Chapter 14:
Ethics, Spies and Privacy
At what point does storage of personal data
become an invasion of privacy?
The Computer Continuum
14-1
Ethics, Spies and Privacy

In this chapter:
• In what ways is the computer used as a criminal tool?
• What are the affects of software piracy?
• To what lengths do people go in order to break into computer
systems?
• How do computer viruses spread?
• How can you prevent viruses from spreading?
• Does invasion of privacy need to be a deliberate act?
• Does filtering infringe on our freedom of speech or just an act
of protection against sensitive material?
The Computer Continuum
14-2
Vulnerability and
Technological Abuse

Technology has permeated our society. Without
technology, our society would grind to a halt.
• Jan. 15, 1990: AT&T’s long distance network went dead for
almost 9 hours.
– Due to a single line of code that had never executed
before, therefore it was never tested.
• 1985-1986: Therac-25 radiation machine gave overdoses of
radiation injuring many and killing one due to a software
error.
The Computer Continuum
14-3
High Tech Crime: The
Computer as a Criminal Tool

Computers and networks have provided both law
enforcement professionals and criminals with
opportunities:
• FBI: Uses its homepage on the WWW as a weapon against
crime and criminals.
– Web pages contain:
• Information about the bureau.
• List of persons wanted for suspected criminal
activities.
• Information telling readers how to protect themselves
from some types of computer crimes.
The Computer Continuum
14-4
High Tech Crime: The
Computer as a Criminal Tool

Every new technological
advancement leads to criminals
developing a new type of crime.
• New platforms for theft and fraud:
– ATM (Automated Teller
Machine)
– EFT (Electronic Fund
Transfers)
– Cellular phones
The Computer Continuum
14-5
High Tech Crime: The
Computer as a Criminal Tool

What is a Computer Crime?
• Any criminal act that has been committed using a computer as
the principal tool.
• An illegal activity that could not take place without a
computer
• Any illegal activity using computer software, data, or access
as the object, subject, or instrument of the crime.
The Computer Continuum
14-6
High Tech Crime: The
Computer as a Criminal Tool

High-tech heists:
• Theft of money: EFT (Electronic Funds-transfer system)
– Example: SWIFT, an international EFT system was
used to divert two large corporate bank deposits to
Switzerland one Christmas Eve. A malfunction in the
system during transfer alerted security. The thief was
arrested and sent to a federal prison.
• Theft of goods: Tracking and altering inventories or
redirecting goods to a safe location.
The Computer Continuum
14-7
High Tech Crime: The
Computer as a Criminal Tool

Two techniques used to for thefts of goods and money:
Trojan horse and the Salami.
• Trojan horse - The insertion of false information into a
program to profit from the outcome.
– Example: The previous EFT scenario used a Trojan horse.
• Salami - Spreading the haul over large number of trivial
transactions.
– Example: A bank clerk had a job of updating customer accounts
by running a program that adds daily interest to all savings. Each
amount was rounded to the nearest decimal point. The clerk
inserted a line that would divert the round-off amount to an
account of his own resulting in the attempted theft of several
millions of dollars.
The Computer Continuum
14-8
High Tech Crime: The
Computer as a Criminal Tool

High-tech heists:
• Theft of Information or Services: Piggybacking and Data
diddling.
– Piggybacking: Involves invading a communication
system by riding in behind a legitimate user with a
password.
– Data diddling: Involves swapping one piece of
information for another of the same type.
• Example: In 1997, 18 people were arrested for
stealing mobile communication services. They had
reprogrammed the microchips in their cell-phones so
that calls could be made at no charge.
The Computer Continuum
14-9
High Tech Crime: The
Computer as a Criminal Tool

Protect Yourself from High-tech Theft
• Protect all data and programs, and all system access, by
password.
• Issue passwords to as few people as possible, and no
outsiders.
• Make passwords less obvious and less memorable.
• Change passwords frequently.
The Computer Continuum
14-10
Electronic Piracy

Computers have become prevalent in our society.
• Prices have spiraled downward.
• Total world market for software is around $500 billion.
• Software piracy has become a major growth industry.
– Software piracy: The unauthorized copying or use of
software for which you have not paid the appropriate
licensing fee.
The Computer Continuum
14-11
Electronic Piracy

Software License
• Ownership of the software is retained by the company that
wrote it.
• A license allows you to copy the software from the storage
media to your hard disk and to use it.
• U.S. Computer Software Copyright Act of 1980
acknowledged software as “intellectual works.”
– Same class as books and magazines.
– It is illegal to use or copy software without the copyright
holder’s written permission.
• Unsure of your rights? Read the copyright information!
The Computer Continuum
14-12
Electronic Piracy

How Big is the Piracy Problem?
• ENORMOUS.
• The US Software Publishing Association (SPA) estimated that
in 1990 its members lose $4 - $6 billion a year due to software
theft.
• Lotus, Inc., claims that over half of its potential sales in the
early 90s were lost to pirates. (over $160 million a year)
• There is now a nationwide trend toward being “legal” with
software.
– Schools, computer clubs, have a more serious approach to
software copyright.
The Computer Continuum
14-13
Hacking and Cracking

Hacking (just a few definitions)
• A software troubleshooter; making a program work despite
the frustrations of others.
• Attempts to see whether some task is possible.
• Wants to learn more about the software and its limitations.
• Maliciously pokes around existing data sources.
• Finds and uses other people’s passwords, often without
permission.
• For this discussion, hackers love to delve into the mysteries of
computing systems. Hackers are problem solvers that have
infinite patience for experimenting with computers and
fiddling with software.
The Computer Continuum
14-14
Hacking and Cracking

Cracker: Person who breaks into other peoples’ systems for
either fun or profit, or with the intent to commit blackmail or
sabotage. (Described as “illegal hacking”.)
• Engage in malicious acts that
– Damage systems or files.
– Disrupt networking services.
– Profit from illegally acquired goods or data.
– Thwart rightful authority just because it is there.
The Computer Continuum
14-15
Hacking and Cracking

Why do Hackers and Crackers hack?
• Hackers: See themselves as ‘adventurists’.
– Approach computers as new adventures full of fun and
excitement.
• Crackers: Those who hack maliciously.
– Have personal motives. Some are disgruntled exemployees.
– Logic bomb: A software routine that can be embedded
and triggered at some later time by a predetermined
sequence of events.
– Time bomb: Similar to the logic bomb but is triggered by
the computer’s clock (not sequence of events).
The Computer Continuum
14-16
Hacking and Cracking

Hacker (and Cracker) techniques:
• Scavenging - Searching through stray data and electronic
garbage for clues that might unlock the secrets of a targeted
computer system.
• Password guessing – Personal information about account holder: names, dates
– Common & popular: qwerty, abcde, 12345, sex, love, god
• Autodialer - Systematically dials until answered by a
computer.
The Computer Continuum
14-17
Hacking and Cracking

Hacker (and Cracker) techniques: (continued)
• Distributed denial of service (DDoS): Utilizes time bomb
cracker technology to embed a software routine into many
computers.
– At a predetermined time, infected computers all send
messages to one targeted system.
• The overload forces the target system to close down.
– February 2000: Yahoo, eBay and other major Web sites.
• Piggybacking: Most system penetrations are assisted by some
form of inside aid.
– Universities: Unsuspecting students leave terminal without
logging off first. (Ride in on someone else with password.)
The Computer Continuum
14-18
Viruses, Worms,
and Other Intruders

What are Computer Worms and Viruses?
• Virus: A self-replicating program that may cause damage,
generally hard disk erasure or data file corruption, and infects
other programs, floppy disks, and hard disks by copying itself
onto them.
• Worm: A piece of programming code that can infiltrate a
legitimate file and alter or destroy data. It cannot replicate
itself.
The Computer Continuum
14-19
Viruses, Worms,
and Other Intruders

Viral Infections Spread over the Internet
• Threats are now of global proportions.

Melissa virus: Appeared in 1999.
• This “macro” virus spread through e-mail attachments.
– If opened, the virus printed out a list of pornographic sites
and sent the list, in your name, to the first 50 people in
your address book.
– The volume of messages inundated file servers.
The Computer Continuum
14-20
Viruses, Worms,
and Other Intruders

Love Bug virus: Appeared on May 4, 2000.
• Spread via an “ILoveYou” email attachment (love letter)
– If opened, it printed I Love You and “joke” in big letters
on the screen and forwarded itself using personal and
business address books.
– According to the BBC, it had been developed by a
Filipino computer student who may have spread the virus
worldwide by accident.
• It infected at least 45 million computer users and caused
billions of dollars of damage.
– Only affected systems running the Microsoft Windows
operating system.
– Immobilized the House of Commons (UK) e-mail system.
The Computer Continuum
14-21
Viruses, Worms,
and Other Intruders

Vaccines and Disinfectants
• Vaccine or disinfectant: A program that searches your disk
for viruses, and notifies you of any that were found. Some
virus checkers can also remove viruses from the program they
have infected.
The Computer Continuum
14-22
Viruses, Worms,
and Other Intruders

Ways to protect disks and system:
• Install current, updated virus checkers and use them regularly.
– Check for free online virus protection programs.
• Run your virus checker before closing down every time you
access the Internet or WWW.
• Check every previously used disk, every time, before placing
it into your machine.
• Don’t copy lab or public-use computer program files before
checking them first.
– Beware of downloaded files onto public-use computers.
– Download only from known, reliable sources.
• Do not open attachments from unknown senders.
The Computer Continuum
14-23
Viruses, Worms,
and Other Intruders

Ways to protect disks and system:
• If you are extremely vulnerable to virus invasion, you might
wish to install a firewall on your system.
– Firewall: A filtering software program that scans all
incoming documents and files and refuses to accept any
found to be virus-infected.
The Computer Continuum
14-24
Invasion of Privacy

As various computer data banks are being integrated and easy
access is available by more and more agencies, abuses and
mistakes involving privacy are inevitable.
• Examples of large databases that have resulted in problems:
– By police organizations (NCIC - National Crime Information
Center)
• Mistaken Identity: Arrested businessman in Tempe Arizona
on a warrant for grand theft. After spending the night in jail,
it was learned that he had repossessed a trailer that he had
sold.
– By credit bureaus and those who access that data.
• Errors in credit reports: A woman in Illinois applied for a
mortgage. Credit bureau records showed she owed money
on several credit cards and had a delinquent loan for a
$34,000 sports car. The bad credit belonged to another.
The Computer Continuum
14-25
Invasion of Privacy

Deliberate acts of intrusion:
• High-tech surveillance in the workplace:
– Used for “Increased productivity, quality control, and
good management practices.”
The Computer Continuum
14-26
Invasion of Privacy

High-tech surveillance in the workplace:

In Nursing:
• Hospital care is no longer measured in terms of patient benefits, but
in units of time. Many nurses are monitored. They carry boxes on
their belts that track the amount of time used for each procedure with
a patient. Don’t be surprised if nurses seem to lack bedside manner;
they can’t overstay their time limit.
The Computer Continuum
14-27
Invasion of Privacy

High-tech surveillance in the workplace:

In Trucking:
• Where can a person get a better sense of independence and freedom
from supervision than barreling across the great plains, completely
on your own? Think again! At the end of a long run, the trucker pulls
into the company terminal. While the rig is being serviced, a little
computer tape is removed from the engine. The tape tells the
supervisor what the average speed and gas mileage were, how many
stops the truck made, where his stops were, and a lot more. In
addition, some trucks are now monitored by satellites. If the trucker
is speeding, he gets a phone call in the truck (and often a fine).
The Computer Continuum
14-28
Invasion of Privacy

High-tech surveillance in the workplace:

In Hotel Housekeeping:
• The maids at the hotel you stay at are probably monitored. Your maid
punches her employee code into the phone when she enters your
room, and again when she leaves it. This provides her supervisor
with a detailed log of her speed of performance, as well as a detailed
log of her movements throughout the day.
The Computer Continuum
14-29
Invasion of Privacy

Stolen Identity
• Some computer criminals make their fortunes by stealing the
private information of one group of people for financial
benefit of another.
• Credit doctor: A person who can cure your low credit rating
by stealing a good credit history and selling it to you to
replace your bad one.
– Often get the information by bribing some employee of a
credit bureau to gain a password into their computer
system.
– The “client” (having the same name as the stolen identity)
is supplied with a social security number and a new A-1
credit rating.
The Computer Continuum
14-30
Invasion of Privacy

Eavesdropping, Blackmail and Illegal Personal Gain
• Eavesdropping: May be boss, neighbor, merchant, or stranger.
– Eavesdroppers can tap into radio scanners, baby monitors,
cellular phones, financial transactions made by computer,
e-mail, or voice mail.
• May do nothing with the information.
• May use it to their advantage: Blackmail.
• Electronic Communications Privacy Act (ECPA) of 1986.
– Designed to protect one’s privacy when using electronic
forms of communications. (Company policies overrule the
protections of the EPCA.)
• The woman who listened in on a murder conspiracy
conversation on her cellular phone and turned in the
suspects was actually in violation of this act.
The Computer Continuum
14-31
Invasion of Privacy

How Can We Develop Electronic Privacy?
1. Do not give out personal information freely.
2. Do electronic business with reputable companies who provide
secure Web sites, and who have strong policies protecting
customer privacy.
3. If you are concerned about electronic eavesdropping on your
e-mail, install a software encryption system, and provide
decryption codes to as few people as possible.
– Encryption: Software translates the text of your message
or other document into unreadable code. The transmission
must be decoded into plainly readable text when received.
The Computer Continuum
14-32
Protective Censorship Vs.
Freedom of Speech

The United States’ Bill of Rights guarantees its citizens
freedom of speech.
• In its current unregulated state, the Web also enjoys this same
freedom.
• As a result of “indecent” or “undesirable” information
attainable on the Web, efforts have been made to censor
certain materials.
– One method of censoring access to Web materials is called
screening, or content filtering.
• Content filtering: One or more pieces of software
that work together to prevent users from viewing
selected material found on the Internet.
The Computer Continuum
14-33
Protective Censorship Vs.
Freedom of Speech

The content filtering process can be accomplished in
two steps:
• Establishing ratings: To determine what sites and materials are
undesirable, someone must apply value judgements to
categorize Web sites based on content.
– Take the form of ‘allowed’ or ‘disallowed’ indicators placed on
lists of subject areas and key words.
• Filtering: Filtering software examines resources that the user
has requested.
– Determines ‘allowed’ or ‘disallowed’ based on PICS ratings.
• PICS (Platform for Internet Content Selection): A set of
technical rating standards for evaluating content of digital
materials.
The Computer Continuum
14-34
Protective Censorship Vs.
Freedom of Speech

Stand-Alone Filtering Systems
• Stand-alone filtering systems limit users to decisions made by
the vendor. (Some let parents or installers add or remove sites)
– Filtering tools use some combination of two approaches to
evaluate software: List-based blocking and Keyword
searches.
• List-based Blocking: To be added to a list of
acceptable sites, the site must meet the vendors
criteria for being ‘objectionable’ or ‘family-friendly’.
The Computer Continuum
14-35
Protective Censorship Vs.
Freedom of Speech

List-based filtering raises several issues involving the selection of
sites:
• It is impossible to search all Internet sites for ‘objectionable
material.
• Updated lists will become obsolete as soon as it is released.
– Objectionable material may be added to a site soon after
the site is added to (or removed from) a list of blocked
sites.
• Vendors have blocked beyond ‘objectionable’ materials.
– Blocked sites include those that criticize blocking and
some political sites.
• The definition of ‘objectionable’ is still controversial.
The Computer Continuum
14-36
Protective Censorship Vs.
Freedom of Speech

Keyword-based blocking
• Uses text searches to categorize sites where ‘objectionable’
words or phrases are blocked.
– Keyword searches match words, not meanings.
• Chicken breast and breast cancer would be blocked.
– Keyword searches cannot interpret graphics.
The Computer Continuum
14-37
Protective Censorship Vs.
Freedom of Speech

Protocol-Based Filtering Systems
• Protocol-based filtering systems use standardized rating
systems to determine which sites should be blocked.
– Rating: A description of some particular Internet content,
using the terms and vocabulary of some ratings systems.
– These ratings can be used to classify content.
• “Romance; no sex”
• “Explicit sexual activity”
– Users are usually given the ability to choose the rating
system they would like to use.
The Computer Continuum
14-38
Protective Censorship Vs.
Freedom of Speech

Measures parents can take to provide some protection
for their children:
• Consider the extent of the problem.
– Children seldom randomly stumble upon pornographic material.
– Many adult sites require registration or payment by credit card.
• Parents should play an active role and interest in their children’s use
of the Internet.
• Parents should work to educate children regarding proper use of the
Internet.
• Parents could consider purchasing filtering software.
• The Internet is a reflection of society in general (can be found on
cable TV, movies.)
The Computer Continuum
14-39