Week 11

This week’s lecture was on management of web 2.0 delivered by Margaret McCann.

Web 2.0 is causing a splash as it stretches the boundaries of what Web sites can do. But in the rush to add features, security has become an afterthought.

"We're continuing to make the same mistakes by putting security last," said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics. "People are buying into this hype and throwing together ideas for Web applications, but they are not thinking about security, and they are not realizing how badly they are exposing their users."

The risks of web 2 include the following:

• Privacy

• Information disclosure

• Loss of reputation

• Authenticity

• Transparency

• cyber stalking

There are a huge number of security risks associated with web 2.0 such as:

• Hackers

• Viruses

• Worms

• Adware

• Spyware

• Malware

• Spam

• Phishing

• Mobile devices such as wifi

Websense's State of Internet Security, released Tuesday, notes that attackers are focusing their attention on interactive Web 2.0 elements. Some 95 percent of user-generated comments on blogs, message boards, and chat rooms are either spam or contain malicious links, the security vendor warned.

The security company said its research during the first six months of 2009 indicated that community-driven security tools, which enable people to report inappropriate content, on sites including YouTube and BlogSpot are 65 percent to 75 percent "ineffective in protecting Web users from objectionable content and security risks."

According to Websense statistics, the number of malicious sites between January and June grew 233 percent over the second half of 2008, and 671 percent compared with the same period last year.

The security company also found that during the first six months of 2009, 78 percent of new Web pages with objectionable content such as pornography or gambling, contained at least one malicious link. Some 77 percent of Web sites with malicious code were compromised legitimate sites.

Ethics are important not only in business but in all aspects of life because it is an essential part of the foundation on which of a civilized society is build. A business or society that lacks ethical principles is bound to fail sooner or later

Internet, which hosts an enormous information base, has given rise to the concept of information privacy. The vast information on the Internet faces security needs. Unauthorized access to the information is undesirable. Data privacy refers to the association between the technology and the legal rights related to it. Whenever any information about a person or a person's data is stored, privacy needs arise. Internet privacy is the control one has over what information about oneself, the person wishes to disclose. Internet privacy deals with controlling the access to information over the Internet.

Internet privacy can be considered as a subset of computer privacy. Computer privacy consists of the data privacy relating to the avoidance of the improper disclosure of the personally identifiable information collected and stored by websites. The effective sharing of data while protecting the private information is the real challenge.

One school of thought denies the existence of Internet privacy while the other advocates the necessity of the Internet privacy. Complete anonymity is not the intent of Internet privacy. It rather intends to achieve a controlled disclosure of one’s personal information. Internet is a network of networks and when a person uses the Internet, he/she connects to it and is identified by an address. In technical terms this address is known as an IP address. For security reasons, a website may wish to track these addresses of its users. Websites may collect the non-personally identifiable information of their users. Such information is the one, which in no way can be used to uniquely identify a person. The disclosure of these forms of information is acceptable. It is actually the means by which websites track the users' Internet activities.

Some users prefer stricter forms of privacy such as anonymity to the Internet. Is it ethically right to allow users to use the Internet with a fake or an anonymous identity? While it caters to the privacy needs of some users, it may endanger the Internet usage for the others. Many users complain of being stalked by the anonymous users.

During the intellectual part of the lecture we discussed whether free music downloads is a means of stealing. The majority of the class disagreed that it is not stealing but Margaret said that it is stealing because you are getting something without paying it is a bit like going into an HMV store and stealing a CD from there then saying it is stealing. It made me realise how ethically wrong this is.

Creative Commons is a nonprofit organization that allows artists, authors, publishers and musicians the option of creating and defining a flexible copyright for their creative works. Creative Commons was officially launched in 2001 by a group of intellectual property experts, lawyers and web publishers. Creative Commons licenses cover art, music, and writing, but is not designed for software.

A Creative Commons license allows creators to place conditions on their copyrights. Traditionally, copyrights restrict the rights of others from modifying or distributing copywritten works. Creative Commons licenses offer flexibility by allowing the creator (copyright holder) the ability to choose what limitations they want in place with respect to specific copywritten works.

A variety of license options exist for the copyright holder. Assigning a Creative Commons license does not mean that the copyright holder is relinquishing rights to a piece of art, it merely means some conditions could be placed on the use of creative works.

Examples of Creative Common License Options

A Creative Commons license enables copyright holders to grant some of their rights to the public while retaining other rights.

• NonCommercial

A non-commercial license lets others copy, distribute, perform creative works and derivative works, but only for noncommercial purposes (anyone using the creative works cannot profit from it).

• ShareAlike

A ShareAlike license allows others to distribute derivative works under a license identical to the one held by the original copyright holder.

• NoDerivative Works

A NoDerivative Works clause allows others to copy, distribute, display and perform the exact copywritten works and no derivative works can be created.

Creative commons covers 4 attributes. The attributes states that you must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work).

With the understanding that:

• Waiver

Any of the above conditions can be waived if you get permission from the copyright holder.

• Public Domain

Where the work or any of its elements is in the public domain under applicable law, that status is in no way affected by the license.

• Other Rights

In no way are any of the following rights affected by the license:

o Your fair dealing or fair use rights, or other applicable copyright exceptions and limitations;

o The author's moral rights;

o Rights other persons may have either in the work itself or in how the work is used, such as publicity or privacy rights.

• Notice

For any reuse or distribution, you must make clear to others the license terms of this work. The best way to do this is with a link to this web page.

Two of the companies policy guidelines I found interesting are:

• Yahoo

AND

• BT

Yahoo! believes in fostering a thriving online community and supports blogging as a valuable component of shared media. The Yahoo! Personal Blog Guidelines have been developed for Yahoos who maintain personal blogs that contain postings about Yahoo!’s business, products, or fellow Yahoos and the work they do. They are also applicable to Yahoos who post about the company on the blogs of others. The guidelines outline the legal implications of blogging about the company and also include recommended best practices to consider when posting about Yahoo!.

LEGAL PARAMETERS: The following two bullets cover your legal responsibilities and non-disclosure obligations. Failure to abide by these two guidelines can result in serious ramifications for individual bloggers and/or individuals who post on the blogs of others.

• Legal Liability

When you choose to go public with your opinions via a blog, you are legally responsible for your commentary. Individual bloggers can be held personally liable for any commentary deemed to be defamatory, obscene, proprietary, or libelous. For these reasons, bloggers should exercise caution with regards to exaggeration, colorful language, guesswork, obscenity, copyrighted materials, legal conclusions, and derogatory remarks or characterizations. In essence, you blog (or post on the blogs of others) at your own risk. Outside parties actually can pursue legal action against you (not Yahoo!) for postings.

• Company Privileged Information

Any confidential, proprietary, or trade secret information is obviously off-limits for your blog per the Proprietary Information Agreement you have signed with Yahoo!. To obtain a copy of your agreement, please contact your HR manager. The Yahoo! logo and trademarks are also off-limits per our brand guidelines. Anything related to Yahoo! policy, inventions, strategy, financials, products, etc. that has not been made public cannot appear in your blog under any circumstances. see Yahoo! Guides 2. Disclosing confidential or proprietary information can negatively impact our business and may result in regulatory violations for the company.

BT recognises that its transformation into a global communication services company delivering software driven products relies on a workforce that can actively participate in collaboration and innovation with colleagues, customers, partners and suppliers on the web using social media tools.

Any BT person can use social media tools on the BT Intranet without approval. BT people may also use social media tools on the internet in support of their role and where there is clear business benefit provided they have permission to do so from their line manager.

Specific user guidance for blogging

Blogs can be used in two main ways:

• Personal blogs – these are personality driven channels

• Business blogs – these are content/issue driven channels.

Personal blogs – these are a vehicle for individuals to post business-related information in a personal context and some personal information about themselves. Internal personal blogs support knowledge management by:

• Providing searchable skills and experience information about BT people

• Providing searchable information about the issues/challenges individuals face in their work which can be shared and solved collectively

• Getting more data in the network where it can be searched and shared

• Providing a mechanism for building communities through which the collective power of the community can solve problems and issues individuals face

• Reducing duplication

• Sharing best practice across the organization and sharing good ideas and valuable experiences

• Encouraging innovation and inspiring and engaging BT colleagues.

Business blogs – may be individual in personality (although not containing personal information) or run by a group of people as a group blog. These blogs will focus on content or issues but be delivered by a named and recognisable individual or individuals. A business blog may be associated with existing published material of some kind, be part of a marketing or communications campaign, or complement an existing process (e.g. it might be part of an existing web site; set up in response to the issuing of a hard-copy newsletter; or to gather feedback about an existing process).

I found these the most interesting because they were more detailed than the other and also seemed less strict than the others.

During the lab I finished my group activity and created a new wiki then put the information on that. Therefore it was nothing new that we got to do in the lab. However the lecture was very good because it made me think about the benefits and the problems with social networking and web 2.