Group items tagged

A solution to the problem associated to IP security cameras. as seen in: http://www.bbc.com/news/technology-16919664

Google has enabled encrypted searching using SSL (Secure Sockets Layer) which it says will prevent "employers and internet service providers" from reading what is sent. The possibility that employers and ISPs might be watching peoples' search traffic clearly concerns Google, and it has often concerned employees.

Essentially what Google is trying to do is to offer people a way of securely navigating their website, using SSL, so that people don't have to worry about being monitored. People can see if they are using the secure version of the google search engine if the web adress cointains "https" rather than just "http". SSL works as follows: 1- The web browser being used checks the websites' certificate to make sure that the client is connecting to the real site and not someone intercepting 2- The encryption types that the browser and the web site server can both use to understand each other are determined 3- Browser and Server each send each other unique codes to use when encrypting the data that will be sent 4- The browser and server start communicating using encryption, leaving the web pages secured. For more information on how SSL works ckeck the following website: http://www.ourshop.com/resources/ssl.html

The following article shows how the asymmetric encryption inherent to SSL (Secure sockets layer) and TLS (Transport Layer Security) have been rendered useless by a tool called BEAST (Browser Exploit Against SSL/TLS). It attacks the "AES encryption algorithm" used in the cryptographic protocols. "BEAST is able to grab and decrypt HTTPS cookies once installed on an end user's browser." "While other attacks focus on the authenticity property of SSL, BEAST attacks the confidentiality of the protocol. As far as we know, BEAST implements the first attack that actually decrypts HTTPS requests". "Transaction confidentiality based on the SSL TLS V1.0 protocol (the most used still today) is dead." "The only true defense from fraudulent transactions is to sign the (...) transaction data so that the attacker cannot inject bogus material. This means effectively using a token with a pin pad." "Fixing the vulnerability that BEAST exploits may require a major change to the protocol itself." http://www.itpro.co.uk/636304/ssl-under-threat-as-flaw-exploited

This article presents intellectual property theft of various companies that work for governments. the article raises many ethical issues.

Don't forget the other tags. You are missing one from section 2 and one from section 3

Seems to be a good solution but what are the limits of this solution?

In theory this would be a good solution, due to the fact that as soon as the user read the warning message in detail, they would feel encouraged not to follow the link. However, due to the facebook's nature, in practice, this solution isn't as effective as one would expect. Throughout Facebook's history, when a user clicks a link that leads to an application, a message appears stating that if the user accepts then information from their profile will be accessed. Because of this, when users see this message they will simply think it is one of the usual messages and skip to the link due to habit. Another obvious limitation is the fact that all it does is simply suggest that it MIGHT be malicious, and therefore most users that are unaware of the dangers of phishing might ignore it and choose to follow the link.

This article refers to the security of the network of various high-profile companies (Adidas, Sony), and the privacy of the consumers. To solve the issue of security, companies should tighten up their security for example, by incorporatibg Secure Sockets Layer protection (SSL) and https network protection. In the past, "sophisticated" has referred to Advanced Persistent Threat (APT) attacks. Defending against APTs was one of the tasks involved in a recent EU-US joint test of cyber attack readiness. http://www.itpro.co.uk/637204/cyber-attack-drives-adidas-websites-offline The companies should also be more cautious of their surroundings by monitorning IP traffic and access to the website. Losing personal and/or sensitive data and having it in the wrong hands could cause serious consequences. (http://www.filetransferplanet.com/cyber-attack-forces-adidas-offline/) This personal information could then be passed on to third party companies who can take advantage of information like address and phone numbers to conduct surveys or distribute advertisements. This would cause widespread discotent due to the invasion of the consumers' privacy.

If the proposed blackout were to occur, a greater awareness and understanding could be achieved. This would likely garner more support against SOPA, as websites like Facebook, Google and Twitter are used by millions of people worldwide, most of these people being casual internet users who have no idea what SOPA really is, meaning some would attempt to educate themselves on the subject and try to do something about it. The potential increase in support could lead to more people demanding big companies to 'drop' their support by threatning to boycott said comapnies products/services. As mentioned in an article bookmarked by Tranny Franny (http://www.slashgear.com/sony-and-nintendo-drop-sopa-support-amid-anonymous-threats-03205579), Sony and Nintendo appear to have dropped their suppor after being threatned by Anonymous. Although what Anonymous threatned to do was wrong, it certainly go the point across to both companies meaning a boycott from customers worldwide could change other companies minds on whether or not to support SOPA

Although that seems like a good way to reach a wider audience in order for them to understand the severity of how SOPA would affect the internet, it could be seen as quite unethical. These casual internet users could only use websites such as Facebook to get an quick update, so these could be people who would be indifferent after knowing the affect of SOPA. Why should these people be prevented to access a website they use simply because the website feels the need to make a statement. And in terms of big companies dropping their support, is it really correct for them to drop their support? why did they support it in the first place? If they believe that this act should be made official is it correct for them to "drop" their support simply because too many people are going against it? So they would be "changing sides" out of fear, rather than due to their opinion, which in a way goes agaisnt the point of voting or supporting somethis such as SOPA

The main social and ethical issue in this article is security and privacy. Using a method known as 'spear-phising', hackers were handed users' account information. I find it quite freightning how people, who are supposed to be some of the best minds in the world, as they work in sensitive parts of the US government, fall into the trap of giving their account information to hackers. In my opinion a greater awareness should be raised, on how to protect their privacy, among high-profile government officials in order to protect vital and classified information.

this is racism...

In what way is this racism Zhan?

The social and ethical issues that relate to this article are that privacy and security and reliablility to a certain extent. What the Anonymous group are doing is basically taking people's personal information such as name, age, adress etc. and putting online for everyone to see, simply becuase they favoured nazi views. This is essentially the invasion of people's privacy as people's information is free for everyone to see. IT is also a security issue as people who feel very strongly against people who favour nazi views, have access to these peoples' adresses and could impose a danger. Reliability is also an issue, as it's mentioned in the article that none of the people that were mentioned in the website were actually confirmed to share Nazi ideals, meaing they are unjustly putting people in danger.

The article does raise some rather interesting social and ethical concerns. The main thing here is of course "Anonymous" breaking the Data Protection Act 1998 with their unlawful obtaining of personal information. While one can admire "Anonymous" fight against neo-nazism, the results they are producing are in fact not reliable. Though, as we've seen in the past, "Anonymous" are skilled proper encryption and security should have been able to fend them off and safeguard all information. Looking back, this would have the ideal to avoid the situation the websites are in now. I cannot see a plausible way of undoing this, and again give privacy to those who had it broken, as the information has been linked to multiple other sites - so perhaps this is only to serve as a lesson for others websites containing personal information.

Well, to be honest the best solution would just to not post any private information online but seeing as that option wouldn't be considered by the 'anonymous' hacker group they could at least find a way and make sure that the only personal information posted online its authentic and from the main followers and contributors to this Nazi supporting website… but I don't really know how they would be able to do this, sooo if anyone knows please share because now I'm curious aha As much as I don't agree with the Nazi ideals and as much as I believe that supporting them is (sorry for being improper here) idiotic. I still don't agree with posting this private information online because as mentioned above, this does pose a major danger to the people whose information has been posted online by the people who have very strong feelings against these Nazi supporters.

This article presents intellectual property theft of civil servants. The article raises many ethical issues such as of privacy, anonymity, security etc. The hackers have accessed private information of government officials, (some of them who work in sensitive areas) their details and emails. Some officials fear that their e-mails can be quickly cracked using off the self software. Some companies client's credit card numbers and addresses were also hacked. The hackers, who are an anonymous groups have clearly violated the privacy rights of individuals. Exposing civil servants data can turn out to be of serious problem for the government. New methods should be developed to secure these confidential data.

There are various different ways in which security could be improved to prevent a similar incident from happening. It is mentioned in the article, and by Benjon that simple of the shelf software would be capable of decrypting the passwrords stored on the Stratfor database. This in my opinion is quite shocking as Stratfor offers its service to government officials all around the world, most likely for a monetary fee, and seem to not care whether or not the information they are MEANT to secure is infact secure. This issues could be easily solved by improving their encryption technology to or close to military grade encryption. It is most likely that the company's reputation has been severely damaged and rightly so.

Nice link here explaining basics of military encryption: http://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard Also I follow this guy's blog and he always has some interesting stories on security and has done a lot of work in the world of cryptography: http://www.schneier.com/

This article refers to the authenticity of the identity of web shops, and the security of shoppers' credentials. "DI Hoare said shoppers should also be wary of unsolicited offers that arrive via email." A common scamming tool that cyber thieves resort to in order to "harvest credit card and banking details" is phishing. "Phishing emails usually appear to come from a well-known organization and ask for your personal information - such as credit card number, social security number, account number or password. Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account. In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email." http://www.phishtank.com/what_is_phishing.php

this gives a similar example where they used a real store and created the fake website then... the shop owners would receive all the complaints with out actually knowing what was going on http://voices.washingtonpost.com/securityfix/2009/01/caveat_emptor.html

The main stakeholder here is the google, youtube, gmail, etc. user. The change in privacy policy settings in the system affects the stakeholder in these ways, as outlined in the article: In "suggesting search queries, or tailoring search results, based on the interests expressed in Google+, Gmail and YouTube" (mining data to provide "ever more targeted adverts"), the results become limited: "something I am interested in this week, I might not be interested in next week. I use Google's facilities as both a private individual and in my professional life. Which bit are they going to give back to me?" There is no opt-out alternative to the changes in the system. "Google has become a way of life for some people. They can't do without it even if they don't like the direction it is going in". The simplification of policies could lead to graver problems. http://edition.cnn.com/2012/01/27/tech/web/google-privacy-clarified/index.html

25 January 2012 Last updated at 12:23 ET O2 has apologised for a technical problem which caused users' phone numbers to be disclosed when using its mobile data. The company said it normally only passed numbers to "trusted partners". A problem during routine maintenance meant that from 10 January numbers could have been seen by other websites.

As mentioned above the the issue concerned about in this article is privacy as peoples information (mobile phone numbers) are displayed on websites without their consent. Obviously the fact of having others know personal information may leave people concerned, however they must be aware that their personal information is spread all over the internet. From pictures on facebook to a gmail/youtube accounts peoples names, adresses and surnames are most likely known by some companies. Google and Facebook holds personal information that belongs to each one of us. What companies like such do to profit from this is sell a list of names, adresses and emails to third party which will then have means of communication with us to advertise their products and this is responsible for some of the spam we receive. The solution for this specific scenario of mobile phones isn't very clear, although it has been fixed no way of how it could of been prevented was suggested. Perhaps a the server could be shut down while it was under maintenance and another one should've been running in the meanwhile. Clearly the issue here had nothing to do with the mobile phone users and there was nothing they could have done as they were unnaware of the situation. I personally believe that privacy does not exist on the internet. It someone wishes to have privacy then the safest way to go do so is to not use/be connected to the internet. http://www.dailyfinance.com/2011/09/30/when-it-comes-to-cell-phone-privacy-youre-an-open-book/ Shows how mobile phones can cause privacy issues and how police officers now have gadgets that allows then to see everything that a person has done in their mobile phone, this clearly violates peoples privacy.

I would just like to mention that I posted this, not fiche galinha -.- diigo is trolling me.

"Ordering Pizza in 2015"

The social and ethical issue here is surely privacy. We can see here that there are various databases which are interconnected and the pizza restaurant is able to access all of them. This is a major issue as the pizza restaurant can invade the customers privacy and use the data to exploit the customer e.g. the pizza restaurant may see that the customer is wealthy and charge a higher price. Furthermore, If anyone else can gains access to this information the customers safety can be put at risk for instance, the pizza service knows whether or not you are at home therefore this could increase home robberies.

i think this can even be considered dangerous. There could be a scenario where a young and wealth girl places the pizza offer. what could happen then is the person on the phone would know all her private information where she lives, where she works/studies her income and would probably end up with a picture of her. the person on the phone might not be a very reliable person and decide to do something dangerous