The Gautrain : active communication research on the manifestations of the hacker ethic by citizen journalists

Pritchard, Maritha.

January 2010

Thesis (MTech. degree in Journalism) -- Tshwane University of Technology, 2010. / Explores the themes derived from the six tenets of the hacker ethic in blog posts about the Gautrain project over a one-year period. It also describes how citizen journalists express the six tenets of the hacker ethic when blogging about the Gautrain project.

Railroads -- South Africa -- Gauteng.

Dissertations, Academic -- South Africa.

Hacktivism.

Citizen journalism.

Computer hackers.

Blogs -- Social aspects.

Hacktivism and Habermas: Online Protest as Neo-Habermasian Counterpublicity

Houghton, Tessa J.

January 2010

This thesis both draws from and contributes to the ongoing project of critiquing and reconstructing the theory of the public sphere; an undertaking that has been characterised as both valuable and necessary by Fraser (2005: 2) and many others. The subsection of theory variously described as ‘postmodern’, ‘radical’, or ‘agonistic’ informs an intensive practical and theoretical critique of the pre- and post-‘linguistic turn’ iterations of the Habermasian ideal, before culminating in the articulation of a concise and operationalisable ‘neo-Habermasian’ public sphere ideal. This revised model retains the Habermasian public sphere as its core, but expands and sensitizes it, moving away from normative preoccupations with decision-making in order to effectively comprehend issues of power and difference, and to allow publicness “to navigate through wider and wilder territory” (Ryan, 1992: 286). This theoretical framework is then mobilised through a critical discourse analytical approach, exploring three cases of hacktivist counterpublicity, and revealing the emergence of a multivalent, multimodal discourse genre capable of threatening and fracturing hegemony. The case studies are selected using Samuel’s (2004) taxonomy of hacktivism, and explore the ‘political coding’ group, Hacktivismo; the Creative Freedom Foundation and the ‘performative hacktivism’ of their New Zealand Internet Blackout; and the ‘political cracking’ operations carried out by Anonymous in protest against the Australian government’s proposed Internet filter. The analysis focuses on how the discursive form and content of hacktivism combines to function counterhegemonically; that is, how hacktivists work to provoke widespread political preference reflection and fracture the hegemony of the publics they are oriented against. This approach generates a fruitful feedback loop between theory and empirical data, in that it enriches and extends our understanding of new modes of counterpublicity, as well as providing a detailed account of the under-researched yet increasingly widespread phenomenon of hacktivism.

public sphere

hacktivism

Jurgen Habermas

democracy

internet

hacking

hackers

hactivism

radical

feminist

critical discourse analysis

protest

activism

counterpublic

Nancy Fraser

digital

digital rights

human rights

An investigation into information security practices implemented by Research and Educational Network of Uganda (RENU) member institution

Kisakye, Alex

06 November 2012

Educational institutions are known to be at the heart of complex computing systems in any region in which they exist, especially in Africa. The existence of high end computing power, often connected to the Internet and to research network grids, makes educational institutions soft targets for attackers. Attackers of such networks are normally either looking to exploit the large computing resources available for use in secondary attacks or to steal Intellectual Property (IP) from the research networks to which the institutions belong. Universities also store a lot of information about their current students and staff population as well as alumni ranging from personal to financial information. Unauthorized access to such information violates statutory requirement of the law and could grossly tarnish the institutions name not to mention cost the institution a lot of money during post-incident activities. The purpose of this study was to investigate the information security practices that have been put in place by Research and Education Network of Uganda (RENU) member institutions to safeguard institutional data and systems from both internal and external security threats. The study was conducted on six member institutions in three phases, between the months of May and July 2011 in Uganda. Phase One involved the use of a customised quantitative questionnaire tool. The tool - originally developed by information security governance task-force of EDUCAUSE - was customised for use in Uganda. Phase Two involved the use of a qualitative interview guide in a sessions between the investigator and respondents. Results show that institutions rely heavily on Information and Communication Technology (ICT) systems and services and that all institutions had already acquired more than three information systems and had acquired and implemented some of the cutting edge equipment and systems in their data centres. Further results show that institutions have established ICT departments although staff have not been trained in information security. All institutions interviewed have ICT policies although only a few have carried out policy sensitization and awareness campaigns for their staff and students. / TeX

Computer hackers

Secure web applications against off-line password guessing attack : a two way password protocol with challenge response using arbitrary images

Lu, Zebin

14 August 2013

Indiana University-Purdue University Indianapolis (IUPUI) / The web applications are now being used in many security oriented areas, including online shopping, e-commerce, which require the users to transmit sensitive information on the Internet. Therefore, to successfully authenticate each party of web applications is very important. A popular deployed technique for web authentication is the Hypertext Transfer Protocol Secure (HTTPS) protocol. However the protocol does not protect the careless users who connect to fraudulent websites from being trapped into tricks. For example, in a phishing attack, a web user who connects to an attacker may provide password to the attacker, who can use it afterwards to log in the target website and get the victim’s credentials. To prevent phishing attacks, the Two-Way Password Protocol (TPP) and Dynamic Two-Way Password Protocol (DTPP) are developed. However there still exist potential security threats in those protocols. For example, an attacker who makes a fake website may obtain the hash of users’ passwords, and use that information to arrange offline password guessing attacks. Based on TPP, we incorporated challenge responses with arbitrary images to prevent the off-line password guessing attacks in our new protocol, TPP with Challenge response using Arbitrary image (TPPCA). Besides TPPCA, we developed another scheme called Rain to solve the same problem by dividing shared secrets into several rounds of negotiations. We discussed various aspects of our protocols, the implementation and experimental results.

Web Security

Web sites -- Security measures

World Wide Web -- Security measures

Computer network protocols -- Standards

Computer hackers

Computers -- Access control -- Passwords

Internet -- Security measures

Phishing -- Security measures

HOW HACKERS THINK: A MIXED METHOD STUDY OF MENTAL MODELSAND COGNITIVE PATTERNS OF HIGH-TECH WIZARDS

Summers, Timothy Corneal

03 June 2015

No description available.

Cognitive Psychology

Information Systems

Organization Theory

Organizational Behavior

Sociology

hackers

cybersecurity

expertise

mental models

cognitive framework

cognition

psychology

sociology

problem solving

decision making

patterning

learning

forward thinking

Is Microsoft a Threat to National Security? Policy, Products, Penetrations, and Honeypots

Watkins, Trevor U.

11 June 2009

No description available.

Computer Science

Information Systems

Systems Design

Honeypots

penetration testing

national security

network security

Microsoft threat to national security

hackers

Microsoft Windows

O movimento de software livre e a produção colaborativa do conhecimento

Sanches, Wilken David

25 May 2007

Made available in DSpace on 2016-04-25T20:21:49Z (GMT). No. of bitstreams: 1 Wilken.pdf: 1398546 bytes, checksum: 829e2098dbfebfbb3ec091d6b72d1bfd (MD5) Previous issue date: 2007-05-25 / This dissertation approaches the construction of a collaborative model of knowledge production disseminated by the Free Software Movement and its opposition to the current law of intelectual property. It describes the genesis of the free software movement as well as how it has become consolidated as an independent domain of knowledge production. In order to better illustrate the model of production proposed by the Free Software Movement and its virtual communities, this paper presents an analysis on the Debian project´s organization and structure for the making of decisions. It explores the limitations of the current model of intelectual property and how it has become a powerful tool for making knowledge a prisoner of private institutions. At last, this dissertation presents how this new model of collaborative production surpasses the software development and begins to influence different areas of knowledge, leaving behing the idea of intelectual property and becoming a concept of intelectual inheritance / A dissertação trata da construção de um modelo colaborativo de produção do conhecimento pelo Movimento de Software Livre e seu embate com a atual legislação de propriedade intelectual. É descrita a gênese do movimento de software livre e como ele vem sendo consolidado como um campo autônomo de produção do conhecimento. Para exemplificar o modelo de produção proposto pelo Movimento de Software Livre e suas comunidades virtuais, é feita uma análise da organização e da estrutura para tomada de decisões do projeto Debian. A dissertação explora as limitações do atual modelo de propriedade intelectual e como este vem se tornando uma poderosa ferramenta para o aprisionamento do conhecimento dentro de instituições privadas. Por fim, é apresentado, de que forma esse novo modelo de produção colaborativa ultrapassa o desenvolvimento de softwares e passa a influenciar outras áreas do conhecimento, abandonando a idéia de propriedade intelectual e aproximandose do conceito de patrimônio intelectual

software livre

comunidades virtuais

campo hacker

propriedade intelectual

redes de compartilhamento

conhecimento colaborativo

sociedade da informação

Comunidades virtuais

Hackers

Propriedade intelectual

Software de computador

free software

virtual communities

hacker´s field

intelectual property

sharing nets

collaborative knowledge

information society

CNPQ::CIENCIAS SOCIAIS APLICADAS

O movimento de software livre e a produção colaborativa do conhecimento

Sanches, Wilken David

25 May 2007

Made available in DSpace on 2016-04-26T14:56:24Z (GMT). No. of bitstreams: 1 Wilken.pdf: 1398546 bytes, checksum: 829e2098dbfebfbb3ec091d6b72d1bfd (MD5) Previous issue date: 2007-05-25 / This dissertation approaches the construction of a collaborative model of knowledge production disseminated by the Free Software Movement and its opposition to the current law of intelectual property. It describes the genesis of the free software movement as well as how it has become consolidated as an independent domain of knowledge production. In order to better illustrate the model of production proposed by the Free Software Movement and its virtual communities, this paper presents an analysis on the Debian project´s organization and structure for the making of decisions. It explores the limitations of the current model of intelectual property and how it has become a powerful tool for making knowledge a prisoner of private institutions. At last, this dissertation presents how this new model of collaborative production surpasses the software development and begins to influence different areas of knowledge, leaving behing the idea of intelectual property and becoming a concept of intelectual inheritance / A dissertação trata da construção de um modelo colaborativo de produção do conhecimento pelo Movimento de Software Livre e seu embate com a atual legislação de propriedade intelectual. É descrita a gênese do movimento de software livre e como ele vem sendo consolidado como um campo autônomo de produção do conhecimento. Para exemplificar o modelo de produção proposto pelo Movimento de Software Livre e suas comunidades virtuais, é feita uma análise da organização e da estrutura para tomada de decisões do projeto Debian. A dissertação explora as limitações do atual modelo de propriedade intelectual e como este vem se tornando uma poderosa ferramenta para o aprisionamento do conhecimento dentro de instituições privadas. Por fim, é apresentado, de que forma esse novo modelo de produção colaborativa ultrapassa o desenvolvimento de softwares e passa a influenciar outras áreas do conhecimento, abandonando a idéia de propriedade intelectual e aproximandose do conceito de patrimônio intelectual

software livre

comunidades virtuais

campo hacker

propriedade intelectual

redes de compartilhamento

conhecimento colaborativo

sociedade da informação

Comunidades virtuais

Hackers

Propriedade intelectual

Software de computador

free software

virtual communities

hacker´s field

intelectual property

sharing nets

collaborative knowledge

information society

CNPQ::CIENCIAS SOCIAIS APLICADAS

A Privacy-Preserving, Context-Aware, Insider Threat prevention and prediction model (PPCAITPP)

Tekle, Solomon Mekonnen

07 1900

The insider threat problem is extremely challenging to address, as it is committed by insiders who are trusted and authorized to access the information resources of the organization. The problem is further complicated by the multifaceted nature of insiders, as human beings have various motivations and fluctuating behaviours. Additionally, typical monitoring systems may violate the privacy of insiders. Consequently, there is a need to consider a comprehensive approach to mitigate insider threats. This research presents a novel insider threat prevention and prediction model, combining several approaches, techniques and tools from the fields of computer science and criminology. The model is a Privacy- Preserving, Context-Aware, Insider Threat Prevention and Prediction model (PPCAITPP). The model is predicated on the Fraud Diamond (a theory from Criminology) which assumes there must be four elements present in order for a criminal to commit maleficence. The basic elements are pressure (i.e. motive), opportunity, ability (i.e. capability) and rationalization. According to the Fraud Diamond, malicious employees need to have a motive, opportunity and the capability to commit fraud. Additionally, criminals tend to rationalize their malicious actions in order for them to ease their cognitive dissonance towards maleficence. In order to mitigate the insider threat comprehensively, there is a need to consider all the elements of the Fraud Diamond because insider threat crime is also related to elements of the Fraud Diamond similar to crimes committed within the physical landscape. The model intends to act within context, which implies that when the model offers predictions about threats, it also reacts to prevent the threat from becoming a future threat instantaneously. To collect information about insiders for the purposes of prediction, there is a need to collect current information, as the motives and behaviours of humans are transient. Context-aware systems are used in the model to collect current information about insiders related to motive and ability as well as to determine whether insiders exploit any opportunity to commit a crime (i.e. entrapment). Furthermore, they are used to neutralize any rationalizations the insider may have via neutralization mitigation, thus preventing the insider from committing a future crime. However, the model collects private information and involves entrapment that will be deemed unethical. A model that does not preserve the privacy of insiders may cause them to feel they are not trusted, which in turn may affect their productivity in the workplace negatively. Hence, this thesis argues that an insider prediction model must be privacy-preserving in order to prevent further cybercrime. The model is not intended to be punitive but rather a strategy to prevent current insiders from being tempted to commit a crime in future. The model involves four major components: context awareness, opportunity facilitation, neutralization mitigation and privacy preservation. The model implements a context analyser to collect information related to an insider who may be motivated to commit a crime and his or her ability to implement an attack plan. The context analyser only collects meta-data such as search behaviour, file access, logins, use of keystrokes and linguistic features, excluding the content to preserve the privacy of insiders. The model also employs keystroke and linguistic features based on typing patterns to collect information about any change in an insider’s emotional and stress levels. This is indirectly related to the motivation to commit a cybercrime. Research demonstrates that most of the insiders who have committed a crime have experienced a negative emotion/pressure resulting from dissatisfaction with employment measures such as terminations, transfers without their consent or denial of a wage increase. However, there may also be personal problems such as a divorce. The typing pattern analyser and other resource usage behaviours aid in identifying an insider who may be motivated to commit a cybercrime based on his or her stress levels and emotions as well as the change in resource usage behaviour. The model does not identify the motive itself, but rather identifies those individuals who may be motivated to commit a crime by reviewing their computer-based actions. The model also assesses the capability of insiders to commit a planned attack based on their usage of computer applications and measuring their sophistication in terms of the range of knowledge, depth of knowledge and skill as well as assessing the number of systems errors and warnings generated while using the applications. The model will facilitate an opportunity to commit a crime by using honeypots to determine whether a motivated and capable insider will exploit any opportunity in the organization involving a criminal act. Based on the insider’s reaction to the opportunity presented via a honeypot, the model will deploy an implementation strategy based on neutralization mitigation. Neutralization mitigation is the process of nullifying the rationalizations that the insider may have had for committing the crime. All information about insiders will be anonymized to remove any identifiers for the purpose of preserving the privacy of insiders. The model also intends to identify any new behaviour that may result during the course of implementation. This research contributes to existing scientific knowledge in the insider threat domain and can be used as a point of departure for future researchers in the area. Organizations could use the model as a framework to design and develop a comprehensive security solution for insider threat problems. The model concept can also be integrated into existing information security systems that address the insider threat problem / Information Science / D. Phil. (Information Systems)

Insider threat

Fraud diamond

Context-aware system

Information security

Privacy preservation

005.8

Computer networks -- Security measures

Computer networks -- Access control

Data protection

Penetration testing (Computer security)

Computer crimes

Hackers

Computer security

The Legal Implications of Internet Marketing : Exploiting the Digital Marketplace Within the Boundaries of the Law

Mizrahi, Sarit

12 1900

Au cours des dernières années, le domaine de la consommation a grandement évolué. Les agents de marketing ont commencé à utiliser l’Internet pour influencer les consommateurs en employant des tactiques originales et imaginatives qui ont rendus possible l’atteinte d'un niveau de communication interpersonnelle qui avait précédemment été insondable. Leurs interactions avec les consommateurs, en utilisant la technologie moderne, se manifeste sous plusieurs formes différentes qui sont toutes accompagnés de leur propre assortiment de problèmes juridiques. D’abord, il n'est pas rare pour les agents de marketing d’utiliser des outils qui leur permettent de suivre les actions des consommateurs dans le monde virtuel ainsi que dans le monde physique. Les renseignements personnels recueillis d'une telle manière sont souvent utilisés à des fins de publicité comportementale en ligne – une utilisation qui ne respecte pas toujours les limites du droit à la vie privée. Il est également devenu assez commun pour les agents de marketing d’utiliser les médias sociaux afin de converser avec les consommateurs. Ces forums ont aussi servi à la commission d’actes anticoncurrentiels, ainsi qu’à la diffusion de publicités fausses et trompeuses – deux pratiques qui sont interdites tant par la loi sur la concurrence que la loi sur la protection des consommateurs. Enfin, les agents de marketing utilisent diverses tactiques afin de joindre les consommateurs plus efficacement en utilisant diverses tactiques qui les rendent plus visible dans les moteurs de recherche sur Internet, dont certaines sont considérés comme malhonnêtes et pourraient présenter des problèmes dans les domaines du droit de la concurrence et du droit des marques de commerce. Ce mémoire offre une description détaillée des outils utilisés à des fins de marketing sur Internet, ainsi que de la manière dont ils sont utilisés. Il illustre par ailleurs les problèmes juridiques qui peuvent survenir à la suite de leur utilisation et définit le cadre législatif régissant l’utilisation de ces outils par les agents de marketing, pour enfin démontrer que les lois qui entrent en jeu dans de telles circonstances peuvent, en effet, se révéler bénéfiques pour ces derniers d'un point de vue économique. / The evolution of consumerism in recent years has been nothing short of remarkable. The unprecedented use of the Internet by marketers to influence consumers in original and imaginative ways has rendered possible a level of communicative efficiency that had previously been unfathomable. Their interaction with consumers using modern technology manifests itself in several different forms – all of which are accompanied by their own assortment of legal issues. To begin with, it is not unheard of for marketers to use tools meant to track the behaviour of individuals throughout both the virtual and physical worlds. The personal information collected in such a manner is often utilized for Online Behavioural Advertising purposes – a use which does not always respect the boundaries of privacy law. It has also become rather common for marketers to utilize online social media to promote conversations with consumers. It has occurred, however, that these forums have also been utilized to further the anti-competitive ambitions of companies while also serving as an outlet for false advertising – two eventualities that are prohibited by both competition laws and consumer protection laws. Finally, marketers utilize various tactics in order to more successfully reach consumers through online search engines – a practice known as Search Engine Marketing – some of which are considered to be dishonest and could present issues from both competition law and trademark law perspectives. This thesis essentially provides a detailed description of these tools and the manners in which they are utilized and then proceeds to illustrate the legal issues that may arise as a result of their use. In doing so, it outlines the legal boundaries within which marketers must use these tools so as to ultimately demonstrate that the laws that come into play under such circumstances may, in fact, prove to be beneficial to marketers from an economic perspective.

Publicité comportementale en ligne

Vie privée

Médias sociaux

Protection du consommateur

Chapeaux noirs

Hackers

Adwords

Concurrence déloyale

Marques de commerce

Online behavioural advertising

Privacy

Social media marketing

Consumer protection

Search engine marketing

Black hat

Keyword advertising

Unfair competition

Trademarks