Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Hacking Into Ethics

advertisement 
Athayde 1
Hacking Into Ethics
EDUB 2330: Teaching Computer Science in Senior Years
Jason M. J. Athayde, 6812398
Instructor: Dr. Reynold V. J. Redekopp
Athayde 2
Preamble
As the world of technology grows and those involved seek to further the industry,
individuals and groups of individuals seek to further their own abilities through the
manipulation and invasion of these new developments. As educators of computer science,
we are charged with the care of budding programmers and the growth of their abilities.
Those who pursue lives entrenched in the world of computer science may use their
abilities to promote the development of technology, but there are some who may instead
find themselves with malicious intentions. Some may perform deeds that cause harm to
others without realizing the damage being caused, due to the distance and separation that
computers allow.
As educators, we cannot force value systems on our students. However, we can
discuss hacking and the issues that arise therein, promoting certain views. This paper
looks at the history of hacking and continues discussions in today’s world about the ethics
of teaching about hacking in the classroom.
History of Hacking
Computer science journalists agree that hacking can be traced back to 1960 at the
Massachusetts Institute of Technology (MIT), where students enrolled in an artificial
intelligence (AI) course were able to take programs and alter them to execute different
(possibly undesirable) actions. It was one decade later that hacking made its presence
known in society through “phone phreaking,” a process that allowed John Draper to access
AT&T’s long-distance switching system by playing a certain sound frequency. It can be
noted that Steve Jobs, known for his work with Apple Inc., previously made and sold
devices to play this frequency and make free long-distance phone calls.
Athayde 3
It was in the 1980s that hacking took off as a way to use, explore, and build
knowledge in computer science. With the greater emergence of hacking, the United States
Congress passed the Computer Fraud and Abuse Act of 1986, which essentially
criminalized the act of remotely accessing government and bank computers. The act has
been amended five times since its first edict, having to be adjusted to suit the ever-changing
times.
Many computer hackers initially put emphasis on obtaining access to the computers
of governments, banks, and financial institutions, as they were seen as the most profitable.
As internet use became more widespread, however, it was realized that more and more
points of computer access were being created by the day. In recent times, one of the most
memorable viruses was the “I Love You” virus of 2000, which was distributed through
emails and sent itself to the user’s email contacts while performing unwanted actions on
the computer’s system. As with most other viruses, the user had to open a file that would
cause the virus to activate; in this case it was an email attachment with a hidden, malicious
extension.
As with the implementation that led to the notable spread of the “I Love You” virus,
hackers who target general society will do so through websites and programs that base
themselves around popular culture or the quick perusal of links without thought (for
example, pornographic websites). Also, with the emergence of social networking sites,
hackers have been making attempts (which are sometimes successful, as with the recent
shutdown of Twitter) to access and manipulate such sites to garner information and data
on their users. This data would then, in theory and practice, be used to commit identity
theft and fraud.
Athayde 4
Even more recently, hacking has worked its way into debit card and credit card
fraud. Card issuers have been using chips to ensure the security of encoded data, but
though the chip cards are being touted as very high in security, it is still possible to extract
the information the cards contain.
Sith versus Jedi
There have traditionally been two general ways to define a hacker. One, which
relates more to the original development of hacking and is seen as more complimentary, is
as “a person who enjoys learning the details of computer systems and how to stretch their
capabilities,” or as “one who programs enthusiastically or who enjoys programming rather
than just theorizing about programming.” (Palmer 769) Alternately, a hacker can be
described in a much more negative context, as viewed by general society, as “someone who
maliciously breaks into systems for personal gain… they modify, delete, and steal critical
information, often making other people miserable.” (Farsole, Kashikar, & Zunzunwala 11)
There are, of course, other ways of looking at or defining hackers. There are some
who are simply testing their programming knowledge without malicious intent, though in
some cases the breach of security is noted and much time must be devoted to ensure that
the system that was accessed was not otherwise compromised. Because they are testing
their knowledge as novices, they may not realize when they are causing damage. There are
also “ethical hackers,” ones who have all of the skills of a malicious hacker, but use such
skills as computer security professionals to prevent the malicious hackers from carrying
out their plans. Ethical hackers are hired by governments, businesses, and software
developers who need to ensure that their systems have no holes, which is mostly desired
when their systems have large networks or they wish to make use of the Internet.
Athayde 5
The basic premise behind the function of ethical hacking is that “to catch a thief,
think like a thief.” (Farsole, Kashikan, & Zunzunwala 14) Essentially, ethical hackers try to
hack a system just as a malicious hacker would, except no undesirable things are done to
the system, and the holes (through which the hack is done) are reported and covered. This
is typically done before the system is released to the public, so that once that is done,
malicious hackers cannot get the access they want.
Teaching About Hacking
Typically, those outside of computer science’s realm object to the teaching of
hacking, as hacking has a negative connotation and it is believed that the teaching of such
will results in more malicious hackers. However, others (mainly directly involved with
computer science) believe that without such education, there will be fewer ethical hackers,
and malicious hackers will remain unchecked.
Universities and colleges are increasingly teaching about hacking. At first, this was
seen as dangerous, as stated in the Lemos article, “especially if the courses went beyond
computer intrusion and into cybercrime.” The University of Calgary had, at one point, set
out assignments wherein students had to create computer viruses, which of course was not
viewed favourably. Lemos says, however, that “ethical hacking courses have become more
mature and more accepted.”
Courses regarding hacking have, in fact, come to be endorsed by Microsoft. The
company has been working with various universities to teach students how to fix security
issues in software, even sponsoring such programs. According to the Evers article, Stuart
Okin, the chief security officer of Microsoft in the United Kingdom, hopes of a world where
“every computing course is teaching some part of writing secure code.”
Athayde 6
Author’s Opinion and Conclusion
To an extent, hacking should be taught in schools, and not necessarily strictly at a
university level. Ethical hacking can be a career pursuit for those in computer science, and
it should be presented as a viable option for students. It is part of the career focus that
makes computer science worth taking; as fun as it is, there still needs to be purpose, and
ethical hacking is one such purpose.
There is also a legal reason to teach about hacking: it is part of the computer science
curriculum in Manitoba. SLO 1.3.1 states that students will “discuss the effects of computer
crime, hacking, plagiarizing code, software piracy, virus distribution, and wilful destruction
of data,” and SLO 1.3.2 states that students will “demonstrate responsible security practices
while using computers and networks.” SLO 2.3 regards exploring and researching careers
in computer science. Clearly it is the case that at the most minimal level, hacking must be
discussed.
It is not this author’s belief, however, that students should be taught to write
malicious programs. If they wish to do that, they will find that on their own time. With the
“Sith versus Jedi” metaphor, the Jedi need not know how to manipulate the Dark Side of the
Force, they need only defend against it. Similarly, though ethical hackers may need to think
as malicious hackers would, the work done in computer science classes should directly
relate to fixing potential problems, not exploiting them.
Though ethics cannot be forced (just as learning cannot be forced), ethics systems
can be presented and demonstrated as options. As educators of those who could one day
take over the world, it is that demonstration that we are tasked with.
Athayde 7
Works Referenced
Farsole, A. A., Kashikar, A. G., & Zunzunwala, A. (2010). Ethical Hacking. International
Journal of Computer Applications, 1(10), 11-17.
Palmer, C. C. (2001). Ethical Hacking. IBM Systems Journal, 40(3), 769-780.
Hacker (computer security). (n.d.). Wikipedia. Retrieved November 6, 2010, from
en.wikipedia.org/wiki/Hacker_%28computer_security
How safe is your swipe? Thinking like hackers, programmers find security loopholes in
'secure' microchips. (n.d.). Science Daily: News & Articles in Science, Health,
Environment & Technology. Retrieved November 6, 2010, from
http://www.sciencedaily.com/releases/2010/09/100920123914.htm
Profs Patrol Cyberspace, Research Computer Hacking And Data Recovery. (n.d.). Science
Daily: News & Articles in Science, Health, Environment & Technology. Retrieved
November 6, 2010, from
http://www.sciencedaily.com/releases/2004/09/040921074111.htm
Lemos, R. (n.d.). Teaching hacking helps students, professors say. SecurityFocus. Retrieved
November 6, 2010, from http://www.securityfocus.com/news/11480
Delio, M. (2001, April 14). Teaching Kids About Hacking . Wired News . Retrieved November
6, 2010, from
http://www.wired.com/culture/lifestyle/news/2001/04/42923?currentPage=all
Evers, J. (2003, March 21). Microsoft asks colleges to teach hacking | Developer World InfoWorld. Business technology, IT news, product reviews and enterprise IT strategies
- InfoWorld. Retrieved November 6, 2010, from
http://www.infoworld.com/d/developer-world/microsoft-asks-colleges-teachhacking-609
Related documents
What is Ethical Hacking??
What is Ethical Hacking??
File
File
Problem Solving Essay.doc
Problem Solving Essay.doc
Chps 5, 7, & 12 Topics for paper
Chps 5, 7, & 12 Topics for paper
EC-Council - Certified Ethical Hacker v5
EC-Council - Certified Ethical Hacker v5
Unit 20 – The Ex Hacker – Model Answers
Unit 20 – The Ex Hacker – Model Answers
Group-Reflection-Paper
Group-Reflection-Paper
Computer Crimes - Bucknell University
Computer Crimes - Bucknell University
Download
advertisement