Date: Wed, 5 Apr 1995 22:42:04 -0400 (EDT)
In-Reply-To:
Message-ID:
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
I am a bit cautious about print books about the Internet. They seem to
have a common habit of driving up paranoia about the internet security.
When Stoll wrote "Cukoo's Egg", DEC and HP used to snoop each other's
e-mail over the ethernet feed that connected them at UCCS (Colorado
Springs), it was a big joke. Sometimes they would send des encrypted
garbage (randomely generated character strings) through each other's
networks (along with classified flags), just to drive each other crazy.
Remember, until 1991 the internet was a bunch of modems, UNIX (4.2 BSD yet)
and ethernet cards that could "sniff" TCP/IP packets. In 1991, Common
Carriers such as MCI, Sprint, and AT&T started taking over the formal
control of the Comm links. Routers with tight IP packet filtering to
prevent outbound spoofing, and Firewall gateways have given much more
control over the internet. In most cases, the IP packet can be traced
all the way back to the ANI telephone number that sent it.
In Cucoo's Nest Days, 11 year old kids were logging into DOD host
computers with anonymous logins using "guest" accounts that were more
like welcome-mats. Today, "cracking" into a computer that puts up
a "no trespassing" indicator is a felony with a 15 year prison term and a
$150,000 fine.
In 1992, banks and insurance companies started using protected segments
of the internet to carry traffic. By 1994 NASD had standardized on
TCP/IP and SCO UNIX with Kerberos authentication. Domestic commerce is
conducted over the internet using DES, RSA, and PGP encryption on a
regular basis. There are even "customs gateways" which provide
"attach wiretap here" interfaces to government agencies and encrypt on
either side of that link.
I've spent the last 10 years working toward making the internet suitable
for commercial use. Making it easy enough to be used by my mother, and
secure enough to bank my paycheck. It is frustrating to see the panic
when the print press sensationalizes a break-in by a very technically
astute "safe cracker" who makes it into a relatively unsecured system.
If you leave the keys to your house on the window-sill and tell all your
neighbors about the stash of diamonds you have in the pillow in your
bedroom, it is quite likely that you will be visited by someone who
watches how you come in, and where you leave your key.
At one time, the internet was as safe as Hunt's point at midnight. Today
its more like Wall street at 3:00 P.M. Do we WANT it to be as safe as
NORAD?
Rex Ballard
From rballard@cnj.digex.net Wed Apr 5 23:11:25 1995
Status: O
X-Status: