Chapter LIV 2 SOCIAL ISSUES INVOLVING COMPUTERS Computers have been around for half a century and have become a part of everyday life in our society today. So far we’ve been looking at how computers work and what they can do. In this chapter, we look at areas of concerns and problems with the use of computers. Computers, Work, and Health Some people say that computers are a threat to our health. There have been a lot of studies in this area but nothing has been proven. But, we should still be knowledgeable about areas of concern. Stress-Related Concerns • Emotional Stress – How do we react • Triggers – Layoff or Reassignment – Fear of Falling Behind – Burnout There are many things that produce stress. Stress is an emotional condition that is caused by the way we react to things that are happening in our lives. Moving, school, financial worries, work, and personal relationships can all contribute to stress. Stress gets to be a problem when it affects our health and performance. Often there is some event that increases our stress to a problem level. This event could involve the use of a computer. When computers, or any automation for that matter, are introduced into the workplace, workers, especially those at lower levels, fear that they will be laid off or reassigned. They fear that they will end up without a job or be moved to a job that they can’t do. One thing that management has to do is reassure people if this isn’t going to be the case. Just learning that computers are going to be brought into an area can start all kinds of stories. Executives, managers, programmers, and even computer teachers can fear that they aren’t going to be able to keep pace with computer technology and that they will fall behind. One thing that a company must do is provide time for proper training. Burnout is caused by the over use or over dependence on computers. There are balances that we have to keep in our lives and some people are not able to keep those balances. Computer use is just one thing that they might choose to burn out on. Ergonomics-Related Concerns • • Addresses comfort and safety of products and workarea Important Ergonomic Concerns – Display Devices – Keyboards – Workspace Ergonomics is the study of comfort and safety of products and workspaces. Long hours sitting relatively still in front of display devices can produce eye problems, fatigue, headaches, and backaches. Good product and workspace design can help overcome these problems. It also helps to take breaks and to make sure that you are fit to start with. The use of keyboards can sometimes lead to repetitive motion disorders or repetitive stress injury, an example of which is carpal tunnel syndrome. As I understand it, the carpal is a sheath that the tendons travel through like a tunnel. A tendon connects a muscle to a bone, like the muscle in your arm to your finger bones. Overuse aggravates the inside of this tunnel. Generally, resting will relieve the problem but sometimes surgery is necessary. There are some keyboards that are suppose to help by reducing stress on the hands and wrists. Microsoft makes a popular one. The ones in the book are more radical designs. There is also another keyboard layout called Dvorak that they claim requires less finger movement. The problem is that the population is already trained in the current layout. Environment-Related Concerns • Usage of Electricity Chapter LIV2 Page 1 – Concern for natural resources / nuclear safety • Paperless Office - NOT – More paper than ever We have an abundance of electrical power generation in this area with the nuclear and hydroelectric system just down the road. Many areas of the world rely on power generation that uses up resources. In either case, saving electricity is a good idea. With so many computer systems, it is important that hay have features to use as little power as possible. This is why we have monitors and hard disks that shut down after a period of not being used and turn back on when needed. We’ve mentioned the paperless office before. Although plants are renewable resources, we still need to be concerned about paper usage. The process of creating paper from wood and cotton produces pollutants and requires a lot of bleach. Computer Crime • • • Using a computer to commit a criminal act Difficulty of Detection Trial Issues Computer crime is the use of a computer to commit a criminal act. While there are now many computer crime laws on the books, there are also many problems with computer crimes. First, a crime has to be detected. Say you work for a company in their order entry department. You enter an order into the order entry system and have it shipped to your address. After you receive the goods, you go back and change the name and address on the order. The company then isn’t able to collect for the goods. How do you detect that this is happening? Good order entry systems keep track of who entered and changed an order. They also keep a history of all the data that was changed. Suppose that you are running a home based business after work. You bring a diskette to work and use Excel to keep track of your orders. You are stealing the value of the computer resources you use plus the value of the time that you are being paid. But, suppose you do it after work when your work computer would normally be idle? And how do you detect this misuse of company property? Even when computer crime is understood by investigators and gets to court, it is sometimes hard to get a conviction. The prosecutor, judge, and the jurors have to understand the technical issues involved as well as the law. Types of Computer Crime • • • • • • 1/2 Data Diddling Trojan Horse Salami Shaving Trapdoors Logic and Time Bombs Computer Viruses There are a lot of different types of computer crime: Data diddling is simply the unauthorized modifying of data on a computer system for personal gain. A Trojan horse is a computer program that appears normal but that conceals instructions that it shouldn’t have. If you were doing the programming for the Tiger 1 office for example, you could hide some instructions that kept the program from withdrawing money from your account. Suppose you sit down to a computer in Martin Lab. On the screen is the Clemson login screen as normal. You sit down and type your id and password. The computer reboots and you login again thinking that the system is acting crazy. What could have happened is that the last person left a program running that put up a fake login screen a nd captured your id and password. You have just been bitten by a Trojan horse called a spoof. Salami shaving involves taking very small amounts so that it will not be noticed. Think of shaving very thin pieces off a salami roll. One bank programmer modified a savings program to accumulate the parts of a cent that were left over when interest was calculated for each account. That accumulation was deposited to his account each time interest was calculated. Another programmer would periodically empty small accounts that had been dormant for a long time into his account. Chapter LIV2 Page 2 Many programmers put trap doors in programs during development that enable them to bypass normal security checking. If the trap door is left in the program, the programmer can gain unauthorized access to the functions of the program. If a programmer puts malicious instructions in a program to happen on some event it is a logic bomb. If it is to happen at some date or time, it is a time bomb. Viruses are often logic or time bombs. They have the additional capability to replicate themselves infecting other programs. Types of Computer Crime • • • • • • 2/2 Eavesdropping, Sniffing Cellular Phone Fraud Software Piracy Hacking Counterfeiting Internet-Related Crimes Everyone knows what eavesdropping is but computers allow it to be done in different ways. One way is to watch what is being transmitted on networks to find information like passwords called sniffing. I’m not sure I would call cellular phone fraud a computer crime. It is capturing the identification number of a phone and putting it into another phone. We’ve talked about the unauthorized use of software or software piracy. Hackers remotely try to break through the security of a computer system or network. It may be that they just want to show that they can do it or it might be to do some harm. One reason that the US is issuing new money is that computer printers can now do a decent job of counterfeiting. Checks are another item that is now easily counterfeited and many companies are going to more sophisticated designs that make it hard or impossible to copy. Even though the Internet is young, it is being used by criminals. Petafiles have lured children in chat rooms. Children have easier access to pornography. Chain letters are circulated with greater speed. Illegal multi-level or pyramid marketing schemes are always popping up and then disappearing. Preventing Computer Crime 1/2 • • • • • • • Assess Risks Have a Recovery Plan Hire Trustworthy People Beware of Malcontents Separate Employee Functions Restrict System Use Password Protect Programs and Data – Biometric devices How do organizations go about trying to prevent computer crime. Although much computer crime is discovered by accident, there is a lot that can be done. By looking a vulnerable areas and assessing their risk, they can decide which areas have the best cost-benefit. If disruptions do occur, a recovery plan should be in place. Many companies spend hundreds of thousands of a disaster-recovery plan which addresses: What would you do if your computer system became unavailable because of a natural disaster or through someone’s actions? You should always try to hire trustworthy people who are less likely to commit crimes. Access to employees who might be a malcontent or terminated should be controlled. Divide the functions necessary to perform jobs so that one person doesn’t have all the responsibilities and authorizations in one area. Only grant access to those functions that an employee really needs. Protect access with passwords and perhaps a biometric security device which is a device that measures and validates some unique bio-characteristic of a person. Preventing Computer Crime 2/2 • Build Firewalls Chapter LIV2 Page 3 • • • • • • Secure Transmissions with Encryption Use Crime Prevention Software Devise Staff Controls Monitor Important System Transactions Conduct Regular Audits Educate Employees Install a hardware and software firewall to protect your internal from attack. Encrypt transmissions, files, and data. Encrypted data is coded or garbled so that it can’t be read. It requires a key before it can be decoded. Crime prevention software such as an antivirus program should be used to stop damage to a system. Keep the software up-to-date, new virus forms are found every day. Devise controls that limit access to the system. Monitor how users use the system, especially for important transactions. Audit your system periodically to look for suspicious activity. Again much computer crime is discovered by accident. Educate employees so that they are better informed about computer crime and what impact it might have on them. Computers and Privacy We all have information about ourselves that we don’t want other people to know and would like to be kept private. If could be medical information, financial data, or many things about our lives. Computer privacy is concerned with how and by whom information about individuals is used. Information can be disseminated by other means but computers just make it easier and faster in some cases. Privacy and Electronic Mail • • Whose Property Is It? What is the University’s policy on e-mail privacy? To whom does your e-mail belong? What rights to privacy do you have for your e-mail? You might be surprised to know that if you work for someone, they can eavesdrop on your e-mail and they don’t even have to tell you. Its their computer system and they own it. Other companies have internal policies against eavesdropping unless it appears that a company policy is being broken or a crime being committed. Use the Internet to find out what Clemson’s policy is concerning the privacy of your e-mail? Privacy and Marketing Databases • Marketing Database: Individual consumer information for niche or target marketing Many times when you make purchases, information is collected for marketing databases. This information can be sold to others who wish to market products to individuals that match a target market or have certain buying preferences. You many wonder how some of that junk mail you get originates. Perhaps this information is only used locally within a company to try to sell you something else. If you have a BiLo card and you haven’t been in one of their stores in a while, they might send you some coupons for items that you have been purchasing in the past. Hopefully, this will bring you back to BiLo. Caller Identification • • Identifies incoming call Invasion of Privacy? I’m not sure that caller-id is a general computer privacy issue but specialized computers do run the phone network. How do you feel about someone knowing where you are calling from? Many people don’t know that they can block transmission of caller-id. I had a friend who worked at a pizza place. At the end of the day, they always had pizza left over from people who called in bogus orders. When I call Jerry’s in Central, they don’t even ask who is calling. They know. And if I don’t get my pizza, they know where to start looking for me. In Atlanta, when I called Pizza Hut, they knew who was calling, where I lived, what I generally ordered, and what Pizza Hut delivery restaurant was closest to my home. Privacy Legislation 1970’s • Freedom of Information Act Chapter LIV2 Page 4 • • • • Fair Credit Reporting Act Education Privacy Act Privacy Act Right to Financial Privacy Act All of the following are federal legislation concerning privacy and in some cases computer crime. There are also many state laws. With technology moving so fast, these laws are under constant change. Not responsible for all this legislation. Privacy Legislation 1980’s • • • • • • Computer Fraud and Abuse Act of 1984 Cable Communications Policy Act Electronic Communications Privacy Act Computer Fraud and Abuse Act of 1986 Video Privacy Protection Act Computer Matching and Privacy Act Privacy Legislation 1990’s • • • Telephone Consumer Protection Act Cable Act Computer Abuse Amendments Act Ethical Issues Regarding Computers • Standard of Moral Conduct – Comes from individual values • A Fine Line Ethics is a standard of moral conduct. Your individual ethics come from your individual values. There is sometimes a fine line between what is ethical and unethical. There is also sometimes a fine line between what is unethical and unlawful. Sometimes unethical behavior is not against the law and sometimes it crosses the line. Ethical Guidelines The book lists a set of questions that you might ask yourself about an action that you are going to take that doesn’t seem quite right. They center on what are your real reasons for taking the action and what might be the consequences, to yourself and others. Its easy to rationalize an action when you stand to benefit greatly. Ethical Examples • • • • Software Use Company Secrets Promising too much Vaporware Some examples of unethical behavior include: Unlicensed use of proprietary software. Divulging company secrets after changing jobs. Promising more than you know you can deliver. Producing vaporware. Vaporware is promising a product way in advance that may not ever happen. In 1963 Control Data Corporation came out with the fastest computer by far. IBM promised their customers a machine that would outperform it. The IBM machine never existed and was never built but for a year and a half CDC did not get a single order for the system. They later sued IBM. Chapter LIV2 Page 5 The Ten Commandments of Computer Ethics • • • • • 1/3 Thou shalt not use a computer to harm other people. Thou shalt not interfere with other people’s computer work. Thou shalt not snoop around in other people’s computer files. Thou shalt not use a computer to steal. Thou shalt not use a computer to bear false witness. The Computer Ethics Institute of Computer Professionals for Social Responsibility has these ten commandments of computer ethics. The Ten Commandments of Computer Ethics • • • Thou shalt not copy or use proprietary software for which you have not paid. Thou shalt not use other people’s computer resources without authorization or proper compensation. Thou shalt not appropriate other people’s intellectual output. The Ten Commandments of Computer Ethics • • 2/3 3/3 Thou shalt think about the social consequences of the program you are writing or the system you are designing. Thou shalt always use a computer in ways that insure consideration and respect for your fellow humans. End of Chapter LIV2 Key Terms Antivirus software. Software used to detect and eliminate computer viruses. Audit. An inspection used to determine if a system or procedure is working as it should or if claimed amounts are correct. Biometric security device. A device that, upon recognition of some physiological or learned characteristic that is unique to a person, allows a person to have access to a system. Call identification. Refers to the use of telephone or answering device that displays the origin of incoming calls. Computer crime. The use of computers to commit criminal acts. Computer virus. A small block of unauthorized code, concealed and transmitted form computer to computer, that performs destructive acts when executed. Disaster-recovery plan. A plan that maps out what an organization does to prepare for and react to disruptive events. Encryption. A method of protecting data or programs by coding or scrambling so that they are unrecognizable to unauthorized users. Ergonomics. The field that studies the effects of things such as computer hardware, software, and workspaces on people’s comfort and health. Ethics. A term that refers to standards of moral conduct. Firewall. A collection of hardware and software intended to protect a company’s internal computer networks from attack. Hacking. Using a computer system or terminal to penetrate the security of a remote computer system. Marketing database. An electronic repository containing information useful for marketing products to customers or planning marketing directions. Password. A word or number used to permit selected individuals access to a system. Privacy. In a computer processing context, refers to how information about individuals is used and by whom. Spoof. Type of Trojan Horse. Software piracy. The unauthorized copying or use of computer programs. Trojan Horse. Concealed instructions to a computer program so that it appears normal but will also perform prohibited duties. Vaporware. Software that is announced long before it is ready for market. Chapter LIV2 Page 6