Barney's Rubble

Police the 'Net

Will public policy make a difference in virus attacks and spyware infiltration?

• By Doug Barney
• 05/01/2005

Why am I so irritated? It's because of Lauren, my 16-year-old daughter. I'm used to her ignoring me or rolling her eyes like I don't have a clue about anything. But I'm steamed that her laptop for which I paid good money is totally unusable, overrun with viruses, spyware and who knows what else.

I know some of you might blame me for not loading up her Dell lapper with protective software, but you'd be wrong. She has anti-virus and anti-spyware software and the XP firewall is turned on. Maybe it's her near-constant use of IM, but somehow this garbage sneaks through all those defenses.

I'm also tired of Microsoft taking all the blame for this. Microsoft didn't write these viruses. It's impossible to protect PCs that are so liberally connected and incessantly attacked. It's time for a major national debate on how government and law enforcement should intervene. Of course, trying to get Fox News and CNN to talk about hackers is like getting Bill O'Reilly to admit to sexual harassment. For TV news, there's simply no time, what with the Congressional steroid hearings, the Michael Jackson trial, Terri Schiavo, the confirmation of Britney being pregnant and Ashley Simpson's horrible singing.

Experts tell me how powerless the government is against this problem, and that even if the United States did something to lock down, the Internet is so universal that attacks would shift to other countries. Great, so we should just give up and let software do all the work it's failing to do already? Wrong answer. Can government intervention solve the problem? Probably not. Can it help reduce the problem? It's worth a shot.

We need stronger laws, better enforcement and vastly better forensics. We also need to look at the informal structure of the Internet and decide if it's in the best interest of our national and personal security. Is anonymity a good thing if the bad guys can use it as a hiding place? What about building an identification-based subset of the Internet that is far more secure? You could connect from your company or home, and based on your credentials, you could access a limited range of safer sites. Beyond that horizon—you surf at your own risk.

Busting the Content Cops
If you haven't already, don't miss Becky Nagel's cover story, "Content Cops." In 2001, when I was the editor in chief of Network Computing magazine, I met with a Web filtering vendor who couldn't stop bragging about his product. The first morning one customer installed it, the IT folks got an eyeful. One of their own was looking at Web sites of a certain orientation. This IT pro, who was at work earlier than I've ever been, was outed by his peers. To the vendor, this was a success.

Those IT folks had no business invading this poor fellow's privacy, ruining his reputation and laughing behind his back. If content must be tracked to enforce written corporate policies, HR and management need to handle these delicate issues, and they should be well trained. Do you agree? Disagree? Let me know at [email protected].