1.) Go to a popular online e-commerce site like Amazon.com place several items in your shopping cart, and then go to check out. When you reach the screen that asks for your credit card number, right click on the web browser and select “properties.” What can you find out about the cryptosystems and protocols in use to protect this transaction?

I went on the Amazon Website and used the properties functions and a found-out Amazon uses a few different security functions. The protocol that Amazon uses is security certification of hypertext transfer protocol and the site also uses a 128-bit encryption 1024-bit rate.

2.) Repeat Exercise 1 on a different website. Does this site use the same or different protocols? Describe them.

For my second website I chose eBay and it has similar security features as Amazon. They do use the same secure servers as Amazon use, but they use a different encryption protocol which is the Secure Sockets Layer (SSL).

Discussion Questions

1.) Was Charlie exaggerating when he gave Peter an estimate for the time required to crack the encryption key using a brute force attack?

No because with some of these new age security systems and encryption it would take billions and maybe trillions of years for computers to unencrypt these passwords that people use.

2.) Are there any tools that someone like Peter could use safely, other than a PKI-based system that implements key recovery, to avoid losing his passphrase?

He could write down his password on a piece of paper or put it in his phone so he doesn’t forget, or he could get a secure password saver attachment on his Computer.

Ethical Decision Making

1.) Would the use if such a tool be an ethical violation on Charlie’s part? Is it illegal?

It would be unethical because he went behind the companies back and he’s hiding very important information that the employees at the company would like to know. I personally don’t know if this action is illegal but in my eyes it should be.

2.) Suppose that Charlie had implemented the key logger with the knowledge and approval of senior company executives, and that every employee had signed a release that of senior company can record all information entered on company system. Two days after Peters’ call, Charlie calls back to give Peter his key: “We got lucky and cracked it early.” Charlie says this to preserve Peter his key. Is such a “little white lie” an ethical action on Charlie’s part?

I think it is because everyone at the company signed the release form and he did all the proper paper work and he got Peter to keep his key.