Big Idea 5.5 Legal and Ethical Concerns

When you create a GitHub repository it requests a license type. Review the license types in relationship to this Tech Talk and make some notes in your personal blog.

• The license that my group decided to use was the MIT license and the Apache license because we felt it would fit our group the best. The MIT license is good because it allows free use and it very flexible. We also used the Apache license because it made for collaboration and on this project we need that, it also allows free use and it allows the users to build upon their work. Overall the MIT and Apache license are pretty similar. MIT and GPL are both open-source licenses, but they have different goals and restrictions. Both of the licenses are accessible to all, but the difference is if you are looking for more protection of users rights then GPL is the better option, but if you are looking for more flexibility MIT is the better option.

In your blog, summarize the discussions and personal analysis on Software Licenses/Options, Digital Rights, and other Legal and Ethical thoughts from this College Board topic.

• Software licenses: There are various distinct kinds of software licenses, including proprietary licenses, copyleft licenses (GPL), and permissive licenses (like the MIT License and Apache License). The project's objectives and the software's intended use will determine the license to use.
• Digital rights: The era of technology has brought both new difficulties and chances for defending the rights of users and authors. For software developers, enterprises, and consumers alike, issues including copyright, patent law, and data privacy are becoming more and more significant.
• Legal and ethical issues: When creating and publishing software, many different legal and ethical issues must be taken into account. These could relate to things like data protection, consumer privacy, and intellectual property rights.

Make a license for your personal (blog) and Team repositories for the CPT project. Be sure to have a license for both Team GitHub repositories (frontend/backend). Document license(s) you picked and why. FYI, frontend, since it is built on GitHub pages may come with a license and restrictions. Document in blog how team made license choice and process of update.

• For our CPT project the license that my group decided to use was the MIT license and the Apache license because we felt it would fit our group the best. The MIT license is good because it allows free use and it very flexible. We also used the Apache license because it made for collaboration and on this project we need that, it also allows free use and it allows the users to build upon their work. Overall the MIT and Apache license are pretty similar. For my personal (blog) I decided to use MIT because I wanted to have a lot of freedom. This license also does not have many restrictions, which allows me be more flexible. I wanted a simple and straightfoward license that is easy to understand and one that gets the job done.

Big Idea 5.6 Safe Computing

Describe PII you have seen on project in CompSci Principles.

• PII I have seen in the projects in CompSci are login and user information. This can consist of usernames and passwords created by the users, which typically contain important information. I have also seen location as apart of PII. For our porject we are a house renting service in San Diego, so location is important.

What are your feelings about PII and your personal exposure?

• I feel that PII and my personal exposure is very important because that type of information is very important to me as a person and that information is apart of my identity. This is why I try and make sure I can make my account as secure as possible, with things like 2FA. I also try and look out for potiential viruses or links that could expose my personal data.

Describe good and bad passwords? What is another step that is used to assist in authentication.

• Good passwords are ones that contain at least 8-12 characters, ones that contain special characters, numbers, and upper and lowercase letters. The good passwords are typically complex. A bad password on the other hand is a password that is esay to guess, short, doesn't contain any special characters, and contains the users name. Another step to assist in authentication is 2FA. 2FA keeps a certian code on file or generates a code and then sends it user. The user must use this code in order to login into their account, so people who do not have access to the email or phone number cannot get in.

Try to describe Symmetric and Asymmetric encryption.

• With Symmetric encryption only one key is used to both encrypt and decrypt electronic information. With Asymmetric encryption there are two keys: one public key and one private key, that are used to to protect a message from unauthorized access or use.

Provide an example of encryption we used in AWS deployment.

• AWS provides a key management service, AWS Key Management Service (KMS), which can allow to easily control and securely store your encryption keys.

Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.

• I have never actually learned about phishing the hard way or at least I cant remember a time I learned about phishing the hard way. I am very cautious when it comes to my personal information, so I stay away from random links that are texted to me and random emails that I recieve. I also use an ad blocker some times to limit the chances of me falling for something. Type of phishing technique that I have encountered is when a random phone number sends you a text message and says you have a reward to claim and you have to click on the link they sent to claim that reward and then when you click on the link your information can be given away.