Tuesday, February 28, 2017

Social task #3

My task was to get someone to share their homework with me. 

I explained to them that I have been working tons, and I left my syllabus and layout for this assignment at home, could they send me theirs so I use their format as an example.  No problem and they sent it.

Here it is. 

The downside of this is that someone could copy it.  The upside of it is, someone could use it to learn from it.


 1-Mass Eye and Ear Infirmary (MEEI) was required to pay because the laptop that was stolen had no security measures to prevent theft. The laptop should have been anchored to its location and encryption software in place in order to protect patient medical files. This action violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA).  (Source: https://wayback.archive-it.org/3926/20150121155313/http://www.hhs.gov/news/press/2012pres/09/20120917a.html)

2- The Supreme Court ruled that peer to peer grading did not violate FERPA because the grades on the papers that were corrected were not considered education records until the teacher had recorded them on his grade book. (Source: https://www.law.cornell.edu/supct/html/00-1073.ZO.html)

3-A college or university can release the name of a student that complains regarding his instructor to the instructor’s supervisor because a student complaint is not considered by FERPA to be a student’s  educational record  but a teacher record since the complaint was about the teacher and didn’t reveal any personal or educational information regarding the student. (source:http://opinions.1dca.org/written/opinions2012/07-19-2012/11-3049.pdf)

4-The purpose of the new act is the Federal Information Security Management Act is to assign responsibilities within each government agency for reviewing information security programs and keeping security risks at an acceptable level. The nine steps are as follows:

  1. Categorize the information to be protected.
  2. Select minimum baseline controls.
  3. Refine controls using a risk assessment procedure.
  4. Document the controls in the system security plan.
  5. Implement security controls in appropriate information systems.
  6. Assess the effectiveness of the security controls once they have been implemented.
  7. Determine agency-level risk to the mission or business case.
  8. Authorize the information system for processing.
  9. Monitor the security controls on a continuous basis.



5-The Sarbanes-Oxley Act of 2002 (SOX) impacted JP Morgan because they attempted to illegally hide their corporate losses in order to maintain investors and continue receiving investments. JP Morgan was forced to pay 200Million dollars in order to settle the charges by the Securities and Exchange Commission (SEC).

This illegal act was also committed by companies such as Enron before the subsequent company collapse in which many investors who believed the company had a solid financial portfolio took major loses as the company stock collapsed. The SOX Act protects whistleblowers by establishing company procedures where employees may be able to whistle blow. It also required attorneys to blow the whistle on their clients under certain circumstances. (Source: http://www.whistleblowers.org/index.php?option=com_content&task=view&id=27) and (https://www.sec.gov/news/press/2013/2013-187.htm)

I told my classmate that and in all truth this truly happened.  I left my charging cord and sylabus in the hotel where I was staying, and all my homework is saved on that computer.  I could do this assignment because I knew the task, I just needed to get the person to send me their work. 

Task #2

My task was to get someone to "friend" me on a social media site.  I just turned to one of my classmates and asked  if this person would "friend" me on facebook.  They said sure and I sent them the request.  Thet accepted this morning.


Social Engineering Task #4

1.My assignment was to get a store/vendor to give em a discount on a product.  

2. I needed cedar rings to get rid of the moths that are in my closet, so I went to the mothball section.  I saw that there were only 3 packages of these cedar rings, so I took them all and there was a 4th sort of off to the side, I took that package as well, but it was already opened.  

3.  The steps I took to accomplish this were to just go to the counter and politely ask the cashier to discount the package since there were two rings missing.  She said sure and gave me a 10% discount.  Not much, but who cares, I got the assignment accomplished.  

4.  Could people use this to their advantage, sure.  This case is nortoriously known in the airline world. 


 https://sacratomatovillepost.com/2014/04/08/rabbi-ginsbergthe-supreme-court-says-your-outta-there/












Social Enginnering task # 5

Task:


To get someone to buy me something.

Accomplished?


Yes

How?


I was here at school when a former student who is a friend of mine came to visit the school. They said hi to me and then left for the cafeteria without me noticing. I messaged them to figure out where they were and when they told me, I made them feel like they forgot about me.

They still came back to eat near me and then I continued to make them believe I felt forgotten. They eventually caved after two other students joined in on the debate, and bought me a twix from the vending machine to make up.

Ethics:

The thing with how I accomplished this was that I was dishonest. I hadn't felt forgotten, and foremost I played with this person's emotions. I personally do not like those traits but in this instance I had to use them. Once I had started I had to continue it to finish the task.

Social Engineering Task #5

My task this week was to ask a fellow player to go to the restroom with me.
Yes, I did it, but I couldn’t accomplish this task.
Right after I got this task, while my fellow and I were talking about the new movie, that was Kungfu Yoga, then told my fellow that I wanted to go to the restroom, and asked him if he wanted to go. He refused it and let me go.
With close friends, I think it’s easier to ask to go to the restroom, but with friends that we are not close, it would be harder to ask. If people accept to go to the restroom with you, you have the trust from them and have no prevention.
In the way that I would be morally right is that when we have the trust from someone, we could share knowledge each other, make more friends. Either way, it could be morally wrong when someone use the none prevention of people to let them do something wrong, or get their information for the wrong purpose.

Ethical Assigment # 3

Is privacy a "right"?
Privacy is a fundamental human right established in the UN Declaration of Human Rights, the International Covenant on Civil and Political Rights, in many other international treaties, constitutions and laws from different nations. Privacy protects human dignity and other important principles such as freedom of association and freedom of speech. Among all the human rights, privacy is one of the rights that is most difficult to define and circumscribe.
When (if ever) is it right to intrude on another's privacy?  
In your post, please contextualize your ideas in relation to Allen or Warren and Brandeis (the two articles you read in advance of 2/21).
I agree with the idea that the author Anita Allen establishes: “I will call the anti-spying principle: spying on other adults is prima facie unethical”.  There are some specific cases in which it is ethically right to intrude on another’s privacy: “Spying on others is ethically permissible, even mandatory, in certain situations, where the ends are good” (Anita L. Allen, The Virtuous Spy: Privacy as an Ethical Limit). Such cases can be when somebody is a threat to the life of others or themselves and also when people are still not adults and need to be monitored by their legal tutors in order to be corrected or protected if necessary.
When spying is ethically necessary, it is imperative to emphasize the limits and to make sure the measurements in the act of spying are not beyond such limits plus that they are fairly justified. In our current times, we have seen this is the most difficult part because these limits are seen from different perspectives and are also hard to regulate due to the fast advancement of technology. We have also seen in modern times how the lack of such limits can allow a few powerful people to take advantage of the act of spying by exploiting the fear of entire populations. After recent acts of terrorism, many controversial laws have been approved in America and in other democratic nations which violate the supreme laws (constitutions of each country ) and also violate the established International Laws. Anita Allen explains: “Before spying, the efficacy of other, ethically less tainted and risky methods of obtaining the desired information should be ruled out.” We have seen that spying unjustifiable on the entire population of a nation does not prevent radicals from becoming terrorists and carrying out their awful inhuman acts. Why is everybody’s fundamental human right to privacy being violated when it has been clear that in order to prevent such horrible acts is beyond the scope of unethically spying on everybody.  As a matter of fact, this creates more clouds on the process because innocent people are wrongly accused and harassed causing more harm than good to our democracies. Even though there is not an easy solution to the issue of creating and regulating limits on the act of spying, I think it is very imperative to talk more about it and to demand more from our representatives in the governments, who are supposed to be working to protect our rights as citizens. The risks involved in a system that spies on everybody without any legal regulations, which can protect the citizens' rights established in the Constitution, can bring terrifying consequences which will affect all of us in every single aspect of our lives. 
Please discuss how you could apply your beliefs about privacy to a decision you might make about whether or not to apply techniques that you have learned in our course so far, such as Google dorking.
I recently had to spy on somebody for my Social Engineering Challenge, I think it was justified because it was one of the players and we are all aware that these strange things can happen to us, since we are all involved in the challenges.  
I have very clear and firm beliefs about privacy, therefore I would never unethically apply any of my knowledge to invade somebody's privacy without solid evidence that might incriminate an individual or individuals, and might make it necessary based on the ethical exceptions of spying previously mentioned.

Social task 5

1. What was my task?

My task was to make a stranger hand me their car keys and take a picture.
2. Was I able to accomplish the task?
Yes
3. Evidence:-
I have uploaded  picture as evidence of my task.
4. How I approached it?

So it was a little difficult for me because I don’t have a positive attitude with strangers so I had to force myself into this task. What I did was I ordered an uber and a put pretty long destination so I could have plenty of time to have a good conversation with the driver. So I just stared with friendly conversation and found out that he was from Haiti his name was Jin I just started asking about his country and family how he came and all about his personal life. After that I asked him about his occupation and he said he only drives the uber and that was my chance I started giving him positive comments of his car and praised him of being a very good and friendly driver and told him I would give 5 stars for his ride. He was very happy and that’s when I noticed this is my chance I just told him I like his key ring with his car keys could you tell me where you got these from and then the conversation continued for like 5 minutes and right before we reached my destination I just showed him on my phone I gave him a 5 star rating as a driver and just then I asked him if I could take a picture of his key ring so I could find the same one and he just simply took his key out and just handed it over to me and that’s it.

A person could easily apply this technique.         Well from what I learned   power of positivity is very strong and a positive attitude of a person can make him very attractive among st other people. People with positive attitude could be very trustful and at the same time very dangerous. People easily trust people with positive attitude because positivity is very attractive. People get very friendly in conversations which start from giving them positive comments. Eg. A teenage girl won’t react on negative comment given by strangers but if a stranger gives a her positive comment on her looks she would automatically reply in a good mood. So people could easily use their positivity to communicate with strangers and get information of about them in an unexpecting or friendly way they won’t even mind sharing themselves.
A person could ask the victim his address, contact number, what time he starts working and what time he stops so in between that time he could plan to rob his house or kidnap his family member. He could have took those keys and could have ran away just to tease him or just ask for a little bit of money for the keys. A person could just ask him what time he goes home and leave some drugs inside the car and notify his friends about the car number and final destination so they could pick up the drugs by robbing his car at night. There are many ways people could information and their equipments into many illegal stuff.

Social Engineering Task #5

My task was to get a business to give me something that costs money to someone but free for me.
Yes, I accomplished my task with the evidence.
When I got my task I found very difficult to figure out how someone can give me something for free which costs money to him. I got an idea one of my friend has 2 earphones for his iPhone. I asked him can you give me one I have lost mine and pretend like I really need them immediately. He just gave it to me and I accomplished my task.
I applied emotional techniques to complete my task. Emotional techniques are very effective to ask people to give something to them. These techniques are basically used with known persons. It is very helpful when you need online or cellphone passwords of your friends.

I feel very bad when I complete my task. I asked my friend to give his earphones even though I already have. My task costs him money too. I don’t really like it but I had to do it.
Here is the evidence of my task.

Ethical Writing Assignment: Privacy



When (if ever) is it right to intrude on another's privacy?  Is privacy a "right"?
 Yes, privacy is a right. No one can intrude someone’s privacy. Privacy can be interrupted by spying on another but no one wants to be followed by others on each step. Privacy is the information about yourself that you don’t want to share with others and it is absolutely a right.
But in different circumstances like in case of national security or in a state when somebody is doubted under to cause harm to others we can intrude his/her privacy. Parents can spy on their children but there should be a level of spying.

In your post, please contextualize your ideas in relation to Allen or Warren and Brandeis.
According to Allen, the purpose of spying decides that it is permissible or not. She mentioned all the purposes in her writing for spying. If a person is spying others or a corporation spying his customers for their self-benefits than spying is completely wrong. On the other hand, spying for protecting nation or spying for protection is fine depending on the conditions. Spying as a parenthood is permissible. I believe spying on kids is the job of the parents because kids found difficulties in choosing right or wrong paths. I am completely agreeing with Allen that the purpose of spying decides that it is wrong or right. 

Please discuss how you could apply your beliefs about privacy to a decision you might make about whether or not to apply techniques that you have learned in our course so far, such as Google hacking.
I believe in case of spying we can intrude someone’s privacy depending upon the conditions but publishing someone’s privacy weather it is online or offline should be punishable. Privacy is a right for everyone but when someone attempt crime or preparing himself/herself to attempt crime then privacy should be disable.