I did not want to do my
social engineering task for week #4, hence my late post. My task was to find
out where Chevalier Rouge is at 1:00PM on Wednesday’s. Although an easy task to
complete; and I did accomplish to obtain the information (Chevalier “might be
working”), I felt bad in completing this task.
I don’t find social engineering to be fun when our task is to target our
fellow players. I feel social engineering has caused a lot of people that had
previously not known each other to not become friends. Everyone in our class
now has their guard up and it makes it very difficult to make friends, or to
get someone to believe/trust you when you are being honest. I’m very social,
and I like to make new friends, but with this kind of behavior towards each
other it is near impossible. I would love to be friends with everyone. I don’t
know any hackers lol everyone here is learning about this just as me. It would
be nice to share resources, have study sessions and interact more with my
classmates. I find social engineering much more fun and real when the targets
are strangers or anyone outside of our class.
I completely agree with your view.
ReplyDeleteThat is ture. Hopefully,we can get more chances to target on strangers not our classmate. Sometimes we might just need help. Becasue we have Social Engineering Task,you might think your classmate ask you on purpose. I just feel strange...
ReplyDeleteThere is a component to these ethical hacking assignments, which requires that you look at your own beliefs, ethics and morality. In some cases you can accomplish the tasks without engaging in any form of deception, harm, or social or physical injury to the target. If you can not complete the task without offending your own ethics, then you need to state that you did not complete the task, but you really need to post how you would have done it, and discuss where the edge is between what you feel is proper behavior, and what you deem to be improper behavior… but the key is you need to explain it, and “get your head around it” as it were.
ReplyDeleteFor example, from a completely theoretical perspective, lets us say that for the sake of discussion that you selected a card that instructs you to punch a classmate in the head, and then steal their wallet and money. While there is no possible way that we would ever be asked to do this, but let’s say you did. You, and the rest of the people in the class would of course refused to perform such a task as it would be an affront to our individual moralities and shared ethical code. It would also be a very serious criminal act under state law, and depending on who the target was it could also be a very serious violation of federal law, and of course a serious breach of the rules and code of behavior. But, it is OK to refuse to perform a task, but you have to justify your ethical position on the matter.
For example, in the aforementioned scenario you could decline to perform a task, and state that under such and such state law such as the act is expressly forbidden. Then under federal law you would explain that a specific law regards the assignment would be a violation of the student’s civil rights, and you would explain why this is. Then you need to cite the student conduct prohibition on that action, and in each case you need to cite chapter and verse that tell you not to do the assigned thing, because it means that you are ethically thinking through the matter, and that you have a justified and rational position, based in specific laws.
Merely, because it makes you feel uncomfortable to perform the task, you need to explore with the class WHY you feel it is uncomfortable.
So far, with the various tasks, which have been selected, each can be performed without breaking the law, or violating the student code of conduct. It is merely that you have to figure out how to perform it inside the scope of the law and in a way that does not offend the student code of conduct. Like I mentioned, this required knowing where these boundaries are found, and what is permitted, and what is forbidden.
In the classroom our tasks are designed to invoke ethical arguments, but outside in the professional arena we need to be able to out social engineer the person who is trying to social engineer to obtain access to things that they cannot manage through their technical abilities alone. A network administrator, systems administrator, electronic security, and related disciplines, we have to be vigilant so that someone who is trying to social engineer is rendered powerless as we have already studied the various methods that they might use to steal things, gain things through deception, or illicitly obtain information that can be used to by them to break into computers and networks. You can not protect computers, unless you understand how someone might launch an attack, and one of the most widely practiced method is “social engineering” which requires little or no technical ability, but rather an understanding of peoples weaknesses and strengths, and how to exploit these.
ReplyDeleteThe easiest way to complete these goals is to understand your own ethical code, and understand how it was developed, and the boundaries that you will not cross. Then, to understand that some people may not have those ethical limitations, and that they would have no trouble stepping over the line that you (and most people) refuse to cross. You merely need to step back and understand what is possible for a hacker to do, understand their motives, and understand both the parameters of your own ethical code, and then to fully understand the motives of the hacker.
No points. Thanks for the feedback.
ReplyDelete