KEEP THIS TO 1-3 – PAGES LONG (EXCLUDING REFERENCE PAGE)
Author: Sara Baase
Date of Publication: 2008
Book: A Gift of Fire
Sections read: 3.1-3.3
1. (Knowledge)Tell three interesting elements of this chapter:
a. There is both white-hat hacking and black-hat hacking. White-hat refers to those who do it for the simple thrill or to expose threats to companies, while black-hat refers to those who hack to commit a felony (Baase, 257).
b. Hacktivism has become an important term since hacking began, referring to the hacking of a site for a political cause; it is very subjective on whether this is a crime or not because of the political aspect (Baase, 263).
c. Some companies hire those who have hacked them, as they can help the company fix massive loopholes in their security system (Baase, 268).
2. (Comprehension) Summarize what is being discussed within this chapter?
With computer technology, theft of information has become much more severe; while robbing a bank would get someone near 5,000 dollars, computer crimes go past $100,000 (Baase, 253). Hacking was originally a positive term referring to those who exposed systems for their flaws for the sheer fun of it, but once hackers realized the potential of this in the digital age it was viewed with more disdain. The New Hackers Dictionary describes a hacker as a person “who enjoys exploring the details of programmable systems and how to stretch their capabilities; …one who programs enthusiastically (even obsessively)” (254). Hacking as many websites as one could soon became a goal. In the 1980’s a German hacker broke into US computers in order to sell information to the Soviets. Social engineering – fooling people into disclosing info – became a key part of finding out the information on a person (255). Hackers refer to malicious hackers as “crackers”, and white and black-hat hackers helps to explain the differences between the two groups (257). Security Researches are hackers who expose flaws to show them to the company, even though the company may be slow to respond (258). Viruses such as the “Love Bug” have caused over 10 billion dollars in damage. Denial-of-service attacks overload websites to shut them down; 15-year old “mafiaboy” did this while finding a script to do so on a site intended for “script kiddies”. Zombies are computers that the hacker has complete control of, which can have dangerous consequences (260). Hacktivism is hacking to promote a political cause; one example of this is when three teenagers hacked into an atomic research center in India to protest their use of nuclear weapons. However these goals became an easy cover for more dangerous hackers to hide their work. Hacktivism is debatable concerning its legality, as politics are completely subjective, and what may look like a statement to one person may look like a felony to another (263). The Computer Fraud and Abuse Act of 1986 protects areas where the federal government has jurisdiction, as well as computers connected to the internet. The Patriot Act expanded on the CFAA, including with it the costs of responding to the attack, assessing the damage and restoring systems, as well as increasing the harshness of penalties - a 1st offense became 10 years of incarceration instead of 5). The government can also spy on suspected hackers without a warrant (265). Through computer forensics, experts can track hackers through tracking their ISPs and hidden serial numbers in Microsoft Office, though hackers eventually wised up (267). Unfortunately due to the complexity of computer systems and the constant updates in software, it is hard for the web to be fully secure (269). The Defense Information Systems Agency reported 500,000 attacks on the Defense Department, 65% of which were successful and less than 1% were detected (270). Firewalls were created to monitor incoming information and filter out suspicious items, though hackers have been known to find loopholes in these as well (271). People have thought of criminalizing the scripts that cause damage themselves, however this would make research very difficult, and also violates freedom of speech, which becomes an issue (273). Identity theft is easier than ever through card numbers, SSN and files, and a security company executive even says that, “A complete identity sells for less than $20” (273). Phishing is a common tactic where millions of emails are sent to fish for info used to impersonate someone and steal money and goods; this is a form of social engineering as a lot of trickery is involved to extort it from the victim (274). There is also pharming, which is similar except that it lures people to a false website. There are other methods as well, such as recording keystrokes and Trojan Horses, defined as malicious software hiding in an apparently innocent program which is downloaded willingly (275). There have been measures to prevent fraud, such as software in banks that look for fraudulent activity and secure payment sites such as PayPal (277). In 1998 it became a federal crime to use another person’s identification with the intent to commit a felony. Other preventions of fraud are expressed through fraud alerts, which are flags on a person’s credit report that forces a bureau to call you for confirmation if a new account is opened (280). Through biometrics – biological characteristics unique to an individual – protecting information has been thought of as much more effective, providing measures such as fingerprint and retina scanners (281). However it has been proven that these systems can be fooled, and if a criminal were to get this specific of information the results may be devastating (282). Hackers and thieves make the internet a sketchy place to be, as there is little you can do to stop a hacker besides hope for the best that your trust is placed in the correct websites.
3. (Application)Name a specific example or NEW solution for this type of problem/similar situation in society or that you have experienced – BE SPECIFIC AND EXPLAIN?
One situation of potentially dangerous hacking deals with Mark Zuckerberg, CEO of Facebook himself. In the early years of Facebook, it has been found that Mark would use login information to hack into peoples’ private email accounts, and while the purposes were unclear it is still unethical. It is also found that he hacked into ConnectU, a competitor, and changed information to his liking (More on the incident can be found at http://articles.businessinsider.com/2010-03-08/tech/29969831_1_facebook-mark-zuckerberg-business-ethics). I have also recently experienced an event dealing with identity theft; about a month ago my mother bought from a less than secure website, and about a week later her card was cancelled. Someone had gotten a hold of her information and went above and beyond her credit limit to buy extravagant items (thankfully the bank caught on and did not hold her liable). Nevertheless, this is an example of how easy it really is to have your information stolen.
4. (Analysis)Address ANY that apply. How can you compare one of the situations in this chapter to something that does not relate to computers, technology, or the Internet? Be sure to reference the chapter and your solution. What ideas NEW can you add to the issue that is being presented within the reading? Try to connect what you have by reading this article and how it applies to the stages in Bloom's taxonomy in 2 full sentences.
The chapter talks about fraud through the internet, but it also makes a good point about fraud in general. On page 281, Baase states that a good chunk of identity theft occurs when a wallet or checkbook is stolen, not just when info is given out on the internet, so even outside of the internet one must be wary of their surroundings. While there will always be hackers, I believe all sites should incorporate PayPal as the default payment option; on page 277 Baase goes into how secure PayPal is and how it is the most secure payment site on the web. If all shopping sites were to default to PayPal, I believe it can stop a lot of identity theft.
5. (Synthesis) Address all that apply. Do you agree with what is being said within the article (Why/Why not? Back up with FACTS)? What new conclusions can you draw about this (or other topics) after reading this material?
I believe that hacking and identity theft are very real – and scary – realities, not to mention one that will always be as advanced as the technology that tries to protect people from it. Hackers are known for their tenacity and love for exposing flaws, so when new technology comes out that makes everything more secure, criminals on the internet will find new ways to go around it, or they’ll come out with new technology (such as skimmers) to make their job even easier than before.
6. (Evaluation) Address all that apply. Judge whether or not this topic is relevant in today’s society? Evaluate why you are viewing the topic in this manner based on your experiences. What ethical evaluations (see Chap1-1.4 for exp of Ethics) or decisions were made/can be assumed from this chapter? What new ideas will you make after reading this chapter?
This topic is very relevant to today’s society, as a large chunk of society owns a credit card (and everyone has an SSN), so everybody is susceptible to identity fraud. Hackers can make the internet – as well as the computers they hack – their plaything no matter how hard we try to protect it sometimes. As people who use the internet, we constantly run the risk of being attacked by these digital criminals, and when we become privy to one of their tactics, they will simply come up with a new one. This shows how exceptionally important it is to keep personal information to yourself at all costs, even if it means alienating yourself from online shops and using paper money more often.
References
Baase, Sara. "Chapter 5: Crime." A Gift of Fire: Social, Legal, and Ethical Issues in Computing. Upper Saddle River, NJ: Prentice Hall, 2008. Print.
Blodget, Henry. "Facebook CEO Mark Zuckerberg Needs To Address The Hacking Incidents." The Business Insider. 08 Mar. 2010. Web. 22 Oct. 2011.
No comments:
Post a Comment