1. A credit union monitors on-line activity and alerts a customer if there is unusual
activity on his or her account. But in order to recognize unusual activity, the bank
software must keep a record of the “usual” behavior for the customer.
Does keeping such data violate the privacy principles of Figure 2.1? Explain your
answer.
I don’t think think it violates any kind of right as long as the documentation is not misused. If for any reason the customer needs a copy of her bank statements and banking history then the bank can pull it up for her. These are confidential documents and you never know if it is safe in a remote place ... it could one day get tampered with! But for legal purposes I think it is smart of the bank to have that access to watch and keep record of all clientele and accounts. I know that personally, I have been alerted of fraudulent or unusual behavior … and it turns out that someone stole my credit card and was trying to swipe it for 500 dollars in San Diego, but the credit union stopped him.
2. Suppose that a denial-of-service attack shuts down a dozen high-profile web sites
including CNN, Bank of America, IRS, ESPN and Wal-Mart. The attack lasts for
several hours. The attack is traced back to one of the four perpetrators listed below.
Should different penalties be imposed depending on which it is? Give reasons for your
answer.
a. A foreign terrorist who launched the attack to cause significant damage to the
US economy
There should definitely have significant consequences, at the least imprisonment of all of those accountable. I don’t think we should start a war over it, but we should show an example that this kind of thing won't be tolerated anymore. It could be considered a threat to our national safety.
b. A US-based organization who launched the attack to protest commercialization
of the web and corporate manipulation of consumers.
Just because it is a US based organization, it doesn’t make it any more right. It is still, in fact, an act of terrorism. It’s not as if the organization is just protesting, they are actually launching an attack on other US based organizations.
c. A US-based hacking group who launched the attack to demonstrate their skills
to fellow hackers.
This sounds like an act of power and intimidation. It still seems as if it’s an act of terror. It’s not as if the only thing that happens is other hackers being impressed. It seems like it wouldn’t be long before the hackers would be threatening companies to do their bidding, or they face internet annihilation and mayhem. They should be imprisoned and or stopped.
d. A US teenager playing around with hacking tools he found on the web.
This is kind of a hard one to decide. Because it is a minor, they most likely had no idea what they were really doing, and had no evil intent. It would be important to educate the person, without encouraging such actions in the future. That and perhaps find ways to prohibit access to such strong hacking tools to minors.
3. Given that an infected PC can be used as part of a botnet in denial-of-service-attacks,
and that an unprotected PC (running Windows XP) is likely to be infected within 10
minutes of connecting to the Internet
(a) is there an ethical obligation for a PC user to install and maintain up-to-date
antivirus and other security software?
I think that it should be an obligation because when your computer is infected, it can easily effect others, for example sending out an infected email to all of your contacts, and infecting some of their computers with a virus. However, because antivirus and security software costs money, it can not be made mandatory.
(b) Should it be a legal requirement? Consider analogies from other areas
I believe that when computers and antivirus programs are separate, it can not be legally required to purchase the software. However, if the United States were to adopt some type of policy to mandate antivirus programs, I believe the only way that it can efficiently be done is if manufacturing and distribution companies actually sell computers with antivirus programs already installed. It would be very hard to change the entire industry though.
No comments:
Post a Comment