Assignment 9 - Legal, Privacy, and Ethical Issues in Computer Security
Discussion Questions
- (DUE April 23, 2003 by midnight EST) Select one of the following questions to discuss in detail through the threaded discussion.
- Discuss the legal and ethical issues of using a neighbor's broadband connection from your home through a wireless connection.
- Is war chalking legal? ethical? Is war driving legal? ethical?
- "Microsoft recommends Windows 2000/XP users apply an important patch issued
last week to correct a denial-of-service vulnerability. Though the flaw also affects NT 4.0, no patch will be provided." Is this an issue with a software company not releasing a patch for software that is an old version but still widely used. "Although Windows NT 4.0 is affected by this vulnerability, Microsoft is unable to provide a patch....Instead, Microsoft encourages NT 4.0 users to employ the workaround discussed in the advisory's FAQ, which recommends using a firewall to block TCP port 135 (epmap)." Is this the only reasonable solution?
- A part of the Patriot II legislation being considered by the U.S. Government is to add five years to any prison sentence for crimes committed where encryption is used by the perpetrator. Discuss your views on this part of the proposed legislation.
- "Gartner research analyst John Pescatore is challenging the full-disclosure view that the release of exploit code helps enterprises better secure themselves from vulnerabilities.... Part of the ongoing full-disclosure debate, many security professionals disagree about the degree of detail needed to successfully secure networks and systems from vulnerabilities. Some researchers want all possible information, including exploit code, regardless of whether a patch is available. Others advocate a more restrained approach that
limits the flow of information until fixes are released." When a vulnerability is discovered, how much information should be released?
- "Concerns that Internet communications--such as VoIP and e-mail--may be used to conceal criminal communications have spurred the FBI and Department of Justice to request additional eavesdropping powers from federal lawmakers. The DoJ is asking the Federal Communications Commission to reinterpret the Communications Assistance for Law Enforcement Act (CALEA) to cover DSL and cable modem service, including Web surfing, e-mail and other wire transmissions. CALEA requires telecommunications carriers to modify their networks to be wiretap-friendly for the FBI. According to SecurityFocus, the filing by U.S. law enforcement "was prompted by the efforts of telecom entrepreneur Jeffrey Pulver to win a ruling that his growing peer-to-peer Internet telephony service, Free World Dialup (FWD), is not subject to the regulations that govern telephone companies." Questions remain whether CALEA applies to Voice over IP--or VoIP, which is telephony service over packet-based networks." Are we giving up too much of our privacy here?
- (DUE April 28, 2003 by midnight EST) Select a discussion from one or more of your classmates and respond to their comments.
Webliography Assignment
(DUE April 28, 2003 by midnight EST) Submit to the class Webliography 5 annotated links related to legal, privacy, and ethical issues in computer security. These will be added to our Information Assurance E-library (http://csc.ColumbusState.edu/summers/e-library/security.html) You will receive 1 point if just a new link; 1 point if annotation for one of my links; or 2 points if a new annotated link.