Reading this edition of Risk Digest along with the information that I have gathered from our readings, I am beginning to lose my sense of safety and trust in computer technology. For some reason, I still have a hard time grasping the notion that someone can access data on my computer while I'm using the internet, or for that matter view what I'm viewing. Is it fair to say that our sense of trust, safety, and security depends on the quality of security measures that we have? Is the use of computer technology going to come to the point that we will have to express extreme cynicism (cynicism in the sense of having to be weary of malicious attacks) and paranoia when using them?
I must admit, thus far I am beginning to develop this paranoia when using my computer. "Will this shareware I'm downloading have a virus?" Speaking of viruses, I recently went to my virus list-update website. Curiosity led me to begin looking through the site. Besides the many viruses and information about them, this site had a section of hoax viruses. files or programs that supposedly had a virus written into the software. What struck me to extremely funny was that I actually saw the program called "elf bowling" on the list. In case you don't know, almost every computer on campus last semester had a copy of the game "elf bowling" downloaded on it. During finals week, i received an e-mail claiming that it had been "confirmed," "elf-bowling" had a virus that was programmed to be released on Dec. 25th. In light of this, I felt it was my responsibility, being that I was guilty of downloading it on a couple of computers, of deleting it from those computers as well as mine. This little story goes show the level of paranoia that I experienced after realizing (or at least believing) that I had downloaded an infected program. What was the result? I now have a certain level of cynicism about downloading stuff. My question is, do all computer users have to develop the same cynicism when using computer technology? well, it shouldn't have to be like this.
I think that some of the people who contribute to Risks would disagree with Forester and Morrison when they say that "computer crime should not present an ethical dilemma," and that "the issues raised by computer crime are empirical and practical rather than moral" (pg. 30). It seems as if they are oversimplifying the issue of what exactly constitutes computer crime, focusing mostly on individuals and giving only lip service to the regular and "legal" invasions of privacy and transfer of personal information for profit that businesses take part in all the time. It will be interesting to see what happens if Texas really does "declare 'cookies' illegal." While the comparison to stalking seems a little extreme, I guess that if some of these programs can keep track of where I've been online it is kind of like someone following you around.
okay, as usual, i have multiple comments. the article on the cia director was interesting. yes, that seemed like an obvious security violation to me just that he had access to that information from his home at all. that made me start thinking about the summer i interned at the white house and the computer policies there. i can't remember whether or not we weren't supposed to surf the web. we definitely had to use it to do research, since we got a lot of our info from a subscription-only site called cloakroom.com, but i can't remember if we weren't supposed to go to other sites. i'm pretty sure we weren't supposed to go anywhere not directly related to our research, but that's wide open considering we'd look at candidate's sites, news sites, etc. then i started wondering if by my accessing a site, someone would be able to hack into the white house network. i'm sure it wouldn't be as easy as that (at least i hope not) but i also think the place is full of people who don't fully understand computer security. for instance, i dont' think we were supposed to be working off of our boss' password but that was the easiest thing for her so she let us anyway. i didn't really think about it then but i guess that probably was not a good move on her part.
i'd be interested to hear more about the security issues involved with transfering medical records on the internet. that's something i'd be very wary of since your medical record can be used against you in so many ways. especially be insurance companies and/or employers. it's not something i would trust on the web. (in response to the cardiac article)
cookies. funny they talked about cookies as stalkers because even though i don't understand completely what they do, i do understand that they track what sites one goes to. that idea is rather disturbing, especially if you usually don't know that you're being tracked and by whom. but what do you think about the likelihood of them winning the case? my instinct is, not likely.
mailing lists. i've only recently become more wary about giving out my e-mail to companies. at first i thought it would be really nice to get e-mail from companies i like but now i'm getting all these random spam e-mails and i've grown suspicious. i've got to start remembering to give out my hotmail account in the future.
I find both of these articles from the Risks digest extremely interesting. The idea of a connection between heart patient and hospital is especially fascinating because it is yet another sign of the increasing cultural direction in favor of connection through computer based mediums. I have often thought that someday our lives are going to be even more intensely involved with computer technologies--and though convenience will, at least seemingly, increase with technology in charge of more and more household functions (o the examples I have seen: car operating systems, vacuums that robotically operate independently of human operation, even the machine at the Williamsburg outlet mall McDonalds that essentially makes all the fries without much human interaction, etc.) it seems that the advantages will not come without cost. The second article about "cookies" (or, as I gather, information regarding a person's location and preferences) makes the increasing roles technology will take more and more scary. In some ways, I feel that as the computer roles increasingly become connected in our lives (I can see entire "smarthouses" that operate on the same principle as these network connected heart monitors where food is reordered and stocked by a computer, where all money is computer stored information, etc.) this will lead to more and more opportunity for interference and control from outside sources. I agree with the implications in the second piece about the invasion of privacy that all this computer connection can facilitate. You can't prevent the inevitable evolution of computer integration into our daily lives, nor our increasing dependence on computer technology, but you can at least be prepared for the implications and negative side effects that may result without increased care in the design (especially security) of a techo-connected lifestyle. I would hate to see the benefit of these heart monitoring systems develop into the new crime of computer murder, or the information about our lives that may eventually be kept by networked computer systems degenerate into a virtual playground for invasion by businesses, government, or criminal abuse into our private lives.
I thought a bunch of the excerpts were interesting. The one where the increased interest rates were sent by e-mail six minutes early seems kind of fishy to me. I don't see how there could just be a hardware or software defect that would do such a thing - it seems to me that it could have only been orchestrated by a person.
I thought the job-wanted e-mail was great - a virus coder wanted! And the guy made a good point: anyone who answers it, "will they get the job, or will they be investigated by the FBI, NSA, etc."
I thought this quote was great - the one regarding the former CIA Director who used his home computer for highly illegal activity: "What we see here is that even though all the proper procedures were in place, the human element is sufficient to undermine all of the technical controls. As long as we have people, we'll have RISKS!"
I was really struck by the story about the Australian National Reserve Bank from this risks digest. This story brings into question whether the error was human or computer (which either way is ultimately human.) It also brings to light the unbelievable state of wired-ness that our world exists in, where an error of 6 minutes can result in millions of dollars changing hands. The promptness with which the lucky 64 people reacted to the e-mail is commendable. A very "heads up play," as they say. It is also interesting to consider the mistake as a security issue. There was no breaking and entering, nor any illegal means of accquiring information employed, so can this be considered a computer crime? Although it proved to be very costly, I think it is simply an expensive mistake.
Disclaimer Often, these pages were created "on the fly" with little, if any, proofreading. Any or all of the information on the pages may be incorrect. Please contact me if you notice errors.
This page may be found at http://www.math.grin.edu/~rebelsky/Courses/CS105/2000S/Risks/responses.2078.html
Source text last modified Wed Feb 16 08:34:55 2000.
This page generated on Wed Feb 16 08:35:32 2000 by Siteweaver. Validate this page's HTML.
Contact our webmaster at email@example.com