Back to Book

The Silicon Jungle by David H. Rothman

7. Will your code be based on the =Data Encryption Standard= (=DES=),

1041 words  |  Chapter 115

published by the U.S. government and repeatedly tested by the National Security Agency (NSA) and the National Bureau of Standards? To this day the rumors persist that NSA has built in a trap door to snoop on DES-style codes. True? I don’t know. Captain Zap says, “I don’t trust it. I don’t think NSA would have approved it if they couldn’t crack it.” NSA-approved codes are overkill in all but the most sensitive systems. Telenet has a special interest in encryption software. It is the network into which thousands of computer users dial to reach other machines and services like The Source. In 1984 Telenet claimed to be the first public network offering encryption software—a package for the IBM and clones that uses the public-key method and sells for somewhere under $600. “You have a directory that has all the public keys in it,” said Claudia Houston, Telenet public affairs manager, explaining the Phasor software’s operation. “You look up the guy’s key that you want to send a message to. You punch that key and your message gets encrypted.” For a two-page message, a Telenet man says that might take thirty seconds. Then you’re ready to send over the phone lines. Even if someone wiretaps you, theoretically, he won’t be able to puzzle out your secrets. MCI Mail also offers encryption—through a customized version of a popular communication program—and other electronic networks will undoubtedly follow suit. “Black boxes,” or hardware that scrambles messages, might likewise help; the topic is too complex for me to cover here in the detail it deserves. This equipment usually costs well into the thousands. One security expert, J. Michael Nye, even puts out a consumer’s guide to black boxes.[56] A good black box could be just a special modem with scrambling circuits built in. “If no one else produces a good, low-cost modem with encryption,” says Nye, “I might start doing it myself.” Footnote 56: After writing a draft of this chapter, I helped Nye prepare a section of his black box guide. I find it to be useful, but overly technical for some lay people. Nye may be reached at Marketing Consultants International, Suite #214, 100 West Washington St., Hagerstown, Md. 21740. Call 301/791-0290 for the latest information about the guide’s price and other details. ■ ■ ■ Captain Zap’s Wisdom on Protecting Your Dial-up Computer The Captain and friends stole—via computer connections—over $100,000 in goods and $212,000 in services, including a $13,000 Hewlett-Packard minicomputer. He received a $1,000 fine and two and one-half years’ probation, with fifteen hours a week community service. Far from being 100-percent antiestablishment, however, Zap is a Philadelphia Republican fond of wing tips. (“They show good breeding.”) And a computer security consultant, a client, praises him as “a damn good technician.” A computer-crime expert named Jay BloomBecker isn’t so keen on the use of e×-criminals in security: “There are a lot of people just as bright who have stayed within the law.” Regardless, Zap has some good tips for security-minded computer users, especially those with dial-up machines. Among them: ▪ _Don’t think of computers as gods._ “Remember, there’s just another human at the other end.” ▪ _Spread out your computer numbers; you might even use different telephone exchanges._ Don’t have numbers adjacent to each other—like 555-1212 next to 555-1213. If you do, your computers will be easier targets for hackers with _WarGames_-style dialing programs that scan local exchanges for computer numbers. That’s good advice from Zap. In the same vein, even if you have just one micro, you might consider trying to get a phone number in an exchange miles from your actual location. You might even want to use a tie line to another city. It all depends on whether you think the costs would justify the added protection; for many businesses they wouldn’t. Also, you might keep your modem number secret from people who don’t need to know. A Hollywood director, fearful that computer-smart science-fiction fans might tap into his dial-up machine, used such a precaution. Only he and his regular callers knew the number. His super-secretive approach obviously wouldn’t have worked in a typical business, especially one with many phone lines coming in. Also, nothing’s foolproof; suppose an electronic snoop unlocks your building’s wire closet. ▪ _If possible, use modems faster than 1,200 baud._ Then, says Zap, “most hackers’ modems can’t keep up.” Most small computers’ modems transmit at 300 baud, about 300 letters or numbers a second. ▪ _Remember that hackers can be ingenious._ “Don’t be smug just because you have a dial-back modem. That’s a device that makes callers tap out a special code, and then it rings them back at their authorized location. You can get around it by tying into the central office and setting up a three-way call—without anyone hearing you. I know hackers can set up three-way calls. I’ve done it myself.” ▪ _Protective devices, however, are better than nothing at all._ “Despite their limitations, I’d still install a call-back arrangement or a device that asked you for a code—or maybe a combination of the two. A combination usually would be much better.” ▪ _Don’t get hung up on protecting your dial-up computer with just hardware or just software—use both._ “Black boxes can help keep the wrong people from breaking in. But you also need good security software to control _how_ deeply even authorized people can get into your computer. You want some people—like customers—to have only _partial_ access to the goodies inside your system.” ▪ _Watch what you throw away._ “Some hackers can log onto your dial-up computer after first poking through your trash—for printouts with passwords and similar material.” Another hacker jokingly refers to “The Dempster Dumpster Library.” ■ ■ ■ Don’t lose track of security threats around your office itself while worrying about modems and encryption. Would you believe that you can’t absolutely erase an electronic file—say, a letter or report on your disk—just by following the directions in your software? A snoop might recover the information with a special program like Disk Doctor. Luckily, however, you can zap a sensitive file by magnetically “writing” over its part of the disk. Say you want to wipe out a letter 500 words long, File A. Well, do the following:
Previous Chapter Chapter List Next Chapter

Chapters

1. Chapter 1 2. Chapter 7 and Backup VII, you’ll learn (1) the basics, (2) when charts 3. Chapter 12, “How I Found ‘God’ on MCI (and a Few Other Odds and Ends 4. 1. Bigger RAMs can work with more and larger numbers—a handy capability 5. 2. More RAM can accommodate programs more complicated for the computer. 6. 3. You may want the most sophisticated software to thwart computer 7. 1. You can quickly make safety copies of valuable disks—something that’s 8. 2. You can more easily work with long electronic documents. 9. 1. Absence of bugs. The software maker should have gotten all the bugs 10. 2. General ease of use. A program should be easy enough to learn _and_ 11. 3. Good documentation. The manual should be clear and logically 12. 4. Usefulness to beginners and old pros alike. You can adjust the best 13. 5. Speed. It lets you do your job fast, especially when you use it with 14. 6. Power. Related to speed. The program can quickly accomplish 15. 7. Fewer chances for botch-ups. Good programs limit the chances for 16. 8. The Jewish-uncle effect. Ideally, your software will slow you down or 17. 10. After-the-goof feedback. After you’ve botched up—and we all do 18. 11. Ability to customize. You or at least a software expert can 19. 12. Availability of “accessory” programs to make your original software 20. 13. Support. Ideally, the software seller will stand behind his product 21. 1. A =cursor= is just the marker on your screen—a blinking line, 22. 2. A =file= is an electronic version of a letter, report, or other 23. 3. A =control key= is what you start holding down to turn a letter or 24. 4. To =scroll= just means to move from place to place in your 25. 5. A =menu= lists commands on your screen. It can tell you how to 26. 6. A =block move= is the ability to move material from one part of 27. 8. A =search and replace= substitutes one word (or group of words) for 28. 1. When you work for a stuffy old bureaucracy that’s rich and afraid 29. 2. When you’re a procurement officer on probation. As they say, no 30. 3. When you want to dump the training problems in the manufacturer’s 31. 4. When you prefer an extra-large, extra-sharp screen and giant 32. 5. When you’re looking for a machine that will run special software 33. 1. It takes all of two or three minutes—maybe less—to copy a disk 34. 3. Computer users want to befriend others with similar machines so 35. 4. Many software companies overprice their wares. Yes, it’s expensive 36. 5. Some people in large companies think software houses don’t give 37. 6. Many software companies don’t offer enough guidance or other help. 38. 2. A file in a data base is the electronic version of a file drawer or 39. 3. A =field= is a category of fact like the amount of money spent on 40. 4. =Structure= is simply the way a record is set up. There are three big 41. 5. The EDIT command changes the contents of a data field. You can type 42. 6. A command to APPEND can add new records to your electronic filing 43. 7. =Sorting= lets you reshuffle records alphabetically, by date or other 44. 8. The LIST command tells dBASE II to flash across the screen the 45. 9. .AND. helps you narrow down the information you’re looking for or 46. 10. .OR. is another way to describe the desired facts. LIST FOR 47. 11. LIST FOR .NOT. SALE:PERSN = ‘BABBITT’ could help weed from view, or 48. 12. =Command files= are programs that tell the machine how to manipulate 49. 1. A large number of rows and columns. A spreadsheet of 254 rows and 65 50. 2. Speed. “Even with a simple spreadsheet,” says Scharf, “someone might 51. 3. General simplicity and ease of use. In tricky places, does the 52. 4. Range of commands. Most spreadsheets nowadays let you easily move or 53. 5. The ability to do what-if tables. The best spreadsheets won’t just 54. 6. Easy consolidation of figures from different spreadsheets. That’s no 55. 7. =Natural order of recalculation.= Cells must influence the numbers in 56. 8. A useful =macro language=. Macros are combinations of commands that 57. 1. Deciding whether to hire a computer consultant. How much in your time 58. 2. Hiring and using a consultant. It isn’t just a matter of asking, 59. 3. Training employees. Don’t clutter your people’s minds with 60. 4. Working with your company’s data-processing people. Know which 61. 1. The computer company’s FORTRAN, according to Stewart, was as badly 62. 2. FORTRAN wasn’t as good as BASIC for micro data bases that stashed 63. 3. Brown was still basically a mainframer. And micro FORTRAN was 64. 3. “What’s the quality of the work? 65. 1. Who’s teaching? Can he or she communicate well with the students, and 66. 3. Why is the material taught? To make your people computer literate in 67. 4. When do the students learn? On their time or yours? Will you reward 68. 5. Where is the learning happening? Ideally, your students can take the 69. 6. How do the students learn? Through instruction manuals, mainly, or 70. 1. Even the best-intentioned companies may fail miserably in easing some 71. 2. The traits which make somebody valuable to his company _may_ be the 72. 3. At the same time you can’t stereotype anyone—by age, folksiness, or 73. 4. An important part of training is simple salesmanship—persuading the 74. 5. Don’t make computerization seem more threatening than it has to be. 75. 6. As early as possible start people on real projects. The first day at 76. 2. Helped them with some learning aids like color-coded keys showing 77. 3. Motivated them by explaining how their new computer skills would make 78. 1. Before approaching Data Processing, ask who-how questions about the 79. 2. Ask your informal Data-Processing contact about possible technical 80. 3. When you’re ready to deal with the Data-Processing manager, tell 81. 4. Make it clear you’re aware of your project’s complications. 82. 1. =The canary-in-the-mine= theory of labor relations. Ergonomics is 83. 3. =“Terminal” happiness.= Detachable keyboards are just a start, 84. 7. =Air conditioning, heating, and ventilation=—basics neglected by a 85. 8. Honest assurances to your people that you’re exposing them to the 86. 9. A willingness to consider alternatives to the TV-like CRTs that 87. 10. Sensible use of wrinkles like the mouse—the hand-sized gizmo you use 88. 11. A related ingredient, good software—the topic of earlier chapters. 89. 2. How far the keyboard platform protrudes from the platform on which 90. 4. The angle at which the screen faces you. You can swivel away to your 91. 5. The height of your chair. You don’t of course need high-tech 92. 1. Removing half the tubes from existing fluorescent fixtures. You’ll 93. 2. Parabolic fluorescent fixtures with baffles to keep the light out of 94. 3. Parawedge louvers, which, according to Eisen, “have been particularly 95. 4. Desk and floor lamps. You might buy rheostats you can plug in between 96. 5. Indirect lighting. The disadvantage is the expense. You may have to 97. 1. Coatings or etching applied during manufacture of the video displays. 98. 2. Coatings put on after manufacture. Generally, but not always, they 99. 3. “Colored plastic panels and etched faceplates,” which, says Eisen, 100. 4. Micromesh filters, favored by German ergonomists. Eisen says U.S. 101. 5. Polarizing filters. They may reduce brightness and shorten tube life, 102. 1. There is a possibility, extra-slim, but still there, that 103. 2. More minor physical and mental problems from computers definitely do 104. 6. The possibility of a detached retina 105. 3. Guarding your electronic files 106. 1. Burden programmers and others with electronic versions of heavy 107. 2. Keep their computer systems easy to use—and vulnerable. (“Then you’re 108. 3. Compromise. (“You get half raped.”) 109. 1. How hard, exactly, would it be to puzzle out? Just how many 110. 2. How compatible is the program with your computer? If security is so 111. 3. Is the security program easy to use? If it’s too hard, it’ll be 112. 4. Are you certain the program won’t jeopardize the accuracy and 113. 5. Should you expand your system, will the security software be able to 114. 6. Do you want a =public key= encryption system? It works this way. You 115. 7. Will your code be based on the =Data Encryption Standard= (=DES=), 116. 1. See if your disk has a file at least 500 or 600 words long. If so, 117. 3. Erase A. 118. 1. Zealously enforce a no-drinking, no-eating policy around disks, at 119. 2. Remember the Rothman Dirt Domino Theory. Dirt, dust, and grease often 120. 3. Realize that floppies don’t always mix well with office materials 121. 4. Know about other natural enemies of floppies or at least of the data 122. 5. Don’t even let your floppies rest against your computer’s screen, 123. 6. Remember that the more information you can pack on a floppy, the more 124. 7. Clean your disk heads. Don’t use rubbing alcohol. “Try something like 125. 8. Have head alignment checked, to reduce disk errors. With heads out of 126. 9. Buy quality disks. Of course, the more you spend on disks, the more 127. 1. Every five minutes or so, type out the “KS” or an equivalent and dump 128. 2. Every half an hour make a printout of your recent work. With a fast 129. 3. Every day make your backup floppy. You might forget about the scratch 130. 1. Dumping to floppies. It’s cheap but slow. Then again, you can speed 131. 2. Transferring the Winchester’s contents to a special tape drive large 132. 3. Dumping to an ordinary videocassette recorder. Although slow, it’s 133. 1. How much time or money does it take to enter your data or set up your 134. 3. How much time or money do you have for copying, cleaning, 135. 1984. Many more companies might be. They might have kept quiet, however, 136. 1. The cottage keyers are paying more than $2,600 a year to rent their 137. 3. Likewise, the cottage keyers lack the normal fringe benefits. The 138. 4. The keyers may not be sharing the experiment’s rewards fifty-fifty. 139. 1. Ease and speed of use. You needn’t be a computer expert or wrestle 140. 2. Friendliness. A good system isn’t just easy to use; it’s also boy 141. 4. Confidentiality. Clerks aren’t privy to the same information as the 142. 1985. They’d be able to place mutual-fund orders for clients, conduct 143. 1. Lower phone bills. In a Midwestern office of the H. J. Heinz Company, 144. 2. Elimination of telephone tag. “We can type a memo at the end of our 145. 3. An end to garbled messages. Errors and misunderstandings decline when 146. 4. More efficient sharing of ideas. =Computer conferencing= is an 147. 1. How long a Kaypro took to sort dBASE II files electronically while 148. 3. How long a second Kaypro needed to sort the dBASE files in the first 149. 1. How extensive do you want your network’s file-sharing capabilities to 150. 2. Who’ll manage the network? Who’ll determine who can see what 151. 3. Do you want to assign special network-related duties to other people? 152. 4. Who will work at what =node=? That’s jargon for a location or =work 153. 5. Will some people share work stations? If so, you’d better decide 154. 7. How many printers and other gizmos will people share, and where will 155. 8. What kinds of computers are you planning to hook up? The WEB as of 156. chapter 11, but subject to court approval, would be bought by a Swedish 157. 1. If your computer messes up, remember the very last thing you did, 158. 2. See if that isn’t the answer to your problem. 159. 1. Know your prices. Study the want ads of the local papers. There’s 160. 2. Pay attention to the machine’s physical condition. A banged-up 161. 3. Find out how your pet programs run. If you don’t have any available 162. 5. Find out what generation of equipment it is. Does it include all 163. 6. Learn where you stand legally if you’re buying software with the 164. 7. Call up commercial auctioneers and find out if they’re holding any 165. 8. Obviously you’ll want to consider a maintenance agreement with a 166. 1. Another daisy wheel machine. The daisy wheel is plastic or metal and 167. 2. A =laser printer=. Typically, it works a bit like some copying 168. 3. A =thermal-transfer printer=. This uses patterns of heat to arrange 169. 4. An =ink-jet printer=. This kind literally squirts ink against the 170. 1. =Draft quality.= The letters are too dotty for anything but drafts 171. 2. =Correspondence quality.= It’ll do for a letter to a forgiving friend 172. 3. =Near-letter quality.= You can get away with it for book manuscripts, 173. 4. =Letter quality.= That’s typewriter quality. 174. 1. Does the printer offer them no matter what computer or program you 175. 3. For free, will the store modify your computer system to make the 176. 4. Will your desired combinations of features work simultaneously? 177. 2. If not, can the store make one up for you? At what cost? 178. 1. The general logic of the manual. The author should have written it 179. 2. The quality of the index. I’ll charitably assume it’s there to begin 180. 3. Simplicity of vocabulary and sentence structure. A manual shouldn’t 181. 1. The field may only contain certain numbers and/or letters—for 182. 2. The field will _enter itself_ based on your previous entries. For 183. 3. The field can be a constant. For example, if your data record 184. 4. The field can automatically shift cases for you. For example, you 185. 5. The field can insist that whatever you type in is identical two 186. 6. The field can be required—something that you _have_ to enter, or 187. 1. Does the program help you come up with pies, bars, or whatever kind 188. 2. Can it do so as quickly as possible? 189. 3. Does the program fit in well with your other software? 190. 4. How much memory space does the program—and the electronic files of 191. 5. What about the program’s color capabilities—both on screen and on 192. 6. Does the program coexist okay with the printer or plotter you own or 193. 7. How easy is the program to learn? What about the other general traits 194. 1. “Who?” Who from the contracting firm is doing the work? A junior 195. 2. “What?” Describe the task as clearly and precisely as possible. And 196. 3. “When?” Can you negotiate a penalty if the firm misses a deadline? 197. 4. “Where?” Will the consultants do the work in your office? Theirs? On 198. 5. “How much?” Obvious. 199. 1. Thinking small. Don’t bargain over the Who-How simply for the whole 200. 2. Making the consultant give you the source code of the new software. 201. 3. Insisting that any manuals for his software be complete and in plain 202. 4. Bargaining if possible for a software warranty. Then, if you discover 203. 5. Possibly requiring the consultant to give you a discount on 204. 6. Negotiating for full or part ownership of the software he may develop 205. 7. Forbidding the consultant from selling the new software to your 206. 8. Making the consultant pledge that he won’t violate any trade-secret 207. 9. Hammering out a confidentiality agreement, if necessary, to protect 208. 10. Making the consultant agree in writing that he is working as your 209. 11. Trying to write into the contract your right to a full explanation 210. 12. Remembering that there’s only so much protection the law can give, 211. 13. Choosing the right lawyer, if you can afford one, for the contract. 212. 1. Is the convenience worth the extra several hundred dollars you’ll be 213. 3. How do the windows look alongside each other? Do they =overlap=, just 214. 4. How about =data transfer=? If you move information from one 215. 5. What kind of graphics—=bit mapped= or =character based=? The bit 216. 6. Will the window program work with ordinary software or just products 217. 7. Will the windows at least slightly slow down some programs? A word 218. 8. Is the program picky about the computers it’ll work with? A window 219. 9. Does the program require a mouse—the gadget you roll on your disk to 220. 1. Communicate teletype-fashion with the other person. You can keep 221. 2. Call up electronic bulletin-board systems (BBSs) or plug into The 222. 3. Get copies of other programs that altruistic computer buffs have 223. 1. Start out with the other person’s modem set on ORIGINATE and yours on 224. 3. Hit your carriage-return key. 225. 6. Assuming you’re using a manual modem, flick the switch to “data.” 226. 3. Hit your return. 227. 1. From MODEM7’s main menu, you select =T= and again hit the return a 228. 2. Find out if the other person can read words you type. (Don’t worry if 229. 3. Tell him (or her) to set up his computer so that, on paper or on a 230. 4. Once the other person is ready—while you’re still in the =T= mode—hit 231. 5. Now you type =B:[name of file]=. Here and elsewhere don’t type the 232. 6. Next hit your return. The disk should start spinning, and both you 233. 2. Again, select your trusty =T= from the main menu. But don’t hit your 234. 4. Type =B:[the name of the file you’re creating on the data disk to 235. 6. Then hit the letter =Y= with your finger on the control key 236. 8. Then, to preserve the file, “writing” to your disk, you must type out 237. 2. From MODEM7’s main menu, type =S B:[name of the data disk file you 238. 3. Hit the return. 239. 3. Hit your return. 240. 2. Type the word TYPE, then a space, then the name of the file—preceded 241. 3. Then hit your return. 242. 4. Hit your return. 243. 3. Tap =Control-B=. 244. 4. Type the right number (300 for 300 baud, 1200 for 1,200; do not use 245. 5. Hit your return.

Reading Tips

Use arrow keys to navigate

Press 'N' for next chapter

Press 'P' for previous chapter