A Case Against The Internet: We Are Not Worthy. Where in knowledge, lost wisdom? Where in data, lost knowledge? -Pope ll, it's a fact, the internet is here o stay. Many of us certainly know the hype surrounding Internet companies, and some of it is probably well placed optimism. Before the Internet, companies were lucky to successfully send computerized files to themselves reliably. Now, if 20 megabytes aren't transferred in a minute, we feel ripped off. The magnitude of information organization and transfer today is truly astounding, and it hasn't taken venture capitalists long to try buying it out. With today's seemingly routine and constant upgrade of technology, where's the downside? Yes, drag out the Luddite stereotype, but my concept is the opposite. Luddites saw their livelihoods vanishing with technological advancement, and smashed machines in a desperate attempt to salvage their vanishing traditions. For myself, I'm an avid (rabid?) fan of computerization, and have my career staked in its success. What I fear is that the current Internet culture sacrifices our individual rights in pursuit of commerce. Commerce is certainly a worthwhile goal, but how much have we contemplated what we surrender to achieve it? The clichd I refer to is advancing knowledge while ignoring wisdom. So how does this new commerce cloud our wisdom? I feel the fascination with these accomplishments distracts us from questioning where our trust is placed. This is specific to the computers most users are on today. In the past, proper data routing and storage were an unavoidably manual operation. There was no option but to have a unique group of specialists charged with the responsibility do it. Because Wi of this, trust existed because of personal accountability. In the wholly automatic world to come, data transfer will become subconscious. Information will be produced as fast as you can ask for it. But here's the catch: the systems required to find and parse information for you will be, themselves, found and parsed. There's precious few ways to stop this, but suffice to say, even those few are not being implemented at all. This blind faith extends to include trusting information and programs downloaded from the Internet. Programs attached to mail are routinely executed, with users oblivious to any danger. Technocrats scoff at this alarmist notion, but my challenge is to look around. Trojan horse programs are not only common, but also startlingly under-reported. For all the trojan/virus programs we read about that alert us because of their over-replication, how many more exist as passive security holes brought in by well-wishing dupes? An employee sends an .EXE file to friends in other companies to brighten their day with a pretty display of computer generated fireworks - never realizing that act has compromised their computers as well. Variants of the "I Love You" virus disable themselves after collecting passwords from only the first 3 users that unwittingly execute them. Some programs do nothing after being installed except to report the user's internet activity to a central server of course that's legal as long as you call yourself a "Free Internet Service Provider". We often hear about the panic and expense caused by oblivious trojan programs that shut down mail servers by overwhelming them with inane re- quests. What more lethal and subtle variants of these are sure to come? And what do we do in the face of these obviously flawed security schemes? Until after the fact, little. A current sales pitch features a Russian pilot defecting to America for his life dream of "Free internet access" - but no mention of any hypocrisy. What is it worth if personal queries get into your KGB file anyway? Again, I'm not saying that it does. I'm saying that if it did, there wouldn't be any way to know about it. Think about it: could you, or anyone you know, manage to audit files on their computer and know, after the fact, what information has been gotten by a trojan virus? It's far more common that wrongdoing is discovered because information is found where it shouldn't be rather than because alarms detected unauthorized movement and documented it in the first place. Let me stress that I know security systems exist. My concern is that the vast majority of the world Internet community has virtually no understanding of them, and no interest in employing them. In our ferocious pursuit of technology we have shown little concern for whom we trust, and for documenting whether or not that trust has been compromised. Do I advocate stopping the internet altogether? No. There are clearly many worthwhile gifts it has given us. But let's insure it's always a horn of plenty, and not Pandora's Box. - Patrick O grien Patrick.LObrien@gte.net Computers and Society, September2000

/lp/association-for-computing-machinery/a-case-against-the-internet-we-are-not-worthy-gqpoQlrkaI