PunkSpider is a software tool that constantly scans the web, and automatically identifies the
hackable vulnerabilities in those websites. It then allows anyone to search those results by
URL keyword or type of vulnerability.
PunkSpider collects a catalogue of unpatched vulnerabilities and makes them public. Its
developers hope that the tool will force website administrators to fix those vulnerabilities.
However, malevolent actors might exploit the disclosed vulnerabilities first. The tool’s
creators are aware of this risk. One of the creators, Alejandro Carceres, pointed out that
“scanners that find web vulnerabilities have always existed. This one just makes the results
public.”
An earlier version of PunkSpider had been repeatedly kicked off Amazon Web Services. In its
new version, the tool now includes “a feature that allows web administrators to spot
PunkSpider’s probing based on the user agent that helps identify visitors to a website, and
an opt-out feature that lets websites remove themselves from the tool’s searches.
When asked about the ethics of creating and deploying PunkSpider, some of the cybersecurity
experts argue that vulnerabilities themselves are what would lead to the hacking of websites,
a tool like this just makes those vulnerabilities visible.
Assessment Task
Based on the case scenario provided below, write a 700-word (+/- 10%) report. This report
should include comparisons of existing ethical theories in relation to the case study and
provide recommendations based on your analysis.
Context
The world wide web (www) has long been a playground for hackers, offering up hundreds of
millions of public-facing servers having basic vulnerabilities that can be exploited. This
assessment gives you the opportunity to study a case and apply the knowledge and theories
you’ve learnt in Module 1: Ethical Theories, Module 2: IT Professional Code of Conduct, and
Module 3: IP and Copy Rights. In doing so, you are required to analyse the case scenario and
provide your critical analysis and recommendations of the case study.
Please also review the learning resources provided in Module 1 to 4.
1. Write a 700-word essay and address the following:
a. Who are the stakeholders involved in this case? Identify the importance and
influence of each stakeholder in this case.
b. What ethical issues do you spot in this scenario?
c. Consider the case through the ethical lenses of rights, justice, utilitarianism,
virtue, and the common good; what aspects of the ethical landscape do they
highlight?
d. Does the inclusion of an opt-out feature change your ethical analysis of the
project? If so, how?
e. Illustrate with an example how excellence can be achieved through
professional collaboration. What are some of the advantages and
disadvantages of collaboration in the IT profession?
