Term Paper on "Malware Since the Earliest Days of Humankind"

Quoted Instructions for "Malware Since the Earliest Days of Humankind" Assignment:

This Wikipedia article below will serve as my case study for my paper. For supplementary material, please read Wikipedia entries on computer viruses, spyware, Trojan horses, and computer insecurity. I have attached all this info below for you and will also email the same info. You may also want to conduct a search for additional material.

I need the paper to be at least 1,500 word analysis of the malware case. APA style.

In your analysis, explain how the problem of malware qualifies as a problem of "many rules" and how it qualifies as a problem of "many hands". What moral principles, values, or rules should have been considered by the people involved? Who should be held responsible for the perpetuation of malware? What rules, regulations or procedures can you recommend so that similar incidents can be avoided in the future? You should make use of the malware case materials, other course readings from Weeks Three and Four. Please make sure that you fully acknowledge all sources.

Defination:

Malware is software designed to infiltrate or damage a computer system, without the owner's informed consent. There are disagreements about the etymology of the term itself, the primary uncertainty being whether it is a portmanteau word (of "malicious" and "software") or simply composed of the prefix "mal-" and the morpheme "ware". Malware references the intent of the creator, rather than any particular features. It includes computer viruses, worms, Trojan horses, spyware, adware, and other malicious and unwanted software. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of California, West Virginia, and several other U.S. states [1].

Malware should not be confused with defective software, that is, software which has a legitimate purpose but contains harmful bugs.

In computer security, computer virus is a self-replicating computer program that spreads by inserting copies of itself into other executable code or documents. A computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of a virus into the program is termed as an "infection", and the infected file, or executable code that is not part of a file, is called a "host". Viruses are one of the several types of malicious software or malware. In common parlance, the term virus is often extended to refer to worms, trojan horses and other sorts of malware; viruses in the narrow sense of the word are less common than they used to be, compared to other forms of malware.

While viruses can be intentionally destructive, for example, by destroying data, many other viruses are fairly benign or merely annoying. Some viruses have a delayed payload, which is sometimes called a bomb. For example, a virus might display a message on a specific day or wait until it has infected a certain number of hosts. A time bomb occurs during a particular date or time, and a logic bomb occurs when the user of a computer takes an action that triggers the bomb. The predominant negative effect of viruses is their uncontrolled self-reproduction, which wastes or overwhelms computer resources.

Today, viruses are somewhat less common than network-borne worms, due to the popularity of the Internet. Anti-virus software, originally designed to protect computers from viruses, has in turn expanded to cover worms and other threats such as spyware, identity theft and adware. Included in the many types of viruses are:

Trojan horses

A Trojan horse is just a computer program. The program pretends to do one thing (like claim to be a picture) but actually does damage when one starts it (it can completely erase one's files). Trojan horses cannot replicate automatically.

Worms

A worm is a piece of software that uses computer networks and security flaws to create copies of itself. A copy of the worm will scan the network for any other machine that has a specific security flaw. It replicates itself to the new machine using the security flaw, and then begins scanning and replicating anew.

E-mail viruses

An e-mail virus will use an e-mail message as a mode of transport, and usually will copy itself by automatically mailing itself to hundreds of people in the victim's address book.

A computer virus will pass from one computer to another like a real life biological virus passes from person to person. For example, it is estimated by experts that the Mydoom worm infected a quarter-million computers in a single day in January of 2004. In March of 1999, the Melissa virus spread so rapidly that it forced Microsoft and a number of other very large companies to completely turn off their e-mail systems until the virus could be dealt with. Another example is the ILOVEYOU virus which occurred in 2000 and had a similarly disastrous effect.

A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria:

In the field of computing, the term spyware refers to a broad category of malicious software designed to intercept or take partial control of a computer's operation without the informed consent of that machine's owner or legitimate user. While the term taken literally suggests software that surreptitiously monitors the user, it has come to refer more broadly to software that subverts the computer's operation for the benefit of a third party.

In simpler terms, spyware is a type of program that watches what users do with their computer and then sends that information over the internet. Spyware can collect many different types of information about a user. More benign programs can attempt to track what types of websites a user visits and send this information to an advertisement agency. More malicious versions can try to record what a user types to try to intercept passwords or credit card numbers. Yet other versions simply launch popup advertisements.

This article is about computer system security. For Odysseus' subterfuge in the Trojan War, see Trojan Horse.

In the context of computer software, a Trojan horse is a malicious program that is disguised as or embedded within legitimate software. The term is derived from the classical myth of the Trojan Horse. They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed.

Often the term is shortened to simply trojan, even though this turns the adjective into a noun, reversing the myth (Greeks, not Trojans, were gaining malicious access).

There are two common types of Trojan horses. One, is otherwise useful software that has been corrupted by a cracker inserting malicious code that executes while the program is used. Examples include various implementations of weather alerting programs, computer clock setting software, and peer to peer file sharing utilities. The other type is a standalone program that masquerades as something else, like a game or image file, in order to trick the user into some misdirected complicity that is needed to carry out the program's objectives.

Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims. As such, if trojans replicate and even distribute themselves, each new victim must run the program/trojan. Therefore their virulence is of a different nature, depending on successful implementation of social engineering concepts rather than flaws in a computer system's security design or configuration.

Example of a simple Trojan horse

A simple example of a trojan horse would be a program named "waterfalls.scr.exe" claiming to be a free waterfall screensaver which, when run, instead begins erasing all the files on the computer.

[edit]

Example of a somewhat advanced Trojan horse

On the Microsoft Windows platform, an attacker might attach a Trojan horse with an innocent-looking filename to an email message which entices the recipient into opening the file. The Trojan horse itself would typically be a Windows executable program file, and thus must have an executable filename extension such as .exe, .com, .scr, .bat, or .pif. Since Windows is configured by default to hide filename extensions from a user, the Trojan horse is an extension that might be "masked" by giving it a name such as 'Readme.txt.exe'. With file extensions hidden, the user would only see 'Readme.txt' and could mistake it for a harmless text file. Icons can also be chosen to imitate the icon associated with a different and benign program, or file type.

When the recipient double-clicks on the attachment, the Trojan horse might superficially do what the user expects it to do (open a text file, for example), so as to keep the victim unaware of its real, concealed, objectives. Meanwhile, it might discreetly modify or delete files, change the configuration of the computer, or even use the computer as a base from which to attack local or other networks - possibly joining many other similarly infected computers as part of a distributed denial-of-service attack. The Sony/BMG rootkit mentioned above both installed a vulnerability on victim computers, but also acted as spyware, reporting back to a central server from time to time, when any of the music CDs carrying it were played on a Windows computer system.

[edit]

Types of Trojan horses

Trojan horses are almost always designed to do various harmful things, but could be harmless. They are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horses are:

• Remote Access Trojans

• Data Sending Trojans

• Destructive Trojans

• P***** Trojans

• FTP Trojans

• security software disabler Trojans

• denial-of-service attack (DoS) Trojans

Some examples are:

• erasing or overwriting data on a computer.

• encrypting files in a cryptoviral extortion attack.

• corrupting files in a subtle way.

• upload and download files.

• allowing remote access to the victim's computer. This is called a RAT. (remote administration tool)

• spreading other malware, such as viruses. In this case the Trojan horse is called a 'dropper' or 'vector'.

• setting up networks of zombie computers in order to launch DDoS attacks or send spam.

• spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware).

• make screenshots.

• logging keystrokes to steal information such as passwords and credit card numbers (also known as a keylogger).

• phish for bank or other account details, which can be used for criminal activities.

• installing a backdoor on a computer system.

• opening and closing CD-ROM tray.

• harvest e-mail addresses and use them for spam.

[edit]

Time bombs and logic bombs

"Time bombs" and "logic bombs" are types of trojan horses.

"Time bombs" activate on particular dates and/or times. "Logic bombs" activate on certain conditions met by the computer.

[edit]

Droppers

Droppers perform two tasks at once. A dropper performs a legitimate task but also installs a computer virus or a computer worm on a system or disk at the same time.

[edit]

Precautions against Trojan horses

Trojan horses can be protected against through end-user awareness. Trojan Horse viruses can cause a great deal of damage to a personal computer but even more damage to a business, particularly a small business that usually does not have the same virus protection capabilities as a large business. Since a Trojan Horse virus is hidden, it is harder to protect yourself or your company from it, but there are things that you can do.

Trojan Horses are most commonly spread through an e-mail, much like other types of common viruses. The only difference being of course is that a Trojan Horse is hidden. The best ways to protect yourself and your company from Trojan Horses are as follows:

1. If you receive e-mail from someone that you do not know or you receive an unknown attachment, never open it right away. As an e-mail user you should confirm the source. Some hackers have the ability to steal address books, so if you see e-mail from someone you know, it is not necessarily safe.

2. When setting up your e-mail client, make sure that you have the settings so that attachments do not open automatically. Some e-mail clients come ready with an anti-virus program that scans any attachments before they are opened. If your client does not come with this, it would be best to purchase one or download one for free.

3. Make sure your computer has an anti-virus program on it and update it regularly. If you have an auto-update option included in your anti-virus program you should turn it on; that way if you forget to update your software you can still be protected from threats

4. Operating systems offer patches to protect their users from certain threats and viruses, including Trojan Horses. Software developers like Microsoft offer patches that in a sense "close the hole" that the Trojan horse or other virus would use to get through to your system. If you keep your system updated with these patches, your computer is kept much safer.

5. Avoid using peer-to-peer or P2P sharing networks like Kazaa , Limewire, Ares, or Gnutella because they are generally unprotected from viruses and Trojan Horse viruses spread through them especially easily. Some of these programs do offer some virus protection, but this is often not strong enough.

Besides these sensible precautions, one can also install anti-trojan software, some of which is offered free.

[edit]

Methods of Infection

The majority of trojan horse infections occur because the user was tricked into running an infected program. This is why you're not supposed to open unexpected attachments on emails -- the program is often a cute animation or a sexy picture, but behind the scenes it infects the computer with a trojan or worm. The infected program doesn't have to arrive via email, though; it can be sent to you in an Instant Message, downloaded from a Web site or by FTP, or even delivered on a CD or floppy disk. (Physical delivery is uncommon, but if you were the specific target of an attack, it would be a fairly reliable way to infect your computer.) Furthermore, an infected program could come from someone who sits down at your computer and loads it manually.

Websites: You can be infected by visiting a rogue website. Internet Explorer is most often targeted by makers of trojans and other pests, because it contains numerous bugs, some of which improperly handle data (such as HTML or images) by executing it as a legitimate program. (Attackers who find such vulnerabilities can then specially craft a bit of malformed data so that it contains a valid program to do their bidding.) The more "features" a web browser has (for example ActiveX objects, and some older versions of Flash or Java), the higher your risk of having security holes that can be exploited by a trojan horse.

Email: If you use Microsoft Outlook, you're vulnerable to many of the same problems that Internet Explorer has, even if you don't use IE directly. The same vulnerabilities exist since Outlook allows email to contain HTML and images (and actually uses much of the same code to process these as Internet Explorer). Furthermore, an infected file can be included as an attachment. In some cases, an infected email will infect your system the moment it is opened in Outlook -- you don't even have to run the infected attachment.

For this reason, using Outlook lowers your security substantially.

Open ports: Computers running their own servers (HTTP, FTP, or SMTP, for example), allowing Windows file sharing, or running programs that provide filesharing capabilities such as Instant Messengers (AOL's AIM, MSN Messenger, etc.) may have vulnerabilities similar to those described above. These programs and services may open a network port giving attackers a means for interacting with these programs from anywhere on the Internet. Vulnerabilities allowing unauthorized remote entry are regularly found in such programs, so they should be avoided or properly secured.

A firewall may be used to limit access to open ports. Firewalls are widely used in practice, and they help to mitigate the problem of remote trojan insertion via open ports, but they are not a totally impenetrable solution, either.

[edit]

Well-known trojan horses

• Back Orifice

• Back Orifice 2000

• Beast Trojan

• NetBus

• SubSeven

• Downloader-EV

Many current computer systems have only limited security precautions in place. This computer insecurity article describes the current battlefield of computer security exploits and defenses. Please see the computer security article for an alternative approach, based on security engineering principles.

Contents

[show]

•

[edit]

Security and systems design

Most current real-world computer security efforts focus on external threats, and generally treat the computer system itself as a trusted system. Some knowledgeable observers consider this to be a disastrous mistake, and point out that this distinction is the cause of much of the insecurity of current computer systems - once an attacker has subverted one part of a system without fine-grained security, he or she usually has access to most or all of the features of that system. [citation needed] Because computer systems can be very complex, and cannot be guaranteed to be free of defects, this security stance tends to produce insecure systems.

The 'trusted systems' approach has been predominant in the design of many Microsoft software products, due to the long-standing Microsoft policy of emphasizing functionality and 'ease of use' over security. [citation needed] Since Microsoft products currently dominate the desktop and home computing markets, this has led to unfortunate effects. However, the problems described here derive from the security stance taken by software and hardware vendors generally, rather than the failing of a single vendor. Microsoft is not out of line in this respect, just far more prominent with respect to its consumer marketshare.

It should be noted that the Windows NT line of operating systems from Microsoft contained mechanisms to limit this, such as services that ran under dedicated user accounts, and Role-Based Access Control (RBAC) with user/group rights, but the Windows 95 line of products lacked most of these functions. Before the release of Windows 2003 Microsoft has changed their official stance, taking a more locked down approach. On 15 January 2002, Bill Gates sent out a memo on Trustworthy Computing, marking the official change in company stance. Regardless, Microsoft's latest operating system Windows XP is still plagued by complaints about lack of local security and inability to use the fine-grained user access controls together with certain software (esp. certain popular computer games).

[edit]

Financial cost

Serious financial damage has been caused by computer security breaches, but reliably estimating costs is quite difficult. Figures in the billions of dollars have been quoted in relation to the damage caused by malware such as computer worms like the Code Red worm, but such estimates may be exaggerated. However, other losses, such as those caused by the compromise of credit card information, can be more easily determined, and they have been substantial, as measured by millions of individual victims of identity theft each year in each of several nations, and the severe hardship imposed on each victim, that can wipe out all of their finances, prevent them from getting a job, plus be treated as if they were the criminal. Volumes of victims of phishing and other scams may not be known.

Individuals who have been infected with spyware or malware likely go through a costly and time-consuming process of having their computer cleaned. Spyware and malware is considered to be a problem specific to the various Microsoft Windows Operating Systems, however this can be explained somewhat by the fact that Microsoft controls a major share of the PC market and thus represent the most prominent target.

[edit]

Reasons

There are many similarities (yet many fundamental differences) between computer and physical security. Just like real-world security, the motivations for breaches of computer security vary between attackers, sometimes called hackers or crackers. Some are teenage thrill-seekers or vandals (the kind often responsible for defacing web sites); similarly, some web site defacements are done to make political statements. However, some attackers are highly skilled and motivated with the goal of compromising computers for financial gain or espionage. An example of the latter is Markus Hess who spied for the KGB and was ultimately caught because of the efforts of Clifford *****, who wrote an amusing and accurate book, The Cuckoo's Egg, about his experiences. For those seeking to prevent security breaches, the first step is usually to attempt to identify what might motivate an attack on the system, how much the continued operation and information security of the system are worth, and who might be motivated to breach it. The precautions required for a home PC are very different for those of banks' Internet banking system, and different again for a classified military network. Other computer security *****s suggest that, since an attacker using a network need know nothing about you or what you have on your computer, attacker motivation is inherently impossible to determine beyond guessing. If true, blocking all possible attacks is the only plausible action to take.

[edit]

Vulnerabilities

To understand the techniques for securing a computer system, it is important to first understand the various types of "attacks" that can be made against it. These threats can typically be classified into one of these seven categories:

[edit]

Exploits

Software flaws, especially buffer overflows, are often exploited to gain control of a computer, or to cause it to operate in an unexpected manner. Many development methodologies rely on testing to ensure the quality of any code released; this process often fails to discover extremely unusual potential exploits. The term "exploit" generally refers to small programs designed to take advantage of a software flaw that has been discovered, either remote or local. The code from the exploit program is frequently reused in trojan horses and computer viruses. In some cases, a vulnerability can lie in a certain programs processing of a specific file type, such as a non-executable media file.

[edit]

Eavesdropping

Any data that is transmitted over a network is at some risk of being eavesdropped, or even modified by a malicious person. Even machines that operate as a closed system (ie, with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware such as TEMPEST. The FBI's proposed Carnivore program was intended to act as a system of eavesdropping protocols built into the systems of internet service providers.

[edit]

Social engineering and human error

A computer system is no more secure than the human systems responsible for its operation. Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them, for example sending messages that they are the system administrator and asking for passwords. This deception is known as Social engineering.

[edit]

Denial of service attacks

Denial of service attacks differ slightly from those listed above, in that they are not primarily a means to gain unauthorized access or control of a system. They are instead designed to overload the capabilities of a machine or network, and thereby render it unusable. This type of attack is, in practice, very hard to prevent, because the behavior of whole networks needs to be analyzed, not only of small pieces of code. Distributed denial of service attacks are common, where a large number of compromised hosts (commonly referred to as "zombie computers") are used to flood a target system with network requests, thus attempting to render it unusable through resource exhaustion. There are also commonly vulnerabilities in applications that cannot be used to take control over a computer, but merely make the target application malfunction or crash. This is known as a denial-of-service exploit.

[edit]

Indirect attacks

Attacks in which one or more of the attack types above are launched from a third party computer which has been taken over remotely. By using someone else's computer to launch an attack, it becomes far more difficult to track down the actual attacker. There have also been cases where attackers took advantage of public anonymizing systems, such as the tor onion router system.

[edit]

Backdoors

Methods of bypassing normal authentication or giving remote access to a computer to somebody who knows about the backdoor, while intended to remain hidden to casual inspection. The backdoor may take the form of an installed program (e.g., Back Orifice) or could be in the form of an existing "legitimate" program, or executable file. A specific form of backdoors are rootkits, which replaces system binaries and/or hooks into the function calls of the operating system to hide the prescense of other programs, users, services and open ports. It may also fake information about disk and memory usage.

Someone gaining physical access to a computer can install all manner of devices to compromise security, including operating system modifications, software worms, keyboard loggers, and covert listening devices. The attacker can also easily download large quantities of data onto backup media, for instance CD-R/DVD-R, tape; or portable devices such as keydrives, digital cameras or digital audio players. Another common technique is to boot an operating system contained on a CD-ROM or other bootable media and read the data from the harddrive(s) this way. The only way to defeat this is to encrypt the storage media and store the key separate from the system.

See also: Category:Cryptographic attacks

[edit]

Reducing vulnerabilities

Computer code is regarded by some as just a form of mathematics. It is theoretically possible to prove the correctness of computer programs (within very limited circumstances) though the likelihood of actually achieving this in large-scale practical systems is regarded as unlikely in the extreme by most with practical experience in the industry -- see Bruce Schneier et al.

It's also possible to protect messages in transit (ie, communications) by means of cryptography. One method of encryption —the one-time pad —has been proven to be unbreakable when correctly used. This method was used by the Soviet Union during the Cold War, though flaws in their implementation allowed some cryptanalysis (See Venona Project). The method uses a matching pair of key-codes, securely distributed, which are used once-and-only-once to encode and decode a single message. For transmitted computer encryption this method is difficult to use properly (securely), and highly inconvenient as well. Other methods of encryption, while breakable in theory, are often virtually impossible to directly break by any means publicly known today. Breaking them requires some non-cryptographic input, such as a stolen key, stolen plaintext (at either end of the transmission), or some other extra cryptanalytic information.

Social engineering and direct computer access (physical) attacks can only be prevented by non-computer means, which can be difficult to enforce, relative to the sensitivity of the information. Even in a highly disciplined environment, such as in military organizations, social engineering attacks can still be difficult to foresee and prevent.

In practice, only a small fraction of computer program code is mathematically proven, or even goes through comprehensive information technology audits or inexpensive but extremely valuable computer security audits, so it's usually possible for a determined cracker to read, copy, alter or destroy data in well secured computers, albeit at the cost of great time and resources. Extremely few, if any, attackers would audit applications for vulnerabilities just to attack a single specific system. You can reduce a cracker's chances by keeping your systems up to date, using a security scanner or/and hiring competent people responsible for security. The effects of data loss/damage can be reduced by careful backing up and insurance.

[edit]

Security measures

A state of computer "security" is the conceptual ideal, attained by the use of the three processes:

1. Prevention,

2. Detection, and

3. Response.

• User account access controls and cryptography can protect systems files and data, respectively.

• Firewalls are by far the most common prevention systems from a network security perspective as they can (if properly configured) shield access to internal network services, and block certain kinds of attacks through packet filtering.

• Intrusion Detection Systems (IDS's) are designed to detect network attacks in progress and assist in post-attack forensics, while audit trails and logs serve a similar function for individual systems.

• "Response" is necessarily defined by the assessed security requirements of an individual system and may cover the range from simple upgrade of protections to notification of legal authorities, counter-attacks, and the like. In some special cases, a complete destruction of the compromised system is favored.

Today, computer security comprises mainly "preventive" measures, like firewalls or an Exit Procedure. A firewall can be defined as a way of filtering network data between a host or a network and another network, such as the Internet, and is normally implemented as software running on the machine, hooking into the network stack (or, in the case of most UNIX-based operating systems such as Linux, built into the operating system kernel) to provide realtime filtering and blocking. Another implementation is a so called physical firewall which consists of a separate machine filtering network traffic. Firewalls are common amongst machines that are permanently connected to the Internet (though not universal, as demonstrated by the large numbers of machines "cracked" by worms like the Code Red worm which would have been protected by a properly-configured firewall). However, relatively few organisations maintain computer systems with effective detection systems, and fewer still have organised response mechanisms in place.

[edit]

Difficulty with response

Responding forcefully to attempted security breaches (in the manner that one would for attempted physical security breaches) is often very difficult for a variety of reasons:

• Identifying attackers is difficult, as they are often in a different jurisdiction to the systems they attempt to breach, and operate through proxies, temporary anonymous dial-up accounts, wireless connections, and other anonymising procedures which make backtracing difficult and are often located in yet another jurisdiction. If they successfully breach security, they are often able to delete logs to cover their tracks.

• The sheer number of attempted attacks is so large that organisations cannot spend time pursuing each attacker (a typical home user with a permanent (eg, cable modem) connection will be attacked at least several times per day, so more attractive targets could be presumed to see many more). Note however, that most of the sheer bulk of these attacks are made by automated vulnerability scanners and computer worms.

• Law enforcement officers are often unfamiliar with information technology, and so lack the skills and interest in pursuing attackers. There are also budgetary constraints. It has been argued that the high cost of technology, such as DNA testing, and improved forensics mean less money for other kinds of law enforcement, so the overall rate of criminals not getting dealt with goes up as the cost of the technology increases.

[edit]

Further reading

There are operating systems designed specifically with security in mind, such as the operating system OpenBSD, which is widely considered one of the most heavily code-audited operating systems available.

There is an extensive culture associated with electronic security; see electronic underground community.

[edit]

See also

• Computer forensics

• Computing

• Cryptography (aka cryptology)

• Data remanence

• Defensive programming

• Full disclosure

• Hacking

• Protection ring

• Physical security

• RISKS Digest

• Security engineering

• Software Security Assurance

• Data recovery

• Microreboot

• Restartability

• Crash-only software

• Antivirus software

• OpenAntivirus

• Computer virus

• Spyware

• Adware

• Worms

• Trojan horse

• Malware

• virus hoax

• List of computer viruses

• List of computer virus hoaxes

• List of trojan horses

• Timeline of notable computer viruses and worms

• Turing completeness

• Black hat

• Security through obscurity

• Spam

• Melissa worm, ILOVEYOU

• Category:Spyware removal — Programs that find and remove spyware

• Palm OS Viruses

Past readings and links, if they can fit into this paper:

Introduction

During this unit we will begin to consider some of the moral dilemmas encountered in the realm of computing by computer technology and content creators, computer technology and content users, public officials, and ordinary citizens. None of the issues that we discuss will be easy -- if they were easy, they would not be dilemmas.

We cannot expect to know what is right and wrong in the world of computing (or any other realm of human activity) if we do not possess a capacity for moral reasoning, a kind of activity which can be usefully distinguished from moral knowledge or, simply, "morality."

Very briefly, morality is the basic content of our moral beliefs (for instance, the idea that killing and theft are wrong). There are many sources of moral beliefs, including religious teachings, social norms, secular traditions, negotiated settlements, etc. Sometimes moral knowledge is "sanctified" in a moral code. The Ten Commandments is one example of one such code. It has been argued that the Bill of Rights is another such code.

Moral reasoning, in contrast, is the process of examining and justifying moral beliefs (for instance, explaining WHY theft and killing are wrong, whether they are ALWAYS wrong, and whether they are sometimes morally OBLIGATORY -- such as stealing to feed starving children or killing in self-defense). There are at least three different aspects to moral reasoning:

First, moral reasoning entails the study and development of one's ethical standards. Common sources of moral beliefs, including emotions, laws, and social norms, can deviate from what is truly ethical. Therefore, it is necessary to examine periodically one's ethical standards to ensure that they are reasonable and well-founded.

Second, moral reasoning also involves studying our personal conduct, and striving to ensure that we, and the institutions we help to shape, live up to moral standards that are reasonable and solidly-based.

And, third, moral reasoning encompasses the ability to offer moral reasons to others, justifying one’s behavior and the policies that one supports, as well as the ability to examine critically justifications given by others for their behavior and the policies they support. From this point of view, moral reasoning is a social activity -- not one that individuals practice in solitude.

We will be relying on five different moral theories to help us resolve morally problematic situations involving computer and computer network technology:

1) Deontology is a theory of rights -- according to this theory, certain actions (like murder and torture) are prohibited because they violate rights.

2) Utilitarianism (or consequentialism) is a theory of outcomes -- according to this theory, no action (even murder and torture) can be automatically rejected because they may in certain situations enable us to produce good results.

3) Fairness (or justice) is a theory that says we should treat people as they deserve, which places a presumption upon equality -- unless there is a valid reason for treating people unequally. There are many different kinds of equality -- including economic, social, and political.

4) Virtue is a theory that asks us to live according to the best/most noble human qualities, i.e., courage, generosity, tolerance, self-control, etc. Of course different cultures view different qualities to be best and most noble.

5) Common Good is a theory that asks is to consider the general welfare of the entire community, rather than our own self-interest. Of course, there are different ways to define and delineate community (e.g., local, national, global, virtual) and most people belong to more than one community.

If you have already taken either The Global Challenge or The Life of the Mind, you will hopefully recognize some of these concepts. However, no one should panic or feel discouraged if these are new ideas. We will be spending Weeks Three and Four reviewing these moral theories and applying them to some relatively simple case studies. In future weeks, we will use these theories to delve into a variety of more complicated economic, social, political, global, and educational issues related to the use of computers and computer networks.



3.2 Critical Questions

This week we will consider several important questions different moral theories and the applicability to moral dilemmas in computing. Please keep these questions in mind as you complete the required readings and prepare to participate in class discussion.

• What is utilitarianism? How do utilitarians resolve moral dilemmas? What are the main strengths and limitations of utilitarian arguments?

• What is deontology? How do deontologists resolve moral dilemmas? What are the main strengths and limitations of deontological arguments.

• What is virtue ethics? How do virtue ethicists resolve moral dilemmas? What are the main strengths and limitations of virtue-based arguments?

• What is the common good? How do we determine the common good? How do we decide whose good "counts"?

• What is fairness? How do we decide what is fair in different cases?



3.3 Required Readings

Markkula Center for Applied Ethics at Santa Clara University, "A Framework for Thinking Ethically": http://www.scu.edu/ethics/practicing/decision/framework.html

Markkula Center for Applied Ethics at Santa Clara University, "Calculating Consequences": http://www.scu.edu/ethics/practicing/decision/calculating.html

Markkula Center for Applied Ethics at Santa Clara University, "Rights": http://www.scu.edu/ethics/practicing/decision/rights.html

Markkula Center for Applied Ethics at Santa Clara University, "Ethics and Virtue": http://www.scu.edu/ethics/practicing/decision/ethicsandvirtue.html

Markkula Center for Applied Ethics at Santa Clara University, "Justice and Fairness": http://www.scu.edu/ethics/practicing/decision/justice.html

Markkula Center for Applied Ethics at Santa Clara University, "The Common Good": http://www.scu.edu/ethics/practicing/decision/commongood.html

These excellent "mini-essays" do a fine job of introducing the these major ethical theories. Please read each of them carefully and post questions and requests for clarification on the discussion board.



Case: MP3s on Campus

http://ethics.sandiego.edu/resources/cases/Detail.asp?tfm_order=ASC&tfm_orderby=Category&ID=35

Case: Unauthorized Downloads

http://ethics.sandiego.edu/resources/cases/Detail.asp?tfm_order=ASC&tfm_orderby=Category&ID=95

*****