--------------------
A.  Societal changes
--------------------
A1.  Newspapers (Kayla Berge)
Describe the newspaper business prior to the Internet.  How was
revenue generated for them?  Describe how it has been impacted
by the Internet over the last decade in terms of revenue generation
and circulation numbers.  How has this impacted the quality and
amount of news reporting?  How has user's consumption of news changed
with on-line news sources and aggregators?  How have new devices changed 
on-line news consumption?  What on-line services have impacted print 
newspapers the most?   

A2.  Book publishing (Andy Moser)
Describe the book publishing business prior to the Internet.  How
was revenue generated for book publishers and authors?  Describe
how reference books have been impacted by on-line content.  Describe
how the industry has been impacted by downloadable e-books.  How
has revenue sharing been impacted with new on-line distribution channels? 
Describe how Amazon's e-book subscription service works.  How does it
change the revenue model for publishers and authors?  What are the
pros and cons of the service for consumers, authors, and publishers?

A3.  Social communication (Nicholas Kula)
Describe the web as a social phenomenon.  What are all of the mechanisms
available for people to communicate with each other?  How are they
different?  How are they the same?  In particular, focus on the history 
of e-mail, NetNews, IRC, instant messaging, social networks, wikis, 
microblogging (i.e. twitter), blogs, and on-line games.  Compare the 
functions of these services and the kinds of communication they are 
good for (i.e. small group, large group).  Can one mechanism completely
replace another one?  Describe how levels of anonymity differ across
dieffernt media and how it impacts discourse.

A4.  References (James Tiet)
Describe problems associated with using the web as a reference
resource.  What are some problems in citing web sources.
How can one overcome the problem of accuracy and attribution.
Are there solutions for the non-persistent nature of web content
in order to ensure that citations do not "disappear"?

A5.  Wikileaks (Gase Mulitalo)
Describe the history of Wikileaks and its current operation.  How do 
they vet the content they are given?  How is anonymity guaranteed for 
contributers?  Describe any controversy surrounding this site.  How does 
Wikileaks make money?  What are laws that apply to its service?  Are there 
alternative sites that can perform its task in a decentralized manner?  
What is the status of the U.S. case against WikiLeaks' Julian Assange?  How 
is he vulnerable to the U.S. Espionage Act?

A6.  Viral campaigns/Memes (Jacob Schultz)
Describe how viral marketing and advertising was used before the advent
of the WWW (1990s).  Specifically, examine how successful e-mail, netnews,
and bulletin board campaigns leveraged the Internet.  As the web has 
evolved, describe instances of how marketing campaigns adapted.  What
novel delivery mechanisms and technologies have viral campaigns used?
What is a meme? Give instances of memes that have been generated virally
using the Internet.

A7.  Internet and Linguistics (Ceara Chewning)
What are the earliest examples (pre-1995) of the Internet impacting
popular language?  What are current examples of the impact on-line
communication has had on language?  How does language use vary across 
different modes of Internet communication?  Explain the perspectives of 
David Crystal's classification.

-------------------------
B. Privacy and censorship
-------------------------
B1.  Anonymizing networks (Nelson Gonzalez-Arango)
Find and comment on tools for anonymizing and/or preserving 
user privacy over the Internet.  What is an anonymizing web 
proxy?  What is Tor?  How does it work?  What mechanisms have 
been used by governments to interfere with Tor?

B2.  Cookies (Torn Saelee)
Explain how cookies threaten user privacy.  Explain what Referer
URL headers are and how they can be used to compromise user
privacy.  Why does almost every user have a cookie for DoubleClick 
even though they have never visited DoubleClick's web site?  How 
might such cookies be abused by web servers?  What software can be 
used to better manage the use of cookies in order to protect a user's 
privacy?  

B3. Do Not Track (Alma McLean)
What is W3C's "Do Not Track" standard?  What are some important 
provisions of the standard?  How and where has this standard been 
implemented?  How effective is the mechanism?  What are some 
problems with it?  Why is there opposition to the standard?

B4. Wiretapping
What are the privacy laws that govern what network traffic the 
government can collect and store?  Do wiretapping laws apply
to network traffic and VoIP?  If so, how?  What was NSA's warrantless
wiretapping program?  What law did it allegedly break?
What parts of the FISA, PATRIOT, Wiretap, and Stored
Communications Act deal with privacy issues?  

B5. Facebook's Beacon
What was Facebook's Beacon?  How did it violate user privacy?
Describe the resolution of the case and how it might apply
to other situations and web sites.  What is Facebook's
frictionless sharing and how does it work?  How is it similar 
to Beacon?  What is post-logout tracking and how does it work?

B6. Facebook tracking (Jaycob Cooper)
Describe the FTC's case against Facebook's privacy violations
from December 2009.  What did Facebook do that was controversial?
How were these violations discovered and what was the impact of
them on users?  What were the settlement terms of the case?  What 
prevents Facebook from performing similar violations in the future? 

B7. Intellectual property and social networks (Linh Nguyen)
Comment on privacy and intellectual property issues related to 
social networking sites such as Facebook, MySpace, and LinkedIn.
and LinkedIn such sites.  How are they alike?  How are they different?
Who ``owns'' the content on these sites?

B8. Portals and your data
Describe some of the privacy fears users have when using popular 
portals such as Yahoo and Google.  What do these sites collect
per user and for how long is this information kept?  What was
the controversy over Yahoo's assistance in convicting Chinese
dissidents?  What information was handed over to the government?
What are provisions in the proposed bill 'Protecting Children from 
Internet Pornographers Act of 2011' that deal with user data
retention for Internet service providers?

B9. Google and China (Michael Liddy)
What are some of the restrictions that were placed on Google for 
doing business in China?  Describe restrictions on other U.S. companies
are faced with when doing business in China.  What led Google to withdraw 
from China?  Why did the U.S. government intervene?  What is the current 
status of the situation?

B10. Google Buzz (Patrick Stanley)
What was Google's Buzz service?  Describe the FTC's case against 
Google Buzz in 2010.  What were some of the practices
that Google employed which were seen as objectionable?  Are these
practices any different than other social networking sites such as
LinkedIn and Facebook?  What were the terms of the settlement?
Is there a double-standard when comparing the services?  How have
these issues been addressed with Google+?  Are there other privacy issues
with the new Google+ service?

B11. Nation-based censorship (Rebekah Machado)
Describe efforts to censor Internet content by countries such as
China and Australia.  What are their motivations and how has it
been implemented?  What success have they had?  What are the side 
effects?  How can these filters be subverted?  Describe Tunisia's 
attempt to compromise accounts and censor posting across a variety 
of services such as Facebook in 2011.  What is FreeNet?  How does it work? 

B12. Spyware (Steven Carter)
*WARNING* Researching this topic may be detrimental to your computer's 
health.  Exercise caution or use a PSU computer to do your research. Describe 
the problem of Spyware.  Give prominent examples of spyware.
How can users protect themselves against such software?  Are there 
laws that exist that can deter this activity?  Describe Blizzard's 
anti-cheating system called Warden for World of Warcraft.  What does 
it do on a client's computer?  Should this be considered spyware?

B13. Personal information trading (Uyen Phan)
Describe the issue of web sites selling customer information.  Are 
there laws for preventing this practice?  What is TrustE?  Describe the 
key components for a web site to be compliant with TrustE.  In what ways 
has TrustE been criticized as being insufficient?

B14. Video monitoring
Describe issues in intrusive video camera monitoring.  What privacy 
issues have services such as Google Maps Street view run into?  What are 
the related laws and court cases in the US and in Europe that govern the 
collection of such images?  What are some concerns and problems associated 
with automated, photo-based police tickets?  What are some concerns with 
satellite imagery used to compromise privacy and security?  

B15.  Geolocation data collection (Nate Myers)
Describe the the controversy associated with Android, iPhone, and 
Windows Phone in terms of its geolocation data collection via mobile 
phones and StreetView.  What kinds of information has been collected that 
has led to objections by the EFF?  How have these companies addressed 
these concerns?  What are some safeguards that might ensure such 
information is not collected and used in the future?  What is "_nomap"?  
Is this a satisfactory approach?  Describe some provisions of the 
Wyden-Chaffetz proposal "Geolocational Privacy and Surveillance Act".

B16.  Federally-mandated backdoors (Leighanna Eickhorst)
Describe the history of communication equipment backdoors and laws 
such as the Communications Assistance for Law Envorcement Act (CALEA) and
the Electronic Communications Privacy Act of 1986 that govern their presence.  
How have such backdoors been used legally to capture criminal activity and how 
have such backdoors been abused?  What is the issue with communication 
software such as Skype and the "Going Dark" problem?  How does such software 
prevent government monitoring?  What were some provisions of the proposed 
Electronic Communications Privacy Act Amendments Act of 2011?

B17.  Carrier IQ
What is Carrier IQ?  What was it meant to do?  What does it actually
do?  Is the software Spyware?  What it the current controversy over the 
software and what is its current status?  What is the role of carriers
in the controversy?  What laws have been potentially broken?  What
legal actions are being taken?

-------------------------
C.  Intellectual property
-------------------------
C1.  IP violation and YouTube
For user-driven sites such as YouTube, comment on what limits 
should be in place for protecting intellectual property.  what
is deep-linking?  Describe what is fair-use on the Internet and 
describe whether common techniques such as deep-linking and 
excerpting fall under the policy.  Describe actual cases where
this has been an issue for indexing sites such as Google News.

C2. SOPA/PIPA (Khanh Nguyen)
Describe the history of the proposed SOPA/PIPA copyright bills.  What
are some of the important provisions of this act?  Why is SOPA needed
to address piracy facilitated by sites such as ThePirateBay?  Which groups 
are behind this bill and why do they support it?  Which groups are 
opposed to this bill?  What is the Internet `death penalty' described
in this bill?  How does it work?  What is the proposed impact 
of this mechanism on the deployment of DNSSEC?

C3. File-sharing networks (Matt Seror)
Describe Napster (1999), Gnutella, and BitTorrent.  How are their 
services similar and how are they different?  What is the current 
stance on the legality of each system under U.S., EU, and international 
law?  Discuss the MGM vs. Grokster case.  What was the ruling and why does 
this ruling not apply to BitTorrent? What you believe to be legal?

C4. Pirate Bay (Derek Muller)
Describe the service that Pirate Bay provides.  Describe its legal
history and what the founders have done to circumvent prosecution.
What is the current stance on the legality of Pirate Bay under US, EU, 
and international law?  Is this stance compatible with freedom of speech?

C5. DMCA
Describe the Digital Millenium Copyright Act its application towards
taking down content on P2P networks and popular sites such as Youtube.
Describe cases where it has been misused by copyright holders.  
Are software vendors liable for distributing code that breaks laws?
Are users liable for running code that can be used to break laws?
http://dmca.cs.washington.edu/
http://www.freedom-to-tinker.com.nyud.net/blog/mfreed

C6. Open-source software (Justin Cate)
What is open-source software and describe its history and the
motivation behind it.  How has open-source and open ideas contributed
to the development of the Internet as it exists today.  What are specific 
instances of open source code that have had transformative effects on the 
Internet?  What is the IETF's stance on intellectual property and patents 
within Internet standards?  What are some common proprietary protocols that
are prevalently used on the Internet?  Describe some similarities and
differences between the GPL and BSD licenses.

C7. Google Books (Mark Greear)
Describe the controversy associated with Google's massive effort to 
scan all of the books in selected libraries.  Are their efforts illegal under
copyright law that limits reproduction of work?  How have they been
able to continue this effort?  Describe the court case and the settlement
agreement.  Is the settlement in the best interests of the authors?

C8. Clickwrap
What are clickwrap agreements?  How do they differ from "shrink
wrap contracts" commonly used for software purchases?  What are browse-wrap
agreements/licenses?  How can such agreements be abused?  What are some 
examples of EULAs that have been controversial?  Are Sony and Electronic 
Arts EULAs that ban law suits legal?

---------------------------
D.  Internet administration
---------------------------
D1. ICANN management
Describe the power that ICANN has over the Internet.  Describe
some of the conflicts that have led other countries to seek
its independence from the US.  Describe China's proposal for a 
split DNS system and problems it may cause.  Describe the problems 
a split DNS system might cause.

D2. gTLD names
What are gTLD names?  Describe how they have been created since the 
inception of the DNS system.  How are gTLDs managed today and how 
many are there?  Who manages .com and .edu?  What are some proposals
for creating new gTLDs?  What is wrong with creating a large number
of them?  What policy do you believe is reasonable?  Which gTLDs
have been created recently?

D3. IP address allocation (Souad El Fane)
How are IPv4 addresses assigned and allocated?  What entity controls
them?  How are IPv6 addresses assigned and allocated?  What is the 
controversy surrounding allocation of IPv6 addresses?  When was IPv6
day?  What was it about?  Describe the impact that blocklists such
as Spamhaus must contend with when considering IPv6 deployment.  How
have they handled this issue?
      
D4. DNS name squatting (John Kelley)
What is DNS name squatting?  What are famous examples of it?  How does
trademark law impact this practice?  What is ICANN's policy for
such disputes (UDRP)?  How does it impact gTLD names?  Who do you
think should be awarded the ".sun" domain?
http://www.eweekeurope.co.uk/knowledge/icann-s-new-internet-domains-hit-
trademark-issues--1398

D5. Net Neutrality (Stephen Schmidt)
What is net neutrality?  Describe the events that lead to the push 
for net neutrality.  Give specific examples of how this principle has 
been violated by service providers such as Comcast.  What is AT&T's 
stance with regard to 'paid prioritization'?  Argue both sides of the 
net neutrality issue and argue what the impact to the consumer would 
be.  Describe the finalized net neutrality rules as set by the FCC in 
Sept. 2011.

-----------------------------
E.  Taxation, gambling, crime
-----------------------------
E1. Internet sales tax
What is the policy for taxing sales over the Internet?  Describe the 
Quill v. North Dakota case of 1992.  Explain the arguments for creating a new 
sales tax for Internet sales?  Who would stand to benefit from such a tax?  
How do e-tailers such as Amazon currently avoid having their customers 
pay sales taxes?  Describe North Carolina's tax collector's case against 
Amazon and its outcome.  Describe the situation Amazon has with California 
and collecting sales tax.  Describe SSUTA legislation introduced in 
November 2011 related to Internet sales tax.

E2. Internet gambling (Justin Meyers)
What kinds of gambling sites are available across the Internet.
Are they legal?  In which jurisdictions can gambling sites set
up?  How is gambling on-line controlled and regulated?  Describe
recent efforts to legalize Internet gambling and what has motivated
them.

E3. Cell-phone money laundering
Listen to the podcast here.
http://www.net-security.org/article.php?id=1648
Describe the issue of cell-phone money laundering.  Why is it being
done?  How easy is it to perform?  How significant is the activity?  
What can be done to limit it? 

E4. Computer fraud (Ranjan Shakya)
Describe the Computer Fraud and Abuse Act (CFAA).  What cases led to 
its passage?  What cases have been successfully prosecuted under this act?
What are some of the issues in its enforcement that criminalize
behavior that is common, such as lying on social networking sites?

-------------
F. Technology
-------------
F1.  PageRank (Adam Guy)
Examine the PageRank algorithm Google uses.  How does it work?  
How could it be subverted?  Explain what Google bombing and 
spamdexing are.  Explain the TrustRank method and other methods 
for addressing such attacks.  Explain what the Panda algorithm
adds to Google's search.

F2.  Internet advertising and tracking (Tyler Wallace)
Describe the history of DoubleClick and how Google usurped their 
market.  Describe how advertising networks such as DoubleClick and Google's 
AdSense work.  What kinds of techniques do they employ to deliver
their advertisements?  What are restrictions in how they operate?
Do any of these violate user privacy?  How much revenue can they
generate for web sites?

F3.  Content distribution networks
Describe what a Content Distribution Network is.  How do such networks
improve the performance of the web?  How do such networks reduce
the cost of providing content?  Give some examples of how
they are used in practice.

F4.  Geolocation databases
Explain what a geolocation database is.  What are some example
tools/products that are available?  What kind of applications 
are such databases used for?  How could might it help
solve security problems? 

F5.  Cloud computing (Randy Veen)
Describe the motivation behind cloud computing.  What are some of the 
popular commercial versions of this for storage?  What are some of the popular 
commercial versions of this for computing?  How are security issues handled 
for such services?  Give a case study of a cloud computing service such as 
Amazon's EC2.  How does it work?  How much does it cost?

F6. HTML5 (Brandon Christensen)
What is HTML5?  In what ways does it improve HTML?  How does it compete
with and differ from Adobe's Flash for delivering video content?  What
are underlying issues with HTML5's proprietary codecs (e.g. H.264)?
Which companies aare pushing HTML5 and H.264?  What is Google attempting
to do with Ogg and HTML5?  What are the trade-offs in one approach versus
the other for consumers?

-----------
G. Security
-----------
G1.  Identity establishment
What are the ways that one can establish identity in real life?  
What are the ways that one can do this on the Internet?  How
do web sites authenticate themselves to users?  That is, how
do we know a web site is legitimate?  What are ways in which
web sites, especially e-commerce ones, authenticate users on-line?
Why can't a user's IP address be used to establish identity?

G2.  Web security
What are SSL and TLS?  How can browsers ensure remote web sites
are who they say they are?  Are they secure even over an unsecure 
wireless network?  Describe the issue with the explosion of master
certificates.  Describe the attack using fraudulent digital 
certificates that purportedly originated from Iran.
How do browsers deal with fraudulent certificates?

G3.  Phishing (Daniel Mansour)
What is a phishing attack?  What are prominent examples of 
actual phishing attacks and how they worked.  What are ways that
phishing attacks can be avoided?  What are services that help one
identify phishing.  Explain how Spear phishing attacks and e-mail 
reputation hijacking work?  Give real examples of such attacks.  
How can one identify them from legitimate messages.  How prevalent 
have these attacks become over the last two years?

G4.  Spam detection
Find and comment on tools for handling the spam problem at
mail servers.  What is the underlying algorithm used for
content-based detection of spam?  How can these algorithms
change with the techniques used by spammers?  
      
G5.  DNS block lists
Describe what DNS-based block lists are and how they work.
Describe the components of the Composite Block List managed
by Spamhaus and how they can be used to stop spam sources.
Describe URL block lists and how they are used to identify and
stop spam.  Describe the DShield service and how it can be used
to make the Internet more secure.  Describe the accusations
against Spamhaus of censorship in November 2011.  Are they
legitimate?

G6.  Botnets
What is a botnet?  How are they created?  How are they managed?
Describe the Torpig botnet and how it worked.  Give other examples of 
the kinds of attacks botnets have been used for.

G7.  Anti-spam
Describe several techniques for stopping spam including CentMail and
"Stopping Outgoing Spam", J.T. Goodman, R. Rounthwaite,
ACM Converence on Electronic Commerce 2004.
What is the intuition behind how they work?

G8. Spam and the law
Describe the motivation and history of the CAN-SPAM act.  What are the 
specific provisions of this act?  Describe some of the act's successes (i.e. 
successful prosecutions) and its failures.  Discuss how spammers avoid 
prosecution under this act.

G9. Spam and DomainKeys
What are Domain Keys and how do they prevent spam from being 
transmitted?  What are SPF DNS records and how do they prevent
spam from being transmitted?  Are there ways to circumvent these
techniques.  What problems do these techniques cause for legitimate
usage.

G10. CAPTCHAs (Israel Doering)
What is a Turing test?  What is a CAPTCHA?  What is its motivation?
Give example applications  of how they are used.  Describe how human
solvers are used to bypass CAPTCHAs for things such as concert ticket
purchasing.  Describe how automated solvers (PWNtcha) do the same.  
Why is reCAPTCHA different than most CAPTCHAs?  What are potential 
alternatives?  What is DeCAPTCHA?

G11.  Cross-site scripting
Explain what cross-site scripting is.  How does it work and why is it
a problem?  How has been cross-site scripting been exploited to compromise 
a user's machine?  What is NoScript?  Describe alternative ways that the 
problem can be fixed.

G12.  Scareware and software downloads (Kevin Trieu)
What is the danger of downloading software from the Internet?
How do adversaries trick users into installing malicious software?
Describe how software delivered over the network can be trusted.  
Give examples of programs that trick users into running software from 
programmers they do not know?  What are methods used to mitigate this 
threat?  What is the process employed by Apple's AppStore, Google's 
Android market, CNET's download.com, etc. for identifying malicious 
software?  How effective are these mechanisms?  How do operating system 
vendors and open-source distributions prevent malicious software from 
being delivered to a user machine

G13. IP address spoofing
Who is responsible for filling in the source IP address.
What is IP spoofing?  Describe attacks that use IP spoofing
to work.  How can IP spoofing be combatted.  What is the 
Spoofer project?  What are their results?

G14. Cross-site request forging
What is cross-site request forgery?  Describe
incidents in which attackers have successfully used this
technique to compromise users.  What are techniques to prevent
such problems.

G15. Ethical disclosure of vulnerabilities
Describe the ethical issues surrounding the disclosure of
vulnerabilities by security professionals.  Should they
be disclosed to the vendor first before the public?  Should they
be discloded to the public if the vendor is either
slow or unwilling to fix the vulnerability?  What are the
ethics behind ``good viruses'' that patch known vulnerabilities?

G16. DNS poisoning
Describe the problem of DNS poisoning.  How does DNSSEC address security 
problems with DNS?  Describe the state of DNSSEC deployment.  What are some 
of the biggest problems in deploying it?  How prevalent is its usage?

G17. Sign-in seals (Sharlene Fielder)
Describe Yahoo!'s sign-in seal.  How does it work?  What kinds of attacks 
does it prevent?  What are some alternatives that also prevent such attacks? 

G18. Safe browsing
Describe how McAfee's SiteAdvisor and Google's SafeBrowsing work.  
What are some of the similarities between the two?  What are some 
differences?  How effective and easy-to-use are these tools?

G19. 802.11 security
Describe different ways of securing wireless networks including WEP and
WPA.  How was WEP broken?  What are the different flavors of WPA?

G20. Stuxnet (Brandon Engen)
Describe the situation around Stuxnet.  What did it attempt to do?  How
successful was it?  How did it abuse digital certificates?  How did it 
spread?  Who is believed responsible for the malware.  What are other
examples of nation-based cyber attacks?  Describe the cyberwar initiated
by Russia on Georgia.

G21. Car security (Artem Snitsar)
Describe security issues with technology that is embedded in cars.
What is done to protect cars from malicious external attacks?
What are some demonstrated vulnerabilities in cars?  How is this
issue being tackled?  Describe Google's driverless car.  What are
legal issues associated with cars driving themselves?  Is this
car vulnerable to attack?  What steps have been taken to ensure
safety?

G22. Windows Update
What is Windows Update?  What software is it used for?
Describe the impact on users if the service is subverted.
How are updates protected?  How has this service been attacked in 
the past?  

G23.  UEFI
Survey a variety of mechanisms for securing the boot process of operating
systems from malware.  What do Intel's TrustedBoot and authenticating
bootloaders do?  How can such mechanisms be subverted?  What is UEFI?
How does it ensure proper booting?  What is its conflict with Linux?
How do Google Chromebooks ensure proper booting?