Workshop on Ethics in Computer Security Research (WECSR 2010)

The workshop took place on Thursday, January 28, 2010, after the FC 2010 program concluded. Proceedings are available as Springer LNCS 6054.


This worksbop style is highly interactive, so the times are approximate.

Session 1
9:00 - 10:30
Chasna 2
Keynote Talk
Preaching What We Practice: Teaching Ethics to Computer Security Professionals
Ken Fleischmann, University of Maryland


The first step to addressing any problem is awareness and acknowledgement of that problem. The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism – we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders. In this presentation, I will describe a research trajectory focused on increasing a wareness of the presence and si gnificance of value-laden design decisions. Values are formed early in our lives, long before the choice to become a computer security researcher or professional. Thus, instead of focusing computing and information ethics courses on trying to make computer security researchers and professionals better people, it is instead more fruitful to focus on making them better researchers and professionals, by fine tuning their own self-awareness of the ethical significance of their work and their ability to consider others’ needs and values when developing and testing computer systems. Specifically, I will report findings from NSF-funded field studies of educational simulation developers, computational modelers, and aerospace engineers, as well as an NSF-funded project to develop and evaluate an educational simulation for computing and information ethics, and relate these projects and their findings to the field of computer security research.

10:30 - 11:00
Session 2
11:00 - 13:00
Chasna 2
Case studies
  • A Case Study on Measuring Statistical Data in the Tor Anonymity Network. Karsten Loesing, Steven Murdoch and Roger Dingledine. (Slides).
  • A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets. David Dittrich, Felix Leder and Tillmann Werner.
13:00 - 14:30
Session 3
14:30 -
Chasna 2
Position papers
  • Ethical Proactive Threat Research. John Aycock and John Sullins. (Slides).
  • A Framework for Understanding and Applying Ethical Principles in Network and Security Research. Erin Kenneally, Michael Bailey and Douglas Maughan. (Slides).
16:30 - 17:00
Session 4
17:00 - 19:00
Chasna 2

Panel discussion: Towards a code of ethics for computer security research
Panelists: Lorrie Faith Cranor, Erin Kenneally, Len Sassaman.

Breakout discussions
Friday Jan 29

Excursion to El Teide and La Laguna

This workshop is organized in cooperation with the International Financial Cryptography Association.