Computers, Information Technology, the Internet, Ethics, Society and Human Values
Philip Pecorino, Ph.D.
Queensborough Community College, CUNY
Chapter 8 Crime and Misbehavior
There are behaviors involving computers and information networks and the internet that are definitely criminal and some that are most disturbing or unpleasant or disruptive or distracting but not yet criminal. What do you think are the crimes that are most unique to computers and not just old crimes committed in new ways, e.g., fraud ?
What do you think of as a most disturbing or unpleasant or disruptive or distracting but not yet criminal behavior in need of some netiquette corrections or some effort to educate people who do such things that it is not appreciated and should be avoided?
Why do you think it is something not to be accepted?
Is it just bad manners or is it immoral? What would make it immoral? What ethical principles would serve as the basis for the claim that the behavior was in violation of that principle of the moral good?
Should it become illegal?
In James Moore's "The Invisible Factor" or here he speaks about the invasion of the property and privacy for others. There is mention of a case concerning "the 414's", a group of teenagers who used their computers to invade a hospital, a bank and a nuclear weapons laboratory. This hacking was labeled as a prank. READ "The Invisible Factor" or here
Question: Was this a prank or a crime? Bring this specific question up again in the module on Crime. For now what was the unique nature of these incidents? Are these just old behaviors in a new form or is there something unique about them deserving of special attention due to computers and information networks-the internet?
To protect their intellectual property some companies are invading the computer systems of their customers. To prevent illegal copying some companies may go so far that they actually have spyware (that was loaded on the music CD's) placed on people's computers who complied with everything they wanted them to do. How correct or acceptable is such behavior?
Is parasitic computing morally incorrect behavior? Use ethical principles in your discussion of this issue. Here are materials describing and discussing parasitic computing
The following are remarks, reflections and responses to issues and questions related to this matters in this chapter. Each offering is proceeded by the authors name and institutional affiliation.
Marie Lafferty, CUNY, SPS, 2007
Hacking and Its Forms
The definition of hacking has changed in the past two decades, much as the use and users of the internet have. Initially, hacking was often seen as a good thing—an activity that purposefully built the fund of knowledge and involved creativity. Hacking was the ability to deconstruct source code and reconstruct it to create or alter software programs to make something useful to the internet community. “ Anything that prevented them from getting to this knowledge was resented. The best system was an open one that could be debugged and improved upon by anyone.” 1 This type of “Garden of Eden” mentality in the young, esoteric internet community meant that if someone hacked your program, they might even be applauded.
As the internet expanded to include users who could not create it, the internet and its software became a commodity. The apple in the garden, to continue the analogy, was that creation became a private source of funds, sometimes, as with Gates and Jobs, a very large source of funds to be protected. Software was deemed proprietary and most people in the U.S. accept that. The term hacking has thus shifted and the connotation is largely negative. Based on more recent hacking escapades—denial of service attacks, credit card schemes, downloading or altering information, cyberstalking, spoofing—conduct has veered toward the questionable and downright illegal. Protection of property has become a serious issue for owners of source code and the average user. The above-mentioned hacks can slow computers, steal identities and cash, spill over into physical harm.
Illegality is defined only by law, and while it may (one might hope) converge with morality, it is not necessarily so. What may be legal in some countries may not be so in another. That grad student Linus Torvalds could take parts of UNIX and create Linux would probably not happen today. What Torvalds did was hack UNIX. It is illegal to do so in the U.S. because almost all software used (Windows owns 95% of the American market) is proprietary and with proprietorship comes power. The comparison of Torvalds with the student who deconstructed his iPhone this summer illustrates the shift in both meaning of hacking and the laws that prohibit it. Around the world, Linux is in common use. The NJ teen who took apart and then released the ‘how to’ for dismantling the iPhone’s proprietary protection may end up in jail.
Are they moral or immoral?
Hacking : If we use the current definition of hacking to include breaking source code, cracking open software or databases to extract information, or as Johnson 2 defines it, “illegal behaviors that involve unauthorized access and aim at disruption and damage.” it would seem tantamount to breaking and entering. Despite our purpose in breaking into someone’s office or home, the action itself is immoral. Kantian argument that would examine intent to determine morality and require that we not intend to use another merely as a means to an end—clearly the hacker’s purpose-- also requires that we look at whether the action must be able to become a universal law. Almost no one would argue in favor of disruption or damage. Utilitarians considering the consequence would find them clear: even if nothing is taken, even if the best intentions are involved, we function in society based on trust in each other, in the rule of law and stemming from those two, the right to determine privacy and ownership. Hacking is not in the greater interest of, nor does it seek to provide the greatest good to society in general and the individual in particular. Based on those criteria, I argue that hacking is immoral.
Cookies :I don’t see placing cookies on a computer as moral or immoral, but simply as an optional computer function for internet usage, one which happens to make the machine run more efficiently. If we had no choice, then perhaps we might need to look further to see if the lack of choice were immoral, and I might argue that case, but cookies are an option easily chosen or avoided, and one, like most options, that comes with inherent pluses and minuses. We have a choice about how we participate online. My only argument to those who might see this as an invasion of privacy issue is that we have an obligation to know what we’re doing online. We teach our children early on the difference between red and green lights because we know it is, or will be, their responsibility to avoid crossing the street when the light turns red. We can’t expect less from ourselves on the internet.
Parasitic computing : In the nature of shared resources, we sometimes do not have complete say in how those resources are used. We participate in a large community where resources are not either entirely at our disposal or under our control. If parasitic computing has the intent to harm, then I would have to call it immoral. If its results were damaging to the internet community in general or individual computers in particular, then on a utilitarian basis I would argue that the damage caused is immoral. But that is a theoretical argument, not based on current facts. When we share resources, the definition between mine and all-of-ours alters the argument. I would have to say that the World Wide Web as a shared resource is in a sense a public good. We each use the internet for purposes not all agree on, yet we don’t vote on each others’ usage unless some part of the whole is harmed.
Altering websites and spoofing websites: I can argue these together because the intent and consequences of both are the same: to make changes to sites for the purpose of gaining something (information, money) in illegal ways. Both activities use the internet to steal something, demonstrate failure to respect other individuals, use them as a means for their own purpose. Such activities are not acceptable morally, based upon the doer’s intent or the consequences of their actions. Each activity is destructive, with a cost to both individuals and the community as a whole, making it inherently immoral.
Using false names in communications: The line between moral and immoral seems a little blurrier here but I can’t argue that it is inherently immoral. I consider that judgment to rest on intent. I would argue that in the average course of internet communications, choosing an alias is amoral. For the most part, it provides individuals with freedom. I can write, work, or play online unencumbered. I can choose, or not, to reveal my identity as I wish and to whom I wish. We have the same freedom in shopping, going to a restaurant or simply starting a conversation on the bus. And that seems right. In the real world, we’ve agreed to that long ago. There is no inherent harm. The internet is a relatively new medium and, as in real life, the consequences of our actions need to be considered. Johnson’s explanation of the value of face-to-face contact and what we learn from it pertains. 3 Using an alias to harm someone or to avoid the law may be easier online. The internet then escalates the requirement to attend to our duty to not harm. It isn’t the use of false names that I find immoral, but the intent to defraud, to deceive and the resultant harm to an individual or group of individuals. Even if no evil is intended, when used irresponsibly harm can occur. And that, in the long run, has the potential for harmful consequences to the community in the whole, making it a moral issue of accountability to be considered when using a false name.
2. Johnson, Deborah Computer Ethics 3 rd ed. p. 97; Prentice-Hall Upper Saddle River, NJ
3. Johnson, p. 92
Jack Friedman, CUNY, SPS, 2007
1. What is hacking and its various forms? Is it always illegal?
Not trying to sound like Bill Clinton, but it depends on your definition of “hacker”.
“In academia, a hacker is a person who follows a spirit of playful cleverness and enjoys programming. The context of academic hackers forms a voluntary subculture termed the academic hacking culture.” http://en.wikipedia.org/wiki/Hacker_%28academia%29
“Hacker has several common meanings, the unifying characteristic of which is only that it refers to a person who is an avid computer enthusiast. It is most commonly used as a pejorative by the mass media to refer to a person who engages in illegal computer trespass, which is its original meaning, but it can also refer to people engaged in ethical hacking, to the members of the open source and free software community or to home computer hobbyists.” http://en.wikipedia.org/wiki/Hacker
1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. RFC1392, the Internet Users' Glossary, usefully amplifies this as: A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular.
2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.
3. A person capable of appreciating hack value.
4. A person who is good at programming quickly.
5. An expert at a particular program, or one who frequently does work using it or on it; as in ‘a Unix hacker’. (Definitions 1 through 5 are correlated, and people who fit them congregate.) 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.
7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations. “ http://catb.org/jargon/html/H/hacker.html
In other words, a hacker, by definition, is not automatically someone involved in illegal activity and hacking, in and of itself, is not necessarily criminal. On my posts, I compared this to the work of an artist, much like Paul Graham did in his essays. I referred to grafitti as something which many consider art, but I prefer to think of as vandalism. To me, hacking is similar. If by hacking we are referring to the act of who breaks into a computer system for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, etc., then it is certainly criminal. If we use the more altruistic definition of someone who really enjoys finding unique characteristics of computing, it is certainly not illegal.
An artist who paints on canvas, or paper or even the wall of a building, with permission of the owner, may be grafittying, which is not illegal. When that same artists destroys or alters public or private property to the detriment of it’s owner, it certainly is.
I compared the grafitti “vandal” to the computer “cracker”. The names are not important, the consequences are. I don’t subscribe to any moral theory that deems victimless hacking to be wrong. If the act of hacking, causes harm or damage, intentionally or unintentionally, I believe it could be criminal and morally wrong. While it could be argued that a hacker is using a human as a means to an end, I would argue that the hacker is using a computer, not a human, as a means to an end and thus not breaking any categorical imperative.
Hacking : I pretty much covered this in question # 1, but in short, because the act of hacking, by itself, in no way harms an individual, I do not find it immoral. I consider myself more of a Consequentialist on this issue. If there is no harm , I see no foul. My guess is that most hackers are out there to do harm and damage and actually get their thrills from that sort of behavior, but ethically speaking, it is only fair to say that the hackers who actually do harm are immoral and the others are not.
“Consequentialism refers to those moral theories which hold that the consequences of a particular action form the basis for any valid moral judgment about that action. In other words, the ends justify the means. Thus, on a consequentialist account, a morally right action is an action that produces good consequences.” http://en.wikipedia.org/wiki/Consequentialist
Placing cookies on the machines of others : Cookies seem to be very misunderstood. Placing cookies on the machines of others can only be done with permission, as every user has the option of disallowing them. As explained below, cookies are simply data.
“Cookies are also subject to a number of misconceptions, mostly based on the erroneous notion that they are computer programs. In fact, cookies are simple pieces of data unable to perform any operation by themselves. In particular, they are neither spyware nor viruses, despite the detection of cookies from certain sites by many anti-spyware products. Most modern browsers allow users to decide whether to accept cookies, but rejection makes some websites unusable. For example, shopping baskets implemented using cookies do not work if cookies are rejected. http://en.wikipedia.org/wiki/HTTP_cookie
The same ethical principles hold true here. Unless the consequences result in harm or damage to another human being, I don’t see the placement of cookies alone, being immoral.
Parasitic computing : Again, this was well covered on the Discussion Boards and again, my position remains consistent. Parasitic Computing is more theoretical than any real threat. By all accounts it is both inefficient and a poor choice of operations for anyone looking to do harm or damage. The Barabasi experiment that is referred to below and some quotations from the Barabasi article itself both speak to the minor, inconsequential threat parasitic computing creates.
“But the "parasitic computing" that Barabasi and his colleagues describe requires no downloaded application and works without the knowledge of computer users. Such online piracy does not violate the security of hapless servers, using only areas specifically earmarked for public access, according to the researchers. But it could slow the machines down by engaging them in mindless conversation while they unwittingly work for their remote master, Barabasi said. This particular technique will likely not become commonplace because the effort to make it work is far greater than the possible computational return. "We are not worried about copycats taking our program," Barabasi said.” http://cnnstudentnews.cnn.com/2001/TECH/internet/08/29/stealth.computing/index.html
“Parasitic computing does not compromise the security of the target, thus it is different from cracking because targets are not violated, as done by viruses.”
“However, as other innovations have shown, most notably the emergence of the world wide web, while new uses and technologies significantly disrupt and modify the earlier Internet usage patterns, the infrastructure is capable of incorporating these new functions in a relatively seamless way.” http://i2pi.com/PAPERS/network/parasitic_computing.pdf
I would again contend that humans are not being used as a means here. No ethical principles are being violated by this computer application. I will qualify my opinion by saying that if, someone was able to use parasitic computing to the extent that someone else’s ability to use their computer was compromised, then and only then, might an ethical issue be considered. Theoretically, at that point, I would look at the Categorical Imperative ‘s effect on humans and agree that parasitic computing is not something I would like to see people using against other people. However, practically speaking, I do not see this as a realistic possibility.
Altering Websites : Now we’re finally dealing with an activity I might consider both criminal and immoral. It depends on how a website is altered. I f someone were to go on my website and change my links to make navigation easier for the user, I might find it obnoxious, but not immoral. If however, the change to my website was for the purpose of re-directing funds or other nefarious reason, I would feel differently. A website requires an investment of time and money. It can be a business asset. Tampering with my website and making changes would not only alter the website, but have damaging effects to my business. Kantian theory recognizes this will full attempt to harm or damage as immoral and I agree.
I thought this citation regarding altering websites was interesting as it seems to come from a common-good egoist who finds website criminals particularly offensive based upon that principle.
“This is not the worst kind of computer crime. The proper owner of the site can always close the website temporarily, restore all of the files from backup media, improve the security at the site, and then re-open the site. Nonetheless, the perpetrator has committed a computer crime by making an unauthorized use of someone else's computer or computer account.
The Internet is a medium for freely sharing information and opinions. However the criminals who trash other people's websites are acting as self-appointed censors who deny freedom of speech to those with whom they disagree. These criminals often make the self-serving excuse for their actions that they only attack sites sponsored by bad corporations or bad people. However, this excuse makes these criminals into vigilantes who serve as legislature, judge, jury, and executioner: arrogantly determining what is in the best interests of society.” http://www.rbs2.com/ccrime.htm
Spoofing Websites: I couldn’t find any articles defending the spoofing of websites. There seems to be agreement that spoofing is done for the sole purpose of “phishing” for personal information. While there are certain precautions one can take to avoid the traps of spoofing, it preys on the most vulnerable, those with the least amount of tech savvy. Like many forms of hacking, the hackers who defend their actions seem to base it on egoism; that they are made happy by “cracking that code” or “beating the system”. On the other hand, Kantian theory would argue and I would concur that spoofing is immoral conduct as it is certainly not the type of behavior, stealing from people, that we would like to see in society.
Here is one blog which includes a great example of spoofing:
“There are different types of spoofing, but for our purposes, let’s restrict to website spoofing - that is, the creation of fake financial websites designed to imitate authentic ones… again for the purpose of stealing financial information. Spoofing goes hand in hand with phishing - a phishing email, with all it’s fake links, is designed to lure the recipients to a spoof website.
Here are links to two sample images: 1. Bank of America Spoof Site, and 2. Bank of America Authentic Site. You can see how good this spoofing business can get. Two quick ways of catching most spoof sites are:
• Look at the URL in the address bar of your browser. Authentic financial websites are secured and their URLs must start with “https” not with “http”.
• Look for the padlock image in the status bar of your browser - no padlock image means site is not secured. In fact, go ahead and click on the padlock image and see if it displays a valid security certificate - in all probability, spoof sites won’t have one.” http://www.thetaoofmakingmoney.com/2007/09/28/515.html
On a more personal level, I was involved with a press conference for my boss, David Weprin that was reported in this NY Post article. The topic was “It’s phishing season” and the press conference was held shortly before taxes were due. Councilman Weprin warned of internet predators and while he did not use the term “spoofing” , it was indeed what he was referring to. It’s nice when my real life can be used as an analogy for class.
“As the deadline approached, City Councilman David Weprin, chairman of the council's finance committee, offered these last-minute tips: * Extend: If you are planning to apply for an extension, it must be in by tomorrow. * Delay: If you can't pay immediately, you can charge your bill to a credit card or apply to the IRS for an installment agreement or payment plan. * E-file for a quicker return: Refunds from paper returns take about 6-8 weeks, but refunds from electronic returns take half that time. * Beware of Internet predators: Don't respond to e-mails claiming to be from the IRS saying you are eligible for a refund: They'll lead you to a phony IRS Web site designed for identity theft. http://www.nypost.com/seven/04162007/news/regionalnews/48_hour_tax_break_as_holidays_delay_d_day_regionalnews_tatiana_deligiannakis.htm
Use false names in communications: This is certainly not unique to the internet. It is a practice that has gone on forever. Have you ever been called by a collection agency trying to recover a debt, or a sales call from a home improvement company? Telemarketers rarely, if ever use their real identities. I believe the reason is, for the most part, a desire to keep anonymous and secondly, their real identification is not germane to the product or service they are hawking. I do not find this behavior, in any way to be immoral. In fact, I believe that this is a behavior that most of us have been guilty of at some time or another in our lives. I’ve done it when chatting in cyberspace. I’ve done it as a teen ager when meeting a woman I had little interest in. I’ve done it, over the phone, to trick someone into speaking with me, who might have been avoiding me. I find these actions ethical as no one is being harmed or hurt by my actions. Is this an existentialist point of view, perhaps, but I really do believe that using a false name or identity is generally accepted by society and should not come as a surprise to anyone.
The exception to this, and there are always exceptions, might be explained here:
“This paper presents the new false-name-proof multi-unit auction protocol called Greedy ALlocation (GAL) protocol. Although Internet auctions have been growing very rapidly, the possibility of a new type of cheating called false-name bids has been identified. False-name bids are bids made under fictitious names, e.g., multiple e-mail addresses. A protocol called the Iterative Reducing (IR) protocol has been developed for multi-unit auctions and proven to be false-name-proof, i.e., using false-name bids is useless. For Internet auction protocols, being false-name-proof is important since identifying each participant is virtually impossible. One shortcoming of the IR protocol is that it requires the auctioneer to carefully pre-determine a reservation price for one unit. Our newly developed GAL protocol is easier to use than the IR, since the auctioneer does not need to set a reservation price. The results of evaluation show that the GAL protocol obtains a social surplus that is very close to Pareto efficient. Furthermore, the obtained social surplus and seller's revenue are much greater than with the IR protocol even if the reservation price is set optimally.” http://portal.acm.org/citation.cfm?id=860630
In these cases, where the actions are intended to defraud and commit a crime, I would feel differently. But then we go back to my earlier argument that it is not the false name identification that is immoral, rather the act of committing fraud. The only part of the name identification that is problematic is the consequences, not the act.
Joseph Snellenberg, CUNY, SPS, 2007
Hacking and Legal Status
“Of course, there is always the possibility that a computer voyeur will ‘accidentally’ bumble around an unfamiliar system and cause appreciable damage to someone else’s files or programs. Traditional criminal law in the USA places a great deal of emphasis on willful or intentional conduct, so such “accidental” damage would not satisfy the traditional requirement of mens rea (literally “guilty mind” or criminal intent). My personal opinion is that someone who deliberately hacks into someone else’s computer should be accountable under criminal law for whatever damage is done by the unauthorized hacking, even if the damage is ‘accidental’. In this regard, I would make an analogy to a homicide that occurs ‘accidentally’ during commission of a felony: the perpetrators are then charged with ‘felony murder’: the intent to commit the hacking constitutes the malice or intent to cause the damage.”
--Standler, Robert B. Computer Crime. http://www.rbs2.com/ccrime.htm 1999, 2002.
“It is certainly a good idea to install patches or updates for the software that one uses. However, failure to install such patches or updates is not an invitation to criminals to attack a victim’s computer…There is no legal obligation in criminal law for a victim to use the latest or best computer hardware and software. Simply: a victim neither invites nor consents to a crime.”
--Standler, Robert B. Computer Crime. http://www.rbs2.com/ccrime.htm 1999, 2002.
Computer Crimes: Moral View
With any form of positive growth, there will be some form of negative growth to accompany it. For computing technology, the negative growth appears in many different forms. Some of these forms are digital or electronic in nature, such as viruses and trojans, while others are physical, such as hackers. While viruses, trojans, and their relatives may be more of a frequent threat in daily life, hackers are a group to not be ignored nor cast aside as mere delinquents causing minor disruptions in society. Ken Thompson, the inventor of the “Trojan horse” program, presents this view of hackers: “I have watched kids testifying before Congress. It is clear that they are completely unaware of the seriousness of their acts.” (Thompson, Ken. Reflections on Trusting Trust. Communications of the ACM. Vol. 27 No. 8. August 1984. Pg. 763.). In other words, Hackers seem to possess a strong mindset and understanding as to what they are doing (i.e., the actual hacking process and the use of the tools needed to perform a hack), but not the moral and legal side of what they did.
In my opinion, I feel that hacking should be labeled as a form of moral behavior, but with a giant asterisk next to it. The asterisk is to separate certain forms of “good hacking” from the “malicious hacking”, which would be labeled immoral. For example, the definition of a hacker states that a hacker is “…a person who engages in illegal computer trespass…” (Wikipedia entry on hackers). However, the term hacker has been extended to refer to other forms of computing and digital modifications in recent years. Under this extension, people who release modifications to computing hardware are considered a type of hacker; one example of these kinds of hackers would be one of the biggest names in computer technology: Steve Wozniak, Apple Inc.’s co-founder. However, Wozniak is not considered a criminal or a menace to society; he is credited for helping create the personal computer and popularizing it along with friend and fellow Apple Inc. co-founder, Steve Jobs. Also, people who tinker with and modify open source programs, such as Mozilla Firefox, are considered hackers under the extension of the definition of a hacker. Yet, these people are not in jail and living in seclusion out of shame, they are helping and continually improving programs like Firefox. Furthermore, this extension would be forced to include beta testers for video/computer games or computer programs as hackers since they have near-unlimited access to the core programming codes of these games and programs. However, companies consider beta testers helpful tools to making the final product a success, and thank them in some form or fashion (the most common form is seen in the instruction manual for programs or at the end credits of games). Thus, beta testers, programmers that make extensions for Firefox and similar programs, and people like Steve Wozniak are the types of hackers that are beneficial to society because their hacks either result in greater improvement of programs for the common user or the one change that turned a program from a dismal failure to a global success.
That said, the other types of hackers—the ones who break into computers and data archives under malicious intent, for example—should be considered generally immoral. These people commit their acts with the intent to gain access to what would be generally considered off-limits or classified information. Most of the time, these people hack into innocent people’s computers or the network servers of top governmental branches for childish or petty reasons, such as to prove they can perform a hack or to prove that they are superior to others. However, there are a select few hackers that behave as they do for personal profit. Hackers that break into bank servers are such people. Regardless of motivation, all forms of “malicious” hacking could find a defense for their actions in the Maxi-Min principle. Often, hackers go after people or organizations that are better off than the hacker. Under Maxi-Min, a certain level suffering and injustice is permissible in society so long as the least fortunate benefit from it. This belief is one of the biggest flaws to the theory, in my opinion, because a hacker could use this ethical defense to justify his or her theft of thousands or social security numbers and using them to his or her benefit; in the minds of a typical jury, this hacker would be sent to jail for a weak defense of his or her actions. The hacker would only go free if he or she was tried before a jury of people who believed in the theory; this would create more legal problems because prosecutors could protest that the jury was rigged to be in favor of the defense and the case would break down. Overall, hacking is truly a double-edged sword; one side is beneficial to society and should be held in good moral standing, while the other side is a serious threat to the public and considered immoral.
In the case of placing cookies on computers, I do feel that this is a true form of immoral behavior. Most often, websites place cookies on personal computers without the knowledge or permission of the user. Also, the cookies send information about browsing history to certain websites like Google or Ask.com without permission of the user. Cookies essentially label a computer user and create a profile for that person without the user being informed of such action. On top of this, cookies are simple tags and have little or no protection. A hacker could gain access to a cookie and modify it to cause harm to a website or the computer the cookie is stored on. I feel that if a website wants to place a cookie on someone’s computer, they should ask that person in some form or fashion. Although, Natural Law shows that one could find a possible defense for placing cookies on a person’s computer without that person’s knowledge. In this theory, the laws and behavior of humans are set by nature; since ecosystems flourish through the interactions of various species, and since the Internet is built on interactions from different people, it should be natural for websites to place a cookie on people’s computers in order to help promote the growth of the Internet. However, the Internet is a man-made piece of technology that shares some similarities to an ecosystem, and it is by no means the same thing. For one thing, ecosystems are built on a sense of harmony and balance between others regardless of actions, and there is a general understanding of this harmony and balance. Cookies disrupt the balance and harmony of the Internet because they allow others to see where a person goes on the Internet and judge them based on the websites they visit, all without the permission of that individual.
Parasitic computing also is a form of immoral behavior, in my opinion. The basis for the behavior is to make one program “convince” another program to perform functions beyond the target program’s capabilities. By doing this, the malicious program can gain access to resources that only the target program has exclusive access to. As a result, the computer is put under stress because the resources for a specific task are being used by more than the normal amount of programs set for that task. A common form of parasitic computing is a denial-of service (DoS) attack. “By hammering a Web site’s equipment with too many requests for information, an attacker can effectively clog the system, slowing performance or even crashing the site. This method of overloading computers is sometimes used to cover up an attack.” (Sager, Ira et al. Cyber Crime. http://courses.cs.vt.edu/professionalism/Crime/cybercrime.html. 2000.) Through a DoS attack, an attacker can do the most amount of damage possible to a website or a computer. As Ira Sager’s article shows, a DoS can be used in conjunction with other malicious behaviors like uploading a virus. The best analogy would be two people planning a murder. The duo plans the murder together, but only one of them (in this case, the virus) actually commits the crime, while the other covers it up (here, the DoS attack) to make it look like a suicide. The murderer will generally be caught, while his associate walks away free when he should be arrested for conspiracy and tampering with a crime scene. In other words, a DoS is not only by itself immoral, but it can be used to disguise other immoral behavior from being found quickly and stopped.
Like hacking, I feel that altering websites should be considered moral behavior with a similarly sized asterisk as the one for hacking. For example, if one finds an embarrassing picture of themselves on a website like Facebook that was posted without their permission, then that person should have the moral and legal right to demand it be removed because that photo was uploaded without obtaining the consent of the person featured in the photo. Another example is the website Wikipedia. It is a giant electronic encyclopedia with tons of information ranging from scientific formulas to ethical principles. However, not all of that information is correct, so Wikipedia allows people the ability (after creating an account with them) to edit the information and/or supply links to references about certain subjects. Thus, this case shows that altering a website can be beneficial to others because it expands knowledge and helps people understand topics like physics and calculus. It is here where the asterisk comes into play. People can edit information that they know from reliable sources to be correct, but another person can come by and change the information back to the incorrect version for reasons such as they think they are correct and the edit made was false. This can be seen with Wikipedia and how it treats Japanese anime series. Unlike academic courses which have multiple sources for references, anime series rely heavily on production staff interviews, official staff material (like magazine articles and series websites) and, to a lesser extent, fan opinion. If a fan sees a character exhibit something that looks like a certain trait, he or she will often add it into Wikipedia’s entry on that particular series. However, if the director of that particular series states that the trait observed is not what the fans say it is, often the information will be corrected by someone else. This causes the fan who originally posted the incorrect information to become upset and change the information about the character back to what he or she saw and believes it to be. Until a Wikipedia moderator steps in and states the final verdict, these two individuals could go back and forth having a silent argument over a miniscule thing such as what powers a character has.
This kind of behavior can grow to the point where a person could potentially reach a state akin to fanaticism and constantly correct websites based on his or her opinions. As Robert Standler states in his article, “…the criminals who trash other people’s websites are acting as self-appointed censors who deny the freedom of speech to those with whom they disagree. These criminals often make the self-serving excuse for their actions that only attack sites sponsored by bad corporations or bad people. However, this excuse makes these criminals into vigilantes who serve as legislature, judge, jury, and executioner: arrogantly determining what is in the best interests of society.” (Standler, Robert B. Computer Crime. http://www.rbs2.com/ccrime.htm 1999, 2002.) In the end, these people who behave like fanatics when it comes to information on websites should be seen as practicing immoral behavior because they are following a set of ethical standards laid down by themselves, and often contradict the ethical standards of society.
In contrast, I feel that spoofing websites qualifies as immoral behavior. By spoofing a website, you are “…faking an e-mail address or Web page to trick users into passing along critical information like passwords or credit-card numbers.” (Sager, Ira et al. Cyber Crime. http://courses.cs.vt.edu/professionalism/Crime/cybercrime.html. 2000.) The ethical reasoning for why this qualifies as immoral is because you are manipulating innocent people into giving up personal information by impersonating a legitimate company, like a bank, in order to gain some form of personal gain. While Nietzsche’s Will to Power principle states that such behavior is a quality of a good-natured person, the common belief is that spoofing qualifies as unethical and immoral behavior because you are committing a crime with the intent to profit from your actions. I personally do not approve of such behavior because by engaging in spoofing, you are taking advantage of people with no concern for the outcomes of your actions. A “spoofer” simply wants to gain various outlets from which he or she can benefit from, regardless of where those outlets originate from, which is why I feel that even though there are certain ethical theories that offer some form of a defense for such behavior, spoofing websites is a clear example of immoral behavior.
Finally, I feel that using false names in communications is very much like hacking and altering websites: a kind of moral behavior that is heavily situation-dependent. For example, using a false name on message boards is a case where such behavior could be acceptable. Even though it may a message board related to a personal hobby (like coin collecting, star-gazing, or a favorite television show), there exists a lack of information about your fellow board members. You don’t know who they are in real life or where they are from in most cases, not to mention that some of the members could lie about their age or their gender. By using a false name, you can create an extra sense of protection on the Internet beyond a firewall and anti-virus/spyware programs. However, I do feel that there are places where this behavior qualifies as immoral; these generally include situations where the false name that you use is that of a known person, like a politician. An example of this would be something that Steve Wozniak did back prior to starting Apple Inc. Using a device known as a blue box, Wozniak was able to dial the Vatican City and asked to speak to the Pope while presenting himself as Henry Kissinger, all part of a prank. (Wozniak, Steve G. iWoz: From Computer Geek to Cult Icon: How I Invented the Personal Computer, Co-Founded Apple, and Had Fun Doing It. W. W. Norton & Company. New York 2006.—from the Wikipedia page on blue boxing and adjusted to fit MLA Format). In extreme examples of this case, such actions could qualify as fraud. By attempting to be someone else, you are in essence committing a crime and breaking moral standards by deceiving people. Just like with spoofing, Nietzsche’s Will to Power principle comes into play again with using false names. While manipulating people of weak character is seen as good moral behavior under this principle, it is generally seen as criminal behavior and immoral. Overall, I feel that using false names in communications is a topic where the situation where the false name(s) used must be examined closely to see if it is a case of someone trying to conceal their identity or someone committing a criminal act.
Web Surfer's Caveat: These are class notes, intended to comment on readings and amplify class discussion. They should be read as such. They are not intended for publication or general distribution. email@example.com @copyright 2006 Philip A. Pecorino
Last updated 8-2006 Return to Table of Contents