The problem I wrote about last time didn't appear to impact my grade, great!
Finished the semester with a 4.0. Whoo!
The problem I wrote about last time didn't appear to impact my grade, great!
Finished the semester with a 4.0. Whoo!
Well, yesterday marked the end of my most recent semester. I was in charge of putting our paper through TurnItIn, reviewing the report, and submitting to our professor. It went terribly.
First, I ran the paper through TurnItIn and viewed the Similarity report. The web app was telling me the paper scored a 7% similar to its databases, but had nothing flagged in the paper. Commenting on it being weird to my wife, I downloaded the useless report and submitted the papers.
A few hours later, the rest of my team drew my attention back to the useless papers. Prompted by their concerns, I returned to TurnItIn and scanned around the app's interface. As it turns out, you can toggle off the report display so that it just shows what you submitted. Pointless, as I already have the file I submitted. So I toggled it on, downloaded the less useless report and submitted it again.
After a few more hours, the team contacted me concerned that my whole post was missing. Back to the website, attach the files again, and post.
Today, I got home from work and checked my email and the class page. (Note it is now after the submission deadline.) My attention is drawn, at prompting from my team, to the fact that TurnItIn claims a 3% match to www.uspto.gov. This claim is really bizarre, as we don't even have a reference for uspto.gov in our paper. Looking into it, the service is correct and we submitted a paper with two paragraphs ripped nearly word for word from this paper by the United States Patent and Trademark Office. Ridiculous.
In an attempt to save the team from my mistake, I have submitted the following amendment to my Self and Peer Evaluation concerning the paper to the professor.
I need to amend my evaluation.
There are two paragraphs that made it to the submitted TEAMNAME paper which are pulled almost verbatim from http://www.uspto.gov/about/vendor_info/current_acquisitions/sdi_ng/ocio_6016_10q.pdf without citation and without even a reference to www.uspto.gov.
I had felt I was being harsh on TEAMMATE0 in what I turned it, but it was too light.
He did not attend the work planning, threw together a quick, plagiarized section which required significant maintenance to even look passable, and withdrew his support from any of the post-drafting collaboration.
That said, I was the one who ran the paper through turnitin. I did not catch the two paragraphs in time. TEAMMATE1, TEAMMATE2, and TEAMMATE3 attended the planning, communicated often, and carried out their assigned portions of the work. The failure to prevent the plagiarized paragraphs from making it to submission was on me. My first paper had a 10% score overall, and 9% to SCHOOL papers that I never had seen, so it made me lose any faith I had in the turnitin system, so I didn't delve into what the 7% score was. I didn't trust the scanner, so all I concerned myself with was making sure that the paper didn't hit the 15% threshold.
The majority of the TEAMNAME group performed their responsibilities to satisfaction and deserve to have their grade based on the merit of the writing. The blame for the Internet and User Furnished Device Policy sections falls to TEAMMATE0 for submitting it as his section and to me for not catching it during my review.
Thank you for taking the time to read this,
Matthew Molyett
Well, this week is the team project that makes up our final. Hopefully it goes well. My big concern about it is to remember that I need to focus on the human aspects of cybersecurity, I tend to think in more technical terms.
Topic - Are non-literate internet users are at a higher risk for experiencing identity theft, or is everyone now equally vulnerable – support your opinion. Explain specifically how end-user tracking and recording technologies may either increase or reduce cybersecurity risks for non-literate users when using the Internet, or when shopping at a brick and mortar establishment.
Yes, non-literate internet users are at a distinctly higher risk of identity theft. Lacking knowledge about how the internet results in users missing clues that can protect them. Clues that protect knowledgeable users:
Customer tracking and recording can significantly decrease the cybersecurity risk for non-literate users. The login patterns for a victim of phishing, or other account theft, will experience a sudden change. The damage of a compromise is greatly decreased if the tracking company recognizes the change and freezes the account.
Nguyen & Hayes (2010) write about customers having greatly different views about the tracking and recording based on what technology is in use. Web services tend to rate as a much higher concern technologies such as electronic toll collection. I find this a bit odd, personally. Electronic tolls place you physically someplace, which is information that can be used to commit real, dangerous crime against you.
Slightly off-topic, but those loyalty cards can pose a significant physical security risk. If you registered your address with your card and always use it at the local shop, then using the card else where lets your movements be tracked. Specifically, if you use the card two states away, then it is a good indicator that the house at that address is probably empty.
Nguyen, D. H., & Hayes, G. R. (2010). Information privacy in institutional and end-user tracking and recording technologies. Personal and Ubiquitous Computing, 14(1), 53-72.
Topic - To what degree should US citizens and non US citizens have to give up privacy in the name of national security? Should US citizens be treated differently than non-US citizens? What factors, if any, influence this decision, tipping the scale to allow for less privacy in favor of national security?
Right off the bat, I would like to point out how incredibly subjective this topic is. The balance of personal liberty, especially privacy, versus state security is a constantly debated point in academic circles, political circles, and policy discussions.
What is privacy anyway? If we cannot define it, how can we discuss giving it up. If CNN was to run a story showing the outside of a house, with pictures, and revealing the full name and address pulled from the white pages, some people would call it an invasion of privacy. Pranevičienė (2011) reported numerous definitions of privacy:
Concerning the easier to define privacy, the contents of our communications, there needs to be a refined focus to actionability of privacy violations. Privacy of communications with regard to law enforcement action is absolutely vital, and cannot be sacrificed for security. Citizens and non-citizens need to have freedom from every word they say or write to be potential evidence or circumstantial evidence.
Nonactionable privacy violations have no need to be protected. People do not fear pointless chit chat from being overheard in malls, precisely because the intercepted information is nonactionable. If collection for intelligence purposes was strictly nonactionable with regards to the target, then privacy would not need to be balanced against national security. The overlap of, or at least fear of, actionable law enforcement intercept with intelligence generation is what necessitates the balance.
Pranevičienė, B. (2011). LIMITING OF THE RIGHT TO PRIVACY IN THE CONTEXT OF PROTECTION OF NATIONAL SECURITY. Jurisprudencija, 18(4), 1609-1622.
Topic - Determine the extent that anonymity has helped better society, industry, and individuals. Does the malicious use of anonymity outweigh the positive benefits it provides?
Anonymity benefits society by easing the burden of charitable giving. Often, once a donation is made to a charity or such, that entity will continue to regularly solicit donations. I encountered this just after college. A small donation, via check, to St. Jude's Children's Hospital and I was receiving regular solicitation requests for years. By donating behind the screen of anonymity, generous patrons can give without regard for future communications. Kay, Salveggio, and Guess (2008) write that a rabbi from the 1300s, Maimonides, placed the label of second highest level of charity on giving anonymously to anonymous recipients.
The ability to perform acts of good, such as charitable giving, without ramifications unfortunately extends to acts of malice. The right to the privacy of ones behavior must be weighed against the right of others to be free from annoyance and danger. The impunity that one gains by anonymity enables great wrongs and so "traceable anonymity" (Kay, Salveggio, & Guess, 2008, pp 70-9) provides a good balance. It allows us to gain the privacy benefits of anonymity, but provides society a safeguard against overly malicious behavior; though only if the trace-ability is limited and guarded itself. An ISP that will turn over account information when presented with a valid court order (and only to a court order) provides reasonable traceable anonymity.
Kabay, M. E., Salveggio, E., & Guess, R. (2008) Anonymity and Identity in Cyberspace. In Bosworth, et al (Eds.), Computer security handbook. New York, NY: John Wiley & Sons.
I went to check the activity on my blog and had 999 pageviews. My wife:"Hold on..."
Whoo! 1000 pageviews. I have noticed that my recognition of dangerous computer security practices has increased since starting this program. Hopefully the blog is helping those readers with their security.
I've write more in-depth soon about how I've noticed my own perceptions changing.
Short post today because the week is really busy. I am in week 11 of 12 for my current class, so crunch time is starting.
As promised, here is the full paper Preventing Damage by Preventing Grade System Intrusions, although it is later than I meant to publish it. Out of every grade I have received during my Masters so far, this paper has scored the best. Hopefully it gives you something to think about.
Cheerio!
Educational institutes such as colleges and schools have understandable reasons to desire use of electronic grading records. Such systems must be recognized for the dangers they pose as lucrative targets for hackers, crackers, and cheaters. The impact from unauthorized intrusions can be significant for the future of the students, even those whose records are not modified, as shown by Tyler Coyner graduating salutatorian. Coyner’s data manipulation stripped another student of their rightful honor as salutatorian (McMillan, 2011).
Defensive efforts must be made to address but the attack vectors to be utilized by intruders and the motivation driving the attack. Whenever possible, it is best to recognize the situations that may lead to an attack and defuse it in advance.
McMillan. (March 4, 2011). Top Student Charged With Fixing Grades for Cash. PCWorld. Retrieved from: http://www.pcworld.com/article/221442/studentcharged.html
Another policy that can prevent such account compromises is strict rules on how to protect account information. Since Lupkin (2012) did not mention any technical tactics used, it is likely that Venusto received the account information in a more direct way, such as the victim having the data written down at her computer or even having handed over the account for some reason. It can be convenient for an upper official to give their information to a secretary, say to schedule meetings, but that should always be considered a critical security violation.
Altman, L. (January 26, 2012). 3 Palos Verdes High students arrested in grade-tampering plot. DailyBreeze.com. Retrieved from: http://www.dailybreeze.com/latestnews/ci_19829634
Gibbons, M. (February 8, 2012). Bucks college student fails in attempt at an easy A. phillyBurbs.com Retrieved from: http://www.phillyburbs.com/news/crime/bucks-college-student-fails-in-attempt-at-an-easy-a/article_175726b7-b2c5-56ce-93ab-bbfb6abddcc4.html
Lupkin, S. (July 19, 2012). Mom Arrested For Hacking School Computers to Change Kids' Grades. abc News. Retrieved from: http://abcnews.go.com/US/mom-charged-hacking-school-computers-change-childrens-grades/story?id=16812838#.UKhiZoevuIM