Reprinted from: Exotic Research Report (Volume 1, Issue 1;
One of the fastest growing areas of computer technology is the
development of the Internet — a true information superhighway. To
users its a Godsend, to security managers its a nightmare, and for
corporate executives its a two-edged sword.
The Internet is a global computer network that virtually every
computer in the nation can link up to. At first it was awkward and
hard to use. Now, a number of companies are actively developing
software to make it easier and easier to use.
As it becomes easier to use, a wider variety of products can be
found on the feature known as the Worldwide Web—a kind of computer
bazaar where one can find anything from valuable data to
Playboy. It is so immense that one can easily get
sidetracked by all of the interesting material found there. As one
can imagine, this is causing a dilemma for corporate management.
A Corporate Dilemma
Many corporations have noticed a decrease in productivity once they
have entered the Internet. It appears that many of the workers have
discovered a new sport... surfing the Internet. This
consists of wandering through the maze of screens and sites that
make up the web.
An employee can look extremely busy on the Internet, while actually
doing nothing worthwhile... at least on the surface. According to
Webster Network Strategies—a company that sells software to
block access to various Websites, the average worker wastes 1½
hours a day on the web. This causes consternation for the employer
who wants maximum productivity.
However, companies are reluctant to unplug from this global network
that provides time-saving access to information. In response, they
are developing a number of strategies to combat this new threat to
A number of companies are purchasing software that allows them to
block access to certain websites. Others are monitoring their
workers and logging the sites they visit. Such Draconian measures
may have worked in the past, but the typical daytime user is a
business professional who must be judicious about the use of his
time (according to USA Today, surveys indicate that over
two-thirds of the users are males; 81% under 45), and resent not
being trusted and monitored. Many of the companies are monitoring
usage and not informing the employees at this time.
The more technical savvy companies realize that their employees
have had access to the Internet for less than a year and are in the
familiarization stage with this new phenomenon. Like any new piece
of software, the only way to get to know it, is to use it and play
with it. Surfing the net is one way of familiarizing oneself with
the Internet, and getting to know what is and isn't available.
Sooner or later, one does reach a stage when it’s boring.
Windows 95... A Trojan Horse
One of a security department’s most important duties is
safeguarding the company's data from others and loss of data
through viral destruction. It doesn't make their job easier when
software companies start writing viral routines designed to ferret
out information on their networks. The latest offender is
Microsoft's latest operating system— Windows 95 —includes a
small viral routine called Registration Wizard. It
interrogates every system on a network, gathering intelligence on
what software is being run on which machine. It then creates a
complete listing of both Microsoft's and competitor’s products by
machines which it reports to Microsoft when customers register
their software over the net.
Customers must actively disable the routine if they don't
want it to run.
Mike Conte (group manager for Microsoft's Personal Systems
Division) defended their actions by stating:
The Wizard presents three screens to the user, all with a chance
to say to “no” to the program, with the last screen requiring a
definite “yes” before the program activates the modem and sends
the information to the company. (ISA Password, June 1995)
The problem is that many users are not computer literate enough to
understand exactly what the software is doing... and it catches the
The commercial and private sector are not the only ones taken aback
by Microsoft's “Trojan Horse.” The Defense Department has “security
concerns” about the on-line Registration Wizard as well as
“the general trend toward on-line registration and diagnostic
assistance. Mike Conte addressed those concerns:
We are very concerned about their concerns. But our
experience has been that what people have heard about the
Registration Wizard is much more dramatic than it really
is. The program does not send anything to Microsoft that the
user has not approved. They can see the information in a file
called reginfo.txt. (ISA Password, June
DoD is still reluctant, despite these assurances, to give any firm
the power and ability to run a scanning program on its huge
installed base of computers. Microsoft insists that any systems
administrator can disable the program, so there is no
The privacy issue seems to have been sidestepped and not discussed.
Perhaps that is the reason that so many companies and individuals
are turning towards encryption as a means of protecting their data.
Encryption: Thorn in Government’s Side
Encryption is a sore spot with government officials who are trying
to tie software export control rules to a national encryption
policy. The proposals drafted by the Interagency Working Group on
Encryption and Telecommunications become more burdensome and
restrictive on businesses and private citizens with each revision.
The latest revisions require that software companies limit the
strength of their encription keys to less than the encryption
standard used worldwide. Further, they would like the encryption
keys to be held in escrow, with an escrow agent.
To their credit the Business Software Alliance, a trade
lobbying group have opposed such changes. They would like to see an
end to the government’s intervention into a domestic issue. They
want restrictions on currently available encryption software lifted
and an automatic increase of two-bits in the encryption key length
every three years.
In its attempt to write an encryption policy, the administration
has been under fire for years from private individuals, civil
libertarians and businesses. People resent having their data
accessable to others, and for that reason encryption programs such
as PGP (Pretty Good Privacy) are popular... and encryption
is a growing industry.
Now, is a good time for government to realize that it is NOT
entitled to be Big Brother... a third party to every conversation,
or transaction that takes place.
Bastion of Freedom...
For better or worse, the Internet is here. It allows the computer
user of today unparralled access to the world at large. With all of
its shortcomings and risks, the Internet is a worthwhile endeavor
in that allows the interchange of ideas and information. It is a
bastion of freedom, and it should be kept that