Presentation on theme: "Software Ethics Ethics = the philosophical study of morality"— Presentation transcript:
1 Software Ethics Ethics = the philosophical study of morality Three main subdivisions:General study of goodness, e.g., what is the meaning of terms like good, bad, right, wrongGeneral study of right action, e.g., what moral principles should govern our choices and pursuitsApplied ethics, e.g.:Medical ethicsBusiness ethicsEnvironmental ethicsSoftware ethics
2 ACM's Software Engineering Code of Ethics and Professional Practice (www.acm.org/serving/se/code.htm)Ethical conduct with regard to:PUBLICCLIENT AND EMPLOYERPRODUCTJUDGMENTMANAGEMENTPROFESSIONCOLLEAGUESSELF
3 ACM's Software Engineering Code of Ethics and Professional Practice: PUBLIC PUBLIC - Software engineers shall act consistently with the public interest.Examples:National securityPrivacy
4 Software and National Security Terrorist infrastructure attacks, e.g., domain name system (DNS); bringing down power gridsAutomating nuclear warEthical question: should you work on a proposal to build a system that will automate a nuclear war after Washington and Moscow have been destroyed?Ethical question: should you work on building software for an ABM defense system when there is no way to verify its correctness?The problem of program verification
5 Software and National Security Cryptography programs:An author of a book on applied cryptography was prohibited by the State Department from exporting the book because it included as an appendix a floppy disk containing programs for encryption software.However, were the floppy disk not included with the book, the book would have been freely exportable even though the program text on the floppy disk was also printed in the book.Ethical question: should algorithms or the software that implements them be considered weapons?
6 Software and Privacy Data collection (monitoring surfing habits) Ethical question: Should employers have the right to use software to know every keystroke entered by employees?surveillance (wiretapping)Ethical question: Should the government have the right to use software to snoop on suspicious of its citizens?
7 Software and Privacy Spamming, e.g. Alan Ralsky: Sends millions of messages per dayNow does his spamming from overseas ISPsSlashdot published his home mail address and he is now inundated with snail mail spamSpammers' rights groups are now subjecting anti- spam groups' web sites to denial-of-service attacksEthical question: Should spammers have the right to use software to fill communication bandwidth with unwanted messages?
8 ACM's Software Engineering Code of Ethics and Professional Practice: CLIENT AND EMPLOYER CLIENT AND EMPLOYER - Software engineers shall act in a manner that is in the best interests of their client and employer consistent with the public interest.See: PRODUCT
9 ACM's Software Engineering Code of Ethics and Professional Practice: PRODUCT PRODUCT - Software engineers shall ensure that their products and related modifications meet the highest professional standards possible.Software quality:Reliability (correctness)EfficiencyUsabilityMaintainabilityReusability
10 Software ReliabilityVerification: Making sure program behavior conforms to specificationsFormal (mathematical methods)Empirical (testing and observation)Ethical question: who should be liable for software misbehavior?Program author (for example, Therac-25 disaster)Program user (for example, putting incorrect data into a tax program)Domain expert (for example, misdiagnosis by a medical expert system)
11 ACM's Software Engineering Code of Ethics and Professional Practice: JUDGMENT JUDGMENT - Software engineers shall maintain integrity and independence in their professional judgment.Examples:Cracking computer securityViolating copyright using software
12 Hacking vs. CrackingHack originally used to refer to clever way MIT engineers used to run a model railroadHacker originally meant a clever programmer but has been co-opted by media to mean a criminalCracker is a better term for computer criminalHacker's Ethic described in 1984 book by Steven Levy, Hackers: Heroes of the Computer Revolution
13 Main Tenets of The Hacker's Ethic Access to computers should be unlimitedInformation should be freeAnti-bureaucracy, pro-democracyMistrust authority, promote decentralizationJudge hackers by their hacking, not degrees, age, race, positionYou create art and beauty on a computerComputers can change your life for the better
14 Perverting The Hacker's Ethic If you take libertarianism too far, you get anarchyIf you take the H.E. too far, you get criminal behavior:Viruses and wormsWebsite defacementDenial of Service attacks (EBay, Yahoo, Amazon)Infrastructure attacks, e.g., domain name system (DNS); bringing down power grids
15 Viruses, Worms, and Cracking Virus: piece of code that can automatically spread to other computers and destroy or alter filesWorm: virus that does not alter files but resides in memory and duplicates itself, e.g., Code Red, SasserCracking, e.g.,Buffer overflow attackSniffer: program that lies in wait for unencrypted data (like passwords or credit card numbers)Ethical question: Is it OK for clever software to exploit vulnerabilities just because they are there?
16 Kevin Mitnick Object of FBI manhunt, first arrested at age 17 in 1981 Inspired 1982 movie War Games with alleged NORAD hackReleased from prison in 2000Now a corporate security consultantNew book: The Art of Deception
17 The Hacker Ethic vs. The Protestant Ethic See The Hacker Ethic and The Spirit of the Information Age, by Pekka Himanen (prologue by Linus Torvalds)Work as passion, 24-7Openness, enablement, cooperationCompare The Protestant Ethic and The Spirit of Capitalism, by Max WeberIndustrial Age values, 9-to-5Hierarchy, bureaucracy, secrecy
18 Violating Copyright Using Software DVD decryptionJon Johansen, now 18, circumvented DVD movie copy protectionMade a program, DeCSS, available for playing movies on computerMPAA prosecuted him, acquittedTwo issues:Intellectual property rightsControlling playback device
19 Violating Copyright Using Software MP3 downloadingRIAA is prosecuting individual downloaders of copyrighted materialEthical question: Does the digital nature of contemporary media render traditional copyright law obsolete?
20 ACM's Software Engineering Code of Ethics and Professional Practice: MANAGEMENT MANAGEMENT - Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance.Don't promise what you can't deliver
21 Bids and BudgetsDramatic example: in the early 1980's the IRS hired Sperry to automate tax form processing for $103 million. By 1985 the cost had tripled, the system could not handle the workload, and it had to be replaced.Ethical question: Should you underbid a project because you desperately need a contract?Ethical question: Should you claim you can solve a client problem when you don't fully understand the requirements?
22 ACM's Software Engineering Code of Ethics and Professional Practice: PROFESSION PROFESSION - Software engineers shall advance the integrity and reputation of the profession consistent with the public interest.Example: software copyright and intellectual property
23 Software and Intellectual Property Ethical question: Is it a fair practice of certain software companies to quickly "clone" the look and feel of other companies' successful products?Copyright laws are considered to apply to text.Patent laws are considered to apply to artifacts of technology.
24 ACM's Software Engineering Code of Ethics and Professional Practice: COLLEAGUES COLLEAGUES - Software engineers shall be fair to and supportive of their colleagues.Related issue: Open source vs. proprietary software
25 Open Source vs. Proprietary Software "Free software" (economic definition) means you don't have to pay for it"Free software" (GNU definition):freedom to run the program, for any purposefreedom to study how the program works, and adapt it to your needs (open source)freedom to redistribute copies so you can help your neighborfreedom to improve the program, and release your improvements to the public, so that the whole community benefits
26 The GNU Public License: Copyleft (www.gnu.org) Copyleft: a general method for making a program free software and requiring all modified and extended versions of the program to be free software as well."Ethical question: Should you make available to other software engineers (even those who work for other companies) reusable software of your own making?Ethical question: does the proprietary software business model allow the patching of O.S. security exploits as well as the open source model?
27 ACM's Software Engineering Code of Ethics and Professional Practice: SELF SELF - Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession.