Security, Software, and Ethics
Introduction
Every day, we use computer software to perform everyday tasks. These can range from sending e-mail, balancing your checkbook, web browsing, shopping and much more. Most people don't stop to think about the security of the software that we use on a daily basis. Users are more concerned about getting their work done, and security is little more than an afterthought.
Security is a very important and often overlooked aspect of software development. Security is used to authenticate users, manage access to resources, and to ensure that data hasn't been compromised.
Recent events such as the Sasser, SQL Server, Blaster and Nimda worms have been devastating throughout the world. They've cost companies and everyday people billions of dollars worth of wasted time, money and productivity. In some cases, data gets corrupted, modified or deleted. Businesses are unable to function normally, which can result in heavy financial losses.
Some of these worms are still taking over computers to this day, long after patches have been readily available to fix the problem. Security professionals have been telling computer users to patch their systems and keep them up to date, but it their words aren't being listened to in spite of their warnings. Why is this scenario constantly being repeated? Who's responsible for ensuring that software we use is secure?
I feel that software companies and software engineers are ethically responsible for making sure that their software is secure. We're becoming more dependent on computer software, which makes us more vulnerable to virus attacks from a security bug in a widely used piece of software. They must be able to ensure that our software is more secu...
... middle of paper ...
...3] Peter Mell and Miles C. Tracy, "Procedures for Handling Security Patches", National Institute of Standards and Technology, August 2002
http://www.csrc.nist.gov/publications/nistpubs/800-40/sp800-40.pdf
Suggested resources
SANS Institute - Computer security web site, with information about computer security training
http://www.sans.org
SANS Institute Reading Room - Articles on a variety of security topics
http://www.sans.org/rr
Security Focus - Web site with news and analysis of security issues
http://www.securityfocus.com
The Register - Web site with IT-related news
http://www.theregister.co.uk
Software Engineering Institute, Carnegie Mellon University
http://www.sei.cmu.edu/
National Institute for Science and Technology
http://www.nist.gov
The CERT® Coordination Center - A reporting center for Internet security
http://www.cert.org
Reflection, as explained by Moon (2013), is the process of looking back on an event or experience and thinking about it and learning from it. Reflection, which is learning through experience, is not a new concept. As humans, we naturally reflect on our surroundings and experiences on a day to day basis in order to make sense of them. (Norman, Vleuten and Newble, 2002). In a professional context, reflation is vital for a practitioner to learn and improve their practice. By using their own experiences, practitioners are able to analysis, and in turn, adapt or improve specific areas of practice
Reflection is turning experience into Learning. Reflection is a conscious, dynamic process of thinking about, analysing, and learning from an experience that gives insight into self and practice.
Security is a wide concept, it is a separated subject with its own theories, "which focus on the process of attack and on preventing, detecting and recovering from attacks" (William 1996). Certainly, these processes should be well organized in coping with the complex system issues. A coherent approach should be taken, which builds on established security standards, procedu...
Reflection has its importance in clinical practice; we always seek to be successful and that can be achieved by learning every day of our life through experiences we encounter. In that way we can reconsider and rethink our previous knowledge and add new learning to our knowledge base so as to inform our practice. Learning new skills does not stop upon qualifying; this should become second nature to thinking professionals as they continue their professional development throughout their careers (Jasper, 2006). According to Rolfe et al. (2001), reflection does not merely add to our knowledge, it also challenges the concepts and theories by which we try to make sense of that knowledge. Acquiring knowledge through reflection is modern way of learning from practice that can be traced back at least to the 1930s and the work of John Dewey, an American philosopher and educator who was the instigator of what might be called ''discovery learning'' or learning from experience. He claimed that we learn by doing and that appreciating what results from what we do leads to a process of developing knowledge, the nature and importance of which then we must seek to interpret (Rolfe et al., 2001).
Hacking is the term used to describe the process of breaking into and obtaining access to a computer system or network. It’s essentially the modern successor of the age-old breaking-and-entering. In this information age, information is power. Those who obtain a person’s personal information can use it to for various crimes including identity theft. Companies and corporations are not exempt from this either. Nowadays, many companies store their customer’s personal data in their databases (a massive collection of data, similar to a giant, virtual phonebook). As a result, they become targets of hackers who, if successful,
The ability to become reflective in practice has become a necessary skill for health professionals. This is to ensure that health professionals are continuing with their daily learning and improving their practice. Reflective practice plays a big part in healthcare today and is becoming increasingly noticed.
In a situation where a software engineer is asked to design a system with inherent security vulnerabilities, many ethical issues involving several stakeholders are encountered. Diane Jones is the owner of a software development company that has been contracted to engineer a database management system for the personnel office of a medium-sized toy manufacturing company. Management members of the toy manufacturer involved with Diane in the design of the system include the CEO, the director of computing, and the director of personnel. The database system will contain sensitive information pertaining to the employees of the toy manufacturer.
What are the similarities and differences between the findings of this study and that of related studies
The focus of this research paper will be on computer and web ethics. How computers have impacted us in the last few years and how our web ethics should be. We will be breaking down computer ethics and web ethics. Although many people think that the computer is a very recent development, it actually has a long history that demonstrates how quickly the computer industry changes. History provides a context for how far we have come with computers in a relatively short period of time.
In the early years of computers and computerized technology, computer engineers had to believe that their contribution to the development of computer technology would produce positive impacts on the people that would use it. During the infancy of computer technology, ethical issues concerning computer technology were almost nonexistent because computers back then were not as multifaceted as they are today. However, ethical issues relating to computer technology and cyber technology is undeniable in today’s society. Computer technology plays a crucial role in all aspects of our daily lives. Different forms of computer technology provide unique functionalities that allow people to perform daily activities effectively and efficiently. In modern society, we use computer and cyber technology to communicate with friends and family via social networking sites, participate in business transactions, and get current news. Different tasks require unique technological feature in computer technology to function properly. Although, unique technological features increase people’s proficiency in accomplishing various tasks, unique technological features in computer and cyber technology increase security vulnerabilities. In many cases, the security vulnerabilities in computer technology are exploited by cybercriminals to invade people’s privacy, and steal people’s identity. We know that computers have no moral compass; they cannot make moral decisions for themselves. Essentially, people make moral decisions that affect others positively or negatively depending on how they use computer technology. Some of the biggest ethical issues facing people in the computing environment include privacy concerns on the web and identity theft. Privacy concerns...
As of September 2003, there were approximately 70 million Americans or about 62 percent of the American population had at least one home computer. Another statistic is that about 55% of people also have internet on there home computers. In everyday life it is important for a person to have good ethics; this is also true about computer usage. Due to the fact that more then half of the American population owns computers, computer ethics are a growing concern in a rapidly changing society. Computer ethics can be broken down in to many topics including piracy, hacking, viruses, spam, phishing, and responsibility of use of software, cyber porn, and invasion of privacy and the use of the computer in the work place. Also there are many issues both moral and professional that a person who uses a computer might face.
The operating security protects the system from threats, viruses, worms, malware, and hackers. An ounce of preventative is better than a pound of cure, as the old saying goes. The same is true for operating systems. The security preventative keeps the computer assets safe from being stolen, compromised, or deleted. The operating system’s security allows applications that have been scanned for viruses and deemed clean to run smoothly. It allows the system to perform required tasks and prevent unauthorized programs from
Today, many people rely on computers to do homework, work, and create or store useful information. Therefore, it is important for the information on the computer to be stored and kept properly. It is also extremely important for people on computers to protect their computer from data loss, misuse, and abuse. For example, it is crucial for businesses to keep information they have secure so that hackers can't access the information. Home users also need to take means to make sure that their credit card numbers are secure when they are participating in online transactions.
Yet many people are concerned how this impacts there social skills the everyday face to face contact. When playing video games people limit their self’s to social interaction unless it has to do with the game, a lot of people play online and talk to their friends through a headset. When people have face to face contact they develop skills in learning how to communicate with people and eye to eye contact you don’t get that through a video game. Being in a social environment promotes social skills. A social environment can provide opportunities for one to learn how to behave properly in different situations. When playing video games most of the time the person is alone and confined in room. Meaning there is very little social interaction between the person and the game. When people play video games they play in sessions and they can last a long time even all night. People get so wrapped up in playing these games they blow off their friends and family meaning it’s hard to maintain social relationships.
Abstract: The difficulty of having one global ethical Standard of Conduct for computer professionals is due to the fact that there are conflicting legitimate loyalties and interests. This paper examines an ethical issue in the professional computer world through use of a case study. The example given is that of a programmer who is asked to install new software on his computer. He notices that the software may have been illegally obtained, and investigates. After no one can prove to him that the software has a legitimate or illegitimate origin, he is faced with the dilemma of overlooking the problem or blowing the whistle and bringing it into the public sphere. The Code of Ethics of a typical computer company is examined for clues as to what ethical action the worker should take next.