powerpoint slides
TRANSCRIPT
-1
CyberCivics
August 18, 2008
What is CyberCivics?
❒ Study of contemporary social and political issues that grow out of computer-science related technologies
❍ Examples: Privacy of digital communications, electronic voting, data mining, digital surveillance, digital rights management, and more
❒ Being an engaged citizen of the modern world requires an understanding of computing technologies
-3
Evaluate proposed uses of technology❒ Citizens must consider proposed uses of
technology❍ Should we replace paper ballots with electronic
voting systems?❍ Should we have a national identification card?
Should it have an RFID tag?❍ Should public records be available online? ❍ Should emails be admissible evidence in court?
❒ Difficult to weigh the issues without understanding the technologies themselves, right?
-4
Watch for impact of technology on our rights ❒ Citizens should know how technology impacts
their traditional rights ❒ Examples?
❍ Do we have a right to sell our copy of a movie if we no longer want it?
❍ Do we have a right to know when our files/emails are searched? If they are stored in our home? at our Internet service provider?
❍ Do we have a right to understand/investigate the process through which our votes are counted?
-5
Shape our society for the better❒ Citizens need to advocate for regulations
that control misuse of technology ❒ Do we want a world where
❍ Where companies track and sell private information about individuals?
❍ Someone’s web browsing and media consumption habits are linked to their credit report?
❍ Where people’s location is tracked at all times?❒ Technology easily enable these abuses
❍ Do companies or the government have vested interest in preventing them?
-6
CyberCivics = Contemporary Issues + Hands-on Computer Science
❒ Curricula that discusses contemporary issues and engages students in hands-on activities that help them better understand emerging technologies
❍ Computer networking❍ Programming❍ Databases
❒ Dual benefits ❍ Be a more informed citizen ❍ Gain skills that prepare them for high-tech careers
Institute Overview
❒ Day 1: Overview of CyberCivics, Network Security and Privacy
❒ Day 2: Database Privacy❒ Day 3: RFID and Surveillance❒ Day 4: Electronic Voting❒ Day 5: Computer Science Careers, Lesson
Planning and Tools Overview
-8
Activities
❒ Network tracing and analysis❒ Wireless network configuration❒ Writing database queries❒ Writing simple computer programs❒ Analyzing a “hacked” computer program for
vulnerabilities❒ Along the way
❍ Discussions, readings, films, useful web sites, useful tools
-9
Deliverables
❒ Each day, you take notes about what you think would work in your classroom❍ Turn in notes and 1 page comments days 2-5
❒ Write a “citizen’s response” ❍ What will you take away personally as a citizen?
❒ Day 5❍ In teams write plan for lesson segment
including a hands-on computer science activity❍ Give 10 minute demonstration of your lesson
segment
-10
❒ Two Activities to Highlight Two Pieces of CyberCivics
❒ Headline search❒ Fake Email
-11
Headline search
-12
HeadlinesVeterans Administration Loses Data on 1.8 million
-- Consumer Affairs, 2/13/07Sony BMG Hacking into CD Buyers’ Computers
-- FOX News, 11/3/05Audit Finds Many Faults in Cleveland’s ’06 Voting
-- NY Times, 4/20/07Machines Record Votes Inaccurately in Tests
-- Dayton Daily News, 3/20/07
Experts: Wi-Fi Eavesdropping Persists…-- Boston Globe, 8/7/07
-13
Fake Email
-14
Protocol
❒ If two people are going to communicate, they must agree on a language
❒ Protocol = language defining the expected order and meaning of messages they exchange.❍ Hi …Hi…Got the time?….two oclock
SUCCESSFUL EXCHANGE❍ Hi…Don’t bother meXX ABORTED Allo…
Hello..Quelle heuere a’til …..XX<blank stare> MISMATCH
-15
Layered Architectures
❒ Human beings are able to handle lots of complexity in their language processing.❍ Ambiguously defined❍ Many interactions all at once
❒ How do computers manage complex protocol processing?❍ Specify well defined protocols to enact.❍ Decompose complicated jobs into layers that
each have a well defined task
-16
Layered Architectures
❒ Break-up big job into smaller, more manageable jobs.
❒ Different entity does each job
-17
Physical Mail
Assistant X
Secretary X
Mailroom X
Post Office X
CEO X
Assistant Y
Secretary Y
Mailroom Y
Post Office Y
CEO YLunch?
Schedule?
Important Note?
Internal mail info
External mail info
-18
Physical Mail
Assistant X
Secretary X
Mailroom X
Post office X
CEO X
Assistant Y
Secretary Y
Mailroom Y
Post office Y
CEO Y“Lunch?”
“Lunch?”
“Lunch?”
“Lunch?”
“Lunch?”
-19
Envelopes Exercise
-20
Layered Architectures
❒ Break-up big job into smaller, more manageable jobs.
❒ Different entity does each job
-21
Computer Networking
Web browser
TCP server
IP server
ethernetdriver/card
user X
HTTP
TCP
IP
Web server
TCP server
IP server
ethernetdriver/card
user Y
IEEE 802.3 standard
electric signals
English (?)
-22
Computer Networking
Web browser
TCP server
IP server
ethernetdriver/card
user X, wants page
Web server
TCP server
IP server
ethernetdriver/card
user Y, posted pageGet page
Get page
Get page
Get page
Get page
-23
First Look At Wireshark
❒ Capturing❒ Get a web page❒ Look At One Package❒ Look At One Conversation
-24
One more complication
Assistant
Secretary
Mailroom
outgoing
CEO A
Post office
in out
Assistant
Secretary
Mailroom
incoming
CEO B
Post office
outin
-25
Computer Networking
HTTP
TCP
IP
ethernet
Host A
IP
ethernet
Router R
link
HTTP
TCP
IP
ethernet
Router W
Host B
IP
ethernetlink
-26
Traceroute/tracert
-27
Graphical Traceroute (plus DNS information )
-28
Another Look At Wireshark
❒ http vs https❒ Pop
-29
Trace Your Own
❒ Rules for tracing❒ Answer questions❒ Discussion of privacy concerns
-30
Know your network neighborhood❒ Hubs vs Switchs❒ Do you trust the administrator?
-31
Wireless networks
-32
Outtakes
Day 1: Overview and Networks
❒ Overview of CyberCivics❒ Hands-on exercises with open source
network protocol analysis software ❒ Hands-on exercises illustrating the
weaknesses of typical wireless network configurations
❒ Network communication in the headlines
Day 2: Database Privacy
❒ Readings on data mining and privacy❒ Hands-on exercises writing simple
database queries❒ Hands-on exercises with inference control
and database privacy❒ Documentary: “No More Privacy, All About
You”❒ Database privacy in the headlines
Day 3: RFID and Surveillance❒ Readings on RFID, video surveillance, and
REAL-ID❒ Hands-on exercises with RFID experiment
kits❒ RFID and surveillance in the headlines❒ Documentary: “Hacking Democracy”
(preparation for Day 4)
Day 4: Electronic Voting
❒ Readings on electronic voting ❒ Hands-on exercises with Python
programming❒ Hands-on exercise reading source code for
electronic voting system and running mock election
❒ Electronic voting in the headlines
Day 5: CS Careers, Lesson Planning and Tools❒ Exploration of on-line Occupational
Outlook Handbook❒ Hands-on exercises with CyberCivics tools
and “kits” (virtual machines, LiveCDs)❒ Lesson planning activity and feedback
Kits❒ Materials budget to provision “kits” that teachers
can check out and use ❒ Kits will include
❍ CDs with virtual machine images and LiveCDs❍ Collections of readings (loose leaf for ease of copying)❍ Hardware such as wireless access points and RFID kits❍ Copies of relevant DVDs and books
❒ On-line “kit” supplements will contain downloadable files, pointers to on-line resources including where to buy materials, etc.
-39