Roanoke Times
Copyright (c) 1995, Landmark Communications, Inc.
DATE: SUNDAY, April 24, 1994 TAG: 9404190176
SECTION: BUSINESS PAGE: F-5 EDITION: METRO
SOURCE: BY JIM SHEELER KNIGHT-RIDDER NEWSPAPERS
DATELINE: BOULDER, COLO. LENGTH: Medium
"It's a rough place, a tough place, a weird place, a place where thievery goes on," said Guy Cook, director of Colorado SuperNet. "You can count on [people trying to break into your network]. There's a lot of bad people on the Net, and if you don't protect yourself, they're going to hurt you."
The Internet is anarchistic, with no central controller or police force, and that's just the way users like it. But with anarchy comes the danger of Internet thugs running rampant, freely committing cyberspace sabotage.
In February, pirates planted a "Trojan Horse" or "sniffer" program at several Internet gateways around the country. Those programs are set up to capture passwords to gain illegal access to Internet accounts.
The break-ins alerted government officials, who called for Internet users to change their passwords frequently. The March issue of the Internet Letter reports that the FBI is investigating an Internet-conducted $1 million extortion attempt on a U.S. company by an individual in a foreign country.
Many companies are constructing layers of protective "firewalls" throughout their systems. The firewalls are highly restrictive, allowing only certain users access to different areas of the system. If someone breaks through one wall, they find themselves facing another.
Another way companies and individuals have been protecting themselves is through a program created by Boulder software consultant Phil Zimmerman.
Pretty Good Privacy is Zimmerman's no-cost encryption program that scrambles electronic mail files. The program is still swapped back and forth on the Internet, but the federal government is trying to stop it.
As it turns out, PGP works too well for the government, which wants a way to break into programs or files it suspects are conducting criminal activity. The government is pushing the requirement of the "Clipper Chip" to connection devices such as phones and modems. The chip would give the feds a back door into user's files.
Many Internet users cry "Big Brother" when they hear talk of the Clipper Chip. Others, such as Randy Mensing, chief information officer at Storage Technology Corp., say the government needs to get together with the users and come up with an answer.
"The use of the Internet opens the users up to a security issue if it is not managed properly. That's a gray area that the government and industry have to resolve before the Internet will be 100 percent usable, I believe," Mensing said. "It's my belief that industry has the best solutions, and the most effective means for its use will be forced by industry."
Internet transactions are still so new that even the lawyers haven't figured out what's ethical within their own field. Anthony Claiborne, partner at Burden & Claiborne, a Boulder law firm on the Net, said the firm uses the system only for non-confidential communication.
"E-mail is not secure. While there are ways to encrypt it, we don't want to risk our confidential client relationship," he said "That's being debated right now.
"By posting something on E-mail, you may be waiving the attorney/client privileges."
Claiborne believes a version of PGP the firm downloaded to protect its E-mail was actually infected with a virus. He said the firm has instituted a new policy of "no downloaded software - period."
Cook said the best policy is to be wary of the possibilities and not to use the Net for important business deals. Many people remain wary about even small credit card purchases.
"This is a public data network. That's why you don't see big-time, hardcore financial transactions over it," he said.
Robert Carpenter, president of Internet consulting company InterNet Integration Inc., has a similar policy toward security and the Internet in general.
"If you need privacy, the Internet is not the place for you," Carpenter said. "End of issue."
by CNB