5.5 and 5.6
- 5.5
- When you create a GitHub repository it requests a license type. Review the license types in relationship to this Tech Talk and make some notes in your personal blog.
- In your blog, summarize the discussions and personal analysis on Software Licenses/Options, Digital Rights, and other Legal and Ethical thoughts from this College Board topic.
- Make a license for your personal (blog) and Team repositories for the CPT project. Be sure to have a license for both Team GitHub repositories (frontend/backend). Document license(s) you picked and why. FYI, frontend, since it is built on GitHub pages may come with a license and restrictions. Document in blog how team made license choice and process of update.
- 5.6
- Describe PII you have seen on project in CompSci Principles.
- What are your feelings about PII and your personal exposure?
- Describe good and bad passwords? What is another step that is used to assist in authentication.
- Try to describe Symmetric and Asymmetric encryption.
- Provide an example of encryption we used in AWS deployment.
- Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.
5.5
When you create a GitHub repository it requests a license type. Review the license types in relationship to this Tech Talk and make some notes in your personal blog.
Key Points:
-
Grant of License: The license grants users a royalty-free, non-exclusive, non-transferable, worldwide license to use, reproduce, and distribute the software, subject to certain conditions.
-
Modifications: Users are allowed to make modifications to the software, but must include a notice indicating that changes have been made to the original code.
-
Redistribution: The license allows for the redistribution of the software, either in original or modified form, subject to certain conditions. For example, users must include a copy of the Apache License 2.0 and a notice indicating any changes made to the original code.
-
Patent Protection: Contributors are required to grant a patent license to users of the software, which protects users from patent lawsuits related to the use of the software.
-
Warranty Disclaimer: The Apache License 2.0 includes a disclaimer of warranty, stating that the software is provided “as is” without any warranty, express or implied.
-
Limitation of Liability: The license includes a limitation of liability, stating that contributors and distributors are not liable for any damages arising from the use of the software.
-
Termination: The license includes a termination clause, which allows the license to be terminated if a user breaches the terms of the license.
-
Governing Law: The license specifies that the laws of the State of California govern the interpretation and enforcement of the license.
In your blog, summarize the discussions and personal analysis on Software Licenses/Options, Digital Rights, and other Legal and Ethical thoughts from this College Board topic.
After reading this article, I realized the importance of complying with the terms of licenses and citing sources when using content, particularly in the context of digital rights management (DRM) software used by music and movie companies. The use of open-source software and creative commons licenses can enable innovation, but individuals and companies need to figure out business models to use these licenses in accordance with their terms. For example, Red Hat built a business model around selling support agreements for its free Linux distribution, and Qualcomm found success by mixing patent and GPL businesses, including Android in its business model. However, businesses need to generate income to survive and this requires engineers who can work with open-source software.
Make a license for your personal (blog) and Team repositories for the CPT project. Be sure to have a license for both Team GitHub repositories (frontend/backend). Document license(s) you picked and why. FYI, frontend, since it is built on GitHub pages may come with a license and restrictions. Document in blog how team made license choice and process of update.
For my personal license, I chose the Creative Commons Attribution 4.0 International (CC BY 4.0) license due to the fact that it is a short and permissive license that allows users to use, modify, and distribute the code as long as the original copyright and license notice is included.
This work is licensed under a Creative Commons Attribution 4.0 International License.
5.6
Describe PII you have seen on project in CompSci Principles.
I recall seeing a student accidentally showing very fragile details and information regarding GitHub accounts during a presentation.
What are your feelings about PII and your personal exposure?
I believe that it is extremely easy for organizations to expose the PII that we share when interacting with them (Ex: Registration). This can be done either intentionally or accidentally.
Describe good and bad passwords? What is another step that is used to assist in authentication.
In my opinion, a “good” password is one that has the following traits:
-
A phrase that a user has a personal relation to and can recall easily
-
Inclusion of unique characters and irregular combination of inputs (for example, using numbers or symbols instead of letters)
-
More than 10 characters
A bad password is a password that is hard to remember, easy to guess, and fairly simple.
Methods such as biometric identification, two-factor identification, and security questions are necessary alternatives for security and privacy matters.
Try to describe Symmetric and Asymmetric encryption.
Symmetric encryption uses a single secret key to encrypt and decrypt data. In this method, both the sender and the receiver have access to the same key and use it to encrypt and decrypt the data. Asymmetric encryption uses a public key and a private key. The public key is used to encrypt the data, while the private key is used to decrypt the data.
Provide an example of encryption we used in AWS deployment.
I recall using an SSH key, which is an access credential for the SSH (secure shell) network protocol. This authenticated and encrypted secure network protocol is used for remote communication between machines on an unsecured open network.
Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.
When I was younger and still unfamiliar with internet privacy and security, I used to download multiple third-party instagram apps to bypass certain features. At the time, I was very naive and I had no knowledge of Facebook’s data handling, which made it impossible to bypass these features. All of these third-party apps required registration and Instagram account information details such as passwords. To no surprise, my account was hacked in less than three days, and I was unable to gain control of it ever again. Although I am past trying such apps, I’ve had friends who have gone through similar experiences.