Lecture February 26, 2003

Ethics in computing: Some more perspectives
February 26, 2003


1. Another look at the area of “risks
1.1. Where are we at risk? (3 kinds of attacks)

2. Review of map of Ethics in computing
http://legacy.eos.ncsu.edu/eos/info/computer_ethics/

2. 1. Licensing + Code of Ethics Issues

2.2. Whistleblowing (and Microsoft’s new management program)

*****************

1. Another look at the issue of “risks” as seen in terms of war and dangerous situations..(presented in either/or terms)

“ Computers play an ever-increasing role in our war-fighting. Most modern weapons systems depend on computers. Computers also play a central role in military planning and exercises. Perhaps computers will eventually do the fighting and protect human beings. We might even hope that wars would be fought with simulators, not weapons. ON THE OTHER HAND, computers in weapon systems might simply make us more efficient at killing each other and impoverishing ourselves. Will computers result in more slaughter or a safer world?”

“ Computers can be used in potentially dangerous systems to make them safer. They can monitor motorists, nuclear plants, and aircraft. They can control medical devices and machinery. Because they don’t fatigue and are usually vigilant, they can make our world safer. ON THE OTHER HAND, the software that controls these systems is notoriously untrustworthy. Bugs are not the exception; they are the norm. Will computers ultimately make us safer or increase our level of risk?”

> we’re so busy advancing and applying technology that we don’t look backward or forward.
> humans have a predilection for short-term optimization without regard for long-term costs.
> We need to minimize the risks—“build stronger and more robust computer systems while remaining acutely aware of the risks associated with their use. ”

(“Computers: boon or bane?” www.csl.sri.com/users/neumann/insiderisks.html#137)

1.1. Why are we at risk?

First wave of attacks is PHYSICAL –
attacks against computers, wires and electronics.
Solutions: “distributed protocols reduce dependency on anyone computer, + redundancy removes single points of failure.”
(problems we know how to solve)

Second wave of attacks is SYNTACTIC
(coding problems - e.g., vulnerable software which allows hackers to plant viruses, etc.)
> we have a bad track record protecting against hackers but we know what the problem is…

Third wave of network attacks is SEMANTIC

“ targeting the way we assign meaning to content.”
(e.g., misinformation spread on the net with devastating effect – example of “pump and dump” stock manipulation (see Feb. 13 lecture on Fraud)
> note that spreading of false information is not new to computers BUT now easier to start attacks + speed their spread…

> Schneier predicts: “semantic attacks will be more serious than physical and syntactic attacks.”
“ amateurs tend to attack machines, whereas professionals attack people. Any solutions will have to target the people problem not the math problem.”
“ Semantic Network Attacks” www.csl.sri.com/users/Neumann/insiderisks.html#137

2. Other Ethical areas to consider
2.1. Issue of licensure:

Licensing = a mandatory process administered by a govt. authority.
e.g. car license, exam to become a CPA, Dr., PhDs, etc.

Certification = voluntary process administered by a profession.
e.g., Novell = networking certificate

> software programmers have no licensing requirement.
> what about guidelines for ethical behaviour?
Codes of Ethics appear in all major computer organizations: e.g., ACM, IEEE
But “few of these codes are widely known and embraced.”

Individuals using the Net (both as professionals and as non-professionals) act alone facing ethical choices all the time.

“ Computer professionals have obligations to their employers, to the customers, to their co-professionals, and to the general public.
. . . these obligations are often in conflict. ”

e.g., “how should a systems analyst respond if her employer insists on selling overengineered, unnecessarily expensive or otherwise inadequate systems to unknowing customers?”
(Katz, “Review: Code of Ethics for
Programmers”
http://features.slashdot.org/article.pl?sid=99/09/02/2038236&mode=thread)

2.2. “Microsoft and Whistleblowers”

Who are whistleblowers?
> people inside an organization who see something unethical and/or illegal going on and report it to press and/or arm of govt.
> concern that they not be punished because of their speaking out..

> examples: engineers involved in the Challenger disaster who warned of dangers due to shortcuts made to space shuttle design and construction
> Enron employee in U.S. who blew whistle on Enron’s bogus accounting practices

 

How does this relate to new Microsoft program?

> as summarized in @Biz: “Critics fear Microsoft document technology: Say it could curb whistleblowers: Firm defends latest software.” (Monday, Feb. 24,2003)

software = Windows Rights Management Services


Microsoft’s claim: companies complain that their sensitive documents containing confidential or competitive data aren’t secure.
The decision as to who sees, copies, prints or forwards email + files is determined by management.


On other side: see this as a threat to “some of the best watchdogs of corporations—their own employees.. . . whistleblower groups said they worry limited access to information could let companies get away with breaking the law.”

This page last revised 02/26/03