| Track: | Misc |
|---|---|
| When: | Tue AM-1 |
| Where: | Montague |
| Organizers | Anne Currie Anne Currie |
| Participants | John Fitzgerald John Fitzgerald , Rachel Power Rachel Power , Naushad Saboor , Jim Newman Jim Newman , John DiLeo John DiLeo , Peter Turczak Peter Turczak |
| Remote Participants | Pascal Schulz Pascal Schulz , Salma jalouqa Salma jalouqa |
Security is an ethical issue. What should every single developer be asking themselves to check their code or system is safe to use before they deploy it? The aim of this session is to suggest a simple set of questions that could alert an engineer with limited security knowledge to obvious flaws in their product that could hurt unsuspecting users.
WHY
Developers have to design, write, test and deploy code. They are potentially the last bastion of defence against unethical code going live but accordingly to the 2018 StackOverflow Developers Survey only 20% of us feel ultimately responsible for the behaviour of our own code. We’d argue that good security is an ethical issue. In the old, online world bad security could harm users by revealing their data. In the IOT world, the dangers could be far more physical. What should an ordinary engineer look out for to make sure they are not acting unethically by putting their users in harm’s way?
What
As a group, we’ll be reviewing and improving upon some initial thoughts on a usable ethical security checklist for developers, working through our outline agenda: https://docs.google.com/document/d/1M9Tk44JJXV36M3Im-HswopbgjjOCU_jdOZA0fgnydrU/edit?usp=sharing.
Outcomes
A set of questions that any engineer would find useful to ask themselves.
References
Register as participant
To register as participant add Security Ethics Checklist to either:
- the
sessionsmetadata field from your participant's page (find your participant page and look for the edit link). - or the
participantsmetadata field from this git session page
Back to list of all Working Sessions