IST FINAL EXAM.
Shred
"I'm going to erase THIS and only THIS"
Erase
"are you sure? Because you'll never see me again"
Delete
"hide me but ill be here if you really need me"
Wipe
"im going to erase everything"
Warren & Brandeis
(1890), American Attorneys - People have a "right to privacy"
Judith Jarvis Thomson
(1975), Morality Philosopher - People cannot have a "right" to something that is not clearly defined, so privacy must be considered within context
Sandra Petronio
(1991), Communications Researcher - Communication Privacy Management Theory: Describes how people make decisions about revealing and concealing private information
Aristotle
(384-322 BC), Greek Philosopher - People must conduct a public life out of necessity
Edward Snowden
29 years old (at the time of the breach) CIA employee and NSA contractor (via Booz Allen Hamilton and Dell) Exceptionally smart and technically advanced Uncovered and leaked large amounts of classified NSA data in 2013 Gave some information to journalists and then "destroyed the documents" Seeking asylum in Russia
Marc Goodman's examples of technology used in modern terrorism and crime:
3d printing, robotics. Quadcopters, drones, internet of things, mobile it, infrastructure, GPS, search engines, databases.... Crime 2008 Mumbai terrorist attack...60 hours, 10 men, 172 died, and 300+ wounded...Terrorists armed with guns and bombs ...and mobile phones
Counterterrorism
4 uses, Public crowdsourcing, data collection and visualization, systems integration, hacker recruitment
KEY
A secret password or mechanism that only the sender and receiver know; allows the receiver to unlock (or decrypt) the message
Hackers
A technology expert who manipulates or bypasses computer systems or networks to make them do unintended actions.
Customer engagement
Attracting new customers & retaining current customers Becoming easier to reach consumers with social media: -More personalized and creative marketing -Direct communication between company and consumer
AUTHORIZATION
Controls the access to specific resources or the ability to perform activities for an authenticated user
black hat
Criminals who seek to exploit weakness in systems or networks for their own gain or to cause harm to others Includes stealing passwords or PII data for identity theft
white hat
Ethical hackers who work to protect systems and people...Includes penetration testing for large companies
The smart device safety paradox: phones help keep us safe but consumers take more risks because they rely on smart devices.
Ex: If we get lost when we're driving, we rely on our smartphone's GPS to help us, not our own location knowledge.
Personally identifiable information (PII)
Information that can be used on its own or with other information to identify, contact, or locate a single person" Social security number, student ID, email, etc. or combo of factors Example: Date of birth + place of birth can potentially reveal your US social security number Could lead to identity theft
Brand management
Managing the values and reputation that the company wants associated with its products or services ¥ Becoming more complex with social media: Viral recordings of negative behavior (photos, videos)
Private Key
Only the receiving user/computer has this key. It is used to securely access (decrypt) the private encrypted messages
Getting the crowd to fund work
Organizations manage the crowdfunding of creative projects where funds may be shared by the creator and the organization
Getting the crowd to do work
Organizations manage the crowdsourcing of small to moderate work tasks that anyone can do for free or for money
Have crowd solve complex problems
Organizations outsource Research & Development's toughest problems to accelerate innovation
IMPACTS
Outcomes related to: Design and functionality of the system Access and use of the system Should be focused on the current use of the system after implementation
Public Key
Shared with everyone so that anyone can create a private (encrypted) message for the mailbox
Gray hat
Somewhere in between white and black Includes people or companies who sell hacking tools
What motivates hackers?
Supporting "freedom of information" Make a political statement (Church of Scientology & Anonymous, Egypt 2011) Make a social statement (uncover unfairness & abuse, support specific causes) Help others see technology vulnerabilities Gain money (including bug bounties) Gain fame Because it's fun to them
Technology ethics
Technology is designed to be biased towards light skin and males, Advertisements for flights to Vegas target people who have gambling problems or are close to a bipolar manic episode because they are likely to book
3 categories of IT used in activism Awareness & Advocacy
Using IT as a platform to inform people of events and causes, and allow people to show support for these events and causes ex: Posting videos and photos to build awareness about events or causes, Facebook "like", Twitter "re-tweet," Use of hashtags to promote causes, Online petitions
3 categories of IT used in activism Organization & Mobilization
Using IT to document decisions to proceed with action for online or offline events and help to coordinate the event ex: Women's March on Washington (Jan 2017), THON charity events, Penn State rally in support of victims of KDR's Facebook page
3 categories of IT used in activism Action & Reaction
Using the internet for "hacktivism," which includes online activities that promote social or political agendas and are done to get a response ex: Edward Snowden stealing top secret US government files and distributing them to journalists in an attempt to expose the government's surveillance of US citizens...WikiLeaks = A non-profit organization that publishes classified media from anonymous sources in support of freedom of information
AUTHENTICATION
Verifies a factor or factors to confirm the identity of one entity to another
Al everywhere
al is spreading beyond assistants, actively influencing peoples daily lives and workplaces... ex: phone systems (Siri, Cortana), home devices (Alexa/Echo, Google Home), fitness wearables (FitBit, smartwatch) WORK: Consumers want AI digital assistants and decision support, and they are becoming more comfortable with having AI leadership and body integration
Activism
an effort to promote, impede, or direct ... social, political, or economical change or stasis
"Boundary turbulence"
arises when there is no negotiation or there is conflicting expectations on how the private information should be managed
the uncharted
companies must constantly advance existing standards to see if they are appropriate, and invent new standards for new industries
AI is the new UI
companies must create simple and smart interactions where there is value at each connection made with the user
design for humans
companies must create technology with users in mind including focusing on creating technologies that enhance our lives and adapt to how we learn
Ecosystem power plays
companies need more than just a platform strategy they need a robust ecosystem approach to their product/service
workforce market place
companies need to move from the traditional salaried employee to on demand labor consultants that meet the immediate needs of the company
Setting the pace for loT
consumers are increasingly using automated applications, influencing overall loT adoption...ex: remotely "talking" to their appliances (fridge, stove) and electronics (TV, computer, car)
Bodies out of sync
consumers see motion sickness increasing in autonomous cars...ex: motion sickness has been reported in AR tech.
Augmented personal reality
consumers want to use AR to customize the way the world looks around them. Ex: "make people look like aliens elves or even characters from their favorite movie"
Pedestrians drive autonomous cars:
could replace drivers and pedestrians say this would make them feel safer... ex: Self-driving cars are a reality (e.g., Tesla), but we're still some time away from adoption and proper infrastructure
INFLUENCES
inputs that influence: Design and functionality of the system Access and use of the system Should be focused on the development and implementation of the system
Public key encryption (PKE)
involves encrypting a message with a public key (accessible to anyone), which can only be decrypted using a private key (accessible to only the recipient). ... is one of the most common types of cryptography used to ensure confidentiality of data transmitted on the internet.
Data erasure
is a method of software-based overwriting that destroys all electronic data residing on a hard drive or other digital media. ... ensures that no PII or sensitive data is leaked when an asset is retired or reused.
Encryption
is a scrambling or changing of a message to hide the original content. ... helps to keep private data a secret from unauthorized users, especially during transmission of that data over the internet. Invented by Julius Caesar to hide content of his messages in case they were intercepted by enemies. He rotated the alphabet to create a code... Move inside dial specific number of spaces in counter-clockwise direction
Data security
is protecting data and databases from destructive forces, and from the unwanted actions of unauthorized users that can violate the privacy rights of individuals. ... includes the ability to detect if there was a privacy breach of data or databases.
Data access
is the ability for users or other IT systems to gain exposure to data stored within an IT system. ... includes technical mechanisms that help to identify individuals/systems and control their access to the data.
Ciphertext
is the encrypted message that is an unreadable message that is only able to be read by someone with the "private key" - This keeps the message secure during data transmission ("y6uW$l")
Plaintext
is the original message written in readable form ("Hello!")
Data masking
is the process of obscuring specific data within a database table or cell. ... ensures that data security is maintained and that personally identifiable information (PII) or sensitive information is not exposed to unauthorized personnel. Ex: Primarily used to hide any personally identifiable information (PII) on screens, such as your credit card number, social security number, password, etc. Also used within corporate systems
Machine learning
is the study of how computers can be developed with "the ability to learn without being explicitly programmed." [Samuel, 1959] ... is a subset of artificial intelligence that moves beyond logical and predictable algorithms, by providing computers with large sets of data and the ability to "learn for themselves" ... evolving into other fields: neural networks, deep learning, etc. ex: IBM Watson in health care, specialized systems used for recommendations
Artificial intelligence
is the study of how software algorithms can allow computers to complete tasks that we consider "smart" ... helps a computer, "perceive its environment [i.e. user context] and take actions that maximize its chance of success at some goal" ex: google auto complete search based on personal factors, alexa, siri, targeted social media ads, robotos, self-driving cars
Social silos
people turn their social networks into silos limiting their exposure to opposing ideas. Ex: How we develop networks on social media is "increasingly separating groups into closed-off silos"
Data Mining
provides access to real time information on maps, people, and media coverage related to their terrorist act. Ex: doxing: researching personally identifiable contact info and publishing it publicly to allow others to harass a targeted person, operation center in Mumbai attacks
Propaganda
provides direct dissemination of information typically where terrorists orally defend their actions ex: Al-Queda promotional and instructional videos
Ethics of technology
questions whether technology is capable of "processing moral qualities" and making decisions based on learned morals. ... has long been challenged, as many argue technology is "merely a tool" that calculates, automates tasks, and performs basic reasoning based on logical and predictable algorithms that humans write as code. ... is now a very popular topic due to the advancements in artificial intelligence and machine learning, which move beyond simple logical and predictable algorithms.
Privacy divide
some people only want to use encrypted services but others believe privacy no longer exists. Ex: 1/3rd believes the government should have access to personal data to fight crime/terrorism......1/3rd believes privacy no longer exists
ANONYMOUS
the collective name of loosely affiliated individuals that participate in "hacktivism"
The Public Key encrypts
the original message (plaintext) by turning it into unreadable message (ciphertext) before transmission; it is shared with everyone so that anyone can encrypt a message.
Crowdsourcing
the process of solving problems by connecting with large groups of people online in order to gain their knowledge, expertise, time, and resources
Privacy
the relationship between: 1)an individual's data 2)the collection, use, and dissemination of that data 3) the individual and public's expectations of the collection, use, and dissemination of the data 4)the legal policies and political issues related to the collection, use, and dissemination of the data
The Private Key decrypts
the unreadable message (ciphertext) by turning it back into original message (plaintext) after transmission using a key that only your computer has access to.
Merged reality
think virtual augmented and physical reality will fully merge into only three years time...ex: want to see a "seamless integration with their own reality" instead of the clunky interfaces now.
Fundraising
use online sources to raise money for terrorist of criminal groups ex: selling promotional material online to make money, online gambling to raise money, credit card fraud to steal money, using deceptive charities to get online donations
Cyberterrorism
use the internet to attack others ex: hacking peoples information, cutting off access to websites, computer viruses
Big tech for all
users believe that in 5 years they will buy everything from the biggest five IT companies. Ex: amazon, apple, google.
Recruitment
uses the internet and social media platforms to recruit new members and built terrorist forces ex: recruit via chat rooms, blogs, monitor their websites visits and contact potential supporters
Internal Communication
uses the internet and technology devices within an organization to distribute logistical and planning information via encoded messages ex: email, mobile text, pagers
terrorism
violent acts or the threat of violent acts intended to create fear ... perpetrated for a religious, political, or ideological goal ... which deliberately targets or disregards the safety of civilians
