1 Module 1: Introduction to Social and Ethical ComputingHistorical Development of Computing Development of the Internet Development of the World Wide Web The Emergence of Social and Ethical Problems in Computing The Case for Computer Ethics Education

2 Historical Development of Computing and Information Technology Before 1900ADFrom time immemorial, human beings have been trying to make their lives easy and worth living through the invention of gargets. The invention of the computer and, therefore, the history of computing has taken the same track. The timeline of the historical development of computing spreads out like the recorded history of humanity itself. Ever since human beings gained the right to rent their stay on earth, they have invented tools, from stone age cutting tools to current computers, in order to make life easy. Besides tools that make life easy, human beings have always been fascinated with numbers. So no wander, therefore, that even the first utility tools that are recorded in history, dealt with numbers. For example, it is believed that the first prime numbers recorded on animal bones and rocks, the only available and durable storage devices of the time, were done between 20,000 BC to 30,000 BC. By 1800 BC, the first place-value number system, was in place. To help merchants trading goods quickly calculate their goods bought and sold and gains and losses and, therefore, boost commerce, there was a need to invent a device to do that mathematics quickly.

3 This led to the invention of the abacus, the device many believe was the mother of the digital computer as we know it today, between 1000BC to 500BC. Without performing actual calculations, the abacus helps the persons using it to keep track of the calculated results they have done in their heads. Zero and negative numbers were first used between 300BC to 500AD. The period between 1500AD and 1900AD saw a lot of activities in the development of computing devices. Many of these activities were driven by the commerce of the time. In 1500AD the computing community got a boost when Leonardo da Vinci invented a mechanical calculator. This was followed in 1621 AD by the invention of the slide rule. Leonardo da Vinci’s mechanical calculator was followed by Wilhelm Schichard’s mechanical calculator in 1625 and fifteen years later by Blaise Pascal’s Arithmetic Machine.

4 The major breakthrough in speed up came in 1800 AD with the invention of the punched card by Joseph-Marie Jacquard, a French silk weaver. Jacquard’s punched card revolutionized computing in a sense that it quickly spread in other fields where it was used not only to speed up computation by also to store information. The period after 1830 AD was an exciting period in the history of computing because during this period, there were successive history making inventions starting with Charles Babbage’s Analytical Engine in 1830 and George and Edward Schutz’s Difference Engine. Within a decade, these were followed by one of the major milestone inventions in computing and mathematics; George Boole’s invention of Boolean Algebra. The invention of Boolean Algebra opened up the fields of mathematics, engineering, and computing to the new frontiers in logic in which possibilities are boundless. Sir Charles Wheatstone’s invention of the paper tape to store information in 1857, created new excitement in the computing community of the time. With paper tape, huge amounts of data could be fed into the computing device and similar quantities could be stored. This invention brought computing to a new level and into a new era.

5 From mid 1850 through the turn of the century, computing made broad progress with various inventions including the invention of the Logic Machine by William Stanley Jovons in 1869AD, the invention of the first Keyboard by Sholes around 1874, and the rectangular Logic Diagrams by Allan Marquand in 1881. Starting around 1890, a burst of major inventions similar to those of 1850s started all over again. In 1886, Charles Pierce first linked Boolean Algebra to circuits based on switches, a major break through in mathematics, engineering and computing science. In 1890 John Venn invented the Venn diagrams now used extensively in switching algebras in both hardware and software development. And in 1890, Herman Hollerith invented the Tabulating Machine. Hollerith’s invention utilized Jacquard’s punched card to read the presence or absence of holes. The data read was to be collated using an automatic electrical tabulating machine with large number of clock-like counters that summed up and accumulated the results in a number of selected categories.

6 After 1900 AD The inventions before 1900AD were all crucial building blocks of the computing industry. The period created a child but the child did not start blossoming until the second period that started around the turn of the twentieth century. The Century began with a major milestone in the computing history, by the invention of the vacuum tube by John Ambrose Fleming. This was a major development in computing as the vacuum tube played a major role in computing for the next half century. All digital computer in the first half century ran on vacuum tubes. The next twenty years saw development of computing with a variety of inventions including the invention of the triode by Lee de Forest in 1906. However, another major milestone invention, was to be born during this period. Although it was not to come into full use for some time, but 1926 saw the invention of the first semiconductor transistor that will come to dominate the computing industry in late years.

7 1937 saw a milestone invention in the history of computing1937 saw a milestone invention in the history of computing. The invention of the Turing Machine by Alan Turing in 1937 was as revolutionary as it was exciting. Turing, an English mathematician, showed by the invention of an abstract computer, that some problems do not lend themselves to algorithmic representations, and therefore, not computable. A major development in computing. Turing was seven years later to work on the design of COLOSSUS, one of the first working programmable digital computers.

8 Two years after Turing, in 1939, the world was to see its celebrated first digital computer developed by John Vincent Atanasoff, a lecturer at Iowa State College (now University). Atanasoff’s computer was the first special –purpose electronic digital computer. Working with his graduate assistant Clifford Berry, Atanasoff designed a device that utilized capacitors to store electronic charge to represent Boolean numbers 0 and 1 to be used by the machine in calculations, a major break through in computing history. Input and output data was on punched cards and Atanasoff’s magic was in creating a storage representation for intermediate data in the machine as it is used by the digital machine for calculations before it is output on the punched cards and tape. There is doubt, however, whether Atanasoff’s model ever worked. Around the same time Atanasoff and Berry were working on their model in 1939, Howard Aiken, a graduate of Harvard University, was developing the first large scale automatic digital computer. Aiken’s computer came to be known as the Harvard Mark I (also known as IBM automatic sequencer calculator- ASCC)

9 The next ten years saw the development of the actual working models of the digital computer as we know it today. In 1943, Alan Turing, working as a cryptographer, constructed the COLOSSUS, considered by many as the world’s earliest working programmable electronic digital computer. The COLOSSUS, designed to break the German ENIGMA code, used about 1800 vacuum tubes and it was to execute a variety of routines. Around the time the COLOSSUS was being developed by Alan Turing, a team of John William Mauchly and J. Presper Eckert Jr., working at the University of Pennsylvania, was developing another vacuum tube-based general purpose electronic digital computer. Their model named electronic numerical integrator and computer, (ENIAC) was 10 feet high, weighed 30 tons, occupied 1000 square feet, and used about 70,000 resistors, 10,000 capacitors, 6000 switches, and 18,000 vacuum tube. After ENIAC went in use, the team encountered a number of problems the main being that it did not have an internal memory because it was hard-wired and it was consistently programmed by switches and diodes. This problem had to be worked on for the next model. From 1944 through 1952, the team developed a new computer called the electronic discrete variable automatic computer – EDVAC.

10 This is believed to be the truly first general purpose digital computer.EDVAC was a stored-program computer with internal read-write memory to store program instructions. The stored program concept gave the device the capability for the program under execution to branch to alternative instruction sequences elsewhere in the stored program. When it was completed in 1956, EDVAC was still a carousal machine with 4,000 vacuum tubes and 10,000 crystal diodes. Although most of these activities were taking place in USA, there were other efforts in other countries. For example, around the time EDVAC was being developed, there was an experiment at the University of Manchester in the United Kingdom also based on the stored program concept. By 1948, the Manchester team had produced a machine working with 32 words of memory and a 5-instruction set. Still in England, at Cambridge University, the electronic delay storage automatic calculator- EDSAC was produced in 1949. Across the Atlantic in 1948, the universal automatic computer – UNIVAC I, became the first commercially available computer.

11 From that point, the general purpose computer took on a momentum of its own. They become bigger and more powerful. Companies sprang up both in US and Europe to manufacture these wonder machines. Among the leaders were: International Business Machines (IBM), Honeywell, and Control Data Corporation (CDC) in the USA, and International Computers Limited, (ICL) in UK. These companies and a number of others, built what came to be known as the mainframe, huge computers that consisted of a 4 to 5 feet by 8 feet tape drives, a huge control processing unit, a huge printer, several huge fixed disks, a large card reader and a paper punch. These components usually filled a large room or two. Because these computers were big, expensive, and difficult to use – computers users could only use the computers through a computer operator. The computer operator fed jobs to the computer via a card or tape reader. The jobs were submitted to the card reader as decks of punched cards. Because of the fact that these computers were big, expensive and difficult to use, only large companies and institutions were able to use them.

12 Around mid to late sixties, a movement to make computers less expensive and more affordable started gathering momentum. This movement led to a number of developments. First it led to the manufacture of a less expensive but smaller computer – the medium range computer commonly referred to as minicomputer. Secondly, it started a mode of computing that later led to networking. This was the timesharing, where, one computer could be used by a number of users who would remotely connect on to the mainframe. Third and most important, it led to a milestone in the history of computing. This milestone occurred between 1971 and This was the development of the first microprocessor. A microprocessor is an integrated circuit with many transistors on a single board. Before the birth of the microprocessor, computer technology had developed to a point that vacuum tubes and diodes were no longer used. Computers were now constructed from thousands of transistors. The demand for more powerful computers, necessitated the development of computers with many thousands of transistors. But it was not possible at the time to simply pack more transistors and create a working, more powerful computer, a way forward had to be found.

13 The Development of the MicroprocessorThe way forward was found by Ted Hoff. Hoff designed the world’s first microprocessor, the The fours in 4004, indicated that the device had a 4-bit data path. The 4004 microprocessor was a four-chip system consisting of 256-byte ROM, a 32-bit RAM, 4-bit data path, and 10-bit shift register. It used 2,300 transistors to execute 60,000 operations per second, a top speed at the time [3]. The development of the first microprocessor caught the world off guard. Even Biscom, the company that had commissioned Hoff, did not understand the potential of the So they requested him to design the twelve-chip set they hard originally wanted him to design [3].

14 In 1972, Intel, designed and introduced the 8008, an 8-bit microprocessor based on the 4004.The was historic in its own right in that it was the first microprocessor to use a compiler, a system program that interprets user inputs into machine code and machine code to system outputs understandable by the user. The 8008 supported the compiler called PL/M. Both the 4004 and the 8008 were specific application microprocessors. The truly general purpose microprocessor come out in It was the 8080, an 8-bit device with 4,500 transistors and packing an astonishing 200,000 operations per second. From 1974, the development of microprocessors exploded as companies like Motorala developed the 6800 in 1974, MOS Technology developed the 6502 in 1975, and Zilog developed the Z80 in Since then, many new companies have sprung up and the speed, density of transistors, and functionality of microprocessors has been on the rise. .

15 Historical Development of Computer Software and Personal Computer (PC)Up until mid 1970s, the development of computing science was led by hardware. Computers were designed and software was designed to fit the hardware. The development of software to run the computers was in the hands of the companies that designed the hardware. The break from this routine came from two fronts: 1976 when the Apple I and Apple II microcomputer were unveiled, and 1981 when IBM joined the PC wars. These two developments started a new industry, the personal computing industry. Perhaps the PC industry may not have been the way it is today, were it not the development of the personal computer operating system (OS). The history of the development of the PC operating system, hence the birth of the PC industry, involved three players: IBM, Gary Kildall, the fellow who developed CP/M, the PC operating system many believe to be the first PC operating system, and Bill Gates, the develop of the Disk Operating System (DOS). The story, part legend, behind these players is the story of the beginning of the PC. The legend has it that when IBM developed the personal computer based on Intel’s 8088 microprocessor, in 1981, IBM needed an operating system. It is alleged that IBM approached Both Kidall and Gates. However, Kidall was out flying and failed to attend to IBM’s request before Gates did. Gates developed the first DOS and a version of the BASIC programming language for IBM and the rest is history

16 The Development of the InternetThe Internet, a global network of computers, owes its development on the invention of four technologies: telegraph, telephone, radio, and computers. History has it that the Internet originated from the early work of J.C.R. Licklider of Massachusetts Institute of Technology (MIT) on "Galactic Networks". Licklider conceptualized a global interconnected set of computers with communication channels between them through which programs and data could be accessed quickly by any computer from any computer . The networking concept envisioned by Licklider would support communication between network nodes using a concept of packets instead of circuits, thus enabling computers to talk to each other. He left MIT to head the computer research program at the Department of Defense’s Defense Advanced Research Projects Agency (DARPA) in 1962. A year before, in 1961 at MIT, researcher Leonard Kleinrock had published what is believed to be the first published work on packet switching theory . This work created the momentum for the packet switching network concept.

17 However, it was not the only work on the concept, there were two additional independent projects on this same topic, that of Donald Davies and Roger Scantleberg at the British National Laboratory (BNL) which later was credited with coining the term "packet", and that of Paul Baran at RAND. In 1965, Lawrence Roberts at MIT, who had been collaborating with Licklider, and Thomas M. Roberts connected and tested the TX-2 computer from Boston on the east coast of USA to the Q-32 computer in Los Angels on the west coast of the USA, with a low speed dial-up telephone line. This test experiment created the first working Wide Area Network (WAN). This experiment opened up doors for all computer network communications as known today. In 1966 Roberts left MIT for DARPA to develop the computer network concept publishing the first plan for ARPNET in 1967. In 1968, a go ahead was given by DARPA for the development of the packet switches called Interface Message Processors (IMP). As the team, lead by Frank Heart and included Bob Kahn, developed the IMP, a team consisting of Roberts and Howard Frank designed the network topology and economics, and the network measurement system were done by Kleinrock and his team .

18 The work of these teams led to the testing of the first IMP at UCLA in 1969 connected to a second node at Stanford Research Institute (SRI). After these tests, more nodes were added to ARPNET and by end of 1969 four nodes formed ARPNET [5]. From this point on the Internet started to grow. However, more work was needed to incorporate the host-to-host protocol into ARPNET. The first host-to-host protocol called Network Control Protocol (NCP) was developed by the Network Working Group (NWG) in But NCP did not have “the ability to address networks further downstream than a destination IMP on the ARPNET” . Kahn then developed what later became the Transmission Control Protocol/Internet Protocol (TCP/IP). As the number of nodes increased, more universities joined the exclusive club, and APRANET became not only a research facilitator, but it also became a free federally funded postal system of electronic mail.

19 In 1984, the U.S. National Science Foundation (NSF) joined ARPANET in starting its own network code named NSFNET. NSFNET set a new pace in nodes, bandwidth, speed and upgrades. This NSF funded network brought the Internet in the reach of many universities throughout the USA and internationally that would not otherwise afford the costs, and many government agencies joined in. At this point other countries and regions were establishing their own networks With so much success and fanfare, ARPANET ceased to exist in 1989. As the number of nodes on the Internet climbed into hundreds of thousands worldwide, the role of sponsoring agencies like ARPA and NSF became more and more marginalized. Eventually in 1994 NSF also ceased its support of the Internet. The Internet by now needed no helping hand since it had assumed a momentum of its own.

20 The Development of the World Wide WebThe World Wide Web, as we know it today, had its humble beginning from concepts contained in Tim Berners-Lee’s 1989 proposal to physicists calling for comments. Berners-Lee, a physicist researcher at the European High-Energy Particle Physics lab- the Conseil Europeenne pour la Recherché Nucleaire (CERN), Switzerland, wrote the proposal called HyperText and CERN, to enable collaboration between physicists and other researchers in the high energy physics research community. Three new technologies were incorporated. They were: HyperText Markup Language (HTML) based on the hypertext concepts- to be used to write web documents, HyperText Transfer Protocol (HTTP) a protocol to be used to transmit web pages between hosts, and a web browser client software program to receive and interpret data and display results. His proposal also included a very important concept for the user interface. This browser supported interface was based on the concept that it would be consistent across all types of computer platforms to enable users to access information from any computer. The line-mode interface was developed and named at CERN in late 1989 and it came to be known as the world wide web or www.

21 By 1991, the concept developed only two years back was put into practice on a limited network at CERN. From the central computer at CERN with few web pages, the number of servers started to grow from the only one at CERN in 1991, to 50 world wide by 1992, to 720,000 by 1999, and to over 24 million by 2001 [6]. In the US, in 1993, Marc Andreesen, an undergraduate student at the University of Illinois at Urbana-Champaigne, and his team, while working on a National Center for Supercomputing Applications (NCSA), developed another graphic user interface browser they named Mosaic. The graphic user interface (GUI) popularized the user and fueled the growth of the world wide web to bring it to the point where it is today.

22 The Emergence of the Social and Ethical Problems in ComputingThe Emergence of Computer Crimes The known history of computer crimes is not as old as computing is. One can perhaps say that the history of computer crimes started with the invention of the computer virus. The term virus is derived from a Latin word virus which means poison. For generations, even before the birth of modern medicine, the term had remained mostly in medical circles, meaning a foreign agent injecting itself in a living body, feeding on it to grow and multiply. As it reproduces itself in the new environment, it spreads throughout the victim's body slowly disabling the body’s natural resistance to foreign objects, weakening the body’s ability to perform needed life functions and eventually causing serious, sometimes fatal effects to the body. A computer virus, defined as a self-propagating computer program designed to alter or destroy a computer system resource, follows almost the same pattern but instead of using the living body, it uses software to attach itself, grow, reproduce and spread in the new environment. As it spreads in the new environment, it attacks major system resources that include the surrogate software itself, data, and sometimes hardware weakening the capacity of these resources to perform the needed functions and eventually bringing the system down.

23 The word virus was first assigned a non-biological meaning in the 1972 science fiction stories about the G.O.D. machine, that were compiled in a book When Harly was One by David Gerrod ( Ballantine Books, First Edition, New York, NY, 1972). The term was first used to describe a piece of unwanted computer code. Later association of the term with a real world computer program was done by Fred Cohen, then a graduate student at the University of Southern California. Cohen first presented his ideas to a graduate seminar class in information security in His seminar advisor, Len Adleman, was the first to assign the term "virus" to Cohen's concept. As part of these experiments, Cohen wrote five programs, actually viruses, to run on a VAX 11/750 running Unix, not to alter or destroy any computer resources but for class demonstration. During the demonstration, each virus obtained full control of the system within an hour [8]. From that simple beginning, computer viruses, and hence computer crimes have been on the rise. Table 1.1 shows, the explosive growth of reported incidents of cyber attacks, most of which are virus attacks.

24 The Case for Computer Ethics EducationWhat is Computer Ethics According to James H. Moore, who is believed to have first coined the phrase "computer ethics", computer ethics is the analysis of the nature and social impact of computer technology and the corresponding formulation and justification of policies for the ethical use of such technology . Moore's definition focuses on the human actions that are routed in computer technology or influenced by computer technology. In other words, it is a study, an analysis of the values of human actions influenced by computer technology. Computer influence on human actions is widespread throughout the decision making process preceding the action. We are looking for a way to deal with these problems, probably through education. So the definition of computer ethics, as outlines by Moore, gives us a starting point on this long journey.

25 Why You Should Study Computer EthicsMoore’s contention is that the central task of computer ethics, in decision making processes that involve computer technology, should be to “determine what should be done” whenever there is a policy vacuum. Moore first observed that there are times when policy vacuums are created in the decision making processes, especially those that involve processes in which computer technology is ‘essentially involved’. It is difficult to fully explain the cause of these vacuums, but one can say that they are mainly caused by the ‘confusion’ between the known policies and what is presented. Moore tries to explain these muddles by a software example. Software offers a multiplicities of choices to the decision maker by computer technology, which can result in policy vacuums. Several other factors contribute to the creation of these muddles. It is likely that computer users, especially computer professionals, may be unprepared to deal effectively with the ethical issues that arise in their places of work and everywhere else computers and computer related technology is used. So naturally one would come to a conclusion that since we cannot stop computer technology which causes these muddles, we need a plan of action that will work with the changing computing technology and at the same time deal with the ethical issues that do arise. We need computer ethics education.

26 There are two schools of thoughtThere are two schools of thought. One school, believes in the study of computer ethics as remedial moral education. The other schools believes in computer ethics education not as a moral education but as a field worthy of study in its own right. But for it to exist as a separate independent field of study, there must be a unique domain for computer ethics distinct from the domain for moral education, distinct even from the domains of other kinds of professional and applied ethics . In his paper “Is Computer Ethics Unique?”, Walter Maner explains the existence of the two schools with two views that: (i) certain ethical issues are so transformed by the use of computers that they deserve to be studied on their own, in their radically altered form, (ii) the involvement of computers in human conduct can create entirely new ethical issues, unique to computing, that do not surface in other areas.

27 According to Maner there are six levels of justifications for the two views, the first two for the first school and the last four for the second school : We should study computer ethics because doing so will make us behave like responsible professionals. We should study computer ethics because doing so will teach us how to avoid computer abuse and catastrophes. We should study computer ethics because the advance of computing technology will continue to create temporary policy vacuums. We should study computer ethics because the use of computing permanently transforms certain ethical issues to the degree that their alterations require independent study. We should study computer ethics because the use of computing technology creates, and will continue to create, novel ethical issues that require special study. We should study computer ethics because the set of novel and transformed issues is large enough and coherent enough to define a new field. Whatever school one falls in, there is enough justification to study computer ethics.

28 Module 2: Morality and the LawDefinition of Morality Moral Theories Moral Codes Moral Standards Guilt and Conscience Natural Law Conventional Law Purpose of Laws Morality and the Law Ethical and Social Issues - J.M. Kizza

29 Definition of MoralityA set of rules of right conduct A system used to modify and regulate our behavior It includes virtues like: Love for others Compassion. Desire for justice. Ethical and Social Issues - J.M. Kizza

30 Ethical and Social Issues - J.M. KizzaMorality … It builds character traits in individuals. It is group-based in the sense that it is a set of shared rules, principles and duties applicable to a group/society and independent of religion. It has no reference to social standing of individuals in the group It is influenced by other factors like: Time place Ethical and Social Issues - J.M. Kizza

31 Ethical and Social Issues - J.M. KizzaMoral Theories Each group/society justifies its beliefs in the system (set of rules of right conduct) using theories- Moral Theories. Moral theories seek to introduce a degree of rationality and rigor into moral deliberations. (plausibility) The rationale for our decisions is based on moral theories Good decisions must ensure: sound reasoning Impartiality Ethical and Social Issues - J.M. Kizza

32 Ethical and Social Issues - J.M. KizzaMoral Theories… 5. These must be guided through: Use of rational intuition- based on moral principles Use of reason to achieve the highest moral good Ability to distinguish between primary and secondary moral principles ( general to more specific) Rational calculation of consequences of action based on the decision Ethical and Social Issues - J.M. Kizza

33 Ethical and Social Issues - J.M. KizzaMoral Codes Rules or norms within a group or society for what is proper behavior for the members Shared and behavioral patterns (for survival of the group/society) There are some cultural-free and timeless moral codes Moral codes exert control over actions of members of that society or group Compliance/adherence to the group’s moral code is almost involuntary Ethical and Social Issues - J.M. Kizza

34 Ethical and Social Issues - J.M. KizzaMoral Standards A moral standard is a special moral norm that guides and enforces policy Standards consists of: Enforcement of moral codes Self-judgment (Guilt) Moral standards lax when enforcement and self-judgment decline Ethical and Social Issues - J.M. Kizza

35 Ethical and Social Issues - J.M. KizzaGuilt and Conscience Morality as the system that sets standards for virtuous conduct also contains judgment and enforcement mechanisms Guilt is an internal judging and enforcement mechanism that consists of: Self-judging and punishing oneself for not living up to the moral standards Self-forgiveness based on one’s set of “ moral standards” Conscience is the capacity and ability to self-judge based on self moral standards Ethical and Social Issues - J.M. Kizza

36 Ethical and Social Issues - J.M. KizzaGuilt and Conscience … Conscience is motivated by one’s: Pride Compassion Empathy Love Personal identification Conscience initiates one’s guilt feeling Ethical and Social Issues - J.M. Kizza

37 Ethical and Social Issues - J.M. KizzaLaw Rules of conduct or actions recognized by customs or decreed by a formal body and enforceable by some instrument. We obey two types of laws: Natural and Conventional Ethical and Social Issues - J.M. Kizza

38 Ethical and Social Issues - J.M. KizzaNatural Law Unwritten but universal consists of rights: Self-defense (preservation) Individual property Liberty It is a higher form of human law, therefore, independent of human preferences and applies to all rational creatures of nature Before organized human societies, humans existed because of natural law. Civilization is based on it. Ethical and Social Issues - J.M. Kizza

39 Ethical and Social Issues - J.M. KizzaConventional Law It is a system of rules created by and for human beings – through, though not always, public deliberations It varies from society to society Its purpose is to: Protect human life, property and liberty. prescribe a system or punishments for unlawful acts – Penal Code Ethical and Social Issues - J.M. Kizza

40 Ethical and Social Issues - J.M. KizzaMorality and the Law Laws are derived from moral codes The differences are stated on pages 8 and 9. Ethical and Social Issues - J.M. Kizza

41 Module 3: Ethics, Technology and ValuesTraditional Definition of Ethics Ethical Theories Functional Definition of Ethics Codes of Ethics Reflections on Computer Ethics Technology and values Ethical and Social...J.M.Kizza

42 Traditional Definition of EthicsEthics comes from a Greek word ethe’ which means character. A set of theories of value, virtue or of right action A set of theories to provide general rules/principles to be used in making moral decisions to provide justification for those rules Every human action is judged to be good/bad based on these theories Ethical and Social...J.M.Kizza

43 Ethical and Social...J.M.KizzaEthical Theories A system of justices developed, tested, revised, and debated over the years by groups/societies. Codes of Ethics are based on these theories Processes of reasoning, explanation, and justification used in ethics are based on these theories. Some of the theories are: (1) Consequentialism actions are judged good/bad depending on the outcome/ results of such actions There are three types of Consequentialism: Ethical and Social...J.M.Kizza

44 Ethical and Social...J.M.KizzaTheories… (I) Egoism- putting an individual’s interests and happiness above everyone else’s. (ii) Utilitarianism – putting a group’s interests and happiness above self. (iii) Altruism – actions are judged good if the consequences are favorable to all except the actor (2) Deontology – (duty theory - militaristic) – an action is good if done as a duty. (3) Human nature – actions are judged good based on the capabilities of the actor (guilty by reasons of insanity) (4) Relativism – this takes right and wrong to be relative to society ( hence no universal norms). Ethical and Social...J.M.Kizza

45 Ethical and Social...J.M.KizzaTheories… (5) Hedonism - this seeks maximum pleasure for all. (6) Emotivism – this states that ethical statements are neither true nor false but depend on individuals. Ethical and Social...J.M.Kizza

46 Ethical and Social...J.M.KizzaTheories … These theories are used as engines to help understand and justify human actions Theories have not changed with time and technology although the premises for human actions have changed Theories are used in layers of reasoning to justify all human actions. Ethical and Social...J.M.Kizza

47 Functional Definition of Ethics1 if good/right f(A,B) = { 0 if bad/wrong where a Є A = { set of all human actions } b Є B = { set of all ethical theories } The function f is an ethical decision function that assigns to every pair (a,b) a unique binary value of 1 for good or 0 for bad. Ethical and Social...J.M.Kizza

48 Ethical and Social...J.M.KizzaCodes of Ethics See ACM Web Page See also the textbook pages Ethical and Social...J.M.Kizza

49 Objectives of Codes of EthicsDisciplinary: By instilling discipline, the group or profession ensures professionalism and integrity of its members. Advisory: The codes are usually a good source of tips to members and offer advice and guidance in areas where there are fuzzy moral issues. Educational: Ethical codes are good educational tools for members of the domain, especially the new ones who have to learn the do’s and don’ts of the new profession. These codes are also a good source of renewal for the older members needing to refresh and polish their possibly waning morals. Inspirational: Besides being disciplinary, advisory, and educational, the codes should also carry subliminal messages to those using them to inspire them to be “good.” Publicity: One way for professions to create a good clientele is to show that they have a strong code of ethics and, therefore, their members are committed to basic values and are responsible. Ethical and Social...J.M.Kizza

50 Reflections on Computer EthicsWhat makes computer ethics the same/different from traditional ethics: Changing premises Different temptations(see page 58-59) Different means of delivery Complacency Ethical muddles Ethical and Social...J.M.Kizza

51 Ethical and Social...J.M.KizzaTechnology and values Technology is influencing the ethical and moral values of societies. Successful technological advances have created tempting situations by: Adding value Removing value Changing value Ethical and Social...J.M.Kizza

52 Technology and Values…To keep society’s values we need to: formulate new laws to strengthen existing values ( made obsolete by technological advances) Construct a new conceptual model in which to apply the changing value system (new) Launch massive education campaigns Ethical and Social...J.M.Kizza

53 Module 4: Ethics and the ProfessionsIntroduction Evolution of Professions The Making an Ethical Professional: Education and Licensing Professional Decision Making and Ethics Professionalism and Ethical Responsibilities Ethical and Social... J.M.Kizza

54 Evolution of ProfessionsProfessions have a long history: They started in medieval period (England) with craftsmen’s guilds and Inns. Guilds upheld: Apprenticeship and standards Competence Performance Later intellectualism became a highly important requirement Ethical and Social... J.M.Kizza

55 Evolution of Professions …Professionalism today requires: A set of highly developed skills and a deep knowledge domain Autonomy Observance of a code of conduct – there are four intertwined sets of codes a professional must abide by. These are: Ethical and Social... J.M.Kizza

56 Evolution of Professions …(i) Professional code (ii) Personal code (iii) Institutional code (iv) Community/(civil) code See figure 4.1 Ethical and Social... J.M.Kizza

57 Evolution of Professions …Professionals must have: Commitment (see page 70) The person making the commitment must do so willingly without duress. The person responsible must try to meet the commitment, even if help is needed. There must be agreements on what is to be done, by whom, and when. The commitment must be openly and publicly stated. The commitment must not be made easily. Prior to the committed date, if it is clear it cannot be met, advance notice must be given and a new commitment negotiated. Integrity with three maxims of: Vision Love Commitment Responsibility (see pages 72/73) Provider Service responsibility Product responsibility Consequential responsibility Ethical and Social... J.M.Kizza

58 Responsibility (cont.)Accountability A set of outcome measures that reliably and objectively evaluate performances – minimum set of measures that must be met. A set of performance standards defined in terms of these outcome measures – common standards. A set of incentives for meeting the standards and/or penalties for failing to meet them. Ethical and Social... J.M.Kizza

59 Making an Ethical ProfessionalFormal Education Licensing Professional codes of Conduct must include: Enforcement Reporting of grievances Hearing procedures Sanctions Appeals Ethical and Social... J.M.Kizza

60 Professional Decision Making and EthicsProfessional dilemmas in decision-making are caused by: Conflicting codes of conduct Advances in technology Incomplete/ misleading information (prisoner’s dilemma) Guilt in decision-making may lead to: Withdrawal Making and Evaluating Ethical Arguments Ethical and Social... J.M.Kizza

61 Ethical and Social... J.M.KizzaThe process of ethical reasoning must avail the decision maker with a safe or valid alternative from a multitude of alternatives presented by the ethical problems -a way out of the ethical muddles presented by the ethical problem. As the process of reasoning progresses, the following information will start to emerge: Information to confirm whether the problem is really an ethical problem or not. Information on whether further description of the facts can add anything to the resolution process of the problem Information to identify the key ethical theories, principles, and values that fit the safe alternatives being pursued information on the strength and validity of the ethical theory chosen and whether there are possible conflicts in the ethical theories, principles and values with the reasoning processes and facts. Once a final decision have been made, an evaluation of that decision is needed. The goal of evaluating an ethical argument is to make sure that each of the alternatives being considered is “weighted” against all others using the facts at hand. Ethical and Social... J.M.Kizza

62 Guilt and Making Ethical DecisionsIn an ethical decision making process, decisions are made based on and reflect consequences, individual liberties, and justice. To achieve this, individuals can use any other ethical theories to frame or make ethical choices that reflect the selected criteria. However, whatever theory used, the outcome falls in one of the following three criteria: Utilitarian criterion – where decisions are made solely on the basis of their intended outcomes or consequences. Rights criterion – where decisions are made based on the set of liberties the society enforces like the Magna Carta and the Bill of Rights. Justice criterion – which reflect justice. Decisions are made so that they are fair, impartial, and equitable to all. Ethical and Social... J.M.Kizza

63 Ethical and Social... J.M.KizzaDecisions .. Decisions are based on the outcome of an individual’s deliberations, considering all input parameters and attaching values to these premises for a thorough examination of each premise by the individual This process is aided by the individual reflecting on these basic steps: Examining the ethically relevant issues, principles, standards, and practices. Determining the different parties (and their special interests) who will be affected by your decision. Deciding on an alternative course of action if and when the outcome of the decision is not what is expected. Considering the probable consequences (short and long term) of each alternative on each of the different parties involved. Thinking of consulting with a trusted colleague if the situation is complex, risky, or there is undue personal involvement. Determining how personal values, biases, beliefs, or self-interests influenced the decision (either positively or negatively) and whether the consequences of the decision have been evaluated. Being prepared to (1) assume responsibility for the consequences of the action, including correction of negative consequences, if any, (2) re-engage in the decision-making process if the ethical issue is not resolved, and (3) evaluate the system(s) within which the issue arose, in order to identify and remove the circumstances that might facilitate and reward unethical practices. Ethical and Social... J.M.Kizza

64 Professionalism and Ethical ResponsibilitiesWhistle-blowing gives the impression of an act of seeking public attention- The purpose of whistle-blowing in the workplace and the goal of a whistle-blower is the same as that in the sports arenaa call for public attention. It includes: Computer-Aided methods Traditional methods which ensure anonymity Ethical and Social... J.M.Kizza

65 Ethical and Social... J.M.KizzaWhistle-blowing has been praised by many as courageous actions taken by a few good people with a moral conscience who risk everything to call public attention to illegitimate business practices and illegal and immoral actions Problems inherent in whistle blowing include: Fear of reprisal Suspicion surrounding whistle blowing Ethical and moral implications Membership in organizational channels Read the False Claims Act (appendix B) – Also see Federal Safety guidelines – page 91/92 Ethical and Social... J.M.Kizza

66 Harassment and DiscriminationHarassment is to verbally or physically create an environment that is hostile, intimidating, offensive, severe, pervasive, or abusive based on a number of parameters including one’s race, religion, sex, sexual orientation, national origin, age, disability, political affiliation, marital status, citizenship, or physical appearance. Discrimination on the other hand is a process of making decisions that negatively affect an individual, like denial of a service, based wholly, or partly, upon the real or perceived facts of one’s race, religion, sex, sexual orientation, national origin, age, disability, political affiliation, marital status, or physical appearance. Ethical and Social... J.M.Kizza

67 Ethical and Social... J.M.KizzaThe following steps are needed in fight against harassment and discrimination. (i) Awareness - There are no clear signs of harassment but in most cases, harassment is manifested into the following signs: unhappiness, anxiety, discomfort, stress, and lifestyle changes. (ii) Prevention- The main tool for prevention of harassment and discrimination is for an organization to have an enforceable clearly and simply write policy framework setting out the procedures that must be taken if harassment and discrimination occurs. The procedures must include: awareness/education, complaint process, sanctions, and redress. Ethical and Social... J.M.Kizza

68 Module 5: Anonymity, Security, Privacy and Civil LibertiesIntroduction Anonymity Security Privacy Ethical and Social Issues Ethical and Social...J.M.Kizza

69 Ethical and Social...J.M.KizzaIntroduction Information has increased in value The demand for information is high due to: High digitalization of information and increasing bandwidth. Declining costs of digital communication. Increased miniaturization of portable computers and other communications equipment. Greater public awareness by the news media of the potential abuse of digital communication, especially the Internet. The danger for misuse is real Ethical and Social...J.M.Kizza

70 Ethical and Social...J.M.KizzaAnonymity Absence of identity There are two types of identity: Pseudo Untraceable Anonymity on the Internet Other postings Ethical and Social...J.M.Kizza

71 Ethical and Social...J.M.KizzaSecurity Means to prevent unauthorized access Consists of: Confidentiality - to prevent unauthorized disclosure of information to third parties. Integrity - to prevent unauthorized modification of files and maintain the status quo Availability -: to prevent unauthorized withholding of information from those who need it when they need it. Physical security – guaranteed by: Deterrence Prevention Detection Response Ethical and Social...J.M.Kizza

72 Ethical and Social...J.M.KizzaSecurity… Perimeter security Fence Dog Guards Firewalls Proxy - individual client requests conform to the pre-set conditions, then the firewall acts on the request Filter -these are packet-level filters Stateful Inspection: These firewalls combine the filter and proxy functionalities. Passwords Ethical and Social...J.M.Kizza

73 Ethical and Social...J.M.KizzaInformation Security Encryption Plaintext Ciphertext Types: Symmetric (fig 5.1) Asymmetric (fig 5.2) Encryption standards RSA DES PEMS PGP Authentication (fig 5.3) Ethical and Social...J.M.Kizza

74 Ethical and Social...J.M.KizzaPrivacy Human value consists of: Right to control external influences on individual information: Solitude - right to be alone Anonymity – right to have no public identity Intimacy – right not to be monitored Right to control personal information: Reserve – right to control one’s information Ethical and Social...J.M.Kizza

75 Ethical and Social...J.M.KizzaValue of Privacy Safeguard personal identity Preserve individual autonomy in decision-making Less known information,more autonomy Support social relationships Worthiness Ethical and Social...J.M.Kizza

76 Information Gathering, Databases, and PrivacyWho has your name on a list and what they're doing with it? companies you have done business with. Individuals Government agencies The U.S. Graham-Leach-Bliley Financial Services Modernization Act - protect the customer through three requirements that the institutions must disclose to us: Privacy Policy: through which the institution is bound to tell us the types of information the institution collects and has about us and how it uses that information. Right to Opt-Out: through which the institution is bound to explain our recourse to prevent the transfer of our data to third party beneficiaries. Safeguards: through which the institution must put in place policies to prevent fraudulent access to confidential financial information. Ethical and Social...J.M.Kizza

77 Ethical and Social...J.M.KizzaOpt-in/Opt-out The Opt-in clause, which was not included in the Act despite strong support from privacy and consumer activists, would have prohibited a financial institution from sharing or selling our data without our consent. The opt-out option, which eventually was included in the Act after, the opt-in clause lost, gives us, the customers, implied consent, if we fail to return the Opt-out notices above sent to us by these institutions. Ethical and Social...J.M.Kizza

78 Ethical and Social...J.M.KizzaPrivacy Violations Intrusion – wrongful entry ( hacking) Misuse of information we involuntarily give off personal information businesses collect it Interception of information eavesdropping Surveillance Echelon/TEMPEST Information matching using unrelated databases -usually illegally Ethical and Social...J.M.Kizza

79 Ethical and Social...J.M.KizzaPrivacy Protection Is it possible? -Rapid advances in computer technology, and in particular the advent of the Internet, have all created an environment where detailed information on individuals and products can very easily and cheaply be moved, merged, marched, compared and shared. Guidelines and structures that safeguard and protected privacy rights. These structures and guideline, on the average fall under the following categories: Technical - through the use of software and other technical based safeguards and also education of users and consumers to carry out self-regulation. contractual –through which information like electronic publication and how such information is disseminated are given contractual and technological protection against unauthorized reproduction or distribution. legal – through the enactment of laws by national legislatures and enforcement of such laws by the law enforcement agencies. (see pp ) Through individual efforts ( be vigilant) Ethical and Social...J.M.Kizza

80 Ethical and Social IssuesThe ethics of privacy - with the advent of the Internet and electronic messages, confidentiality is a great concern. Computer technology has raised more privacy questions than it has found answers to The ethics of security - the Internet is an insecure communications channel when it is used by a criminal. Ethical and Social...J.M.Kizza

81 Module 6: Intellectual Property Rights and Computer TechnologyComputer Products and Services Instruments of Protection Ownership Infringement Protection of Ownership Rights The Legal Protection of Computer Software Ethical and Social...J.M.Kizza

82 Computer products and servicesHave a tangible form Have intrinsic value Computer services Have intrinsic value Have no tangible form Computer software A set of logical instructions in four forms: Ethical and Social...J.M.Kizza

83 Computer products and services…Logical map Source code Object code Executable code Has two forms Product Service May not have a tangible form Ethical and Social...J.M.Kizza

84 Computer products and services…Computer software categories: CANNED- off-the-shelf software Designer software – ordered by the customer Mixed – designer/canned If it is canned – it is a product If it is designer ordered – it is a service Otherwise a mixed case. Ethical and Social...J.M.Kizza

85 Foundations of Intellectual Property RightsSoftware is protected by: (1) Copyrights – rights enforceable by law and accorded to an artist, inventor/creator of an expression or creative works: literary, dramatic, musical, pictorial, graphics, artistic, audiovisual, architectural, or sound recording. The protected works must have: Tangible form(expression) Originality Fixation in a medium Ethical and Social...J.M.Kizza

86 Ethical and Social...J.M.KizzaCopyrights are now universally accepted International enforcement conventions include: WIPO- world intellectual property organization UNESCO UCC- universal copyright convention WTO – World Trade Organization Once a copyright expires the work goes in public domain Ethical and Social...J.M.Kizza

87 Ethical and Social...J.M.KizzaPublic works include: Non-copyrightable items( ideas, facts, schedules, names, etc..) Copyrightable items whose copyrights have expired Copyrightable works put in public domain by the author Duration of copyrights: Depends on country In U.S.( before 1978, 75 years from date of issue, after 1978 lifetime of author plus 50 years) Ethical and Social...J.M.Kizza

88 Ethical and Social...J.M.Kizza(2) Patents – protection of inventions and discoveries What is protected must be: New and useful Improvement of any of the following: Process, manufacturing( products that are not machines), machines(covering mechanism, mechanical products and composition) Utility, Novelty, nonobvious, there must be no disclosure. Protection duration in U.S. is 17 years Ethical and Social...J.M.Kizza

89 Ethical and Social...J.M.Kizza(3) Trade Secrets Information that gives a company a competitive advantage over the others No one specific definition of trade secrets It’s a collection of information in a static format with a strategic importance Duration is infinite if no disclosure Ethical and Social...J.M.Kizza

90 Ethical and Social...J.M.KizzaThe following characterize trade secrets: Extent the information is known outside the business Extent of measures taken to protect the trade secrets Value of information to the owner Amount of money spent by owner to develop the information Ease/difficulty of acquiring such information Ethical and Social...J.M.Kizza

91 Ethical and Social...J.M.Kizza(4) Trademarks – product identifying labels Include: Service marks Certification marks Collective marks Characteristic of trademarks include( see page 138/139): Arbitrary marks (say nothing but used for service) Suggestive marks (symbols and writings) Descriptive marks ( intended purposes) General marks (unrelated and not suggestive) Duration of trademarks in U.S. is 10 years Ethical and Social...J.M.Kizza

92 Ethical and Social...J.M.KizzaTrademarks are registered in U.S. if they: Are in good taste for the public Have no suggestive connotations to their origin Are not symbols of any recognizable country Do not use people’s likeness without permission Ethical and Social...J.M.Kizza

93 Ethical and Social...J.M.Kizza(5) Personal Identity Identity theft is a crime committed when one misrepresents oneself, with or without success, as another person in order to get the victim’s information so that the perpetrator can receive goods and services in the fraud victim's name. Identity theft is now one of the fastest growing crime in US and a number of other countries as well. One goes through an agony trying to control, manage and recover from the damage caused Ethical and Social...J.M.Kizza

94 Ethical and Social...J.M.KizzaTechniques to steal personal identity include the following [8]: Advertising in newspapers and mostly on the Internet. The most common technique now, pretext calling, is where people misrepresent themselves as law enforcement agents, social workers, and potential employers to obtain the private data of others from banks and other financial institutions. From readily available how-to books and discussion groups perpetrators get foolproof methods of wangling financial information out of bank employees. Use of telemarketing scams to trick consumers into revealing personal data. Abundant authentic-looking fake IDs, including Social Security cards, birth certificates and driver's licenses, are on sale online. Going through one’s trash for personal gold. Using the post office to redirect one’s mail to a perpetrator’s box number. Criminals are increasingly using radio scanners to eavesdrop on personal calls. Prevent Identity Theft through personal awareness ( see pg 141) Ethical and Social...J.M.Kizza

95 Ethical and Social...J.M.KizzaOwnership An idea is novel if it is original, authentic, and new. Inventiveness, creativity, and discoveries are born out of individual ideas. Good ideas are the source of substantial benefits to individuals and the public. Before an idea can be useful, however, it must be put into utilizable form, either as a process or as an application. Although ideas are in public domain – dressing up ideas to make them utilizable crates ownership of the new form the idea has taken. Ethical and Social...J.M.Kizza

96 Ethical and Social...J.M.KizzaInfringement Moving within protected domains of intellectual property rights without permission from rightful owners There are three types of infringements: Direct (full knowledge) Inducement Contributory Ethical and Social...J.M.Kizza

97 Ethical and Social...J.M.KizzaTypes of infringements Copyrights infringement: difficult to prove Here are some of the items that courts look for in an infringement suit: Whether the infringer has knowledge or visual contact with the work. Whether the individual claiming to be the owner has a valid copyright. Whether the work under dispute is a major revision with substantially new contents of the original or just a variation. Patent and trademarks infringements are also difficult to prove Highly sophisticated methods of policing and investigative work need to be laid down and followed Ethical and Social...J.M.Kizza

98 Ethical and Social...J.M.KizzaTrademark infringement: To prove infringement of a trademark, one must prove beyond doubt that the infringer’s action was likely to confuse the public. Because of this, it is very difficult to prove trademark infringement. Trade Secrets. Even more difficult. Ethical and Social...J.M.Kizza

99 Protection of ownership rightsAs owner/author of a creation, you’re protected by: Copyrights Patents Trademark Trade secrets The burden of safeguarding intellectual property rights is with the individual Ethical and Social...J.M.Kizza

100 Protection of ownership rights…Methods used vary from: Spying Using hired operatives Inspection Use of enforcement agencies Use of government (big companies) First Sale Doctrine – copyright owner’s right to distribute one’s material through a lease or license. Ethical and Social...J.M.Kizza

101 Ethical and Social...J.M.KizzaThe First Sale Doctrine A copyright owner under the first sale doctrine has the right to distribute copies of copyrighted materials by means of sale, transfer of ownership, rental, release, or by any other means. Fair Use Doctrine – a balance between the protection of inventor/creator and the benefits to the community There are four ways to judge whether the use of an invention, discovery, or work is fair or not: The purpose of use, commercial or educational Nature of use Percentage of use The effect of use on the commercial value of the invention, discovery, or works. Ethical and Social...J.M.Kizza

102 Protection of ownership rights…Under Property Rights Laws, different rights are protectable as shown here: Copyrights: Copyright laws protect all rights embodied within the copyrighted work by the copyright act of the particular country, including the right to use, transform, sale, copy, and modify. Patents: Patent laws protect all rights embodied in the particular country’s patent law. Trademarks: Trademark laws protect all rights in the different trademark statutes depending on the state and country. Trade secrets: Trade secret statues and laws protect all rights within the different states, local authority, and country’s statutes Ethical and Social...J.M.Kizza

103 Module 7: Social Context of ComputingIntroduction The Digital Divide ICT in the Workplace Employee Monitoring Workplace Employee Health and Productivity Ergonomics Ethical and Social...J.M.Kizza

104 Ethical and Social...J.M.KizzaIn the last fifty years we have witnessed an invasion of the workplace, homes, and mostly schools by computers and computer related equipment. Playing this double role as an utility and entertainment tool, the computer has become an integral part of our social fabric Ever since the beginning of the industrial age when technology started entering the workplace and homes, the aim has been to utilize it and help make us wiser and more productive Ethical and Social...J.M.Kizza

105 Ethical and Social...J.M.KizzaWe spend more time in the workplace Domesticated technology to improve workplace Since the industrial age, the workplace has been in the forefront of technological innovation The fears that technology will replace workers, which have been the main force behind the resistance to workplace modernization have not materialized Every new technology brings new workers in the workspace Ethical and Social...J.M.Kizza

106 Ethical and Social...J.M.KizzaThe Digital Divide Communication technological inequalities among peoples in one country and between countries, commonly known as the digital divide, sprung out of the 1994 landmark U.S Commerce Department’s study The debate has centered on a number of key critical issues including: whether there is such a thing as a digital divide, indicators that should be used to measure such a divide if it exists, and the best ways to close such a divide. In general, the study of the digital divide involves the study of the impact on society’s social, economic, political, and cultural institutions by communication technologies such as : radio, television, the press, post offices, fixed and cellular telephones, fax machines, airports, computers, and connectivity to the Internet Ethical and Social...J.M.Kizza

107 Ethical and Social...J.M.KizzaThere are five indicators of the digital divide namely: access, technology, humanware (human capacity), infrastructure, and enabling environment. Access – Presents obstacles which can broadly be grouped into five categories: geography, income, ethnicity, age, and education. Ethical and Social...J.M.Kizza

108 Ethical and Social...J.M.KizzaTechnology -The computer-driven technological revolution has brought the countries of the world ever closer together but it also divided countries Technologies like faxes, cellular phones, computers and Internet connections registered almost zero growth per thousand people in developing countries in comparison to their counterparts in the developed countries during the same period. A good technological base depends a great deal on relevant inputs: investment capital, infrastructure, and humanware(human capacity). Ethical and Social...J.M.Kizza

109 Ethical and Social...J.M.KizzaHumanware (Human Capacity ) - The availability and easy access to ICT does not always solve the digital divide problem. lack of humanware, in developing counties to maintain the equipment - shortage of teachers, technicians and institutes to train them. challenge to ensure that people can gainfully use ICT to add value to local inputs. People will take ICT seriously when it meets and serves their own local Ethical and Social...J.M.Kizza

110 Ethical and Social...J.M.KizzaHuman capacity development is a complex multifaceted endeavor consisting of many parts including: creating awareness of the potential for ICT to meet one's needs creating, developing, and strengthening capacity to use information and ICT effectively using local inputs. Building capacity to produce and package information so that it adds value to local inputs. Ensuring ongoing technical capacity development, and developing a format for knowledge and information sharing. Preventing the local capacity from being drained to other, usually, developed countries. Ethical and Social...J.M.Kizza

111 Ethical and Social...J.M.KizzaInfrastructure -As noted by many, the digital divide infrastructure is related to access in many ways. They both present obstacles to gaining access to ICT. Fixed communication structures. In those countries with good fixed communication structures like electricity, telephones, good roads, and airports, ICT development is a lot faster. Lack of such resources hinders the development of ICT Enabling Environments - there are many countries with similar levels of per capita incomes and economic structures exhibiting widely varying ICT performances. There are no good explanations for this except that of enabling environments or lack of. An ICT enabling environment is an environment in which ICT can thrive. There are several things that can bring about such an environment, including politics and public policy and management styles. Politics - ICT thrives in a good political environment that ensures: a climate of democratic rights and civil liberties conducive to ICT adaptation respect for the rule of law and security of property rights investment in human capacity, and low level of government distortions Ethical and Social...J.M.Kizza

112 Ethical and Social...J.M.KizzaPublic Policy and Management Styles - Governments must put in place streamlined regulatory policies for importation and licensing of ICT technologies. Laws must be enacted and uniformly enforced so that non-governmental organizations (NGOs) and other organizations interested in investing in ICT economic activities do so with ease Ethical and Social...J.M.Kizza

113 The Changing WorkplaceThe workplace can be anywhere where one performs tasks: A place away from home In a car/plane/train Home Virtual office In the home office: Categories of workers have been changing Company benefits are mixed Not everyone benefits from home-based work Ethical and Social...J.M.Kizza

114 The Changing Workplace…There are company fears arising from home-based work: Trade secrets Supervision Productivity Liability Unstudied social and Ethical effects: Psychological Social Ethical and Social...J.M.Kizza

115 Ethical and Social...J.M.KizzaEmployee Monitoring The purpose of workspace monitoring Types of monitoring: Electronic Video Benefits of monitoring: Good management, performance evaluation, management control, accurate assessment, immediate feedback and, flexible work assignments. Ethical and Social...J.M.Kizza

116 Workplace Privacy and Surveillance…Effects of electronic monitoring: Reduced task variety Lack of individual initiatives Reduced or no peer social support Lack of self-esteem Lack of interest in the job Lack of trust among workers, between workers and supervisors, and between supervisors and management Alienation Ethical and Social...J.M.Kizza

117 Computer-related RisksEmployee safety Reliability System safety and security Individual privacy. Ethical and Social...J.M.Kizza

118 Employee Health and ProductivityErgonomics- an applied science concerned with the human-machine interactions that offer and maintain the safety, comfort, health, and habitable environment. Ergonomic injuries result when demand on an employee to perform far exceeds that person’s working capacity Ethical and Social...J.M.Kizza

119 Employee Health and Productivity…Ergonomic-related musculosketal disorder such as: Back pain Neck and shoulder pains Repetitive strain injuries (RSI) Stress Productivity of workers depends on their health Companies are getting the message and are forming health clubs, day-care centers on company premises, and offering extended maternity leaves Ethical and Social...J.M.Kizza

120 Module 8: Software Issues: Risks and LiabilitiesDefinitions Causes of Software Failures Risks Consumer Protection Improving Software Quality Producer Protection Ethical and Social...J.M.Kizza

121 Ethical and Social...J.M.KizzaDefinitions Software- computer programs made up of a logical sequence of commands to perform a task. The software producer/developer creates computer programs to meet either general or specific needs of the consumer A buyer gets the benefits of a computer program to solve a specific task/problem. Whenever there is a software there are producers and consumers. Ethical and Social...J.M.Kizza

122 Ethical and Social...J.M.KizzaDefinitions… There is, therefore, a relationship between software producers and users made up of: user expectations and developer limits For a healthy relationship all the following must be agreed on: (1) Standards – universally accepted level of confidence Ethical and Social...J.M.Kizza

123 Ethical and Social...J.M.KizzaDefinitions… Standards depend on: Development testing Verification and Validation (2) Reliability – software reliability does not depend on age and wear and tear like hardware Software reliability - is the probability that the software does not encounter an input sequence resulting into failure. Ethical and Social...J.M.Kizza

124 Ethical and Social...J.M.KizzaDefinitions… (3) security- software is secure if it does not contain trapdoors through which an intruder can access the system. (4) Safety – the safety of a software product means the absence of a likelihood of an accident, a hazard, or a risk A number of life critical systems depend on software, therefore, software safety is important. (5) Quality- a software product has quality if it maintains a high degree of excellence in standards, security, safety,and dependability. Ethical and Social...J.M.Kizza

125 Causes of Software FailuresThere are factors that contribute to software failures: Human factors (page 208/209) Memory lapses and attentional failures: For example, someone was supposed to have removed or added a line of code, tested, or verified but did not because of simple forgetfulness. Rush to finish: The result of pressure, most often from management, to get the product on the market either to cut development costs or to meet a client deadline can cause problems. Overconfidence and use of nonstandard or untested algorithms: Before algorithms are fully tested by peers, they are put into the product line because they seem to have worked on a few test runs. Ethical and Social...J.M.Kizza

126 Ethical and Social...J.M.KizzaMalice: Software developers, like any other professionals, have malicious people in their ranks. Bugs, viruses, and worms have been known to be embedded and downloaded in software as is the case with Trojan horse software, which boots itself at a timed location. Complacency: When either an individual or a software producer has significant experience in software development, it is easy to overlook certain testing and other error control measures in those parts of software that were tested previously in a similar or related product, forgetting that no one software pr Ethical and Social...J.M.Kizza

127 Ethical and Social...J.M.KizzaNature of software (page 209) Complexity: Unlike hardwired programming in which it easy to exhaust the possible outcomes on a given set of input sequences, in software programming a similar program may present billions of possible outcomes on the same input sequence. Difficult testing: There will never be a complete set of test programs to check software exhaustively for all bugs for a given input sequence. Ease of programming: The fact that software programming is easy to learn encourages many people with little formal training and education in the field to start developing programs, but many are not knowledgeable about good programming practices or able to check for errors. Misunderstanding of basic design specifications: This affects the subsequent design phases including coding, documenting, and testing Ethical and Social...J.M.Kizza

128 Ethical and Social...J.M.KizzaRisk Risk is a hazard level together with the likelihood of an accident to occur and the severity of the potential consequences A hazard is a state or set of conditions of a system or an object that, together with other conditions in the environment of the system, or object, will lead inevitably to an accident Software risks are caused by: Ethical and Social...J.M.Kizza

129 Ethical and Social...J.M.KizzaRisks cause by: Personnel shortfalls Unrealistic schedules and budgets Developing the wrong functions and properties Developing the wrong user interface Continuing stream of requirements changes Shortfalls in externally furnished components Shortfalls in externally performed tasks Real-time performance shortfalls Straining computer-science capabilities Ethical and Social...J.M.Kizza

130 Causes of Software Failures…Examples of safety-critical failures (pages ): The Indian Union Carbide - Bhopal The Therac-25. The Space Shuttle Challenger The Chernobyl Nuclear Power Plant Accident Ethical and Social...J.M.Kizza

131 Consumer Protection and the LawBuyer’s rights: Replacement Refunds Updates Understanding software complexity- software as: Product Service Mix Ethical and Social...J.M.Kizza

132 Consumer Protection and the Law…Costumer protection tools: (1) contract (used with products): Express warranties Implied warranties Third-party beneficiary Breach of contract – lack of compliance (2) Tort (used with services): Intentional Unintentional Ethical and Social...J.M.Kizza

133 Consumer Protection and the Law…Torts include: Negligence – careless, lack of competence, etc.. Malpractice Strict liability Misrepresentation Ethical and Social...J.M.Kizza

134 Improving Software QualityThe safety and reliability of a software product defines the quality of that software Software quality can only be improved during the development cycle The following techniques done during the software development phase can improve software quality (see page 122): Final review Inspection Walk-throughs Phased-inspection Ethical and Social...J.M.Kizza

135 Producer Protection and the LawProtection against: Piracy Illegal copying/downloading of copyrighted software Fraudulent lawsuits by customers Seek protection from the courts Ethical and Social...J.M.Kizza

136 Module 9: Computer CrimesIntroduction History of Computer Crimes Computer Systems Attacks Motives Costs and Social Consequences Ethical and Social...J.M.Kizza

137 Ethical and Social...J.M.KizzaIntroductions A computer crime is an illegal act that involves a computer system or computer related system like a telephone, microwave, satellite or other telecommunications system that connect one or more computers or computer related systems, either as an object of a crime, an instrument used to commit a crime or a repository of evidence related to a crime. Illegal acts fall within the domains of the commission of crimes which a legislature of a state or a nation has specified and approved. Human acts using computers or computer related technologies that encroach within the limits of the commission’s boundaries, are considered illegal and they include: Intrusions of the Public Switched Network Intrusions into Public Packet Networks Network integrity violations Privacy violations Industrial espionage Ethical and Social...J.M.Kizza

138 Ethical and Social...J.M.KizzaPirated computer software Fraud, Internet/ abuse, Using computers or computer technology to commit murder, terrorism, pornography and hacking Most computer attacks on the resources above fall into three categories below. Our focus in this chapter will be on the last category [1,2]: Natural or Inadvertent attack that include accidents originating from natural disaster like fire, floods, windstorms, lightening and earthquakes, and they usually occur very quickly without warning, and are beyond human capacity, often causing serious damage to affected cyberspace resources. Human blunders, errors, and omissions that are usually caused by unintentional human actions. Unintended human actions are usually due to design problems, such attacks are called malfunctions. Malfunctions, though occurring more frequently than natural disasters, are as unpredictable as natural disasters. Intentional threats that are actually intended and they originate from humans caused by illegal or criminal acts from either insiders or outsiders, recreational hackers, and criminal. For the remainder of this chapter we are going to focus on this. Ethical and Social...J.M.Kizza

139 History of Computer CrimesHacking, as a computer attack technique, utilizing the internetworking between computers and communication devices did not start until the 1970s . The first recorded hacking activity was in 1971 when John Draper, commonly known as "Captain Crunch," discovered that toy whistle from a cereal box can produce the precise tone of 2600 hertz, needed to make free long distance phone calls [4] . With this act, "Phreaking", a cousin of hacking, entered our language. Hacking activities started picking up pace in the 1980s. The movie “WarGames" in 1983, the science fiction watched by millions, glamorized and popularized hacking and it is believed by many that the movie gave rise to the hacking phenomena. The first notable system penetration attack actually started in the mid-80s with the San Francisco based 414-Club. The 414- Club was the first national news making hacker group (414 was based on a 414 Area code in Milwaukee, Wisconsin.) Ethical and Social...J.M.Kizza

140 Ethical and Social...J.M.KizzaSmall hacker groups started forming like the Legion of Doom in U.S.A. and the Chaos Computer Club in Germany. From that point on other headline making attacks from hacker groups in Australia, Germany, Argentina and U.S.A followed. Ever since, we have been on a wild ride. In 1984, the 2600: The Hacker Quarterly, a hacker magazine was launched and the following year, the Electronic hacking magazine Phrack was founded. As the Internet grew as well as computer networks, hacker activities increased greatly that in 1986 the U.S. Congress passed the Computer Fraud and Abuse Act. Hacker activities that had only been in U.S.A started to spread worldwide. In the Italian hacker community launched the Decoder magazine similar to the U.S.A’s 2600: Hacker Quarterly [4]. Ethical and Social...J.M.Kizza

141 Ethical and Social...J.M.KizzaThe first headline making hacking incident that used a virus and got national and indeed global headlines took place in when a Cornell graduate student created a computer virus that crashes 6,000 computers and effectively shut down the Internet for two days [5]. Robert Morris action forced the U.S.A government to form the federal Computer Emergency Response Team to investigate similar and related attacks on the nation’s computer networks. The 1990s saw heightened hacking activities and serious computer network “near” meltdowns including the expectation without incident of the "Michelangelo" virus that was expected to crash computers on March 6, 1992, the artist's 517th birthday. In 1995 the notorious, self-styled hacker Kevin Mitnick was first arrested by the FBI on charges of computer fraud that involved the stealing of thousands of credit card numbers. Mitnick’s hacking activities, however, started in the mid 1980s with his secret monitoring of s of officials of companies like MCI and Digital Equipment. Ethical and Social...J.M.Kizza

142 Ethical and Social...J.M.KizzaThe year 2000 probably saw the most costly and most powerful computer network attacks that included the “Melissa”, the “Love Bug”, the “Killer Resume”, and a number of devastating Distributed Denial of Service attacks. The following year, 2001, the elusive “Code Red” virus was released. The future of viruses is as unpredictable as the kinds of viruses themselves. Ethical and Social...J.M.Kizza

143 Types of Computer AttacksPenetration Attack Type -involves breaking into a system using known security vulnerabilities to gain access to any cyberspace resource – There is steady growth of these attacks – see the CERT Report below. Denial of Service Attacks – they affect the system through diminishing the system’s ability to function; hence, they are capable of bringing a system down without destroying its resources Ethical and Social...J.M.Kizza

144 Ethical and Social...J.M.Kizza

145 Ethical and Social...J.M.KizzaMotives of Attacks Vendetta/Revenge Joke/Hoax/Prank The Hacker's Ethics - This is a collection of motives that make up the hacker character Terrorism Political and Military Espionage Business ( Competition) Espionage Hate (national origin, gender, and race) Personal gain/Fame/Fun/Notoriety Ignorance Ethical and Social...J.M.Kizza

146 Costs and Social Consequencespsychological effects – These depend on the attack motive and may result in long psychological effects such as hate. Psychological effects may lead to individual reclusion, increasing isolation, and such trends may lead to dangerous and costly repercussions on the individual, corporations and society as a whole. moral decay – There is a moral imperative in all our actions. When human actions, whether bad or good, become so frequent, they create a level of familiarity that leads to acceptance as “normal”. This type of acceptance of actions formerly viewed as immoral and bad by society is moral decay. There are numerous e-attacks that can cause moral decay. In fact, because of the recent spree of DDoS, and attacks, one wonders whether people doing these acts seriously consider them as immoral and illegal any more! Loss of privacy – After the recent headline making e-attacks on CNN, Ebay, E*Trade, and Amazon, and the attacks that wrenched havoc on global computers, there is a resurgence in the need for quick solutions to the problem that seems to have hit home Ethical and Social...J.M.Kizza

147 Module 10: New Frontiers for Computer Ethics: Artificial IntelligenceIntroduction Artificial Intelligence Ethical and Social...J.M.Kizza

148 Ethical and Social...J.M.KizzaIntroduction Artificial Intelligence (AI), cyberspace (CP), and virtual reality are all opening up new frontiers Creating new possibilities Ethical and Social...J.M.Kizza

149 Artificial IntelligenceAI – is a field of learning that emulates human intelligence Advances in human intelligence: Machine intelligence has led to Robotics Space exploration Medicine Advanced research Ethical and Social...J.M.Kizza

150 Artificial Intelligence…Limitations of AI: Lack of credible science safeguards Fear of a superhuman Abdication of individual responsibilities AI and ethics: AI agents and user responsibilities User accountability Ethical and Social...J.M.Kizza

151 The Future Role of Autonomous AgentsAI has made impressive progress in manufacturing, consumer products, finance, management, and medicine. Advances have also been made in knowledge engineering systems, perception, human language understanding, fuzzy systems, and modeling of the brain and evolution [10]. The current success stories in AI are in areas such as machine vision, speech understanding, and knowledge processing do not incorporate common sense, thus progress in AI research as a realization of human intelligence has been dismal at best. However, the future of AI is going to remain controversial. Two schools of thought have been forming according to what is perceived as good or bad about AI’s contribution to humanity. In one school are those who take a dark view of AI contributions, labeling all AI activities as research gone wrong, “mad scientist” research in the spirit of Mary Shelley’s Frankenstein. They list a litany of concerns: Ethical and Social...J.M.Kizza

152 Ethical and Social...J.M.KizzaIn contrast to these naysayers, the other school see the future of AI as very beneficial to humanity. They see a fruitful partnership with the agents in which the agents are relieving us of all our dangerous and tedious tasks, making our lives a little easier and helping us reach our ultimate goal of the good life. Ethical and Social...J.M.Kizza

153 Ethical and Social...J.M.KizzaModule 11: New Frontiers for Computer Ethics: Virtualization and Virtual Reality Virtualization History of Virtualization Different Aspects of Virtualization Virtual Reality Social and Ethical Implications of Virtualization* Virtualization Security as an Ethical Imperative Ethical and Social...J.M.Kizza

154 Ethical and Social...J.M.KizzaIntroduction Virtualization is a process through which one can create something that is there in effect and performance but in reality not there – that is virtual. It is a physical abstraction of the company computing resources like storage, network servers, memory and others. For computing systems, it is a process in which software creates virtual machines (VMs) including a virtual machine monitor called 'hypervisor,' that allocates hardware resources dynamically and transparently so that multiple operating systems, called “guest operating systems” can run concurrently on a single physical computer without even knowing. The potential power of virtualization in substantially increasing the performance of computing systems such as hardware and software through division of the underlying physical computing resources into many equally powerful virtual machines, has increased the popularity of the technology in the last twenty years and this love continues today Ethical and Social...J.M.Kizza

155 History of VirtualizationComputers of the 1960s could do only one task at a time and depended on human operators, increasing system performance was bottlenecked at two points: at the submission stage and at the computation stage. Batching improved system performance some but did not go far enough. In response to this growing need for speed up, IBM responded with the CP-40 main frame which later evolved into the CP-67 system, thought to be the first commercial Main Frame to support Virtualization. The CP-67 had a unique operating system combination consisting of CMS (Console Monitor System) piggybacked on a control program called rightly CP. The CP/CMS was a small single-user interactive operating system and CP, upon which CMS run, actually run on the Mainframe to create the Virtual Machines which individually run their own copies of CMS. To each virtual machine running CMS, CP allocated parts of the underlying physical machine which formed the virtual machine. Ethical and Social...J.M.Kizza

156 Different Aspects of VirtualizationThere are many types of virtualization including platform, network, storage and application. Platform Virtualization - is the use of server hardware by the virtualization software to host multiple VMs as guest VMs. Each VM is a virtual environment with its operating system (the guest operating system), which may or may not be the same as the physical server’s operating system (the host operating system), emulates the whole physical infrastructure of a computing system including memory and each VM is independent of other VMs sharing the physical server. Platform virtualization itself is subdivided into two types: workstation and server: Workstation Virtualization Server Virtualization Ethical and Social...J.M.Kizza

157 Ethical and Social...J.M.KizzaNetwork Virtualization - Like storage virtualization, network virtualization pools the resources, like files, folders, storage and I/O devices, of separate and different networks into one network Storage Virtualization - is the process of pooling together of resources of many different network storage devices such as hard drives to create what looks like one big storage managed from a single console Application Virtualization – the process of allowing the bytecode of an application package to be portably run on many different computer architectures and operating systems through the use of running an interpreter or just-in-time compilation of the application before it runs on the computer architecture of choice. An example of this is the Java Machine Virtualization. Ethical and Social...J.M.Kizza

158 Ethical and Social...J.M.KizzaVirtual Reality VR – is a stimulation of a real or imaginary phenomena in three-dimensional environments Is revolutionalizing the study of science Ethics in Virtual Reality: Lack of being in control Safety and security of users Human-agent interactions Intentions of the actor Accountability of the actor Responsibility of the actor Psychological effects on the actor and commnity Ethical and Social...J.M.Kizza

159 Social and Ethical Implications of VirtualizationOne of the anticipated good of virtualization to society is to extend known and relatively managed humanity’s social spheres and social networks in an unprecedented way through opening up of virtual domains of social interactions, many with a degree of managed control. Another good social aspect of virtualization is to avail tools for society to create new virtual social networks out of the old and dismantle old social ones. In addition, virtualization is bringing about easy creation of new human identities in the new virtual environments This makes authentication more difficult but at the same time creating unprecedented potential in self-creation and self-presentation. This may bring new opportunities to humanity. virtualization, in principle, has the potentiality of either erasing or heightening or situated presence in the world. Ethical and Social...J.M.Kizza

160 Ethical and Social...J.M.KizzaVirtualization on the flip side, may create mayhem to the social infrastructure as we know it today, just because individual can literally decide to be who they wish to be with ease. True virtualization requires an absence of reality. This may lead to: Lack of consciousness in individuals and groups, Lack of accountability as individuals and groups are shielded from real consequences of their actions. Without a situated and embodied sense of individual or group responsibility, there are likely to be no commitment and no risk In such an environment, therefore, moral engagement is limited and human relations become trivialized This may lead to society not benefiting from virtualization. Ethical and Social...J.M.Kizza

161 Virtualization Security as an Ethical ImperativePerhaps the greatest threat presented by virtualization to computer networks is the fact that using one physical computer, one can access many virtual infrastructure, a feat that not so feasible in the physical networks. Virtualization security should include: Hypervisor security Securing Communications Between Desktop and Virtual Infrastructure Security of Communication Between Virtual Machines Threats and Vulnerabilities Originating from a VM Ethical and Social...J.M.Kizza

162 Ethical and Social...J.M.KizzaThe ethical approach entails us to making sure we devote our best and most thorough thinking to every weak spot in our interaction with the world. Virtualization, in all its forms, is a process and a technology that is bound to complicate and transform the social fabric of society. It is not only ethical but imperative that we deal with all its ethical and security loopholes through which both intentional and unintentional exploitations of the technologies can take place, and these exploitations are bound to have far-reaching consequences for humanity. Ethical and Social...J.M.Kizza

163 Module 12: New Frontiers for Computer Ethics: CyberspaceIntroduction Cyberspace and the Concepts of Telepresence and Immersion Securing Cyberspace Intellectual Property Rights in Cyberspace Regulating and Censoring Cyberspace The Social Value of Cyberspace Privacy in Cyberspace Global Cyber Ethics Cyberspace Lingua Franca Global Cyber Culture Ethical and Social...J.M.Kizza

164 Ethical and Social...J.M.KizzaIntroduction When William Gibson first coined the word cyberspace in his novel Neuromancer, he was describing the vision of a three-dimensional space of pure information consisting of networks of computers linking people, machines, and other objects as information sources and sinks. Cyberspace is a global artificial reality environment based on a global mesh of interconnected computer networks allowing and making it possible for anyone using a point of entry device like a computer, smartphone, or any other Internetenabled electronic device to reach anyone else, with the potential to access the mesh, through a one-on-one, one-to-many, and many-to-one communication capabilities or through broadcasting via the World Wide Web. Ethical and Social...J.M.Kizza

165 Cyberspace and the Concepts of Telepresence and ImmersionWhen one is in cyberspace, there is a feeling of being in a location other than where one actually is. This is a notion of telepresence, a feeling one gets of being present at a place other than their true location. This feeling and sometimes the ability to control a robot or another device at a distance gives cyberspace and in fact makes cyberspace a virtual environment. Whether in cyberspace or not, telepresence, as a concept, requires that the users’ senses be provided with such stimuli as to give the feeling of being in that other location. Ethical and Social...J.M.Kizza

166 Ethical and Social...J.M.KizzaSecuring Cyberspace Keeping cyberspace users secure is a daunting job that requires advanced detection techniques and prevention methods. We do this by: Detecting Attacks in Cyberspace Performing Cyberspace Forensics Performing Intrusion Detection in Cyberspace Ethical and Social...J.M.Kizza

167 Ethical and Social...J.M.KizzaCyberspace Access Types of cyberspace access (most common) Direct connection Dial up( SLIP, PPP) DSL Politics of cyberspace access Digital divide Geography Education Race Age Ethical and Social...J.M.Kizza

168 Intellectual Property RightsInternet paradox – Internet technology requires fast access, maximum compatibility in service and low costs: Mass access creates competition Much of what is moved on the Internet is intellectual property, therefore, protected by intellectual property laws and statutes- fosters monopoly. Ethical and Social...J.M.Kizza

169 Regulating and Cyberspace CensorshipReasons for Internet censorship: Terrorism Historical Social Political Cultural Economic Internet censorship is expensive: Highly specialized and rich graphics that require latest equipment Need for highly trained people to do the job Ethical and Social...J.M.Kizza

170 Cyberspace Censorship…Internet convergence, one-fits-all, a combo of telecommunication, broadcasting and computer services Changing nature of material and content Lack of internationally accepted judicial systems Transient nature of membership of cyberspace -cyberzens Lack of allegiance Ethical and Social...J.M.Kizza

171 Cyberspace Censorship…Measures being undertaken: Legislation Self-regulation Hotlines/advocacy Education Ethical and Social...J.M.Kizza

172 Ethical and Social...J.M.KizzaPrivacy in Cyberspace Individual privacy under attack through electronic monitoring, surveillance, transmission, scanning and tapping Also more efficient means of collecting, categorizing, and sorting data Ethical and Social...J.M.Kizza

173 Ethical and Social...J.M.KizzaCyberspace Security Security of information in two areas: At the server Firewalls During transmission Encryption Authentication Ethical and Social...J.M.Kizza

174 Global Ethical StandardsChances of an emergence of a global ethical standard Conflicting global ideologies: Politics Religion Deferring global cultures Small Internet etiquettes – beginning to get global Ethical and Social...J.M.Kizza

175 Ethical and Social...J.M.KizzaGlobal Lingua Franca The emergence of a global lingua franca Major languages: English French German Russian Chinese Factors influencing growth of a global language: Commerce Military Ethical and Social...J.M.Kizza

176 Ethical and Social...J.M.KizzaGlobal Cyber Culture International migration and travels Cyber communities observing certain cultures Factors influencing the growth of global culture: Commerce Military Migrations Factors working against growth of global culture: Ideologies (political, religious) Differing cultures mistrust Ethical and Social...J.M.Kizza

177 J. M. Kizza - Ethical And Social IssuesModule 13: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems Introduction Introduction to Computer Networks Social Networks Online Social Networks(OSNs) Ethical and Privacy Issues in Online Social Networks Security and Crimes in Online Social Networks Proven Security Protocols and Best Practices in Online Social Networks J. M. Kizza - Ethical And Social Issues

178 Introduction to Computer NetworksA computer network is a distributed system consisting of loosely coupled computing elements and other devices communicate through a wired or wireless medium. Communication is based on a set of communicating rules called protocols. The hardware components of a computer network consist of a collection of nodes that include: Hosts – as end systems, intermediate switching elements like hubs, bridges, routers, and gateways. J. M. Kizza - Ethical And Social Issues

179 J. M. Kizza - Ethical And Social IssuesTwo common network configuration models - the centralized and distributed Computer networks- centralized or distributed, come in different sizes depending on the number of computers and other devices the network has. The number of devices, computers or otherwise, in a network and the geographical area covered by the network determine the network type: Local Area Network (LAN) Wide Area Networks (WANs) Metropolitan Area Networks (MANs) J. M. Kizza - Ethical And Social Issues

180 J. M. Kizza - Ethical And Social IssuesOnline Crimes An online crime is a crime like any other crime, except it involves a connected computing system either as an object of a crime, an instrument used to commit a crime or a repository of evidence related to a crime. The International Convention of Cyber Crimes and the European Convention on Cyber Crimes both list the following crimes as online crime [1]: Unlawful access to information Illegal interception of information Unlawful use of telecommunication equipment. Forgery with use of computer measures Intrusions of the Public Switched and Packet Network Network integrity violations Privacy violations Industrial espionage Pirated computer software Fraud using a computing system Internet/ abuse Using computers or computer technology to commit murder, terrorism, pornography, and hacking. J. M. Kizza - Ethical And Social Issues

181 Ways to Perpetuate Online CrimesSystem penetration - a process of gaining unauthorized access to a protected system’s resources, the system may be automated or not. Distributed Denial of Service (DDoS) - an interruption of service of the target system – when it is made either unavailable to users through disabling or destruction of it. Category include: IP-spoofing SYN-Flooding: Smurf attack Buffer Overflow Ping of Death Land.c attack Teardrop.c Sequence Number Sniffing J. M. Kizza - Ethical And Social Issues

182 Defense Against Online CrimesPrevention – one of the oldest and probably the best defence mechanism against online crimes. Must include the following: A security policy Risk management Vulnerability assessment Use of strong cryptographic algorithms Penetration testing Regular audits Use of proven security protocols Legislation Self-regulation Mass education J. M. Kizza - Ethical And Social Issues

183 Proven Security Protocols and Best PracticesThere are hundreds of security protocols and best practices in use today The problem for security professional is to find the best Major categories are: J. M. Kizza - Ethical And Social Issues

184 J. M. Kizza - Ethical And Social IssuesAuthentication - a process of validating the identity of someone or something. uses information provided to the authenticator to determine whether someone or something is in fact who or what it is declared to be. requires one to present credentials or items of value to the authenticating agent in order to prove the claim of who one really is. items of value or credential are based on: something you know, something you have, or something you are: Something you know: may be something you mentally possess like a password, a secret word known by the user and the authenticator. This technique of authentication is cheap but has weaknesses like memory lapses. J. M. Kizza - Ethical And Social Issues

185 J. M. Kizza - Ethical And Social IssuesSomething you have:, may be any form of issued or acquired self identification such as SecurID, Activcard, or any other forms of cards and tags. This authentication technique is slightly safer. Something you are: These are individual physical characteristic such as voice, fingerprint, iris pattern and other biometrics. Biometric authentication as we are going to see in Chapter 14 are the safest form of authentication. Authentication methods include: password public-key anonymous certificate-based J. M. Kizza - Ethical And Social Issues

186 J. M. Kizza - Ethical And Social IssuesAccess Control - a process of determining how access to the system’s potential resources can be provided to each of the system users. Several control techniques and technologies have been developed to deal with this problem; they include: Access Control Matrix, Capability Tables, Access Control Lists, Role-Based Access Control, Rule-Based Access Control, Restricted Interfaces, Content-Dependent Access Control and biometrics. Legislation - process of enacting laws intended to curb the growth of these crimes. Sometimes enforceable laws can be productive. Self-regulation - individuals finding ways to regulate objectionable material from reaching the children. This has become the cornerstone of efforts to stop the growing rate of online crimes. J. M. Kizza - Ethical And Social Issues

187 J. M. Kizza - Ethical And Social IssuesDetection - mechanisms for preventing online crimes through 24-hour monitoring systems that continuously capture, analyze, and report on the daily happenings in and around the network. Recovery - a process that consists of two sub processes: Analysis involving taking as much data as possible gathered during the last intrusion and analysing it for patterns that can be used in future for a response, for detection in future, and for prevention. Recovery requiring the use of all available resources to mitigate the problem in progress, recover whatever can be recovered and build new data in place of or to replace the destroyed data. J. M. Kizza - Ethical And Social Issues

188 Ethical and Social...J.M.KizzaModule 14: Mobile Systems and Their Intractable Social, Ethical and Security Issues Introduction Role of Operating Systems in the Growth of Mobile Ecosystems Ethical and Privacy Issues in Mobile Ecosystems* Security Issues in Mobile Ecosystems General Mobile Devices Attack Types Mitigation of Mobile Devices Attacks Users’ Role in Securing Mobile Devices Ethical and Social...J.M.Kizza

189 Ethical and Social...J.M.KizzaIntroduction The last two decades have witnessed a revolution of sorts in communication spearheaded by the rapidly evolving technologies in both software and hardware. A mobile communication systems consists of: mobile telephone, broadly construed here to include devices based on Code Division Multiple Access (CDMA), Time Division Multiple Access (TDMA), Global System for Mobile Communications (GSM), Wireless Personal Digital Assistants (WPDA) digital technologies and follow-ons, as well as satellite telephones and appliances. Mobile communication systems are revolutionising and shrinking the world to between two or more small handheld mobile devices. Competition between the mobile telecommunication operators resulting in plummeting device prices, the quickly developing smartphone technology and growing number of undersea cables and cheaper satellites technologies are bringing Internet access to almost every one Ethical and Social...J.M.Kizza

190 Kizza - Guide to Computer Network SecurityRole of Operating Systems in the Growth of Mobile Ecosystems Android - developed by a small startup company that was purchased by Google Inc., is a Linux-derived OS backed by Google, along with major hardware and software developers (such as Intel, HTC, ARM, Samsung, Motorola and eBay, to name a few), that form the Open Handset Alliance. iOS - iOS is Apple’s mobile operating system, originally developed for the iPhone, it has since been extended to support other Apple devices such as the iPod touch, iPad and Apple TV. Windows Phone 7.5 (Mango) - is the mobile operating system, by Microsoft. Although the OS internally identified itself as version 7.1 during pre-beta 2 releases, it is marketed as version 7.5 in all published materials intended for end-users. Kizza - Guide to Computer Network Security

191 Kizza -Ethical and Social...Bada (Samsang) – (Korean meaning “ocean” and “seashore”. First Wave S8500 was funvailed in 2010 in BarcelonaVersion 1.2 was released with the Samsung S8530 Wave II phone. The alpha-version of Bada 2.0 was introduced on February 15, 2011, with Samsung S8600 Wave III. BlackBerry OS (RIM) - The operating system provides multitasking and supports specialized input devices that have been adopted by RIM for use in its handhelds, particularly the trackwheel, trackball, trackpad and touchscreen. Best known for its native support for corporate , through MIDP 1.0 and, more recently, a subset of MIDP 2.0, which allows complete wireless activation and synchronization with Microsoft Exchange, Lotus Domino, or Novell GroupWise , calendar, tasks, notes, and contacts, when used with BlackBerry Enterprise Server. Kizza -Ethical and Social...

192 Ethical and Social...J.M.KizzaSymbian – (Nokia, Sony Ericsson) is used on more phones and smartphones globally than any other mobile OS. Symbian's strengths include its longevity, widespread use, and maturity as an operating system. With its most recent release, Symbian 9, increased emphasis has been placed on improved functionality, enhanced capabilities to assist third-party developers, and additional security functions. Ethical and Social...J.M.Kizza

193 Ethical and Privacy Issues in Mobile Ecosystems*One of the most privacy threatening aspect of mobile devices is location-based tracking system (LTS), part of all mobile devices. There are three types of LTS technologies in use today: Global positioning systems (GPS)—This uses a constellation of GPS satellites orbiting the earth, which broadcast messages on radio frequencies that consist of the time of the message and orbital information. A GPS receiver measures the transit times of messages from four satellites to determine its distance from each satellite and thereby calculate its location. Ethical and Social...J.M.Kizza

194 Ethical and Social...J.M.KizzaRadio frequency identification (RFID) tags—An RFID tag consists of a microchip and an antenna with typical ranges in size between a postage stamp and a pager. Each tag stores a unique identification number. An active RFID tag, which has its own power source, can transmit identification information up to a mile away. A passive RFID tag, which is activated by an external source of power, can transmit information up to 20 or 30 ft Global system for mobile communications (GSM)—This provides personalized services to cell phone subscribers based on their current locations. A GSM uses several methods to find the location of a subscriber, using the time taken by signals to travel between the subscriber’s handset and the cellular network base stations. GSM signals emitted by cell phones in vehicles can automatically report their positions, travel time, traffic incidents, and road surface problems [8]. Ethical and Social...J.M.Kizza

195 Security Issues in Mobile EcosystemsAs mobile devices, more importantly smart devices, become ubiquitous, the risk for using them is increasing. They are increasingly holding and storing more private data like personal and business and they are roaming in public spaces on public networks with limited security and cryptographic protocols to protect the data. Major threats to mobile devices include: Application-Based Threats Web-based Threats Network Threats Physical Threats Operating System Based Threats Kizza - Guide to Computer Network Security

196 General Mobile Devices Attack TypesMost mobile system attacks are launched against specific mobile devices or operating systems or applications. Most of these attack techniques are carry overs from the computer and computer networks. The most common attack chancels and techniques are: Denial-of-service (DDoS) Phone Hacking Mobile malware/virus Spyware Exploit Everything Blue Phishing SMishing Vishing Kizza - Guide to Computer Network Security

197 Mitigation of Mobile Devices AttacksMore and more people are now using a mobile device with either personal or work related data. There is a growing number of employers are increasingly using unmanaged, personal devices to access sensitive enterprise resources and then connecting these devices to third party services outside of the enterprise security controls. This potentially expose the enterprise sensitive data to possible attackers. There are several security protocols and best practices that can come in handy to situations including: Mobile Device Encryption Mobile Remote Wiping Mobile Passcode Policy Ethical and Social...J.M.Kizza

198 Users Role in Securing Mobile Devices.Users must be aware that there are risks to the convenience afforded by mobile devices. It is important to know that mobile computing devices can store large amounts of personal and sometimes sensitive data whose loss may cause problems to the owner or user. It is also important to know that it is easy to steal or lose that data. Unless precautions are taken, an unauthorized person can gain access to the information stored on these mobile devices or gain accessed through these devices to other devices or data because these devices may provide access to other services that store or display non-public data. This access may be enabled because the mobile device contains passwords or security certificates and other information that may help to identify the device, its user or its content. So our role as users is to be vigilant and security aware. Ethical and Social...J.M.Kizza

199 Module 15: Computer InvestigationsIntroduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven Security Protocols and Best Practices J. M. Kizza - Ethical And Social Issues

200 J. M. Kizza - Ethical And Social IssuesIntroduction Computer forensics – (Computer Crime Investigation) as is the application of forensic science investigative techniques to computer-based material used as evidence.  The search technique helps to reconstruct a sequence of activities of what happened.   The investigation process involves the extraction, documentation, examination, preservation, analysis, evaluation, and interpretation of computer-based material to provide relevant and valid information as evidence in civil, criminal, administrative, and other cases J. M. Kizza - Ethical And Social Issues

201 J. M. Kizza - Ethical And Social IssuesDigital Evidence Evidence is something tangible needed to prove a fact. Tangible evidence to prove a claim or an assertion can be from one of following sources: From an eye witness who provides a testimony From physical evidence as traces of the sequence of activities leading to the claim or assertion. Digital evidence as digital footprints of the digital sequence of activities leading to the claim or assertion. Digital evidence is digital footprints left after every digital activity form a cybertrail J. M. Kizza - Ethical And Social Issues

202 Looking for Digital EvidenceLooking for digital evidence is difficulty and is comparable to searching for bits of evidence data from a haystack. The evidence usually sought includes binary data fixed in any medium such as on CDs, memory, and floppies, residues of things used in the committing of a crime and physical materials such as folders, letters, and scraps of papers. At the start of the investigation, the examiner must decide on things to work with like written and technical policies, permissions, billing statements, and system application and device logs. Also decide early on what to monitor, if this is needed. This may include employer and employee computing activities, Internet , and chat rooms. J. M. Kizza - Ethical And Social Issues

203 Digital Evidence Previewing and AcquisitionDealing with digital evidence requires a lot of care because it is very volatile. The two processes previewing and acquiring of data may disturb the data evidence to a point of changing its status, thus creating doubt to its credibility. To make sure that this does not happen, a strict sequence of steps must be followed in handling the evidence. J. M. Kizza - Ethical And Social Issues

204 J. M. Kizza - Ethical And Social IssuesHandling Evidence – through tracing the sequence of events by looking for answers the following questions: Who extracted the evidence, how, and when? Who packaged it and when? Who stored it, how, when and where? Who transported it, where and when? Previewing Image Files - allows the investigator to view the evidence media in order to determine if a full investigation is warranted. Evidence Acquisition is the process of evidence extraction J. M. Kizza - Ethical And Social Issues

205 J. M. Kizza - Ethical And Social IssuesPreserving Evidence Given that digital evidence is very fluid in that it can disappear or change so fast, extra care must be taken in preserving digital evidence. One way of preserving evidence is to strictly follow the following procedures: secure the evidence scene from all parties that have no relevancy to it. This is to avoid contamination usually from deposit of hairs, fibers or trace material from clothing, footwear or fingerprints.  Securely catalog and package evidence in strong anti-static, well-padded, and labelled evidence bags. Image all suspected media as evidence to create a back up. Try to make several copies of each evidence item. Make a checksums of the original evidence disk before and after each copy. After imaging, the two checksums must agree. Institute a good security access control system to make sure that those handling the evidence are the only ones authorized to handle the evidence. Secure the evidence by encryption, where and if possible. Encryption ensures the confidentiality of the evidence. J. M. Kizza - Ethical And Social Issues

206 J. M. Kizza - Ethical And Social IssuesTwo common network configuration models - the centralized and distributed Computer networks- centralized or distributed, come in different sizes depending on the number of computers and other devices the network has. The number of devices, computers or otherwise, in a network and the geographical area covered by the network determine the network type: Local Area Network (LAN) Wide Area Networks (WANs) Metropolitan Area Networks (MANs) J. M. Kizza - Ethical And Social Issues

207 Analysis of Digital EvidenceEvidence analysis is the most difficult and demanding task for investigators It involves: Analyzing Data Files File Directory Structure File Patterns Metadata Content Application User Configuration J. M. Kizza - Ethical And Social Issues

208 J. M. Kizza - Ethical And Social IssuesAnalysis Based on Digital Media Deleted Files 2 Hidden Files Slack Space Bad Blocks Steganography Utilities Compressed and Coded Files Encrypted Files Password-Protected Files Analysis Based on Operating Systems Microsoft–Based File Systems UNIX and LINUX File Systems Macintosh File System J. M. Kizza - Ethical And Social Issues

209 Relevance and Validity of Digital EvidenceThere a need to establish relevancy of the evidence. The relevancy of the digital evidence depends on; the requesting agency, nature of the request, type of the case in question. The question of validity of data is tied up with the relevance of data. It is also based on the process of authentication of that data. J. M. Kizza - Ethical And Social Issues

210 Writing Investigative ReportsA report is a summary of all findings of the investigation and it comes from all the documentation that has been made throughout the investigation. Report should include the following documents[4]: All notes taken during meetings and contacts that led to the investigation All forms used in the investigation including the chain of custody forms Copies of search warrants and legal authority notes granting permission to conduct searches Notes, video recordings, and pictures taken at the incident scene describing the scene Notes and any documentation made to describe the computer components including description of peripherals and all devices. J. M. Kizza - Ethical And Social Issues

211 J. M. Kizza - Ethical And Social IssuesDocumentation and notes describing the networking of suspect’s devices Notes made on what was discovered including passwords, pass phrases, encryption and any data hiding. Any changes to the suspect’s scene configuration authorized or not. Names of everyone at the suspect’s scene Procedures used to deal with the scene including acquisition, extraction, and analysis of evidence. Any observed or suspected irregularities including those outside the scope of the techniques in use. J. M. Kizza - Ethical And Social Issues

212 J. M. Kizza - Ethical And Social IssuesModule 16: Biometrics Introduction and Definitions The Biometrics Authentication Process Biometric System Components The Future of Biometrics J. M. Kizza - Ethical And Social Issues

213 J. M. Kizza - Ethical And Social IssuesIntroduction A biometric is a physical or psychological trait that can be measured, recorded, and quantified. Such traits are abundant in the human body and in access control are used to do a biometric enrollment and stored in a database. Biometric technology, based on human attributes, is perhaps one of the safest and most reliable and most secure form of access control so far in use. Access control technologies are based on three axioms: Something you know – which includes all passwords and pass phrases Something you have – which include all physical security passes like pass cards, access cards, and all sorts of access cards. Something you are – which includes all human attributes. This group is where biometrics fall. J. M. Kizza - Ethical And Social Issues

214 The Biometrics Authentication ProcessKey steps for a biometric authentication process are: Image capture – using a biometric reader or scanner Image recognition – based on a standard biometric algorithm Template creation - again using a standard biometric algorithm and extracted features Matching of the templates – both the live and stored templates of the individual are compared for a match using a standard biometric algorithm. J. M. Kizza - Ethical And Social Issues

215 J. M. Kizza - Ethical And Social IssuesA standard biometric authentication comprises the following functional units: Sensor device a reader or scanner to acquire the biometric raw data from the individual. The reader or scanner can capture images from a fingerprint, a face, an iris, or a sound from a microphone. Readers or scanners at this stage may do some limited preprocessing without introducing foreign information or creating redundancy Feature extraction to extract traits used in the creation of the template Matcher to compare the live template with the stored reference template Reference archive for storing the biometric reference templates J. M. Kizza - Ethical And Social Issues

216 Biometric System ComponentsThe components of a biometric system are: Data Acquisition Enrolments Signal Processing Decision Policy J. M. Kizza - Ethical And Social Issues

217 Types of Biometric TechnologiesBiometric technologies confirm a person's identity by scanning physical characteristics. These traits include: Finger Biometrics - involves taking an individual’s fingerprints Hand Geometry -Hand features are extracted and taken as the defining feature vector of the user's hand Face Biometrics – are distinctive features of the subject’s face Voice Biometrics - individual voice components called phonemes. Handwriting Analysis - a person's specific features from his/her handwriting J. M. Kizza - Ethical And Social Issues

218 J. M. Kizza - Ethical And Social IssuesIris Biometrics - the features that exist in the colored tissue surrounding the pupil of the subject’s eye. Retina - unique pattern of blood vessels with distinctive traits in a human eye J. M. Kizza - Ethical And Social Issues

219 Biometric PerformanceThe measure of performance of a biometric is based on three concepts: false accept rate (FAR) false non match or reject rate (FRR), failure to enroll rate (FTE or FER). Biometric performance is commonly the rate at which both accept and reject errors are equal. This rate is referred to as the equal error rate (EER). We want EER to be as low as possible for a good biometric algorithm J. M. Kizza - Ethical And Social Issues

220 The Future of BiometricsWith increasing miniaturalization, price reduction, easy of use, less intrusive, and more invasiveness, the future of biometric technology seem bright than ever before. J. M. Kizza - Ethical And Social Issues