Blog Reflection

• 1st discussion Answers:
• 2nd Discussion
• 3rd Discussion Reflection - Computing Bias
• 4th Discussion Reflection - Crowdsourcing
• Big Idea 5.5 Legal and Ethical Concerns
• Big Idea 5.6 Safe Computing

1st discussion Answers:

Come up with three of your own Beneficial and corresponding Harmful Effects of Computing

For this discussion I will talk about the use of internet to watch TV.

• One benefit of being able to watch TV over the internet through websites such as YoutubeTV and SlingTV are that people can watch their shows whenever they want instead of having to wait for them to air on the local TV
• Another benefit of TV being available whenver you want is the streaming networks create more TV. In the older days it would take weeks for an entire season of a show to air on local TV so the network would make new seasons for the shows less often. Now the companies are willing to make the TV shows more often because of how people will watch it.
• One negative side affect of TV being available everywhere is that its less memorable. Since the network comapnies are creating many new shows often, there quality has reduced where the networks want to make as many shows as possible to maximize the revenue they can receieve.

Talk about dopamine issues above. Real? Parent conspiracy? Anything that is impacting your personal study and success in High School?

Yes these issues are definetly real. The media and digital world can be very addictive for many teens who don't know how to manage their time and navigate the world. The amount of distractions can lead to many teens neglecting their personal studies and responsiblities because they are unable to manage their own time. Something that affects my personal studies from the digitial world is Youtube because Youtube is very addiciting and the algorithm is made to always keep you watching. It can be very difficult to have the self control to stop watching and do other less fun things in my life.

2nd Discussion

How does someone empower themself in a digital world? Someone can empower themselves in the digital world by using the internet to gain more connections. An example of this is through Linkedin you can meet people you would not have meet otherwise. The connections you create here are valuable throughout your life because these people can give you oppurtunities that would not have been available without the access to linkedin.

How does someone that is empowered help someone that is not empowered? Describe something you could do at Del Norte HS. You can help someone who isn't empowered by allowing them to use your resources. For example on a large scale you could start a non-profit where students from Del Norte contribute by giving away their old devices so they can be used by the people who are not digitally empowered. You can also collect donations of money so you can use it to either fix the old technology and get it to work or you can save it to buy new devices for those who don't have the money to buy it on their own.

Is paper or red tape blocking digital empowerment? Are there such barriers at Del Norte? Elsewhere? Yes there are certain stuff that block digitial enpowerment. For example the tech companies do not focus on the people who don't have much money but focus on those who have lots of money and will pay a high fee for their devices. An example of this is Apple with fees being in the thousands for a new phone which is not possible to be bought by someone in a low income situation. These limitations aren't present in Del Norte because students can get free chromebooks so they are able to submit assignments and do the work they need when at home and at school. There are limitations for some elsewhere, in places where the school district doesn't have the money to buy chromebooks or devices for everyone but rather they have to supply it themselves which is unfeasable.

3rd Discussion Reflection - Computing Bias

Based on what we have learned in class today there is a lot of ways we can avoid bias in what we do. For example in the computer camera of HP that we learned about today there was lots of bias in the training data that was used for testing out the camera model. The main problem here was that there wasn't enough testing with black people or people with darker skin tones so while it noticed the white person in the video the other man could not be recognized by the camera. Its important that we make sure to always equally test all data so the results are as accurate as possible and that will help us to avoid bias in our data and output. For further learning I read this article: https://www.vox.com/recode/2020/2/18/21121286/algorithms-bias-discrimination-facial-recognition-transparency which goes in to deeper depth about how algorithms can be biased. The main takeaways from the article were that with machine learning its important to have all sorts of training data so all groups are properly represented. Its also important to be understanding what bias could be happening in the dataset so the data can be fixed to make sure that there won't be any problems when the model is pushed out.

4th Discussion Reflection - Crowdsourcing

CompSci has 150 ish principles students. Describe a crowdsource idea and how you might initiate it in our environment? An idea we could crowdsource with is since our CPT project is a game we could have lots of students try out the games and after they do rate if the game is too difficult or too easy. With all this input we could use it to improve the games difficulty so it becomes how hard as it should be. Crowdsourcing is very helpful in order to get lots of data in a way where its free to use and that people can contribute.

What about Del Norte crowdsourcing? Could your project be better with crowdsourcing? Del Norte crowdsourcing could be very good because there is lots of people in the school and they could give good input. However we must also monitor there input because there could be people who give illegitimate input would ruin the data that we get. Its important that we probe through the data making sure that its valid and that it would be helpful to our survey. Our project would improve from crowdsourcing because the more input we get, would help overall improve our project.

What kind of data could you capture at N@tM to make evening interesting? Perhaps use this data to impress Teachers during finals week.

The data we could capture is overall user happiness with what we have created in our project so far. This could be shown to the teacher to show how what we have created is great for users to use, meaning that it was well created. Another thing we could get from users is the improvements we could make, then when showing it to the teachers for the final review we could improve our product to make it as good possible fixing what the users wanted.

For further reading I read this article: https://www.clickworker.com/customer-blog/data-crowdsourcing/ The main takeaways from this article are that, there is many benefits to using crowdsourcing. For example it can get you data which wouldn't be possible to get in a timely manner otherwise. The article also emphasizes making sure to use good particpaints who you can trust to give good data. You don't want to have your data be ruined by terrible data which could mess up your entire project.

Big Idea 5.5 Legal and Ethical Concerns

When you create a GitHub repository it requests a license type. Review the license types in relationship to this Tech Talk and make some notes in your personal blog. The license types are MIT, GPLv3, Apache 2.0, BSD License. MIT: The main advantages of MIT are that its open source so it can be modified in the way the user wants. They can customize it for their specific needs giving great total flexibility. Its also widely adoptable and is widely used by many. The downsides are that there is little restriction so the users can do whatever they want even if it may be harmful overall. Apache: The main advaantages of apache is that its user friendly, so its easy to use as well as very reliable. There are often security updates which improve it overall, and make sure its kept safe at all times. Its structure also allows for flexibility in its use cases. The downsides of apache are that its very innefficient and takes lots of resources to use. It takes lots of RAM to use which may not be possible for everyone to use because of limited resources. You also lose permission so it doesnt allow as much freedom in it. GPLv3: It can be modified, creating dirivatives for commerical use which is a big advantage. You can also use the new dirivative work however you want without asking for permission or needing to pay. A big disadvantge for it is you must make all your work publicly available, in anything you edit. If you want to make a change it must be realeased to the public for public use which may not be good for some users. They don't get to keep their work as they want but rather end up losing it. BSD: The advantages of BSD are companies can use it in commercial settings because of how its open source. Since its open source it can be changed however you want for the needs of a company, giving lots of flexibility. The drawbacks are there is no restrictions, so someone can do it however they want and can abuse it. This is dangerous because no restrictions mean in the hands of bad actors it can become very dangerous.

In your blog, summarize the discussions and personal analysis on Software Licenses/Options, Digital Rights, and other Legal and Ethical thoughts from this College Board topic. In the discussion we first talked about Licenses and there use. Licenses are needed by a company to protect their work and software licenses make it where someone cannot take their work. An example of people stealing work is pirating of movies, sports or tv shows. The danger in this is that the companies which create the work cannot make money because people are watching it for free illegally. The companies can punish the piraters by law but it may be difficult to find all of them and punish them given how much resources it takes. Next we talked about digital rights, which were how the companies protect their work online. They have the right to sue those who don't follow their rights.

Make a license for your personal (blog) and Team repositories for the CPT project. Be sure to have a license for both Team GitHub repositories (frontend/backend). Document license(s) you picked and why. FYI, frontend, since it is built on GitHub pages may come with a license and restrictions. Document in blog how team made license choice and process of update. The best license choice for this project would be MIT. The reason for MIT is this license allows others to use, copy, modify, and distribute your code, as long as they include the original copyright notice. This license is popular for its simplicity and permissive nature, which makes it easy for others to use and contribute to your code. We would want to use Apache for our team repositories because it allows others to use, copy, modify, and distribute your code, but also provides patent protection for contributors and limits liability. This license is widely used in the industry and provides a balance between openness and legal protection. After carefully considering both the benefits and drawbacks we decided upon using Apache because of how its overall benefits far outweight the draw backs.

License: MIT License

Copyright (c) [2023] [GamesArcade]

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Big Idea 5.6 Safe Computing

Describe PII you have seen on project in CompSci Principles. What PII I have seen in my project so far is the login for the website. Other information I have used on the project last trimester was the BMI, Body Mass and other fitness information that was relevant to the project. For extra reading I read this article:https://www.imperva.com/learn/data-security/personally-identifiable-information-pii/#:~:text=Organizations%20use%20the%20concept%20of,cases%20legal%20or%20compliance%20requirements.

The main takeaways from the article are that it identifies what PII is and how different countries judge it. For example the way its judged in the US is different than how its judged in England or Austrailia. The different countries have different laws which contribute to its judgement. The article also explains thats PII is anything that gives information about you, for example personal information or things detailing your job, home, etc. The article also talks about how inviduals are responsible for protecting PII as well as organizations. What are your feelings about PII and your personal exposure? I feel that PII should not be spread and its important to make sure it doesnt get spread. A way to help those who are vulnerable, like old people who don't understand scammers, would be creating tools to help them. Antivirus is a nice start but we need tools that will scan an email and check if its safe, because older people end up opening these emails and not realize that its a phising scam that would be dangerous for them to open. I make sure to avoid personal exposure by checking if I know the website who is sending the email before clicking on it. Also something I do is to make sure that the email makes sense, usually emails about giving deals are not legit because they are trying to lure you into clicking the links to scam you.

Describe good and bad passwords? What is another step that is used to assist in authentication. A good password has an uppercase and lowercase letter, a number and a symbol, and doesn't include your personal name in the password. A bad password is just letters and is something that can easily be guessed such as "hello" or "smile". Many hackers use password crackers such as John the ripper or hydra, which brute force your password using a list of common words. Thats why its important for you to use passwords not easily guessable. Another tool for authentication is 2-factor auth, which is basically where you login and get a verification code to a linked email or phone number to verify its you. This makes sure that only you can login to the certain website.

For further reading I read, https://support.apple.com/en-us/HT204915. This is how apple implements two-factor auth and it describes what they do. For example if you try to login somewhere or use an apple device they send a verification code to your phone or computer which makes sure that you are actually logging in, not some other person who may be a hacker.

Try to describe Symmetric and Asymmetric encryption. Symmetric encryption uses the same key to decrypt and encrypt data, while Asymmetric uses a differnt key as public and private to decrypt and encrypt. An example of asymmetric encryption is SSH, which uses a public RSA key and a private RSA key. The benefit of using asymmetric over symmetric, is that if a hacker can get one key they wont be able to have all your information because you use different keys, meaning you need both keys to access information. In symmetric encryption if a hacker gains access to the key they can both encrypt and decrypt giving them ultimate power.

For extra reading I read this article:https://www.techtarget.com/searchsecurity/definition/asymmetric-cryptography#:~:text=Increased%20data%20security%20is%20the,user's%20private%20key%20during%20transmission. The main takeaways were that a sender in assymetric encryption has a public key to encrypt the data, then the reciever uses a private key to decrypt the data and understnad it. This means that if a hacker can intercept the message it means nothing because all they will have is cipher text which cannot be understood by them. This is why many companies perfer to use asymmetric over symmertric because of how much more secure it is.

Provide an example of encryption we used in AWS deployment. One example of encryption used in AWS deployment is the AWS Key Management Service (KMS). KMS is a fully managed service that enables you to create and control the encryption keys used to encrypt your data. You can use KMS to encrypt data at rest in EBS volumes, S3 buckets, RDS databases, and other AWS resources. KMS uses Advanced Encryption Standard (AES) 256-bit encryption keys to encrypt your data. These keys are themselves encrypted with a master key that is stored in hardware security modules (HSMs) and managed by AWS. By using KMS, you can ensure that your data is encrypted using strong encryption keys and that the keys themselves are protected by the highest level of security.

For further reading I read: https://aws.amazon.com/security/ This article talks about security strategy that is used with AWS. The important steps are Prevent, Detect, Respond, Remidiate. The prevent step is about how we can stop the error before it even becomes a problem. This is a vital step in making sure to keep the server safe because if a problem isn't there then theres no need to take resources on fixing it. The Detect step focuses on finding what the error and the extent to which the damage has been done. Its important to do this step so that we can know what needs to be fixed in the future. The next step is Response which is where the security team comes up with ways to fix the issue and resolve it. The final step is to remidiate which is to fully fix the error and secure the AWS web server so that the problem is gone.

Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques. A phising scheme I have learned about the hard way is how phishers send you an email and want you to click on a link which is unsafe. They disguise this is as a real message from a company and make it seem real with everything other than the email address and some aspects of the message. When you encounter a strange email its important to not click any links because thats how the phisphers get you. If you don't click any links than they have no control over you and you are pretty safe.

For additonal reading I read this:https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams It talks about how to avoid phising scams and how you can recgonize them. This is a government website as well so its legitimate. Some common ways they email you is talking about payments or talking about something happening to your account. Its important to make sure the email seems right when you reading it, for example if they talk about stuff you don't know about then it can a sign that the email is dangerous.