1 Steps in ◦ Free try on inettest Algorithms test ◦ Study CSILM’s on csilm.usu.edu => CS3 ◦ Fill out CSILM survey on survey monkey ◦ Attend Algorithms review ◦ Take Algorithms test ◦ Fill out CSILM survey on survey monkey ◦ 5 points added to score on Ethics test 2 We, as computer scientists, have the following basic areas of concern ◦ Obligation for safe, functional products ◦ Management & control of information Acquisition – how do I get it? Access – who can use it? Stewardship – how should I protect it and keep it accurate? 3 What type of information will be gathered and stored, and how will it be collected ◦ Should the student database include your SS#? ◦ Why not just get the student’s name and then go to another database, e.g. government, and look up their social security number? ◦ Why do we collect your age? ◦ For Aggie card users, should we collect purchase information? How would we use it? 4 Who will have access Should we sell information we collect? Do we own it, or do you own it? How will information be protected from unauthorized access ◦ Am I responsible if someone illegally accesses it, or changes it How will accuracy be maintained ◦ Do I have to verify its accuracy when collected? Who is responsible? 5 How do companies protect their software? ◦ Nondisclosure agreements Prevents employees from leaving and using what they know ◦ Copyrights ◦ Patents 6 Copyrights and patents can inhibit standards ◦ Visicalc was not copyrighted or patented Taiwan is not a signatore of the Berne Convention 7 ◦ Copyright Raises question of “look & feel” Reverse Engineering Apple once tried to sue Microsoft for “copying” windows Apple had copied from Xerox 8 International ◦ Different countries have different philosophies on patents and copyrights e.g. Japan encourages diffusion of knowledge for greater good 9 Worker loss (hiring away) Ignorance ◦ “mailing” of NetTest Case History – IBM Fujitsu ◦ “IBM isn’t the opposition, it’s the environment” Mid 1990’s, software piracy = ~$7B 10 Question – As a company, what is the best way to protect your software? ◦ NEVER give access to source (Microsoft) does this do to the What competition? ◦ WP & DLL naming conventions (load it first or load it second) 11 Is it really free? Is it ethical to make something free today with the intention of charging for it in the future? 12 Piracy Break-ins ◦ Includes Spam Sabotage Different states have different laws ◦ In Virginia, it’s a crime to alter the return address of an unsolicited e- mail How do you enforce this law? 13 Viruses, worms, etc. ◦ First Internet worm created by a Cornell graduate student – shut down several company networks Hackers, intruders ◦ Sabotage ◦ Challenge Use of system for illegal benefit Denial of service 14 ~10 port scans of USU/day ◦ That’s a scan of all “boxes” at USU (there are hundreds) ◦ Most common approach is to do a TCIP connection to port 21 and look at the ftp server information (is it up to date, etc.) Whatis the life span of an “unprotected” box at USU is ???? 15 One Hour 16 Tent.usu.edu monitors outgoing attacks Dumpster.usu.edu monitors incoming attacks Real question is what defines an attack ◦ Network managers must “tune” these systems to define an attack. ◦ If hackers get this information, can tune their attack to go undetected 17 You’re building a database system which will have information about individuals. To meet your ethical responsibilities, what security measures should you implement? ◦ Access control ◦ Preservation of system and data integrity ◦ Provide for recovery and backup ability 18 Companies have a moral and legal obligation to maintain security ◦ DNA information ◦ Health records Question ◦ When you get a ticket, your insurance company is notified (or finds out) and raises your rate. Is this ok? 19 Should I put a GPS device in every new car sold? 20 Technology is now in use in mission critical systems ◦ Hospital ◦ Airplane/airport Hardware reliability ◦ Redundancy ◦ Intel & the Pentium bug 21 Who is liable? ◦ Company that wrote software ◦ Computer scientist ◦ User beware? ◦ In networked environments, is CompuServe liable for libelous material posted on a bulletin board? 22 According to Aristotle ◦ We are responsible for voluntary actions but not involuntary ones ◦ Involuntary actions Performed under compulsion The result of ignorance 23 Ignorance is excusable when through no fault of the person’s, one is ignorant of the circumstances or consequences of an action Ignorance is not excusable if that ignorance is the result of carelessness or neglect or it is deliberately willed Ignorance in the eyes of the law is no excuse 24 25 PM software marketed a product for project management Market growth and share had been declining Competitor was rumored to be coming out with a new product Needed/wanted to know about new product 26 If you were with this company and your boss told you to find out about the product, how would you do it? 27 Develop a database of repair information for all of the trucks in the fleet What are the ramifications of this action? ◦ Good ◦ bad 28 Once type & scope of information to be collected is determined, must decide on who has access. What is an individual’s right to privacy? – to be left alone (Supreme court rule) Does information gathered from a purchase belong to the company? – It has value so why isn’t the consumer compensated? 29 More and more, companies are using micromarketing – targeting their advertising to specific groups. Example ◦ A company wants to offer special prices on meals at a restaurant Is there some place or way to target my advertising? Name some 30 Public sources ◦ Computerized real estate record ◦ DMV records (some states sell these) Generated by commercial transactions ◦ Telephone, mail order, rebate coupons, … 31 Johnson & Johnson ran a promotion giving away a female product. All people had to do was call or write. What J&J did not tell was that they were compiling a database of these people, and were marketing this database to other health product companies OK? 32 Stewardship involves ◦ Protecting information from unauthorized access ◦ Keeping information as up to date as possible ◦ Keeping information accurate a company sells data, do they If have a responsibility as to whom they sell it? 33 Wasn’t until after WWII that credit rating companies came into existence There are now only 3 ◦ TRW(Experian), Equifax, Trans Union In addition to credit information, they are becoming more value added, e.g. software has been developed to give a recommendation of whether or not to grant a loan 34 A 1998 study by the Public Interest Research Group found that 29% of credit reports contained errors that could result in the denial of credit (defined as false delinquencies, or reports listing accounts or public records that did not belong to the consumer). 35 The study also found that 41% of reports had incorrect demographic identifying information, and 20% were missing major credit cards, loans, or mortgages. In total, 70% of reports contained an error of some kind. 36 In 1999 Consumer reports analyzed 1500 randomly selected credit reports What do you think was the error rate? 43% had errors 37 Whatis the most “sensitive” information maintained on you? Physicians’Computer Network weekly interrogates patient files of several thousand doctors for medication information. It sells this data to pharmaceutical companies 38 Disgruntled consultant ◦ Called in at 11:00 and told to leave by noon ◦ Had just completed a major software project and the software was on his system waiting to be uploaded ◦ To work longer hours, company allowed him access to system from home 39 Bank to receive software had been told that it was complete Consultant took home only backup copy of software When consultant got home, he logged into system and added “bugs” to software, then erased any log files for this work 40 When company ran final test on software, it did not work Whatwent wrong at this company? Who was liable? 41 Student is told by a professor that the University’s payroll system cannot be accessed without authorization Student takes 4 hours one evening and accesses the payroll file, but then is so tired he simply logs off and goes to bed 42 University arrests student Student confesses and even tells how to fix security hole Whatshould be done to the student? 43 Therac-25 radiation therapy machine Developed by a Canadian Government corporation – Atomic Energy of Canada Therac – 25 was an extension of the Therac-20, with computer control added 44 Operated in two modes ◦ X-ray for internal or deep cancers High intensity electron beam is deflected by a special tungsten target to give proper level of radiation ◦ Electron Tungsten element removed and intensity reduced for skin lesions 45 The Therac-20 had mechanical interlocks for safety All safety for the Therac-25 was included in the assembly language software Error messages were cryptic and usually meant nothing – just being cautious 46 The basic problem with the therac was that the two modes could get mixed and thus give a high dose without the shield – initially could not be detected 1985 – ◦ woman receives overdose ◦ Company informed but no steps taken ◦ Woman sues, but settled out of court 47 Next month, man receives overdose, and dies, but cause of death was cancer AECL determines that problem is in the turntable switch and “fixes” it – announces ◦ New solution indicates an improvement over the old system by at least “5 orders of magnitude” ◦ In truth they did not know the problem cause 48 AECL told other users that they should not use their machines until new software was delivered ◦ Did not tell any users of deaths or accidents Responsibilities? 49 Intelis known as a company with a bunker like mentality Pentium introduced in 1983 October 1994 error shown 4159835-((4195835/3145727)*3145727 = 256 knew about flaw in Intel summer 50 Intel refused to replace chips except for those customers that “passed” a questionnaire Claimed for “average” user error would occur every 27,000 years IBM claimed error would occur every 24 days December 12– IBM announces will stop shipping faulty chips (Power PC) December 20 Intel says will replace all 51 Microsoft announced Chicago (Windows 95) long before it was ready ◦ IBM’s PS/2 was a major competitor To “lock” market share, IBM announced System/360, even though several models in the line were not available until 2 years later ◦ At the time, Honeywell, among others, had faster systems for less money 52 Automation Productivity New industries Computerization of the workplace ◦ Networking ◦ Travel ◦ The new “workplace” – safety, etc. 53 Free speech in Cyberspace ◦ Surveillance Who owns your e-mail? When can your computer’s files be accessed? Universal access vs limited access 54 Quality of life Use of power Risks and reliability Property rights Privacy Equity & access Honesty and deception 55 56 The pricing of software bears no relationship to the cost of its development. The two factors that do matter are: ◦ market size (which is limited by price and utility) ◦ competition. Given a market for a software product, the maximum margin can be obtained by precluding or eliminating competition. 57 Software companies that are able to thwart competition attain pinnacles of power which are inconceivable in other industries. Example? 58 Partly this is due to the enormous cash flows that are possible in the absence of competition from products with nil reproduction costs Largely it is due to the complexity of software itself, which allows dominant companies to design “standards” which exclude future competition. 59 Stands for GNU’s not Unix Started in 1983 by Richard Stallman at MIT AI Laboratory It’s really GNU/Linux – started to again make software free Mostly maintained through donations of time and material 60 A Unix-like operating system is much more than a kernel; ◦ Includes compilers, editors, text formatters, mail software, and many other things. ◦ Thus, writing a whole operating system is a very large job. We started in January 1984. It took many years. The Free Software Foundation was founded in October 1985, initially to raise funds to help develop GNU. 61 Restricting copying is not the only basis for business in software. It is the most common basis because it brings in the most money. If it were prohibited, or rejected by the customer, software business would move to other bases of organization which are now used less often. There are always numerous ways to organize any kind of business. 62 Probably programming will not be as lucrative on the new basis as it is now. But that is not an argument against the change. It is not considered an injustice that sales clerks make the salaries that they now do. If programmers made the same, that would not be an injustice either. (In practice they would still make considerably more than that.) 63 “We maintain this free software definition to show clearly what must be true about a particular software program for it to be considered free software.” ``Free software'' is a matter of liberty, not price. To understand the concept, you should think of ``free'' as in ``free speech,'' not as in ``free beer.'' 64 Free software is a matter of the users' freedom to run, copy, distribute, study, change and improve the software. In this definition, non-free software is software that you can’t change, extend, etc. More precisely, it refers to four kinds of freedom, for the users of the software: 65 The freedom to run the program, for any purpose (freedom 0). The freedom to study how the program works, and adapt it to your needs (freedom 1). Access to the source code is a precondition for this. The freedom to redistribute copies so you can help your neighbor (freedom 2). 66 The freedom to improve the program, and release your improvements to the public, so that the whole community benefits (freedom 3). Access to the source code is a precondition for this. 67 A program is free software if users have all of these freedoms. Thus, you should be free to redistribute copies, either with or without modifications, either gratis or charging a fee for distribution, to anyone anywhere. Being free to do these things means (among other things) that you do not have to ask or pay for permission. 68 Copylefted software is free software whose distribution terms ensure that all copies of all versions are free software. Copyleft says that anyone who redistributes the software, with or without changes, must pass along the freedom to further copy and change it. Copyleft guarantees that every user has freedom. 69 Open Source is a definition of how software is to be distributed (sold) – Technically there can be differences between open source and free software In some cases, people call open source software that has some licensing restrictions that don’t fit the “free” model 70 Is free software free? ◦ Can I sell you a piece of “free” software? ◦ What happens if you “own” a piece of free software that you need to change? You can do whatever you want to it Who do you get to make those changes?
Pages to are hidden for
"Set 2 _.pptx_ - Ethics"Please download to view full document