ethics

Found a critical bug, but the company doesn't care

I know several people who were in a situation like this. Let's say, you were trying out random sites for basic XSS/SQL Injection vulnerabilities, and you've found one that could be easily compromised. You email the admin/webmaster, but they don't reply. What would you do? ...

What are the ethics of time management while working for pay?

This is a daily question, for me, and I think one that is applicable to any professional programmer, especially those who, like myself, work for consulting firms and may have insane amounts of money billed for each hour they work. How do you deal with the fact that if I get a call from my wife and talk for 10 minutes, that's $30 of my c...

Compromising my integrity ?

I have recently written a small simple application that takes snapshots of your monitor(s) every X seconds / minutes. The idea is to keep a record of your activity. More details here: http://www.artenscience.co.uk/artenscience/ScreenAudit.html I've since had several emails from people asking for me to introduce a 'Stealth Mode', basi...

Is it ethical/legal to bring your favorite code with you after a job?

Should I be backing up my "gold nuggets" of code to a personal drive? I would be hard-pressed to recreate some of this code if I was ever to leave my company. Where's the line? Is it my intellectual property or the company's? Do I have a right to reference code I wrote while employed somewhere else? ...

Have you ever faced an ethical issue when creating an application?

This question isn't about ethical behavior in the workplace, like leaking code or stealing. I'm wondering, have you ever been asked to add a feature to an app that you thought was harmful to users, deceitful, or otherwise unethical, even though it met a business objective? Have you felt strongly enough about the users' need for a featu...

What should be included in a programmer's code of ethics?

Recently there was an ethical question asked, but I'd like some input on what might be included in a comprehensive code of ethics. I'm thinking of something along the lines of the Hippocratic Oath that professional software developers would hold to. We are in a relatively new profession, so there's likely to be debate about what should...

What should you do when coming across a publicly accessible security vulnerability?

I was browsing and came across a rather back-end state-government site that's vulnerable to SQL injection. (Searching for a ' yielded an error, and I toyed around with it until I got a list of tables.) I know the proper thing to do is to alert the webmaster of the problem, but I've had bad luck simply sending an email. I've done this ...

Under what circumstances is it acceptable to break a public interface?

Suppose you are working on some software that has an interface used by other software. It might be a library or a website or a command line program or an operating system. But at least one other developer uses your interface to get some functionality so they won't have to do the work in their own code. Is there ever a time when it's a...

Is it ethical to monitor users?

Update: I didn't know I would be getting too many replies so fast. I can provide more details. It is definitely for use within the company. I was looking for some info on whether I should be more careful or anything to watch out for... My boss is asking me to put some tracking info on what users do with their application. It is not abou...

Would you work for an "Adult" Company?

Although I try to distance myself from web-oriented work nowadays (unless I need the money) I've received a number of emails from clients wishing for me to help design and develop online solutions for adult websites. Hell, when I was 17 I was asked to help design an adult website that I would not legally be able to view. After talking t...

Ethics of Open Source Copy of Proprietary Software

The free open-source software movement has been beneficial to most of the software development community. We have tons of libraries and applications at our fingertips free of cost. But where do you draw the line? Or do you? If Developer A creates Application A, yet you know you could create a similar application and distribute it as ope...

How can you give users confidence that your application has no malicious intent?

I am a FireFox user, and I recently installed the GMail notifier add-on. When you first install the add on, it requests your GMail address and password, and will then use this to login to your Gmail account (presumably via SSL). It shows a number on your taskbar, indicating how many unread emails are in your inbox, and also notifies yo...

Ethics and Coding

I've been thinking about how the technologies which I see as cool, can provide governments and private corporations with tools to do things which are not so cool. I'm thinking along the lines of involvement with companies involved in warfare or the weapons industry, but I suppose there are many scenarios where a person's ethical stance ...

Is reverse engineering evil?

Lately I've been pondering on how a specific beloved old game actually works. I had some mild progress, but then a friend pointed out that if I really loved the game and appreciate it, I wouldn't try to reverse-engineer it. Note that the game is long considered an abandonware and is offerd for download publicly in lawful game sites, an...

Programming as a meaningful profession?

Doctor says: My job is meaningful because I save lives. Programmer says: My job is meaningful because I... umm... write DB queries?! Are you proud of being a programmer? Do you think that your work has positive effect on people's well being? Or you just happen to do programming because you have bills to pay... Note: Similar to this qu...

What to do when asked to fake or fudge a demo to the customer? Any hints on pushing back?

Consider having an unstable, incomplete, and not completely tested system. Then consider needing to demo it to the customer. The system being unstable, incomplete and not completely tested because an external supplier was not delivering what they promised and when they did deliver it is really bad code. After pushing back, and pushing b...

What open computer science problem should remain unsolved?

Oppenheimer and the bomb are often invoked to illustrate the limits of what science and technology should do (rather than what it can do). Are there a computer science or programming problems that deserve a similar level of moral reflection before they are solved? ...

Should I charge my client extra for the source code?

I am developing a web application for a customer. We have agreed to a fee and now the customer wants me to hand over the source code as well because he thought that the initial fee covered him buying the source code from me as well as the app. What I am asking is: do you think that I should give the code to my client without asking for...

Is it wrong to decompile code?

I was just wondering if it was wrong to reverse engineer code? I understand that with languages such as C# it is a pretty easy thing to do. Is it was something that programmers use as a tool in their box of tricks? ...

Ethics of keeping a domain name hostage

I do some work as a freelance web developer, for which I do my own hosting. I have one client who is very behind on paying me. His domain is registered in my name not his. Is it ethical for me to threaten to let it expire unless he brings his account up to date? ...