Ethics in computing: Some more perspectives
February 26, 2003
1. Another look at the area of “risks”
1.1. Where are we at risk? (3 kinds
of attacks)
2. Review of map of Ethics in computing
http://legacy.eos.ncsu.edu/eos/info/computer_ethics/
2. 1. Licensing + Code of Ethics Issues
2.2. Whistleblowing (and Microsoft’s new management program)
*****************
1. Another look at the issue of “risks” as seen in terms
of war and dangerous situations..(presented
in either/or terms)
“ Computers play an ever-increasing role
in our war-fighting. Most modern weapons
systems depend on computers. Computers also play a central role in military planning
and exercises.
Perhaps computers will eventually do
the fighting and protect human beings. We might even hope that wars would be
fought with simulators,
not weapons. ON THE OTHER HAND, computers
in weapon systems might simply make us more efficient at killing each other and
impoverishing
ourselves. Will computers result in
more slaughter or a safer world?”
“
Computers can be used in potentially
dangerous systems to make them safer. They can monitor motorists,
nuclear plants, and aircraft. They can control medical devices and
machinery. Because they don’t fatigue and are usually vigilant,
they can make our world safer. ON THE
OTHER HAND, the software that controls these systems is notoriously
untrustworthy. Bugs are not
the exception; they are the norm. Will
computers ultimately make us safer or increase our level of risk?”
>
we’re so busy advancing and applying technology that we don’t
look backward or forward.
> humans have a predilection for short-term
optimization without regard for long-term
costs.
>
We need to minimize the risks—“build stronger and more
robust computer systems while remaining
acutely aware of the risks associated with their use. ”
(“Computers: boon or bane?” www.csl.sri.com/users/neumann/insiderisks.html#137)
1.1. Why are we at risk?
First wave of attacks is PHYSICAL –
attacks against computers, wires
and electronics.
Solutions: “distributed protocols reduce dependency on
anyone computer, + redundancy removes single
points of failure.”
(problems we know how to solve)
Second wave of attacks is SYNTACTIC
(coding problems - e.g., vulnerable
software which allows hackers
to plant viruses, etc.)
> we have a bad track record protecting
against hackers but we know what
the problem is…
Third wave of network attacks is SEMANTIC
“ targeting the way we assign meaning
to content.”
(e.g., misinformation spread
on the net with devastating
effect – example of “pump and dump” stock
manipulation (see Feb. 13 lecture
on Fraud)
> note that spreading of false information
is not new to computers BUT now
easier to start attacks + speed their spread…
>
Schneier predicts: “semantic attacks will be more
serious than physical and syntactic attacks.”
“ amateurs tend to attack machines, whereas
professionals attack people.
Any solutions will have to target the people problem not the math problem.”
“
Semantic Network Attacks” www.csl.sri.com/users/Neumann/insiderisks.html#137
2. Other Ethical areas to consider
2.1. Issue of licensure:
Licensing = a mandatory process administered
by a govt. authority.
e.g. car license, exam to
become a CPA, Dr., PhDs,
etc.
Certification = voluntary
process administered by a
profession.
e.g., Novell = networking
certificate
> software programmers have no licensing
requirement.
> what about guidelines for ethical behaviour?
Codes of Ethics appear in all major
computer organizations:
e.g., ACM, IEEE
But “few of these codes are widely known and embraced.”
Individuals using the Net (both
as professionals and as
non-professionals) act alone facing ethical
choices all the time.
“ Computer professionals have obligations
to their employers, to the
customers, to their co-professionals, and to the general public.
. . . these obligations are often in
conflict. ”
e.g., “how should a systems analyst respond if her
employer insists on selling overengineered,
unnecessarily expensive or
otherwise inadequate systems to unknowing customers?”
(Katz, “Review: Code of Ethics for
Programmers”
http://features.slashdot.org/article.pl?sid=99/09/02/2038236&mode=thread)
2.2. “Microsoft and
Whistleblowers”
Who are whistleblowers?
> people inside an organization who see
something unethical and/or
illegal going on and report it to press
and/or arm of govt.
> concern that they not be punished because
of their speaking out..
> examples: engineers involved in the
Challenger disaster who
warned of dangers due to shortcuts made to space shuttle
design and construction
>
Enron employee in U.S. who blew whistle
on Enron’s bogus
accounting practices
How does this relate
to new Microsoft program?
>
as summarized in @Biz: “Critics
fear Microsoft document technology:
Say it could curb whistleblowers: Firm
defends latest software.” (Monday,
Feb. 24,2003)
software = Windows
Rights Management
Services
Microsoft’s claim: companies
complain that their sensitive documents
containing confidential or competitive
data aren’t
secure.
The decision as to
who sees, copies,
prints or forwards
email + files
is determined by
management.
On other side: see
this as a threat
to “some of the best watchdogs
of corporations—their
own employees.. .
. whistleblower groups
said they
worry limited access
to information could
let companies get
away with breaking
the law.”
|