Assignment 3 (Ethics and Legal Issues of Cybersecurity)
Weight: 5%
CMPS 385 Computer Security
Deadline: 13/04/2020
Spring 2021
Security researchers participate in conferences such as DefCon to demonstrate the vulnerabilities of products or present new security tools. For example, DefCon is one of the world’s largest hacker conventions, held annually in Las Vegas, Nevada and tens of researchers showcase their work at this conference. Last year in DefCon 2020, researchers presented their recent research on hacking phones, cars, satellite communications, traffic lights, smart home devices, printers, and popular software services, among many others. However, some of these talks require ethical reflection on the harms of these disclosures.
We present two examples here to compare and consider from an ethical viewpoint.
A. At DefCon 2020, two researchers (Wesley Neelen and Rik van Duijn) at Netherlands-based applied security research company Zolder, showed how they hacked a traffic light management system that is connected to a smartphone app. They talked about how a hacker could
remotely control traffic lights
. The affected product is used in over 10 municipalities in the Netherlands.
Assume that Wesley and Rik informed these 10 municipalities regarding these issues in the Netherlands, however, only one of them (e.g., Utrecht) took the right action to minimize these risks. Please watch the following YouTube link to get more information about this research talk.
B. At DefCon 2017, two researchers (Josh Schwartz and John Cramb) of Salesforce (i.e., members of the Red Team) aimed to reveal MEATPISTOL, a modular malware framework for implant creation, infrastructure automation, and shell interaction, aimed at reducing the time and energy spent on reconfiguration and rewriting malware. The tool does not launch attacks or exploit systems, but it allows red teamers to control the system once access has been granted. MEATPISTOL was pitched as taking the boring work out of pen-testing to make red teams, including at Salesforce, more efficient and effective. Also, they aimed to make it open-source tool so that other security researchers can improve it. However, an executive at Salesforce told them not to release it as open source because it could be used by hackers for other purposes. Just an hour before they were expected on stage, a Salesforce executive sent a text message to Josh and John for not to give this talk. However, the message was not seen until after the talk had ended. On stage, Schwartz told attendees that he would fight to get the tool published. The two researchers were fired as soon as they got off stage by a senior Salesforce executive. Several security researchers criticized Salesforce following the firing, and the community has since forwarded these two researchers a number of job offers. You can watch their talk from the following link.
Answer the following questions based on these two case studies:
Question 1 Stakeholders and Potential Harms/Benefits
(1%):
1.a. Who are the stakeholders whose interests Zolder researchers (Wesley and Rik) needed to consider in giving their DefCon presentation, and what potential harms/benefits to those various stakeholders did they need to consider and weigh?
1.b. Who are the stakeholders whose interests Salesforce researchers (Josh and John) needed to consider in giving their DefCon presentation, and what potential harms/benefits to those various stakeholders did they need to consider and weigh?
Question 2
(1%) Ethical Considerations
:
2.a. Do you think the 2020 Wesley & Rik presentation was ethical, all things considered? Why or why not?
2.b. Do you think the 2017 Josh & John presentation (including its planned code release) was ethical, all things considered? Why or why not? Was Salesforce right to block the open-source code release attempt and stop their public talk?
Task 3
(1%) Similarities and Differences
:
What are the most important ethical similarities and differences between two case studies?
Task 4
(1%) Professional Reputations
:
Assume that you are looking to hire a security researcher for your team. Would you prefer the researchers of Zolder or Salesforce? What ethical considerations would need to be evaluated in your decision?
Task 5
(1%) Legal Issues
:
What are the relevant laws in Qatar and GCC related to cyber security and what implications would the laws be on the presented cases?
Submission requirements
:
· Make sure that you submit
the electronic version on Blackboard
.
· No late submission
will be accepted under any circumstances
· No hand-written
submission will be accepted.
· Be aware of
· Submitted work must be your own work
· You MUST NOT copy the homework from other student, other electronics or paper sources.
· You MUST NOT copy or use any materials from other sources without due acknowledgement.
What Will You Get?
We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.
Premium Quality
Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.
Experienced Writers
Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.
On-Time Delivery
Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.
24/7 Customer Support
Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.
Complete Confidentiality
Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.
Authentic Sources
We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.
Moneyback Guarantee
Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.
Order Tracking
You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.
From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.
Preferred Writer
Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.
Grammar Check Report
Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.
One Page Summary
You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.
Plagiarism Report
You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.
Free Features $66FREE
Most Qualified Writer
$10FREE
Plagiarism Scan Report
$10FREE
Unlimited Revisions
$08FREE
Paper Formatting
$05FREE
Cover Page
$05FREE
Referencing & Bibliography
$10FREE
Dedicated User Area
$08FREE
24/7 Order Tracking
$05FREE
Periodic Email Alerts
$05FREE
Our Services
Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.
On-time Delivery
24/7 Order Tracking
Access to Authentic Sources
Academic Writing
We create perfect papers according to the guidelines.
Professional Editing
We seamlessly edit out errors from your papers.
Thorough Proofreading
We thoroughly read your final draft to identify errors.
Thorough Proofreading
We thoroughly read your final draft to identify errors.
Delegate Your Challenging Writing Tasks to Experienced Professionals
Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!
We Analyze Your Problem and Offer Customized Writing
We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.
Clear elicitation of your requirements.
Customized writing as per your needs.
We Mirror Your Guidelines to Deliver Quality Services
We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.
Proactive analysis of your writing.
Active communication to understand requirements.
We Handle Your Writing Tasks to Ensure Excellent Grades
We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.
Thorough research and analysis for every order.
Deliverance of reliable writing service to improve your grades.
