over the old system
   by at least “5 orders of magnitude”
 ◦ In truth they did not know the
   problem cause
 AECL told other users that they
 should not use their machines
 until new software was
 ◦ Did not tell any users of deaths or
 Responsibilities?

 Intelis known as a company
  with a bunker like mentality
 Pentium introduced in 1983
 October 1994 error shown
 = 256
    knew about flaw in
 Intel
   Intel refused to replace chips except for
    those customers that “passed” a
   Claimed for “average” user error would
    occur every 27,000 years
   IBM claimed error would occur every 24
   December 12– IBM announces will stop
    shipping faulty chips (Power PC)
   December 20 Intel says will replace all
   Microsoft announced Chicago (Windows
    95) long before it was ready
    ◦ IBM’s PS/2 was a major competitor
   To “lock” market share, IBM announced
    System/360, even though several models
    in the line were not available until 2 years
    ◦ At the time, Honeywell, among others, had
      faster systems for less money

 Automation
 Productivity
 New    industries
 Computerization of the
  ◦ Networking
  ◦ Travel
  ◦ The new “workplace” – safety,
 Free   speech in Cyberspace
 ◦ Surveillance
 Who   owns your e-mail?
 When can your computer’s
  files be accessed?
 Universal access vs limited
 Quality of life
 Use of power
 Risks and reliability
 Property rights
 Privacy
 Equity & access
 Honesty and deception

   The pricing of software bears no relationship
    to the cost of its development. The two
    factors that do matter are:
    ◦ market size (which is limited by price and utility)
    ◦ competition.
   Given a market for a software product, the
    maximum margin can be obtained by
    precluding or eliminating competition.

   Software companies that are able to thwart
    competition attain pinnacles of power which
    are inconceivable in other industries.
   Example?

   Partly this is due to the enormous cash flows
    that are possible in the absence of
    competition from products with nil
    reproduction costs
   Largely it is due to the complexity of software
    itself, which allows dominant companies to
    design “standards” which exclude future

   Stands for GNU’s not Unix
   Started in 1983 by Richard Stallman at MIT AI
   It’s really GNU/Linux – started to again make
    software free
   Mostly maintained through donations of time
    and material

   A Unix-like operating system is much
    more than a kernel;
    ◦ Includes compilers, editors, text formatters, mail
      software, and many other things.
    ◦ Thus, writing a whole operating system is a very
      large job. We started in January 1984. It took
      many years. The Free Software Foundation was
      founded in October 1985, initially to raise funds
      to help develop GNU.

   Restricting copying is not the only basis
    for business in software.
   It is the most common basis because it
    brings in the most money. If it were
    prohibited, or rejected by the customer,
    software business would move to other
    bases of organization which are now used
    less often. There are always numerous
    ways to organize any kind of business.

   Probably programming will not be as
    lucrative on the new basis as it is now. But
    that is not an argument against the
    change. It is not considered an injustice
    that sales clerks make the salaries that
    they now do. If programmers made the
    same, that would not be an injustice
    either. (In practice they would still make
    considerably more than that.)

    “We maintain this free software definition to
    show clearly what must be true about a
    particular software program for it to be
    considered free software.”
    ``Free software'' is a matter of liberty, not
    price. To understand the concept, you should
    think of ``free'' as in ``free speech,'' not as
    in ``free beer.''

    Free software is a matter of the users'
    freedom to run, copy, distribute, study,
    change and improve the software.
    In this definition, non-free software is
    software that you can’t change, extend, etc.
    More precisely, it refers to four kinds of
    freedom, for the users of the software:

    The freedom to run the program, for any
    purpose (freedom 0).
    The freedom to study how the program
    works, and adapt it to your needs (freedom
    1). Access to the source code is a
    precondition for this.
    The freedom to redistribute copies so you
    can help your neighbor (freedom 2).

    The freedom to improve the program, and
    release your improvements to the public,
    so that the whole community benefits
    (freedom 3). Access to the source code is a
    precondition for this.

    A program is free software if users have all
    of these freedoms.
    Thus, you should be free to redistribute
    copies, either with or without
    modifications, either gratis or charging a
    fee for distribution, to anyone anywhere.
    Being free to do these things means
    (among other things) that you do not have
    to ask or pay for permission.

   Copylefted software is free software whose
    distribution terms ensure that all copies of all
    versions are free software.
   Copyleft says that anyone who redistributes
    the software, with or without changes, must
    pass along the freedom to further copy and
    change it. Copyleft guarantees that every user
    has freedom.

   Open Source is a definition of how
    software is to be distributed (sold) –
    Technically there can be differences
    between open source and free software
   In some cases, people call open source
    software that has some licensing
    restrictions that don’t fit the “free” model

   Is free software free?
    ◦ Can I sell you a piece of “free” software?
    ◦ What happens if you “own” a piece of free software
      that you need to change?
      You can do whatever you want to it
      Who do you get to make those changes?

To top