Information Technology Reference
In-Depth Information
Butler's stated purpose for releasing Firesheep was “to demonstrate just how serious this
problem is” [11]. Later he wrote, “It goes without saying that harassing or attacking
people is a terrible thing to do. To suggest Firesheep was created for this purpose is com-
pletely false; Firesheep was created to raise awareness about an existing and frequently
ignored problem” [17]. All of these statements are characteristic of someone truly in-
terested in protecting the privacy of visitors to popular Web sites. Butler demonstrated
courage by taking personal responsibility for creating Firesheep, and he demonstrated
benevolence by making it freely available.
Therefore, from the perspect of virtue ethics, Butler's actions and statements were
characteristic of someone interested in promoting the common good. He seemed to
sincerely believe that something significant needed to be done to get the companies to
change their privacy policies.
KANTIAN ANALYSIS
To begin with, accessing someone else's user account is an invasion of that person's
privacy and is wrong. Butler clearly agrees with this perspective because he refers to
people who sidejack accounts as “evil.” Butler's goal was to pressure Facebook, Twitter,
Amazon, and other Web sites to adopt proper security measures to protect their users.
He saw the best way to achieve this end was to release a tool that would bring to light a
well-known security problem that had not gotten sufficient attention.
Criminals already knew how to sidejack Web sessions before Butler created Fire-
sheep. What Firesheep did was make sidejacking so simple that even ordinary computer
users could do it. More than half a million copies of Firesheep were downloaded in the
first week, and undoubtedly some of these people actually used the software to sidejack
Web sessions, which is wrong. It is disingenuous for Butler to “reject the notion that
something like Firesheep turns otherwise innocent people evil.” He provided a tool that
made it much simpler for people to do something that is wrong, and therefore he has
some moral accountability for the misdeeds of the people who downloaded Firesheep.
Ultimately, Butler was willing to tolerate a short-term increase in privacy violations
in the hope that users would pressure Facebook, Twitter, and other sites to improve their
security, which would result in fewer privacy violations in the long term. In other words,
he was willing to use the victims of Firesheep as a means to his end. From a Kantian
perspective, it was wrong for Butler to release Firesheep to the public.
There are other ways Butler could have achieved his goal without using other people.
For example, he could have gone on a popular television show and hacked into the host's
Facebook page, generating a great amount of publicity without having to release the
software [20].
The Firesheep extension to the Firefox browser highlights a significant security weakness
of unencrypted Wi-Fi networks. Computers have security weaknesses, too, and there are
a variety of ways in which malicious software, or
malware
, can become active on your
computer. If you are lucky, these programs will do nothing other than consume a little
