Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Ethics

Published byDeon Graley Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Security Ethics"— Presentation transcript:

1 Computer Security Ethics
Mehrdad Saadatmand

2 Before we start… Being ethical is not necessarily following one’s feelings; “feelings frequently deviate from what is ethical“ Often because of the way one is raised, ethics and religion are coupled; but ethics is not confined to religion nor is the same as religion Being ethical is not solely following the law. Elements of practical ethics through basic philosophy: Ethical thought Ethical definition Ethical values Example: “If a person conceives of engineering activity as only making money, then one's definition of practical ethics, one's actions and values will, be guided by this basic philosophical position. “

3 Security in: Client / Workstation / Terminal Intra-networks Inter-networks In terms of: Physical Security Non-Physical Security

4 Security Threats (sources, causes, people behind) :
Hackers Crackers Script Kiddies Unethical Employees (logic bombs, backdoor,…) Cyberterrorists Corporate Spy Worm / Virus / Trojan (incl. keyloggers,…) Spoofing / Sniffing / Phishing DoS / DDoS attacks Hoax / Spam ...

5 Examples:

6 Examples (cont): Virtual Private Network (VPN)
Generic Routing Encapsulation (GRE) Encapsulation Security Payload (ESP) Remote Access VPN Site to Site (Router to Router) VPN

7

8

9

10 Example of Phishing:

11 Hackers’ Code of Ethics:
Hacker creed (Steven Levy’s “Hackers: Heroes of Computer Revolution” ): Access to computers should be unlimited and total. Always yield to the Hands-On Imperative All information should be free. Mistrust authority -- promote decentralization. Hackers should be judged by their hacking. You can create art and beauty on a computer. Computers can change your life for the better.

12 New Code of Ethics (90s) - Steven Mizrach :
"Above all else, do no harm" Protect Privacy "Waste not, want not." Exceed Limitations The Communicational Imperative Leave No Traces Share! Self Defense Hacking Helps Security Trust, but Test! In Short : 1) protect data and hardware 2) respect and protect privacy 3) utilize what is being wasted by others 4) exceed unnecessary restrictions 5) promote peoples' right to communicate 6) leave no traces 7) share data and software 8) be vigilant against cyber-tyranny and 9) test security and system integrity of computer systems.

13 New(er) Hacker Ethics:
Hackers share and are willing to teach their knowledge. Hackers are skilled. Many are self-taught, or learn by interacting with other hackers. Hackers seek knowledge. This knowledge may come from unauthorized or unusual sources, and is often hidden. Hackers like to understand how things work, and want to make their own improvements or modifications. Hackers often disagree with authority, including parents, employers, social customs and laws. They often seek to get around authority they disagree with. Hackers disagree with each other. Different hackers have different values, and come from all backgrounds. This means that what one hacker is opposed to might be embraced by another.

14 New(er) Hacker Ethics:
Hackers are persistent, and are willing to devote hours, days and years to pursuing their individual passions. This Code is not to prescribe how hackers act. Instead, it is to help us to recognize our own diversity and identity. Every hacker must make his or her own decisions about what is right or wrong, and some might do things they believe are illegal, amoral or anti-social. Hackers' motivations are their own, and there is no reason for all hackers to agree. Hackers have a shared identity, however, and many shared interests. By reading this Code, hackers can recognize themselves and each other, and understand better the group they are a part of.

15 Hackers’ Code of Ethics:
Old code vs new code Are new hackers aware of the original hacker ethics? Are new hackers aware of any hacker ethics? Influence of technology and social issues on changes in hacker ethics Similarity between the old and new ethics and ethical continuity

16 Ethical Issues in Security Courses
More security subjects are moved from graduate level to undergraduate level ; graduate students are more mature than undergraduate ones Are security courses’ materials really appropriate? (some include: trying DDOS, writing and spreading a virus,…) Major of computer hackers are under the age of 25 and many of them are college students Using hacking tools in labs and classes increases “comfort level” with such tools  the more comfortable people become with one computer technology, the more likely they are to use them

17 Ethical Issues in Security Courses
There are many justifications for teaching such sensitive issues: to strengthen the nations defense against attacks. But do we need to know the details of how to make a bomb in order to defend ourselves against bomb attacks? Using password crackers is not necessary to teach the dangers of using weak and insecure passwords. “Students would learn them on their own anyway. We are presenting this material in a responsible manner.” The big question is : how to really present this material in a responsible manner ?

18 Ethical Issues in Security Courses
Requiring students to sign a statement and take an ethical oath? Teaching ethical issues as part of a course? Problem: ethical standards cannot be integrated in individuals just over a short period of time! Ethical subjects are necessary especially in computer security curricula. Ethical standards should be taught to students early in the program and students should be reminded of them throughout the program. Students should become aware about the consequences of misuse of their knowledge

19 Ethical Issues in Security Courses
The problem of “deindividualism” (group size, anonymity) “Deindividualism is a feeling of separation and anonymity that can lead to individuals engaging in a broader range of unethical behaviors.” “Deindividuation is the psychological state of separation of the individual from others“ It is often seen in chatrooms and message boards. Making students aware that they are trusted with something important encourages them to live up to that trust. Sensitive topics should be taught and discussed at higher levels of a program.

Download ppt "Computer Security Ethics"

Similar presentations

Digital Citizenship in the Classroom

Digital Citizenship in the Classroom
Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 

Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
 Someone who exercises playful ingenuity  Misusers of the internet who try to obtain or corrupt information; people who try to prevent it.

 Someone who exercises playful ingenuity  Misusers of the internet who try to obtain or corrupt information; people who try to prevent it.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.

OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Internet Safety/Cyber Ethics

Internet Safety/Cyber Ethics
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Hacker Ethics Kim Bissett Sabrina Short. Hacker Ethic: In General  Freedom of Information The web is not physical; it couldn’t be interpreted as property,

Hacker Ethics Kim Bissett Sabrina Short. Hacker Ethic: In General  Freedom of Information The web is not physical; it couldn’t be interpreted as property,
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
Computers in Society Week 8: Computer Security and Hacking.

Computers in Society Week 8: Computer Security and Hacking.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
EDUC 260: Week 13 Hand-in your Position Paper. Overview Administrivia Ethics of computing in classrooms What did we learn in the course? Course evaluations.

EDUC 260: Week 13 Hand-in your Position Paper. Overview Administrivia Ethics of computing in classrooms What did we learn in the course? Course evaluations.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Similar presentations

Ads by Google