China vs Google vs Hackers

"Our country is at a crucial stage of reform and development, and this is a period of marked social conflicts. Properly guiding Internet opinion is a major measure for protecting Internet information security." These are the words of Wang Chen, the Minister of the State Council Information Office, People's Republic of China. Is "properly guiding Internet opinion" just a euphemism for the repressive censorship for which China is reputed? Google's recent upset with China over hacking raids on Google's source code to target human rights supporters stands in counterpoint to Mr. Wang Chen's statements(see article), forming a more objective picture. I have long seen the totalitarian regime of the PRC in only one stark light, but I'm becoming aware that although their methods are brutal and repressive, many of their fears are valid concerning civil unrest and security problems in their nation. In the U.S. we got a wake-up call from the Aurora project which exposed the vulnerability of our nation's infrastructure (the power grid in particular) to hacker attacks. We ought to be as conscientious as the Chinese government in protecting our corner of the Internet — for our own sakes and the rest of the Web's. However, "The price of freedom is eternal vigilance." In other words, we must also protect ourselves from our own desire to be ruled and protected too much.


Articles cited:

China vs. Google

China's security needs

Aurora Vulnerability

There is also an interesting discussion on the Aurora Vulnerability at
ControlGlobal.com

On Bird Nests and Locksmiths

As the world increases connectivity via the Internet, the desire and opportunities therein present reconciliation challenges for privacy and security. Every connection made creates a security risk. It is not realistic to try eliminating all such risks completely, but instead we reduce and manage them so there is minimal interference between security, privacy, and usability.

Some of us view the Internet as a vast playground where we can go anywhere and do anything, especially if we use it mainly for entertainment. Maybe some physical neighborhoods are like that, such as those in small towns where everyone knows each other and they don't lock their doors at night. But in both kinds of communities, it's not just roads and houses or computers, but people, who are connecting to each other. One shouldn't simply walk into any house or apartment that catches their curiosity. Neither should anyone walk into any bedroom or bathroom in their own home without knocking, if those rooms are occupied by a guest. For the Internet to function and serve the people it connects, there must be measures to provide security and privacy, or the connectivity becomes too risky for mainstream use. This counts for all kinds of relationships: Server-client, employer-employee, business-customer, site-visitor, etc., and it goes both directions.

When mischievous netizens poke around in other people's files, it's not just the sensitivity or value of the information that's at stake, but the general trust between members of the Internet community. This is one of the main messages in Cliff Stoll's nonfiction novel, The Cuckoo's Egg. In the novel, the hacker antagonists did not do any actual damage to the computer systems they infiltrated. But they still illegally used the private networks and equipment owned by others, which is similar to "borrowing" your neighbor's car without asking. Stoll also compares the hackers' activities to a burglar walking down a quiet street, turning doorknobs at each house until he finds one unlocked. While it's an inefficient method of penetration, it illustrates the need to protect our Web space the way we protect our physical space. The novel also shows that even someone with a small skill set could succeed in breaching even a military network through just a few carelessly administrated systems, if the hacker is patient and determined.

Because the internet is an abstract medium where abstract data flows, it's easy to view the properties and premises therein differently from their physical counterparts. Without environmental cues like actual doors, locks and gates, we have to exercise greater conscientiousness in the Web space to avoid transgressing the way we would in the physical world, and to prevent others from transgressing against us. This applies whether we're surfing the Web, configuring a company router, or providing Internet access for our family computers. Becoming informed on networking configurations and following a code of ethics is essential to healthy Internet communities great and small.

The True Purpose Of Computers

When I was a kid, I believed that computers were the ultimate toy, and played games on them every chance I could get. My siblings love to chat and use Facebook. As I try to steer my 13-year-old brother away from long-distance relationships, and keep myself from spending too many hours in the land of make-believe, I sometimes remember what some of my religion teachers said: Computers were invented under Divine inspiration to move the Lord's work forward. Particularly, we're to take advantage of the world-shrinking, information processing power of computers and the internet in order to link our families together. This doesn't mean that Latter-day Saints must restrict their computer use solely to genealogical work; neither does it mean that computers should never be used for entertainment. But when the inbox and beating the proverbial "final boss" become more important than family, beware; such distraction delights the prince of the power of the air. That's another name for the devil, and all he has to do to win is to keep us from doing good-to distract us.