INTERNET
INTRIGUE
- The Internet
-
One of the fastest growing areas of computer technology is the
development of the Internet — a true information superhighway. To
users its a Godsend, to security managers its a nightmare, and for
corporate executives its a two-edged sword.
The Internet is a global computer network that virtually every computer in the nation can link up to. At first it was awkward and hard to use. Now, a number of companies are actively developing software to make it easier and easier to use.
As it becomes easier to use, a wider variety of products can be found on the feature known as the Worldwide Web—a kind of computer bazaar where one can find anything from valuable data to Playboy. It is so immense that one can easily get sidetracked by all of the interesting material found there. As one can imagine, this is causing a dilemma for corporate management.
- A Corporate Dilemma
-
Many corporations have noticed a decrease in productivity once they
have entered the Internet. It appears that many of the workers have
discovered a new sport... surfing the Internet. This
consists of wandering through the maze of screens and sites that
make up the web.
An employee can look extremely busy on the Internet, while actually doing nothing worthwhile... at least on the surface. According to Webster Network Strategies—a company that sells software to block access to various Websites, the average worker wastes 1½ hours a day on the web. This causes consternation for the employer who wants maximum productivity.
However, companies are reluctant to unplug from this global network
that provides time-saving access to information. In response, they
are developing a number of strategies to combat this new threat to
high productivity.
A number of companies are purchasing software that allows them to block access to certain websites. Others are monitoring their workers and logging the sites they visit. Such Draconian measures may have worked in the past, but the typical daytime user is a business professional who must be judicious about the use of his time (according to USA Today, surveys indicate that over two-thirds of the users are males; 81% under 45), and resent not being trusted and monitored. Many of the companies are monitoring usage and not informing the employees at this time.
The more technical savvy companies realize that their employees have had access to the Internet for less than a year and are in the familiarization stage with this new phenomenon. Like any new piece of software, the only way to get to know it, is to use it and play with it. Surfing the net is one way of familiarizing oneself with the Internet, and getting to know what is and isn't available. Sooner or later, one does reach a stage when it’s boring.
- Windows 95... A Trojan Horse
-
One of a security department’s most important duties is
safeguarding the company's data from others and loss of data
through viral destruction. It doesn't make their job easier when
software companies start writing viral routines designed to ferret
out information on their networks. The latest offender is
Microsoft.
Microsoft's latest operating system— Windows 95 —includes a small viral routine called Registration Wizard. It interrogates every system on a network, gathering intelligence on what software is being run on which machine. It then creates a complete listing of both Microsoft's and competitor’s products by machines which it reports to Microsoft when customers register their software over the net.
Customers must actively disable the routine if they don't want it to run.
Mike Conte (group manager for Microsoft's Personal Systems Division) defended their actions by stating:
-
The Wizard presents three screens to the user, all with a chance
to say to “no” to the program, with the last screen requiring a
definite “yes” before the program activates the modem and sends
the information to the company. (ISA Password, June 1995)
The problem is that many users are not computer literate enough to understand exactly what the software is doing... and it catches the unwary.
- DoD Concerns
-
The commercial and private sector are not the only ones taken aback
by Microsoft's “Trojan Horse.” The Defense Department has “security
concerns” about the on-line Registration Wizard as well as
“the general trend toward on-line registration and diagnostic
assistance. Mike Conte addressed those concerns:
-
We are very concerned about their concerns. But our
experience has been that what people have heard about the
Registration Wizard is much more dramatic than it really
is. The program does not send anything to Microsoft that the
user has not approved. They can see the information in a file
called reginfo.txt. (ISA Password, June
1995)
DoD is still reluctant, despite these assurances, to give any firm the power and ability to run a scanning program on its huge installed base of computers. Microsoft insists that any systems administrator can disable the program, so there is no problem.
The privacy issue seems to have been sidestepped and not discussed. Perhaps that is the reason that so many companies and individuals are turning towards encryption as a means of protecting their data.
- Encryption: Thorn in Government’s Side
-
Encryption is a sore spot with government officials who are trying
to tie software export control rules to a national encryption
policy. The proposals drafted by the Interagency Working Group on
Encryption and Telecommunications become more burdensome and
restrictive on businesses and private citizens with each revision.
The latest revisions require that software companies limit the strength of their encription keys to less than the encryption standard used worldwide. Further, they would like the encryption keys to be held in escrow, with an escrow agent.
To their credit the Business Software Alliance, a trade lobbying group have opposed such changes. They would like to see an end to the government’s intervention into a domestic issue. They want restrictions on currently available encryption software lifted and an automatic increase of two-bits in the encryption key length every three years.
In its attempt to write an encryption policy, the administration has been under fire for years from private individuals, civil libertarians and businesses. People resent having their data accessable to others, and for that reason encryption programs such as PGP (Pretty Good Privacy) are popular... and encryption is a growing industry.
Now, is a good time for government to realize that it is NOT entitled to be Big Brother... a third party to every conversation, or transaction that takes place.
- Bastion of Freedom...
-
For better or worse, the Internet is here. It allows the computer
user of today unparralled access to the world at large. With all of
its shortcomings and risks, the Internet is a worthwhile endeavor
in that allows the interchange of ideas and information. It is a
bastion of freedom, and it should be kept that
way!_SRE