Transcript Powerpoint slides

CyberCivics
August 18, 2008
-1
What is CyberCivics?
 Study of contemporary social and political
issues that grow out of computer-science
related technologies

Examples: Privacy of digital communications,
electronic voting, data mining, digital surveillance,
digital rights management, and more
 Being an engaged citizen of the modern world
requires an understanding of computing
technologies
Evaluate proposed uses of
technology
 Citizens must consider proposed uses of
technology
Should we replace paper ballots with electronic
voting systems?
 Should we have a national identification card?
Should it have an RFID tag?
 Should public records be available online?
 Should emails be admissible evidence in court?

 Difficult to weigh the issues without
understanding the technologies themselves,
right?
-3
Watch for impact of
technology on our rights
 Citizens should know how technology impacts
their traditional rights
 Examples?
Do we have a right to sell our copy of a movie if we no
longer want it?
 Do we have a right to know when our files/emails are
searched? If they are stored in our home? at our
Internet service provider?
 Do we have a right to understand/investigate the
process through which our votes are counted?

-4
Shape our society for the
better
 Citizens need to advocate for regulations
that control misuse of technology
 Do we want a world where
Where companies track and sell private
information about individuals?
 Someone’s web browsing and media consumption
habits are linked to their credit report?
 Where people’s location is tracked at all times?

 Technology easily enable these abuses
 Do companies or the government have vested
interest in preventing them?
-5
CyberCivics = Contemporary
Issues + Hands-on Computer
Science
 Curricula that discusses contemporary issues and
engages students in hands-on activities that help
them better understand emerging technologies



Computer networking
Programming
Databases
 Dual benefits
 Be a more informed citizen
 Gain skills that prepare them for high-tech careers
-6
Institute Overview
 Day 1: Overview of CyberCivics, Network
Security and Privacy
 Day 2: Database Privacy
 Day 3: RFID and Surveillance
 Day 4: Electronic Voting
 Day 5: Computer Science Careers, Lesson
Planning and Tools Overview
Activities
 Network tracing and analysis
 Wireless network configuration
 Writing database queries
 Writing simple computer programs
 Analyzing a “hacked” computer program for
vulnerabilities
 Along the way

Discussions, readings, films, useful web sites,
useful tools
-8
Deliverables
 Each day, you take notes about what you
think would work in your classroom

Turn in notes and 1 page comments days 2-5
 Write a “citizen’s response”
 What
will you take away personally as a citizen?
 Day 5
In teams write plan for lesson segment
including a hands-on computer science activity
 Give 10 minute demonstration of your lesson
segment

-9
 Two Activities to Highlight Two Pieces of
CyberCivics
 Headline search
 Fake Email
-10
Headline search
-11
Headlines
Veterans Administration Loses Data on 1.8 million
-- Consumer Affairs, 2/13/07
Sony BMG Hacking into CD Buyers’ Computers
-- FOX News, 11/3/05
Audit Finds Many Faults in Cleveland’s ’06 Voting
-- NY Times, 4/20/07
Machines Record Votes Inaccurately in Tests
-- Dayton Daily News, 3/20/07
Experts: Wi-Fi Eavesdropping Persists…
-- Boston Globe, 8/7/07
-12
Fake Email
-13
Protocol
 If two people are going to communicate,
they must agree on a language
 Protocol = language defining the expected
order and meaning of messages they
exchange.
Hi …Hi…Got the time?….two oclock
SUCCESSFUL EXCHANGE
 Hi…Don’t bother meXX ABORTED
Allo…Hello..Quelle heuere a’til …..XX<blank
stare> MISMATCH

-14
Layered Architectures
 Human beings are able to handle lots of
complexity in their language processing.
Ambiguously defined
 Many interactions all at once

 How do computers manage complex
protocol processing?
Specify well defined protocols to enact.
 Decompose complicated jobs into layers that
each have a well defined task

-15
Layered Architectures
 Break-up big job into smaller, more
manageable jobs.
 Different entity does each job
-16
Physical Mail
CEO X
Assistant X
Lunch?
Schedule?
CEO Y
Assistant Y
Important Note?
Secretary X
Secretary Y
Internal mail info
Mailroom X
Mailroom Y
External mail info
Post Office X
Post Office Y
-17
Physical Mail
CEO X
“Lunch?”
CEO Y
Assistant X
“Lunch?”
Assistant Y
Secretary X
“Lunch?”
Secretary Y
Mailroom X
“Lunch?”
Mailroom Y
Post office X
“Lunch?”
Post office Y
-18
Envelopes Exercise
-19
Layered Architectures
 Break-up big job into smaller, more
manageable jobs.
 Different entity does each job
-20
Computer Networking
user X
English (?)
user Y
Web browser
HTTP
Web server
TCP server
TCP
TCP server
IP server
ethernet
driver/card
IP
IEEE 802.3 standard
electric signals
IP server
ethernet
driver/card
-21
Computer Networking
user X, wants page
Get page
user Y, posted page
Web browser
Get page
Web server
TCP server
Get page
TCP server
IP server
Get page
IP server
Get page
ethernet
driver/card
ethernet
driver/card
-22
First Look At Wireshark
 Capturing
 Get a web page
 Look At One Package
 Look At One Conversation
-23
One more complication
CEO A
CEO B
Assistant
Assistant
Secretary
Secretary
Mailroom
outgoing
Post office
in
out
Post office
in
out
Mailroom
incoming
-24
Computer Networking
Host A
Host B
Router R
Router W
HTTP
HTTP
TCP
TCP
IP
ethernet
IP
ethernet link
IP
link ethernet
IP
ethernet
-25
Traceroute/tracert
-26
Graphical Traceroute (plus
DNS information )
-27
Another Look At Wireshark
 http vs https
 Pop
-28
Trace Your Own
 Rules for tracing
 Answer questions
 Discussion of privacy concerns
-29
Know your network
neighborhood
 Hubs vs Switchs
 Do you trust the administrator?
-30
Wireless networks
-31
Outtakes
-32
Day 1: Overview and Networks
 Overview of CyberCivics
 Hands-on exercises with open source
network protocol analysis software
 Hands-on exercises illustrating the
weaknesses of typical wireless network
configurations
 Network communication in the headlines
Day 2: Database Privacy
 Readings on data mining and privacy
 Hands-on exercises writing simple
database queries
 Hands-on exercises with inference control
and database privacy
 Documentary: “No More Privacy, All About
You”
 Database privacy in the headlines
Day 3: RFID and Surveillance
 Readings on RFID, video surveillance, and
REAL-ID
 Hands-on exercises with RFID experiment
kits
 RFID and surveillance in the headlines
 Documentary: “Hacking Democracy”
(preparation for Day 4)
Day 4: Electronic Voting
 Readings on electronic voting
 Hands-on exercises with Python
programming
 Hands-on exercise reading source code for
electronic voting system and running mock
election
 Electronic voting in the headlines
Day 5: CS Careers, Lesson
Planning and Tools
 Exploration of on-line Occupational
Outlook Handbook
 Hands-on exercises with CyberCivics tools
and “kits” (virtual machines, LiveCDs)
 Lesson planning activity and feedback
Kits
 Materials budget to provision “kits” that teachers
can check out and use
 Kits will include




CDs with virtual machine images and LiveCDs
Collections of readings (loose leaf for ease of copying)
Hardware such as wireless access points and RFID kits
Copies of relevant DVDs and books
 On-line “kit” supplements will contain downloadable
files, pointers to on-line resources including where
to buy materials, etc.
-39