question: future sessions ai and military (uas) virtual worlds privacy and nsa free software...
TRANSCRIPT
Question: Future Sessions• AI and Military (UAS)
• Virtual Worlds
• Privacy and NSA
• Free Software Movement
Plan
• “Hacking”• What’s wrong?
– Harm– Consent– Lying
• Hackers’ lines of defence– The significance of intention– Specific lines of defence
What is Your Purpose?• Pen testing• Cyber crime (e.g. Interview)• State-sponsored
– Espionage (e.g. NSA)– Disruption (e.g. Stuxnet, SEA)
• Lone wolf (McKinnon)• Hacktivist (Anonymous, Wikileaks)
Ethical Concerns• Interview with a Blackhat• Not without ethics
– Paedophiles and revenge porn fair game– Felt bad when friend victim
• Real victims• Stealing money• Making people vulnerable
What’s Wrong with Hacking - Effects
• Harm & Damage– Loss of productivity– Financial losses– Damage to equipment
• Interference & violating autonomy– Preventing equipment from functioning– Stopping people doing what they want to do
• Violations of Privacy– Theft of phone numbers, bank records, etc.
What’s Wrong with Hacking - Consent
• Analogy with trespass– Property rights: may control access to and the use of
property.• “If you leave the door open, you can’t complain if
someone enters.”– Yes, you can.
• Consent is the key issue– What access to their computer systems has the user
been given consent to access?– If you accept the trespass analogy, effectiveness of
security is irrelevant.
Use Without Consent
• You do not have consent to use your neighbour’s property– Entering their house for fun is not permissible– Entering their house to rescue a child is right
• Violating people’s property rights is always problematic, but it can be outweighed.
What’s Wrong with Hacking– Lying / Deception
• Presenting yourself as someone else– E.g. at login as a system administrator
• In virtually every ethical theory there is something wrong about lying and deception – even where it can sometimes be outweighed
Lines of Defence
• Intention – “I didn’t mean to harm anyone”
• Triviality – “we’re just a few meddling kids”
• Benefit of exposing lax security
• Educational benefit to the hacker
• “Hacktivism” as civil disobedience
Which (if any) of these do you think is a convincing defence?
Intention
• Intention is relevant to blame– Connected with belief / knowledge– Adds wrong motives to wrong actions– Murder worse than manslaughter
• But you can still do the wrong thing even if your motives are innocent– Manslaughter is still wrong!
Triviality – “just kids messing”
• Trivial wrong is still wrong• Proportionality
– Lesser wrongs deserve lesser blame/criticism• What’s trivial?
– The wrong or the perpetrators?• This objection has some (limited) force
– But only if the wrongs really are trivial– Trivial to whom?
Benefit to the Hacked• Claim: the hacker benefits the hacked organisation
– Security weaknesses are highlighted– Some advise sys admins how to deal with weaknesses
• Assumes there are wrongs in hacking– If so, then the “benefit to the hacked” defence fails– Or is it only consequences that matter?
• Is it acceptable to wrong someone in order to show them that they are in danger of being wronged?– E.g. Rape– Issue of consent again – could be implied?– What if you do this to a complete stranger?
Hacktivism as Civil Disobedience
• When is civil disobedience justified?– Wider question– Includes context
• Importance of democracy– In democracies there is a fair decision
procedure, so it is not normally justified to reject rules agreed by democratic procedure.
– Sometimes it is still justified
Weighing Reasons
Against
• Lying/deception• No consent• Possible harms• Against the law
In favour
• ?