Compsci 182s, Spring 2011, Midterm

IP Address as PII

Some consider using an IP (Internet Protocol) address as a personal identifier similar to using a license plate in automatic-camera red-light/speeding violations to identify someone to pay a fine, e.g., see rules here: http://www.ghsa.org/html/stateinfo/laws/auto_enforce.html about different states and such cameras.

As part of a 2005 court case Klimas v. Comcast Cable Communications the company TRUSTe filed an amicus brief (http://www.truste.org/docs/TRUSTe_Amicus_Brief_in_Klimas_v_Comcast.doc) in which they expressed the following:

TRUSTe considers IP addresses to be anonymous identifiers because they are not used as personal identifiers. IP addresses, standing alone, are anonymous and only identify a device on the Internet, not the ultimate person using that device. While an IP address is a computer's public face on the Internet, the identity of an individual whose computer has been assigned an IP address by an ISP is, absent a publication of the information, known only by the ISP and the subscriber.

Write a few paragraphs in which you address the issues and consequences of using an IP address as a personal identifier.


Free, Open, Public

In an article about the creator of SQLite, Richard Hipp (Duke PhD) the program's creator is quoted:
"The author disclaims copyright to this source code. In place of a legal notice, here is a blessing: may you do good and not evil. May you find forgiveness for yourself and forgive others. May you share freely, never taking more than you give."

In a few paragraphs discuss the similarities and differences in how software is licensed including copyright, GPL, open source, propriety software and public domain software. In your discussion include your opinion of Richard Hipp's choice of how he has licensed/distributed SQLite.


Cyber Exploitation

In a March 23 article http://news.cnet.com/8301-31921_3-20046340-281.html titled Google, Yahoo, Skype targeted in attack linked to Iran the paragraph below ends the article:
Jacob Appelbaum, a Tor Project programmer, wrote in a blog post yesterday that this snafu shows that the Internet's trust mechanism, that was erected upon the idea of using signed digital certificates, is broken. "This should serve as a wake-up call to the Internet," he said. "We need to research, build, and share new methods for ensuring trust, identity, authenticity, and confidentiality."

Write a few paragraphs in which you address what trust means on the Internet as described in the quote. In your paragraphs include your opinion and a brief justification as to whether you think the term cyberexploitation is better than cyberwar or cyberterrorism in describing this and other, similar events. (Cyberexploitation as a term is advocated by Susan Landau and others.)