Fuck it, serve the files directly.

author: Owen Jacobson <owen.jacobson@grimoire.ca> 2015-07-03 22:31:49 -0400
committer: Owen Jacobson <owen.jacobson@grimoire.ca> 2015-07-03 22:35:09 -0400
commit: 76aed6ef732de38d82245b3d674f70bab30221e5 (patch)
tree: d50e9a296d91ef8a49bcb29c3e80096f200a3c26 /.html/ethics
parent: 92f66d3e3a0996bb1fad9dc83d7e184f92673e5d (diff)
5 files changed, 761 insertions, 0 deletions
diff --git a/.html/ethics/_list.html b/.html/ethics/_list.html
new file mode 100644
index 0000000..ff9ddb3
--- /dev/null
+++ b/.html/ethics/_list.html
@@ -0,0 +1,92 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<title>
+		The Codex » 
+		ls /ethics
+	</title>
+
+	<link
+		rel='stylesheet'
+		type='text/css'
+		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/reset.css">
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/grimoire.css">
+</head>
+<body>
+
+<div id="shell">
+	
+		<ol id="breadcrumbs">
+			
+				<li class="crumb-0 not-last">
+					
+						<a href="../">index</a>
+					
+				</li>
+			
+				<li class="crumb-1 not-last">
+					
+						<a href="./">ethics</a>
+					
+				</li>
+			
+				<li class="crumb-2 last">
+					
+						<span class="list-crumb">list</span>
+					
+				</li>
+			
+		</ol>
+	
+
+	
+	<div id="listing">
+		<h1><code>ls /ethics</code></h1>
+
+		
+
+		
+			<div id="pages">
+				<h2>Pages</h2>
+				<ul>
+					
+						<li><a href="lg-smart-tv">LG Smart TVs are dumb</a></li>
+					
+						<li><a href="linkedin-intro">LinkedIn Intro is Unethical Software</a></li>
+					
+						<li><a href="musings">Undirected Musings about Ethics</a></li>
+					
+				</ul>
+			</div>
+		
+
+		
+	</div>
+
+
+	
+	
+
+	
+	<div id="footer">
+		<p>
+			
+				The Codex —
+			
+			Powered by <a href="http://markdoc.org/">Markdoc</a>.
+			
+<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/ethics">See this directory on Bitbucket</a>.
+
+		</p>
+	</div>
+	
+</div>
+</body>
+</html>
+\ No newline at end of file
diff --git a/.html/ethics/index.html b/.html/ethics/index.html
new file mode 100644
index 0000000..ff9ddb3
--- /dev/null
+++ b/.html/ethics/index.html
@@ -0,0 +1,92 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<title>
+		The Codex » 
+		ls /ethics
+	</title>
+
+	<link
+		rel='stylesheet'
+		type='text/css'
+		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/reset.css">
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/grimoire.css">
+</head>
+<body>
+
+<div id="shell">
+	
+		<ol id="breadcrumbs">
+			
+				<li class="crumb-0 not-last">
+					
+						<a href="../">index</a>
+					
+				</li>
+			
+				<li class="crumb-1 not-last">
+					
+						<a href="./">ethics</a>
+					
+				</li>
+			
+				<li class="crumb-2 last">
+					
+						<span class="list-crumb">list</span>
+					
+				</li>
+			
+		</ol>
+	
+
+	
+	<div id="listing">
+		<h1><code>ls /ethics</code></h1>
+
+		
+
+		
+			<div id="pages">
+				<h2>Pages</h2>
+				<ul>
+					
+						<li><a href="lg-smart-tv">LG Smart TVs are dumb</a></li>
+					
+						<li><a href="linkedin-intro">LinkedIn Intro is Unethical Software</a></li>
+					
+						<li><a href="musings">Undirected Musings about Ethics</a></li>
+					
+				</ul>
+			</div>
+		
+
+		
+	</div>
+
+
+	
+	
+
+	
+	<div id="footer">
+		<p>
+			
+				The Codex —
+			
+			Powered by <a href="http://markdoc.org/">Markdoc</a>.
+			
+<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/ethics">See this directory on Bitbucket</a>.
+
+		</p>
+	</div>
+	
+</div>
+</body>
+</html>
+\ No newline at end of file
diff --git a/.html/ethics/lg-smart-tv.html b/.html/ethics/lg-smart-tv.html
new file mode 100644
index 0000000..5f565b4
--- /dev/null
+++ b/.html/ethics/lg-smart-tv.html
@@ -0,0 +1,180 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<title>
+		The Codex » 
+		LG Smart TVs are dumb
+	</title>
+
+	<link
+		rel='stylesheet'
+		type='text/css'
+		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/reset.css">
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/grimoire.css">
+</head>
+<body>
+
+<div id="shell">
+	
+		<ol id="breadcrumbs">
+			
+				<li class="crumb-0 not-last">
+					
+						<a href="../">index</a>
+					
+				</li>
+			
+				<li class="crumb-1 not-last">
+					
+						<a href="./">ethics</a>
+					
+				</li>
+			
+				<li class="crumb-2 last">
+					
+						lg-smart-tv
+					
+				</li>
+			
+		</ol>
+	
+
+	
+	<div id="article">
+		<h1 id="lg-smart-tvs-are-dumb">LG Smart TVs are dumb</h1>
+<p>(Or, corporate entitlement run amok.)</p>
+<p><a href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-fil
+enames-and.html">According to a UK
+blogger</a>, LG Smart TVs not only offer “smart” features, but also
+track your viewing habits <em>extremely</em> closely by submitting events back to LG
+and to LG's advertising affiliates.</p>
+<p>Under his diagnosis, the TV sends an event to LG that identifies the specific TV</p>
+<ul>
+<li>
+<p>every time the viewer changes channels (containing the name of the channel being watched)</p>
+</li>
+<li>
+<p>whenever a USB device is inserted (containing the names of files stored on the USB stick)</p>
+</li>
+</ul>
+<p>The page comments additionally suggest that the TV sends back information
+whenever the menu is opened, as well.</p>
+<p>This information is used to provide targeted advertising, likely to offset
+the operational cost of the TV's “intelligent” features. Consumer protections
+around personal data and tracking have traditionally been very weak, so it's
+not entirely surprising that LG would choose to extract revenue this way
+instead of raising the price of the product to cover the operational costs and instead of offering the intelligent features as a subscription service, but this is extremely disappointing.</p>
+<h2 id="how-is-this-harmful">How is this harmful?</h2>
+<p>LG uses this information to sell <a href="http://us.lgsmartad.com/main/main.lge">targeted
+advertising</a>, extracting value for
+itself out from the presence of other peoples' eyeballs. We've collectively
+chosen to accept that content producers -- website owners, for example -- can
+sell advertising as a way to augment their income from the content they
+produce. However, LG is not a content producer; while you can choose to leave
+a website that uses invasive ad tracking, LG's position is more analogous to
+that of the web browser itself: they get to watch the customer's habits no matter what they choose to watch.</p>
+<p>There is a material difference between advertising targeted by time slot and
+by the content distributors (television networks) on their own behalf, which
+has been part of television nearly from its inception, and the kind of
+personally-invasive and cross-channel targeted advertising LG is engaging in.
+LG's ability to correlate viewing habits across every channel and across
+non-public media the user watches places them in a position where they may
+well derive more information about the people watching TV than those peoples'
+own spouses or parents would be trusted with. We've already seen this kind of
+comprehensive statistical modelling go wrong; <a href="http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-ou
+ t-a-teen-girl-was-pregnant-before-her-father-did/">Target's advertising folks
+landed in hot water last
+year</a> after their
+purchase-habit-derived models revealed information about a customer that she
+didn't even have about herself.</p>
+<p>LG is also taking zero care to ensure that the private information it's
+silently extracting from viewers is not diseminated further. The TV sends
+viewing information - channel names, file names from USB sticks, and so on -
+over the internet in plain text, allowing anyone on the network path between
+the TV and LG to intercept it and use it for their own ends. This kind of
+information is incredibly useful for targeted fraud, and I'm sure the NSA is
+thrilled to have such a useful source of personally-identifying and
+habit-revealing data available for free, too.</p>
+<h2 id="icing-on-the-cake">Icing on the cake</h2>
+<p>The TV's settings menu contains an item entitled “Collection of watching
+info” which can be turned to “On” (the default, even if the customer rejects
+the end-user license agreement on the television and disables the
+“intelligent” features) or “Off.” It would be reasonable to expect that this
+option would stop the TV from communicating viewing habits to the internet;
+however, the setting appears to do very little. The article shows packet
+captures of the TV submitting viewing information to LG with the setting in
+either position.</p>
+<p>The setting also has no help text to guide customers to understanding what it
+<em>actually</em> does or to clarify expectations around it.</p>
+<h2 id="lgs-stance-is-morally-indefensible">LG's stance is morally indefensible</h2>
+<p>From the blog post, LG's representative claims that viewers “agree” to this
+monitoring when they accept the TV's end-user license agreement, and that
+it's up to the retailer to inform the user of the contents of the license
+agreement. However:</p>
+<ol>
+<li>
+<p>LG does not ensure that retailers tell potential buyers about the end-user license conditions; they claim it's up to the retailer's individual discretion.</p>
+</li>
+<li>
+<p>There's no incentive for retailers to tell customers about the license agreement, as the agreement is between LG and the customer, not between the retailer and the customer. Stopping each sale to talk about license terms is likely to reduce the number of sales, too.</p>
+</li>
+<li>
+<p>It would be impractical for retailers to inform customers of every license for every product they sell, as there are unique licenses for nearly every piece of software and for most computer-enabled products (i.e., most of them). Retailers do not habitually employ contract lawyers to accurately guide customers through the license agreements.</p>
+</li>
+<li>
+<p>LG's own packaging makes the license agreement effectively unviewable without committing the money to buy a TV. It's only presented on the TV itself after it's installed and turned on (which often voids the customer's ability to return it to the retailer), and in retailer-specific parts of LG's own website, which isn't practically available while the customer is standing in a shop considering which TV to buy.</p>
+</li>
+</ol>
+<p>It is not reasonable to expect customers to assume their TV will track
+viewing habits publicly. This is not a behaviour that TVs have had over their
+multi-decade existence, and it's disingenuous for LG to act like the customer
+“should have known” in any sense that the LG TV acts in this way.</p>
+<p>LG is hiding behind the modern culture of unfair post-sale contracts to
+impose a novel, deeply-invasive program of customer monitoring for their own
+benefit, relying on corporate law to protect themselves from consumer
+reprisals. This cannot be allowed to continue; vote with your dollars.</p>
+	</div>
+
+
+	
+<div id="comments">
+<div id="disqus_thread"></div>
+<script type="text/javascript">
+    /* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */
+    var disqus_shortname = 'grimoire'; // required: replace example with your forum shortname
+
+    /* * * DON'T EDIT BELOW THIS LINE * * */
+    (function() {
+        var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
+        dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js';
+        (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
+    })();
+</script>
+<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
+<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
+</div>
+
+
+	
+	<div id="footer">
+		<p>
+			
+				The Codex —
+			
+			Powered by <a href="http://markdoc.org/">Markdoc</a>.
+			
+<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/ethics/lg-smart-tv.md">See this page on Bitbucket</a> (<a href="https://bitbucket.org/ojacobson/grimoire.ca/history-node/master/wiki/ethics/lg-smart-tv.md">history</a>).
+
+		</p>
+	</div>
+	
+</div>
+</body>
+</html>
+\ No newline at end of file
diff --git a/.html/ethics/linkedin-intro.html b/.html/ethics/linkedin-intro.html
new file mode 100644
index 0000000..be73d06
--- /dev/null
+++ b/.html/ethics/linkedin-intro.html
@@ -0,0 +1,251 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<title>
+		The Codex » 
+		LinkedIn Intro is Unethical Software
+	</title>
+
+	<link
+		rel='stylesheet'
+		type='text/css'
+		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/reset.css">
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/grimoire.css">
+</head>
+<body>
+
+<div id="shell">
+	
+		<ol id="breadcrumbs">
+			
+				<li class="crumb-0 not-last">
+					
+						<a href="../">index</a>
+					
+				</li>
+			
+				<li class="crumb-1 not-last">
+					
+						<a href="./">ethics</a>
+					
+				</li>
+			
+				<li class="crumb-2 last">
+					
+						linkedin-intro
+					
+				</li>
+			
+		</ol>
+	
+
+	
+	<div id="article">
+		<h1 id="linkedin-intro-is-unethical-software">LinkedIn Intro is Unethical Software</h1>
+<p><a href="https://intro.linkedin.com">LinkedIn Intro</a> is a mail filtering service
+provided by LinkedIn that inserts LinkedIn relationship data into the user's
+incoming and outgoing mail. This allows, for example, LinkedIn to decorate
+incoming mail with a toolbar linking to the sender's LinkedIn account, and
+automatically injects a short “signature” of your LinkedIn profile into
+outgoing mail.</p>
+<p>These are useful features, and the resulting interaction is quite smooth.
+However, the implementation has deep, unsolvable ethical problems.</p>
+<p>LinkedIn Intro reconfigures the user's mobile device, replacing their mail
+accounts with proxy mail accounts that use LinkedIn's incoming and outgoing
+mail servers. All of LinkedIn's user-facing features are implemented using
+HTML and JavaScript injected directly into the email message.</p>
+<h2 id="password-concerns">Password Concerns</h2>
+<p>LinkedIn Intro's proxy mail server must be able to log into the user's real
+incoming mail server to retrieve mail, and often must log into the user's real
+outgoing mail server to deliver mail with correct SPF or DKIM validation. This
+implies that LinkedIn Intro must know the user's email credentials, which it
+acquires from their mobile device. Since this is a “use” of a password, not
+merely a “validation” of an incoming password, the password must be available
+<em>to LinkedIn</em> as plain text. There are two serious problems with this that
+are directly LinkedIn's responsibilty, and a third that's indirect but
+important. (Some email providers - notably Google - support non-password,
+revokable authentication mechanisms for exactly this sort of use. It's not
+clear whether LinkedIn Intro uses these safer mechanisms, but it doesn't
+materially change my point.)</p>
+<p>LinkedIn has a somewhat unhappy security history. In 2012, they had a
+<a href="http://www.nytimes.com/2012/06/11/technology/linkedin-breach-exposes-light-security-even-at-data-companies.html">security
+breach</a>
+that exposed part of their authentication database to the internet. While they
+have very likely tightened up safeguards in response, it's unclear whether
+those include a cultural change towards more secure practices. Certainly, it
+will take longer than the year that's passed for them to build better trust
+from the technical community.</p>
+<p>Worse, the breach revealed that LinkedIn was actively disregarding known
+problems with password storage for authentication. <a href="http://cm.bell-labs.com/cm/cs/who/dmr/passwd.ps">Since at least the late
+70's</a>, the security community
+has been broadly aware of weaknesses of unsalted hash-based password
+obfuscation. More recently, <a href="http://www.win.tue.nl/cccc/sha-1-challenge.html">it's become
+clear</a> that CPU-optimized
+hash algorithms (including MD5 and both SHA-1 and SHA-2) are weak protection
+against massively parallel password cracking — cracking that's quite cheap
+using modern GPUs. Algorithms like
+<a href="http://codahale.com/how-to-safely-store-a-password/">bcrypt</a> which address
+this specific weakness have been available since the late 90's. LinkedIn's
+leaked password database was stored using unsalted SHA-1 digests, suggesting
+either a lack of research or a lack of understanding of the security
+implications of their password system.</p>
+<p>Rebuilding trust after this kind of public shaming should have involved a
+major, visible shift in the company's culture. There's easy marketing among
+techies — a major portion of LinkedIn's audience, even now — to be done by
+showing how on the ball you can be about protecting their data; none of this
+marketing has appeared. The impact of raising the priority of security issues
+throughout product development should be visible from the outside, as risky
+features get pushed aside to address more fundamental security issues; no such
+shift in priorities has been visible. It is reasonable, observing LinkedIn's
+behaviour in the last year, to conclude that LinkedIn, as a company, still
+treats data security as an easy problem to be solved with as little effort as
+possible. This is not a good basis on which to ask users to hand over their
+email passwords.</p>
+<p>While the security community has been making real efforts to educate users to
+use a unique password for each service they use, the sad reality is that most
+users still use the same password for everything. As LinkedIn Intro must
+necessarily store <em>plain text</em> passwords, it will be a very attractive target
+for future break-ins, for employee malfeasance, and for United States court
+orders.</p>
+<h2 id="what-gets-seen">What Gets Seen</h2>
+<p>LinkedIn Intro is not selective. Every email that passes through an
+Intro-enabled email account is visible, entirely, to LinkedIn. The fact that
+the email occurred is fodder for their recommendation engine and for any other
+analysis they care to run. The contents may be retained indefinitely, outside
+of either the sender's or the recipients' control. LinkedIn is in a position
+to claim that Intro users have given it <em>permission</em> to be intrusive into
+their email in this way.</p>
+<p>Very few people use a dedicated email account for “corporate networking” and
+recruiting activities. A CEO (LinkedIn's own example) recieves mail pertaining
+to many sensitive aspects of a corporation's running: lawsuit notices, gossip
+among the exec team, planning emails discussing the future of the company,
+financials, email related to external partnerships at the C*O level, and many,
+many other things. LinkedIn's real userbase, recruiters and work-seeking
+people, often use the same email account for LinkedIn and for unrelated
+private activities. LinkedIn <em>has no business</em> reading these emails or even
+knowing of their existence, but Intro provides no way to restrict what
+LinkedIn sees.</p>
+<p>Users in heavily-regulated industries, such as health care or finance, may be
+exposing their whole organization to government interventions by using Intro,
+as LinkedIn is not known to be HIPAA, SOX, or PCI compliant.</p>
+<p>The resulting “who mailed what to whom” database is hugely valuable. I expect
+LinkedIn to be banking on this; such a corpus of conversational data would
+greatly help them develop new features targetting specific groups of users,
+and could improve the overall effectiveness of their recommendation engine.
+However, it's also valuable to others; as above, this information would be a
+gold mine for marketers, a target for break-ins, and, worryingly, <em>immensely</em>
+useful to the United States' intelligence apparatus (who can obtain court
+orders preventing LinkedIn from discussing their requests, to boot).</p>
+<p>(LinkedIn's recommendation engine also has issues; it's notorious for
+<a href="http://community.linkedin.com/questions/31650/linkedin-sent-an-ex-girlfriend-a-request-to-someon.html">recommending people to their own
+ex-partners</a>
+and to people actively suing one another. Giving it more data to work with
+makes this more likely, especially when the data is largely unrelated to
+professional concerns..)</p>
+<p>LinkedIn Intro's injected HTML is also suspect by default. Tracking email open
+rates is standard practice for email marketing, but Intro allows <em>LinkedIn</em> to
+track the open rate of emails <em>you send</em> and of emails <em>you recieve</em>,
+regardless of whether those emails pertain to LinkedIn's primary business or
+not.</p>
+<h2 id="user-education">User Education</h2>
+<p>All of the risks outlined above are manageable. With proper information, the
+end user can make an informed decision as to whether</p>
+<ul>
+<li>to ignore Intro at all, or</li>
+<li>to use Intro with a dedicated “LinkedIn Only” email account, or</li>
+<li>to use Intro with everything</li>
+</ul>
+<p>LinkedIn's own marketing materials outline <em>absolutely none</em> of these risks.
+They're designed, as most app landing materials are, to make the path to
+downloading and configuring Intro as smooth and unthreatening as possible: the
+option to install the application is presented before the page describes what
+the app <em>does</em>, and it never describes how the app <em>works</em> — that information
+is never stated outright, not even in Intro's own
+<a href="https://intro.linkedin.com/micro/faq">FAQ</a>. Witholding the risks from users
+vastly increases the chances of a user making a decision they aren't
+comfortable with, or that increases their own risk of social or legal problems
+down the road.</p>
+<h2 id="linkedins-response">LinkedIn's Response</h2>
+<p>Shortly after Intro's first round of public mockery, a LinkedIn employee
+<a href="http://blog.linkedin.com/2013/10/26/the-facts-about-linkedin-intro/">posted a
+response</a>
+to some of the security concerns. The post is interesting, and I recommend you
+read it.</p>
+<p>The key point about the response is that it underscores how secure Intro is
+<em>for LinkedIn</em>. It does absolutely nothing to discuss how LinkedIn is curating
+its users' security needs. In particular:</p>
+<blockquote>
+<p>We isolated Intro in a separate network segment and implemented a
+tight security perimeter across trust boundaries.</p>
+</blockquote>
+<p>A breach in LinkedIn proper may not imply a breach in LinkedIn Intro, and vice
+versa, but there must be at least some data passing back and forth for Intro
+to operate. The nature and structure of the security mechanisms that permit
+the “right” kind of data are not elaborated on; it's impossible to decide how
+well they actually insulate Intro from LinkedIn. Furthermore, a breach in
+LinkedIn Intro is still incredibly damaging even if it doesn't span LinkedIn
+itself.</p>
+<blockquote>
+<p>Our internal team of experienced testers also penetration-tested the
+final implementation, and we worked closely with the Intro team to
+make sure identified vulnerabilities were addressed.</p>
+</blockquote>
+<p>This doesn't address the serious concerns with LinkedIn Intro's <em>intended</em>
+use; it also doesn't do much to help users understand how thorough the testing
+was or to understand who vetted the results.</p>
+<h2 id="the-bottom-line">The Bottom Line</h2>
+<p><em>If</em> LinkedIn Intro works as built, and <em>if</em> their security safeguards are as
+effective as they claim and hope, then Intro exposes its users to much greater
+risk of password compromise and helps them expose themselves to surveillence,
+both government and private. If either of those conditions does not hold, it's
+worse.</p>
+<p>The software industry is young, and immature, and wealthy. There is no ethics
+body to complain to; had the developers of Intro said “no,” they would very
+likely have been replaced by another round of developers who would help
+LinkedIn violate their users' privacy. That does not excuse LinkedIn; their
+product is vile, and must not be tolerated in the market.</p>
+	</div>
+
+
+	
+<div id="comments">
+<div id="disqus_thread"></div>
+<script type="text/javascript">
+    /* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */
+    var disqus_shortname = 'grimoire'; // required: replace example with your forum shortname
+
+    /* * * DON'T EDIT BELOW THIS LINE * * */
+    (function() {
+        var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
+        dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js';
+        (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
+    })();
+</script>
+<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
+<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
+</div>
+
+
+	
+	<div id="footer">
+		<p>
+			
+				The Codex —
+			
+			Powered by <a href="http://markdoc.org/">Markdoc</a>.
+			
+<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/ethics/linkedin-intro.md">See this page on Bitbucket</a> (<a href="https://bitbucket.org/ojacobson/grimoire.ca/history-node/master/wiki/ethics/linkedin-intro.md">history</a>).
+
+		</p>
+	</div>
+	
+</div>
+</body>
+</html>
+\ No newline at end of file
diff --git a/.html/ethics/musings.html b/.html/ethics/musings.html
new file mode 100644
index 0000000..4090d46
--- /dev/null
+++ b/.html/ethics/musings.html
@@ -0,0 +1,146 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<title>
+		The Codex » 
+		Undirected Musings about Ethics
+	</title>
+
+	<link
+		rel='stylesheet'
+		type='text/css'
+		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/reset.css">
+	<link
+		rel="stylesheet"
+		type="text/css"
+		href="../media/css/grimoire.css">
+</head>
+<body>
+
+<div id="shell">
+	
+		<ol id="breadcrumbs">
+			
+				<li class="crumb-0 not-last">
+					
+						<a href="../">index</a>
+					
+				</li>
+			
+				<li class="crumb-1 not-last">
+					
+						<a href="./">ethics</a>
+					
+				</li>
+			
+				<li class="crumb-2 last">
+					
+						musings
+					
+				</li>
+			
+		</ol>
+	
+
+	
+	<div id="article">
+		<h1 id="undirected-musings-about-ethics">Undirected Musings about Ethics</h1>
+<h2 id="further-reading">Further reading</h2>
+<ul>
+<li><a href="http://modelviewculture.com/pieces/the-fantasy-and-abuse-of-the-manipulable-user">The Fantasy and Abuse of the Manipulable User</a></li>
+<li><a href="https://glyph.twistedmatrix.com/2005/11/ethics-for-programmers-primum-non.html">Ethics for Programmers: Primum non Nocere</a></li>
+<li><a href="http://idlewords.com/bt14.htm">The Internet with a Human Face</a></li>
+<li><a href="http://www.diffen.com/difference/Ethics_vs_Morals">Ethics vs Morals</a></li>
+<li><a href="http://yesmeansyesblog.wordpress.com">Yes means Yes</a></li>
+</ul>
+<h2 id="why-bother">Why bother?</h2>
+<p>Everyone <em>thinks</em> they're doing good most of the time. Ethical codes help
+guide that sense into alignment with the surrounding social and political
+context: doing good for whom, why, and with what kinds of caveats.</p>
+<h2 id="its-not-about-engineering-its-about-people">It's not about engineering, it's about people</h2>
+<p>An ethical code for software development should not waste too much space
+talking about <em>engineering practices</em>. Certainly there is value in getting
+more developers and systems people to follow good engineering practice, but
+an ethical code should focus on the interaction between trustworthiness, the
+greater good, the personal good of <em>all</em> the participants in the system, and
+software itself.</p>
+<p>(This comes up in Ethics for Programmers, above.)</p>
+<p>It's no good to build a wonderfully-engineered system that is cheap to run
+and easy to integrate with if it systematically disenfranchises and abuses
+its users for the benefit of its owners, and that's a problem we actually
+have via Facebook, Github, Twitter, and numerous others.</p>
+<h2 id="ethical-codes-are-fundamentally-extrinsic">Ethical codes are fundamentally extrinsic</h2>
+<p>Ethical codes exist so that others can judge our behaviour, not so that we
+can judge our own behaviour.</p>
+<h2 id="ethical-codes-must-be-constraining">Ethical codes must be constraining</h2>
+<p>Ethical codes do not exist in a vacuum. A code that authorizes its adherents
+to behave in any way they see fit, subject only to their own judgement, is no
+ethical code at all. We already have that and the results have not been great.</p>
+<p><em>This is important</em> - a meaningful ethical code for software would probably
+cripple most software business models. An ethical code that prioritizes
+active consent, for example, completely cripples advertising and analytics,
+and puts a big roadblock in buyouts like Instagram's. This may well be good
+for society.</p>
+<h2 id="integrity-is-not-about-contracts-or-legislation">Integrity is not about contracts or legislation</h2>
+<p>Ethics, personal integrity, and group integrity are tangled together, but
+modern Western conceptions of group integrity tend to revolve around “does
+this group break the law or engender lawsuits,” not “does this group act in
+the best interests of people outside of it.”</p>
+<h2 id="assumptions">Assumptions</h2>
+<p>I've embedded some of my personal morality into the “ethics” articles in this
+section, in the absence of a published moral code. Those, obviously, aren't
+absolute, but you can reason about their validity if you assume that I
+believe the “end user's” privacy and active consent take priority over the
+technical cleverness or business value of a software system.</p>
+<h3 id="consent-and-social-software">Consent and social software</h3>
+<p>This has some complicated downstream effects: “active consent” means
+something you can't handwave away by putting implied consent (for example, to
+future changes) in an EULA or privacy statement. I haven't written much that
+calls out this pattern because it's <em>pervasive</em>.</p>
+<p>The “end user is the real product” business model most social networks
+operate on is fundamentally unethical under this code. It will always be more
+valuable to the “real customers” (advertisers, analytics platforms, law
+enforcement, and intelligence agencies) for users to be opted into new
+measurements by default, <em>assuming</em> consent rather than obtaining it.</p>
+	</div>
+
+
+	
+<div id="comments">
+<div id="disqus_thread"></div>
+<script type="text/javascript">
+    /* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */
+    var disqus_shortname = 'grimoire'; // required: replace example with your forum shortname
+
+    /* * * DON'T EDIT BELOW THIS LINE * * */
+    (function() {
+        var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
+        dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js';
+        (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
+    })();
+</script>
+<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
+<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
+</div>
+
+
+	
+	<div id="footer">
+		<p>
+			
+				The Codex —
+			
+			Powered by <a href="http://markdoc.org/">Markdoc</a>.
+			
+<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/ethics/musings.md">See this page on Bitbucket</a> (<a href="https://bitbucket.org/ojacobson/grimoire.ca/history-node/master/wiki/ethics/musings.md">history</a>).
+
+		</p>
+	</div>
+	
+</div>
+</body>
+</html>
+\ No newline at end of file
author	Owen Jacobson <owen.jacobson@grimoire.ca>	2015-07-03 22:31:49 -0400
committer	Owen Jacobson <owen.jacobson@grimoire.ca>	2015-07-03 22:35:09 -0400
commit	76aed6ef732de38d82245b3d674f70bab30221e5 (patch)
tree	d50e9a296d91ef8a49bcb29c3e80096f200a3c26 /.html/ethics
parent	92f66d3e3a0996bb1fad9dc83d7e184f92673e5d (diff)