splitting into two camps
The supposed risks of the internet seem to drive people into two opposite camps.
In the one camp, there are those who see danger everywhere. In the other camp, there are those who argue that there is absolutely no crime, mischief or other evil perpetrated via the internet, that wasn't already possible before, so what's the big problem?
One camp is perceived as paranoid luddites, while the other camp is perceived as naive technophiles.
On this page, we identify some of the risks, and ask how seriously they should be taken.
(I'm sure all the large insurance houses have excellent data security, but is this also true of all the agents and brokers?)
Even if you merely browse a site selling expensive antiques, this might be enough to trigger interest from a gang specializing in stealing antiques.
Many people would dismiss this as an irrational fear, because it would be unlikely that the hacker would also be a local burglar, and in any case the hacker wouldn't be certain that you were leaving your house empty, with the expensive jewellery in it.
This is bad logic. You shouldn't ask for the probability of a given hacker being a local burglar, but for the probability that any local burglar might also be a hacker - or have friends who are hackers.
In any case, like a good salesman, a professional burglar doesn't expect information to provide a guaranteed outcome - merely to identify hot prospects, where there is a better than average chance of a good haul. Imagine you were a burglar - ask yourself how you would use easily available information to enhance your success.
Computer studies are very popular on the school curriculum, but I wonder how much children are taught about the use and abuse of information. Or for that matter, the use and abuse of deductive logic.
(Of course, most adults are equally naive about the use and abuse of
information. Even people working with computers often fail to appreciate
how much information can be deduced from the personal data collected by
banks, airlines, supermarkets and others, and to what uses this could be
put. Or they take false comfort from the fact that the organizations
they work with are incapable of making effective use of the information
Some companies now advertise job vacancies on their website. Applicants are invited to submit a CV electronically.
There is rarely any authentication, so it is easy to submit spoof CVs. This would include maliciously compiled CVs on behalf of real people.
Having compiled a spoof CV, it is then possible to write a program that
submits this CV (or variants of it) to thousands of companies.
A troll is a spoof message introduced into a list or chat room for the purpose of evoking maximum response. It is the web equivalent of those books of replies to silly letters written to famous people. Its author is masked, it has no restrictions on scope - often they are copied to other forums - it is designed to arouse an emotional response and ultimately poke fun at belief and trust. [source: Aidan Ward]
And because it's so quick and easy, the message can be broadcast around the world before you've had second thoughts about sending it.
We are not good at judging probability at the best of time, but this increase in scale makes our intuitive judgements about probability even worse. When you are tempted to dismiss something as unlikely, remember that in very large systems, with very large volumes and densities of interaction, extremely unlikely things happen every day.
Other things being equal, the unfamiliar is usually riskier than the familiar, simply because we don't yet know how to handle it safely. Of course, that isn't an argument against ever trying anything new, but it is a warning about the additional risks involved.
Thus the acceptability of electronic banking depends on several factors,
but a perception that it is riskier than traditional banking, whether or
not this is fair, will slow down the adoption.
There are several base mechanisms in play, including various forms of encryption and e-signature.
Meanwhile, there is a growing army of people motivated to crack these mechanisms.
Technical solutions are important, but they must be combined with social
Copyright © 1999 Veryard Projects Ltd