5.5 Notes

  • General Public Licensing (GPL) has been a focus of lawyers in recent years in the industry, particularly in relation to patents.
  • Qualcomm makes money through patents and wants all derivative work of GPL software to require a royalty payment.
  • Black Duck software helps manage security, quality, and license compliance of open source and third-party code.
  • Qualcomm has a team of lawyers analyzing code for GPL inclusion and its impact on the company’s ability to charge royalties.
  • Knowing the type of software license you use is important, as it can impact billions of dollars in business.
  • License communities and license types guide are available for authors to determine a license for their work.
  • Open source licenses include the MIT License, GPL License, and Creative Commons Zero v1.0 Universal.
  • Companies like Qualcomm need to take steps to protect their patents, including splitting distribution and separating public and private domain code.
  • Legal and ethical compliance with licenses is important, including citing sources.
  • DRM software protects content for music and movie companies, but consumers need to be aware of the licenses for software and their impact on their own ideas and businesses.
  • Red Hat established a business model around selling support agreements for its Linux distribution and served as a model for other companies.
  • Qualcomm figured out how to mix Patent and GPL businesses and has flourished since abandoning all proprietary, including Android in its business model.
  • Creative Commons and Open Source are free, but businesses need to have income and engineers need to use Open Source software according to terms of license.

Blog Post Reflection

When you create a GitHub repository it requests a license type. Review the license types in relationship to this Tech Talk and make some notes in your personal blog. In your blog, summarize the discussions and personal analysis on Software Licenses/Options, Digital Rights, and other Legal and Ethical thoughts from this College Board topic. Make a license for your personal (blog) and Team repositories for the CPT project. Be sure to have a license for both Team GitHub repositories (frontend/backend). Document license(s) you picked and why. FYI, frontend, since it is built on GitHub pages may come with a license and restrictions. Document in blog how team made license choice and process of update.

5.6 Notes

  • Personal Identifiable Information (PII) is information that can be used to identify a person.
  • PII can be easily obtained through social media, online searches, and other online activities.
  • Be cautious of the information you share online, as it can be easily accessed by others.
  • Keep sensitive information such as financial credentials, two-factor authentication codes, and social security numbers private.
  • Multi-factor authentication and biometrics can increase the security of your systems.
  • Symmetric and Asymmetric Encryption can also enhance the security of your systems.
  • Phishing and malware are potential threats that can compromise the security of your PII.
  • It is important to regularly review your PII vulnerabilities and take steps to protect your information.

Blog Post Reflection:

  • Describe PII you have seen on project in CompSci Principles.
    • An example of PII that I have seen in CompSci Principles is the SQLite Database that we made that stores user input information that is personal and only seen by the owners of the database.
  • What are your feelings about PII and your personal exposure?
    • I feel that it can be good and bad, good for storing information of users but bad if the information gets hacked or leaked
  • Describe good and bad passwords? What is another step that is used to assist in authentication. -A good password is a password that includes a lot of characters that aren’t associated to your life, a bad password is a short password and easily guessable if people get your information especially if your password is associated with you
  • Try to describe Symmetric and Asymmetric encryption.
    • Asymmetric encryption, also known as public-key encryption, is a method of encrypting data using two different keys: a public key and a private key. The public key is used to encrypt the message and the private key is used to decrypt it. Symmetric encryption, also known as shared secret encryption, is a method of encrypting data using the same key for both encryption and decryption.
  • Provide an example of encryption we used in AWS deployment.
    • One example of encryption used in AWS deployment is the use of Secure Sockets Layer (SSL) certificates, which encrypt communication between a user’s browser and a website to prevent eavesdropping and tampering.
  • Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.
    • Downloading a virus is a way that I got phished because I wanted to download hacks for my video games but it linked to a virus. Other phishing techniques include things that get people’s attention and make them click on links / download things