In any profession, there is a certain ethical responsibility that is implied when you choose to fulfill the requirements of the job. For certain professions, the implications of ignoring your ethical responsibility can be disastrous. Think of what might happen if you doctor decided that he wanted to save a few bucks and give placebo instead of actual antibiotics to patients. But with other professions, the line between what is acceptable for profits and career advancement vs your ethical responsibility may not be so clear.
In programming, it is not often the case that we will never work on anything critical to the lives of the general public. If Facebook suddenly suffered from a catastrophic failure, no lives would be lost. If Microsoft Office suddenly decided to give a STOP: 0x0ff2ee80 error, someone would not drop dead.
On the other hand, programmers often work on critical systems such as gas and electric management systems, traffic lights, automotive safety systems, medical equipment programming and many other critical uses. In either case, I believe that there is a strong ethical responsibility to deliver the best code that you are capable of, and if the program is going to be used for a "critical" use it should go through the most exhaustive testing possible to ensure that it will not fail under any foreseeable circumstance. Failure to do exhaustive testing would be gross negligence, and that programmer (or manager) would be responsible for any lives lost or affected by their decision.
Sunday, April 27, 2008
Monday, February 25, 2008
LAMP Technology
Write a blog entry that explains what LAMP is. What do each of the letters stand for? Why do people think this approach is so interesting and effective for building applications?
LAMP is an acronym describing a common bundle of software used for web pages. LAMP literally stands for : Linux, Apache, MySQL, and PHP, although many people are replacing PHP with 'Programming language' due to the popularity of Python, Ruby, and other languages now used to serve web pages. This bundle of software, whether by design or coincidence, is probably the most common software bundle used across the world for web servers due to its reliability and flexibility. For example, Apache on Linux can be as simple as an old desktop server configured to serve web pages occasionally or as complex as a server farm with several dozen dedicated purpose-built servers that can also perform load-balancing across the farm. MySQL has been a popular database system for years, and is still enjoying widespread usage due to its scalability and proven reliability. The programming language in the LAMP acronym allows for dynamic web pages to remember session ID's and perform tasks as simple as serving ads relevant to what the user is viewing or as complex as managing an E-commerce web site with appropriate security measures.
Although the term LAMP is a relatively new usage of the word, the technology has been in use for quite a while and has proven itself reliable and flexible, making it an ideal choice for an organization who is considering different technology for their web-based services.
Monday, February 18, 2008
Privacy Continued
1. More Privacy. (From Baase, 2.36). Philosophers and ethicists often distinguish between positive and negative rights. A positive right is the right to be allowed to do something (for example, the right to vote). A negative right is the right to be protected from something (for example, the right not to be convicted without a trial). Baase provides a longer description on page 35.
Consider privacy, particularly digital privacy, from each point of view and give some examples and/or analogies of what it would mean for privacy to be either a positive right or a negative right. In your opinion, which formulation of privacy is more appropriate and why?
In a world of Facebook, Myspace, Google StreetView, and other social networking sites, personal privacy is quickly becoming a thing of the past. But the more that people are tagging their friends and co workers in photos to share with the world, the more some people believe that we are going in the wrong direction and should pay more attention to protecting personal privacy. The same strange dichotomy can be applied to government activities, especially when looking at the activities of the US government. In order to protect the freedoms of US citizens, the government has decided to curtail those same basic rights to non-native residents and visitors, detaining them for "questioning" for months on end without being charged with a crime. On one hand, the government should be allowed certain leeway to ensure the well being of their citizens, but on the other hand, this country was built on the ideals of being a safe haven to everyone else in the world. Should we compromise our ideals to ensure safety?
I'm sure there is a correct balance between personal security and anonymity, however with the increasingly world-wide data, photo, and information sharing infrastructure that is in place, we are gravitating more towards sharing everything about our lives with anyone who cares to look, while still guarding vital information, such as social security numbers. Personally, I'm okay with the balance that seems to be emerging, but there will always be people who will object to the information sharing.
2. Read Chapter 3 of Cress and write a blog entry corresponding to the first two bullet points in Exercise 3.4 (p38). (you may skip the part about ALPs)
- The assistant chief of police in this story may or may not have personally objected to the mural, however he was most certainly reacting to perceived political pressure that also may or may not have been real. In the modern day and age of being "politically correct," many people are afraid that something under their control may cause a public uproar, offending other people in an unacceptable way. While this is a genuine concern, creative efforts should be left alone as much as possible to make sure that our youth do not grow up being constantly afraid of offending someone else. It is important that people think and decide on issues for themselves instead of simply following the acceptable social norm.
- The United States has been built on the ideas that an individuals rights are protected. This protection has been such an integral part of our ideals that it has been directly written into our laws, however those same laws are also written to make sure that one persons individuality does not infringe upon another persons rights. This balance is constantly examined though lawsuits and bills in our legal system to ensure that it is still meeting the demands of todays society. In the previous example, the needs and liberties of a few individuals (the artists) were being challenged by a representative of the community (the asst. chief). Often in these situations there is no correct answer to this problem, so the wants of individuals are sometimes compromised to ensure that the community is also served.
Sunday, February 10, 2008
Street View and Service Learning
1. Privacy. (From Baase, 2.42, p 133). Last year, Google released Street View. Among other features, there are quite a few photos of people in places or circumstances that they might prefer not to be public. (you can see a few examples here) Many people felt that this was a privacy violation. How did Google address potential privacy concerns? Do you feel that their response was adequate?
When Google put StreetView online, they had clearly done their research. As far as US law is concerned, you can photograph anyone as long as you are taking the photo from public property, and as the Google vans never left the city streets, all the photos they used for the service are legal pictures. Before the service went online, Google contacted select organizations to see if they wanted to opt-out of the mass public photography. These organizations included (but are not necessarily limited to) shelters for abused women. Google has also put into place a system that will allow anyone whose picture or residence was taken to ask for that picture to be removed from the Street View system. I believe this is an adaquate approach by Google to allow people to keep the privacy they have become used to, however I know many others would object. Personally, I do not have a problem with StreetView, but I might feel differently if my picture had been taken walking in front of an adult books store or walking out of a strip clup (these are actual photos that have been taken of innocent bystanders. I think that different generations of people living in the US might have different opinions of this issue, for example, students in college today have gotten used to the idea of Facebook and Myspace, and how they allow people to 'catalog' your life through photographs, while most people older than that would be slightly disturbed by that idea. The debate could go on for years, but ultimately if the law is on the side of Google, people will get used to the idea.
2. Service Learning. Please read Chapter 1 of Learning Through Serving. One theme that's addressed in the book in the concept of educating students to be responsible citizens. What do you think this means? (You may find exercise 1.2 helpful in thinking about this.) Do you think it is reasonable and appropriate for colleges to educate their students about engaged citizenship, or should college focus solely on academics?
Learning through Serving is trying to emphasize the point that being a citizen is more than just being born in the United States. Being a citizen is being aware of those in less fortunate situations than your own and empathizing with them. This empathy with the situations in our community will not only bring a social problem to greater community awareness, but will also motivate people to help change society to bring about a better world for everyone in it. The book makes the point that unless we have firsthand knowledge of the situations that the disadvantaged in our community face, we can never know how we can help change the situation in whatever field we go into. I believe that we have a responsibility to humanity, and if there is something that is within our power to change a social problem, it should be changed. If colleges just educated people in academics, they might never be exposed to the social issues around them, and would never even know about the disparity between the social classes and how greatly people are affected by it.
Sunday, February 3, 2008
Encryption and my career goals
Symmetric Encryption:
With Symmetric encryption, key handling is an issue. Since the same algorithm is used to both encrypt and decrypt the information, there needs to be a secure way to transfer the key to both parties securely. This is the main drawback of symmetric encryption; since each party must have the same key, there must be a solution of making sure the key gets transfered securely. If we are able to get the same key to both individuals (both encrypter and decrypter), symmetric encryption can be very secure as long as the key size is adequate (128 bits is still secure, but 256 bits is the standard). Symmetric encryption is only vulnerable to a brute-force attack, which is trying every combination of the key in an attempt to decrypt the message. One of the main advantages of symmetric encryption is the speed of encryption and decryption, which is typically much faster than asymmetric key encryption. The receiver of the message can be sure of the senders identity since the encryption key was kept secret.
Asymmetric Encryption:
With Asymmetric encryption, we solve the major problem of symmetric encryption: the transfering of the encryption key from sender to receiver, as well as confirmation of identity.
In a common scheme of asymmetric key encryption, a public key is either given to an individual through email or other means, or posted to a public website. This key is known as the public key. The sender of the message encrypts the message with the public key, and sends it to the receiver. The receiver can then use a private key, which is complimentary to the public key and kept secret, to decrypt the message. Since this system relies on the use of prime numbers relative to the key length, a brute force attach would only have to try a key length up to the square root of the modulus, so the original key length would have to be quite long to be secure (1024 bits is the current standard). Since the key length is quite long, encryption takes much more time than symmetric key encryption, which poses a problem for transferring large messages (or files) and for instant two way communication.
To send a verified message to another person (let's say that Bob wants to send a message to Jane), Bob would first encrypt the message to be sent with his private key, and would send this message to Jane. Jane would then use Bob's public key to decrypt the message, verifying that it did come from him since the key pair is complimentary. To make this message secure in transit, Bob would first encrypt the message with his private key, then encrypt it again with Jane's public key. Jane could then decrypt the message using her private key, then again with Bob's public key. This method is much slower to complete than symmetric key encryption, but solves the issue of how to pass keys from one party to another.
My career plans and goals:
When I entered the field of Information Technology in my previous college, I knew that the field was developing quickly and there would be many job opportunities for me once I completed college. After graduating with an Associate degree, I decided that a Bachelor's of Science would suit me better, and applied to USF. Naturally, I chose the Computer Science degree, as I already had skills that would be well suited to this degree. Although I still believe that the field of Computer Science has many jobs that could potentially interest me, the deeper I get into the theory and practice of Computer Science, the less I actually want to get a job in industry. 5 or 10 years from now, I see myself working a fringe job in the computer science industry; something in the automotive industry or the home automation industry would probably interest me the most. I have been actively investigating the opportunities in these industries, and although I previously have not had time to pursue an internship, I plan to try to get one at the end of summer for the beginning of next semester.
With Symmetric encryption, key handling is an issue. Since the same algorithm is used to both encrypt and decrypt the information, there needs to be a secure way to transfer the key to both parties securely. This is the main drawback of symmetric encryption; since each party must have the same key, there must be a solution of making sure the key gets transfered securely. If we are able to get the same key to both individuals (both encrypter and decrypter), symmetric encryption can be very secure as long as the key size is adequate (128 bits is still secure, but 256 bits is the standard). Symmetric encryption is only vulnerable to a brute-force attack, which is trying every combination of the key in an attempt to decrypt the message. One of the main advantages of symmetric encryption is the speed of encryption and decryption, which is typically much faster than asymmetric key encryption. The receiver of the message can be sure of the senders identity since the encryption key was kept secret.
Asymmetric Encryption:
With Asymmetric encryption, we solve the major problem of symmetric encryption: the transfering of the encryption key from sender to receiver, as well as confirmation of identity.
In a common scheme of asymmetric key encryption, a public key is either given to an individual through email or other means, or posted to a public website. This key is known as the public key. The sender of the message encrypts the message with the public key, and sends it to the receiver. The receiver can then use a private key, which is complimentary to the public key and kept secret, to decrypt the message. Since this system relies on the use of prime numbers relative to the key length, a brute force attach would only have to try a key length up to the square root of the modulus, so the original key length would have to be quite long to be secure (1024 bits is the current standard). Since the key length is quite long, encryption takes much more time than symmetric key encryption, which poses a problem for transferring large messages (or files) and for instant two way communication.
To send a verified message to another person (let's say that Bob wants to send a message to Jane), Bob would first encrypt the message to be sent with his private key, and would send this message to Jane. Jane would then use Bob's public key to decrypt the message, verifying that it did come from him since the key pair is complimentary. To make this message secure in transit, Bob would first encrypt the message with his private key, then encrypt it again with Jane's public key. Jane could then decrypt the message using her private key, then again with Bob's public key. This method is much slower to complete than symmetric key encryption, but solves the issue of how to pass keys from one party to another.
My career plans and goals:
When I entered the field of Information Technology in my previous college, I knew that the field was developing quickly and there would be many job opportunities for me once I completed college. After graduating with an Associate degree, I decided that a Bachelor's of Science would suit me better, and applied to USF. Naturally, I chose the Computer Science degree, as I already had skills that would be well suited to this degree. Although I still believe that the field of Computer Science has many jobs that could potentially interest me, the deeper I get into the theory and practice of Computer Science, the less I actually want to get a job in industry. 5 or 10 years from now, I see myself working a fringe job in the computer science industry; something in the automotive industry or the home automation industry would probably interest me the most. I have been actively investigating the opportunities in these industries, and although I previously have not had time to pursue an internship, I plan to try to get one at the end of summer for the beginning of next semester.
Monday, January 28, 2008
SF Security Cameras kind of suck...
So everyone who has been to the Mission District in San Francisco has probably seen the SF Police Department "Security Cameras" ... They're not exactly hidden, as they are seemingly conventional-looking, full sized cameras in weatherproof housings with bright blue strobe lights announcing their presence to everyone who isn't blind.
I always thought that the cameras were hooked up in the usual fashion, same as most department stores or ATM's, with a DVR keeping data for a set amount of time, a reasonable resolution, and a reasonable (for a security camera) refresh rate. Normal video is just slightly lower than 30 frames per second in the US - this is what we watch on TV and is generally regarded as a good rate for convincing the human eye of true motion. Security cameras generally run at a slower rate, so that they may be recorded without using up too much storage space on whatever recording device they may be using. Most of the security set up's that I have seen run around 5-10 frames per second. Although the video looks choppy, you can still see all that's going on at any given point in time. The SFPD system has been known to run at less than ONE frame for every TWO seconds! I could run across the intersection between the refresh rate on that system! So the question must be asked: As a taxpayer (although I am not registered to pay income tax here, I still pay a higher sales tax rate than the rest of the Bay Area) what exactly are my dollars going towards? One arrest in 19 months of operation in the busiest crime intersection in the city?!?
Not good enough I say - it's time for San Francisco to step up, admit their mistakes, and fix them.
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/01/28/MN37TKH6O.DTL
~Greg Mullin
I always thought that the cameras were hooked up in the usual fashion, same as most department stores or ATM's, with a DVR keeping data for a set amount of time, a reasonable resolution, and a reasonable (for a security camera) refresh rate. Normal video is just slightly lower than 30 frames per second in the US - this is what we watch on TV and is generally regarded as a good rate for convincing the human eye of true motion. Security cameras generally run at a slower rate, so that they may be recorded without using up too much storage space on whatever recording device they may be using. Most of the security set up's that I have seen run around 5-10 frames per second. Although the video looks choppy, you can still see all that's going on at any given point in time. The SFPD system has been known to run at less than ONE frame for every TWO seconds! I could run across the intersection between the refresh rate on that system! So the question must be asked: As a taxpayer (although I am not registered to pay income tax here, I still pay a higher sales tax rate than the rest of the Bay Area) what exactly are my dollars going towards? One arrest in 19 months of operation in the busiest crime intersection in the city?!?
Not good enough I say - it's time for San Francisco to step up, admit their mistakes, and fix them.
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/01/28/MN37TKH6O.DTL
~Greg Mullin
Subscribe to:
Posts (Atom)
