http://www.ign.com/articles/2015/02/26/fcc-to-make-historic-net-neutrality-ruling-today
Telephone, electric, water, gas, and now internet. I had never realized the internet was not grouped with these other services but thanks to the new FCC ruling, it will be. The whole issue of Net Neutrality is a quagmire of "he said, she said" misquotes, and it has been hard to follow in general, but I am glad to hear of this new decision. It is a vital part of modern life to have access to the information freely distributed on-line, as well as the many useful services, and I feel this ruling will further promote the way we use the internet and put a stop to the unethical price gouging of various providers. I generally trust the government to regulate things well, and I think that of the many proposed laws the internet has been subject to over the years, this one will actually do some good for society at large. There are still many tough legal questions to answer, but this is a good step forward.
Thursday, February 26, 2015
Tuesday, February 24, 2015
Ignoring the Issue: Cuckoo’s Egg and Internet Security
There is a Japanese proverb, “kaigai no kaji” which roughly
translated means “a fire on the opposite riverbank” and is more freely
translated as “it’s not my problem.” This idea is one that, while pragmatic at
times, is often responsible for long lasting security issues that never seem to
get better. After all, why should we fix a problem if it doesn’t impact us? It
is this poor attitude that Clifford Stoll fights against in his experiences
detailed in The Cuckoo’s Egg and, in a larger sense, the roadblock that
the realm of internet security is often stuck against. However, ethics dictates
that security issues not be ignored. This issue can be viewed in three areas:
those who truly don’t see the need to fix a problem, those who want to provide
a solution but can’t, and those who feel responsible and will, essentially,
“put out the fire.”
Cliff Stoll spends more than a year of his life trying to track
the hacker who had caused a 75 cent accounting error in the system he was in
charge of monitoring. It is fair to say that all of his efforts were something
that could have been written off early on, but the initial issue was in a real
sense “his problem.” On the other end of this spectrum are those people and
groups that have no desire or interest of getting involved. Stoll’s first
several attempts to get help from the FBI were met with a resounding “No”
(Stoll, 35). The perceived loss was too small and the effort required to fix it
would be too large, a common excuse for leaving security threats open and not
addressing or fixing them. This disinterested attitude was also held by several
of the agencies Stoll called to warn and by many from which he tried to get
help. Sadly, this is the sentiment many internet users succumb to today. Why
bother solving a problem that is in somebody else’s system? Why fix a problem
if nobody will find it or reward me if I do? Many users would rather exploit
such issues than fix them, acting much like the hacker in Stoll’s story. Lack
of interest or acknowledgement is a troubling obstacle.
More vexing for the proactive problem solver is getting stuck in a
situation where another person or group wants to help, but can’t. In terms of
internet security, this is likely the largest obstacle where most issues and
solutions get stopped. Stoll first hits this wall when he tries to get a phone
trace, but is missing the warrant to do so (36). It is not that the agencies
don’t want to help him, but rather that they are legally unable to do so. Indeed,
internet legal policies and privacy rights are a fickle field, miring many in
their idiosyncrasies. Sometimes there simply are no practical means to solve
the problem at hand. Perhaps this is because the tools don’t exist, or maybe
nobody knows how to start fixing the bugs and backdoors in a program. Most
frustrating are cases where the users of a system don’t want to make things
less convenient for themselves, and so system managers must stand back and hope
for the best ala Stanford’s approach (94). If it were possible, these problems
would be solved and fixed speedily. However, outside factors cause the status
quo to remain, despite any glaring weaknesses to the system they present.
Yet there is hope when people like Stoll are on the job. He spent
many sleepless nights and invested time and effort creating systems, tools, and
traps to solve his security problem (209). His persistence and discoveries were
a result of his unwillingness to let go of the problem or say it wasn’t his to
fix. This is the realm of internet security where hackers find problems, trace
and test them, and then warn those responsible so they are fixed. Here, not
only do the developers feel responsible, but the users make them responsible.
Stoll was only able to get the big players involved when they realized the
threat and felt a need to act (168). Similarly, many companies only work to fix
security issues after a breach or loss of data. It is preferable to have responsible,
security-minded coders involved early on so such issues are found in the design
phase of development and never reach the internet proper. Basically, it is
better to fix a security threat before it ever exists, and that only happens
when people feel responsible and act accordingly.
Disinterest, inability, and responsibility are the three mindsets
that hinder or help internet security. Clifford Stoll was fortunate to have a
personality and attitude which allowed him to take responsibility for the error
found on his watch, overcome the technological and legal roadblocks, and
motivate those who were uninterested in helping him solve his problem. Because
of his efforts, a minor problem that was caused by a major threat was properly
found and many security issues were fixed along the way. As the world becomes
more dependent on the internet for business and everyday life, it is important to
learn from The Cuckoo’s Egg and take responsibility for finding and
fixing the myriad issues that may arise. Security and privacy will only become
more important as networks grow, so diligence, too, must increase. Even though
the fire may be burning on the other side of an ocean instead of just a river,
putting it out is still the most ethical thing to do.
Stoll, Clifford. The
Cuckoo's Egg: Tracking a Spy through the Maze of Computer Espionage. New York:
Doubleday, 1989. Print.
Thursday, February 19, 2015
Study Journal 3
Law & Computing
2/10
Patent trolls skirt the law, but they certainly dismiss ethical practices.
Code should be patentable when it is a truly unique application, not just math.
Anything that is written is copyrighted and I should remember that more when I am quoting people or things to be ethical.
Thursday, February 12, 2015
Post 1
I feel it is not unethical for a businessman type to profit from the work of nerds. In our studies, I have seen a trend where a smooth businessman type will profit off of the work of a nerd. I have heard the line that CEOs get Cs, managers get Bs, and coders get As and I think it may have some truth. Looking at Jobs and Wozniak, and even Gates and Ballmer, it seems to me that the people who are better at coding are often not the best at presenting the product the code becomes. It might be unfair that the nerds are relegated to code monkey status, but at least this way the oft-times brilliant work they do can be sold and they get some profit via this almost symbiotic relationship with the business sharks. Finding out Jobs was around ten times richer that Wozniak was a bit distressing, yet Wozniak probably wouldn't have had even that success without Jobs's efforts. Sometimes it truly is unfair, like when Jobs copied Xerox's workers' GUI ideas with no compensation; but those ideas would have gone nowhere at Xerox due to their poor management decisions. Were I to be the businessman in this sort of relationship or situation, I hope I would at least compensate the code producers better.
Tuesday, February 10, 2015
Study Journal 2
History of the Computer Industry (Hardware & Software)
1/22
I think it is good to share info among colleagues, but when money is involved prudence is required.
Often early machines are just a proof of concept, but that sort of risk taking can pay off.
It often takes a nerd and a business man to get things done and cover each others weaknesses.
1/27
I think stealing ideas that are not being used is not that bad.
It is important to shake up the internal proceses of a company when they stagnate like IBM.
Hypocrisy and ego are hurdles for the future development of newer technologies.
1/29
A drive to succeed is important to foster, but it can become its own barrier.
It can seem easy to screw over the little guy or company, but it is better to be fair.
Modern practices often demand ruthlessness, but I don't want to be so callous.
BONUS: Conflicts of interest are shady in many different ways.
2/3
Often timing is the only difference between fame and failure.
Ego is a major driver for many who work for "free."
I believe in fairness and open source, but I think the "free code" movement is for hippies.
2/5
There is a lot to be said for working as a two man team, but one guy will always be in the shadow.
Coding as a group and working with others is vital to finding small bugs - many eyes idea.
I think it is unfortunate that so many companies with potential are sold for a quick buck.
1/22
I think it is good to share info among colleagues, but when money is involved prudence is required.
Often early machines are just a proof of concept, but that sort of risk taking can pay off.
It often takes a nerd and a business man to get things done and cover each others weaknesses.
1/27
I think stealing ideas that are not being used is not that bad.
It is important to shake up the internal proceses of a company when they stagnate like IBM.
Hypocrisy and ego are hurdles for the future development of newer technologies.
1/29
A drive to succeed is important to foster, but it can become its own barrier.
It can seem easy to screw over the little guy or company, but it is better to be fair.
Modern practices often demand ruthlessness, but I don't want to be so callous.
BONUS: Conflicts of interest are shady in many different ways.
2/3
Often timing is the only difference between fame and failure.
Ego is a major driver for many who work for "free."
I believe in fairness and open source, but I think the "free code" movement is for hippies.
2/5
There is a lot to be said for working as a two man team, but one guy will always be in the shadow.
Coding as a group and working with others is vital to finding small bugs - many eyes idea.
I think it is unfortunate that so many companies with potential are sold for a quick buck.
Subscribe to:
Posts (Atom)