EECS 485 Lecture 24
Dark Web and Ethics
John Kloosterman
Copyright By PowCoder代写 加微信 powcoder
Source: Facial Recognition Is Accurate, if You’re a White Guy – The Times (nytimes.com) 3
Source: Facial Recognition Is Accurate, if You’re a White Guy – The Times (nytimes.com) 4
Learning Objectives
• Describe the security and privacy provided by a virtual private network (VPN), as well as its limitations
• Explain how the Tor system works and what security and privacy guarantees it provides
• Use ethical theories to negotiate ethically ambiguous situations that arise for web developers
VPNs and VPN security
Review: IP
• Every computer has an address
• Communications split into packets
• Each packet contains source and destination
VPNs for privacy
• Role 1: privacy
VPNs for internal networks
• Role 2: allow you to join an internal network
VPNs for location
• Role 3: lift country restrictions
Say hi to partner
Partner questions
When you’re using a VPN:
• Does the VPN provider know which websites you visit?
• Can the VPN provider see your data?
Partner Question 2
When you’re using a VPN, what information do the routers in these two places know? What information don’t they know?
Do VPNs provide security?
• Yes, only if you trust the VPN provider
• They can log everything if they want, can promise to delete the logs but you’ll never know what they really do
• Do you trust the VPN provider or ISP more?
Tor routing
Tor concept
• VPNs still have trust issues for privacy
• Create a VPN that makes it as difficult as possible to know who sent a request to a website
Tor picture
Onion routing
Privacy provided by Tor
• Only input node knows who source is
• Only exit node knows who destination is • Nobody between knows either
• No links know the data if encryption used (HTTPs), but had that anyways
TOR-only websites
• Times secure drop: https://www.nytimes.com/tips#securedrop
• They don’t know who you are
• Nobody else can figure out you visited there
Partner exercise: attacking Tor
• If I control both of the red routers, what information might I use to discover that you are visiting cow.com?
• DNS/other requests not sent through Tor
• Your browser history or cache
• 3rd party cookies: Google knows it’s you across multiple sites
• Designed to minimize risk • Boot from USB stick
• No persistent caching
• Block all non-anonymous connections • Block all 3rd-party cookies
• NSA: track people who use Tails, TOR
• Have to download it using a non-anonymous way!
• https://www.schneier.com/blog/archives/2014/07/nsa_ targets_pri.html
• In professional life, faced with ethical problems that don’t have clear answers
• What are some ethical frameworks that people have found helpful?
• Think through an example
ACM Code of Ethics
• A computing professional should:
• Contribute to society and to human well-being,
acknowledging that all people are stakeholders in computing.
• Avoid harm.
• Be honest and trustworthy.
• Be fair and take action not to discriminate.
• Respect the work required to produce new ideas, inventions, creative works, and computing artifacts.
• Respect privacy.
• Honor confidentiality.
• https://www.acm.org/code-of-ethics
Data scientist’s code of ethics
• When collecting/analyzing data, I will not surprise the subject of the data.
• Informed consent is the standard • Data Destruction pledge
• I will own the outcome of my data analysis. • Address issues of algorithmic bias
• Correct data errors as best as possible
• Consider societal impact
• http://www.bigdatadialog.com
Western ethical frameworks
• Consequentialism
• Actions are good/bad based on their outcomes • Do the most good and the least harm
• Deontology
• Actions are good/bad based on principles
• Virtue Ethics
• Right actions come out of being a virtuous person
• Your habits and choices shape what kind of person you are
Example ethical problem
• Should I copy my friend’s answers on the exam?
Consequentialism
• Outcomes are what matter
• “What would make the world a better place?”
• Should I copy my friend’s answers on the exam?
• Would this help my score?
• get caught? What would happen if I did?
• Is it best for the university if over time everyone needs to copy answers to get an A?
• Advantages
• Gets close to moral intuitions much of the time
• Disadvantages
• The ends justify the means
• Do we agree on what good outcomes are?
Deontology
• Whether the action is inherently right or wrong is what matters
• “What do I believe is right and wrong?”
• Should I copy my friend’s answers on the exam?
• Copying would be cheating, and cheating is a wrong thing to do
• Possible Reasons: unfair, lying, not in accordance with university norms, duty to others or professor
• Advantages
• Recognizes right and wrong outside of me
• Disadvantages
• Harder to evaluate tradeoffs between bad options
Virtue Ethics
• Virtues are character traits built through habits
• If you do right things consistently, then it becomes second nature to do
right things
• Virtues are the mean between having too much and too little of something
• Example: pride is thinking too much of yourself, unambitiousness is thinking too little, right place to be is between them
• Should I copy my friend’s answers on exam?
• What kind of person am I?
• Virtues that might be relevant: confidence in myself, industriousness to study, truthfulness
• Likely would focus on the question never coming up • Advantages
• Being an ethical person isn’t a process of making discrete rational decisions
• Disadvantages
• Doesn’t always have good answer about how to act in a particular situation
Partner question: Case Study
• You work at a software company and have been transferred to a team working on this project:
• You are provided a database of grocery stores and their number of full-time and part-time workers, along with customer satisfaction scores
• You will build a machine learning model that estimates how much customer satisfaction decreases as there are fewer workers and more workers are part-time
• The grocery store will use this model to find the minimum number of part-time workers needed to staff their stores and will lay people off to match the model
• What is your response?
Consequentialist Response
• Do the benefits outweigh the harms?
Stakeholder
Pros for developing
Cons for developing
Cheaper prices
Worse store conditions
Investors and management
Make more money
My company
Stay in business Keep big customer
Reputation for projects they would take on
Less conflict
“Above my pay grade” Keep job/position in company
Feel uncomfortable
Needs the money to pay the bills
Deontological Response
• What are the right and wrong actions, and what factors into them?
Ethical rules
Using machines to optimize humans
If I were a store employee, would I want someone to create this model?
Am I complicit in treating people as numbers/costs or as worthy of same respect as me?
Creating a tool giving people power
Am I perpetuating power imbalances that are wrong? What kinds of people are making the decisions or doing the programming vs. kinds of people who will be impacted?
Obeying boss
By default, does my boss know what’s best?
Virtue Ethics Response
• What kind of person am I and how can I live that out?
• Is this company or project a place where my actions will resonate with who I am?
Application
Giving everyone what they are due as inherently valuable human beings.
Celebrating other people as people, not treating them as objects or interchangeable.
Bravery, Courage
Standing up to unreasonable requests even when it’s hard
Citizenship
Acting for a greater good in society
485 Wrap-up
Where we’ve been
• Wrote 3 versions of Instagram, used different real web frameworks
• Learned about and used closures, asynchronous programming, and other complex PL features
• Built a failure-tolerant distributed system, know about limitations and difficulties
• Implemented search engine and ML algorithms
Thanks for a wonderful class!
• It’s been a fun time with you all!
• For those of you who are graduating,
congratulations!
• Even after this semester, feel free to reach out to chat about anything!
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com