Security Ethics Checklist

Track: Misc
When: Tue AM-1
Where: Montague
Organizers Anne Currie Anne Currie
Participants John Fitzgerald John Fitzgerald , Rachel Power Rachel Power , Naushad Saboor , Jim Newman Jim Newman , John DiLeo John DiLeo , Peter Turczak Peter Turczak
Remote Participants Pascal Schulz Pascal Schulz , Salma jalouqa Salma jalouqa

Security is an ethical issue. What should every single developer be asking themselves to check their code or system is safe to use before they deploy it? The aim of this session is to suggest a simple set of questions that could alert an engineer with limited security knowledge to obvious flaws in their product that could hurt unsuspecting users.

WHY

Developers have to design, write, test and deploy code. They are potentially the last bastion of defence against unethical code going live but accordingly to the 2018 StackOverflow Developers Survey only 20% of us feel ultimately responsible for the behaviour of our own code. We’d argue that good security is an ethical issue. In the old, online world bad security could harm users by revealing their data. In the IOT world, the dangers could be far more physical. What should an ordinary engineer look out for to make sure they are not acting unethically by putting their users in harm’s way?

What

As a group, we’ll be reviewing and improving upon some initial thoughts on a usable ethical security checklist for developers, working through our outline agenda: https://docs.google.com/document/d/1M9Tk44JJXV36M3Im-HswopbgjjOCU_jdOZA0fgnydrU/edit?usp=sharing.

Outcomes

A set of questions that any engineer would find useful to ask themselves.

References

Register as participant

To register as participant add Security Ethics Checklist to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page


Back to list of all Working Sessions