THE VIRGINIAN-PILOT Copyright (c) 1995, Landmark Communications, Inc. DATE: Friday, October 6, 1995 TAG: 9510060487 SECTION: BUSINESS PAGE: D1 EDITION: FINAL SOURCE: BY JAMES SCHULTZ, STAFF WRITER DATELINE: NORFOLK LENGTH: Medium: 87 lines
Relaxed and easygoing, clad in jeans and a T-shirt, David Bianco doesn't appear a raving paranoiac. But get him on the subject of on-line computer security, and Bianco's thoughts turn, as he puts it, ``sneaky.''
Run with the infobahn crowd, he says, and you can never be too watchful or too suspicious.
``It's you against everyone else on the Internet,'' asserted Bianco, network and systems administrator for iTRiBE, a Norfolk company that provides access to the worldwide computer network known as the Internet. ``You have to think of adversaries. You have one shot to get it right and everyone else has unlimited opportunties to compromise your system.''
Bianco spoke Thursday morning during ``Internet '95,'' an iTRiBE-sponsored conference that ends this afternoon at the Waterside Marriott. The gathering brought together some of the biggest players in the information services industry for a three-day confab on everything from on-line advertising to Internet shopping.
Conspicuously absent was scheduled afternoon keynote speaker Marc Andreessen, co-founder of Netscape Communications, a supplier of perhaps the most popular Internet-navigating software. According to iTRiBE officials, Andreessen fell ill and remained in California.
In late September, Netscape's security systems were breached by two college students, who then went public with their exploits on the Internet. Although Netscape says it has corrected the problems that led to the unauthorized intrusion, the student's exploits helped focus national attention on the issue of computer security.
Safeguarding on-line systems is no easy matter, according to Bianco of iTRiBE. First, he says, any would-be providers must put up ``firewalls,'' specialized computers that check for and protect against intruders eager to snare secret information, such as passwords or credit card numbers.
Second, all data, no matter how minor, should be encrypted with special mathematical codes. Otherwise, thieves can slowly build a detailed picture of operating and security systems that could eventually spell disaster for companies or institutions.
``You don't want Joe Schmoe from the local university logging into your servers and workstations and reading your files,'' Bianco said. ``Keep them away from your computers.''
Often overlooked, but just as important, he added, are physical safeguards that limit access to computers and phone lines. Some companies are reluctant to impose such limitations, for fear of freezing out employees, but they are essential, Bianco contended.
Some data pirates are shameless and will pass themselves off as telephone repair people or maintenance workers to gain access to core systems.
Ironically, even as the need for data protection increases, Bianco predicted the daily use of passwords will dramatically decline.
``Passwords are coming to the end of their usefulness,'' he said. ``It's like memorizing Herman Melville. You can't. If your password leaks out, you're screwed.''
Taking the place of passwords may be mathematically derived procedures. One, known as a ``zero knowledge proof,'' is a complex means of setting up a one-use-only dictionary of words linked to passcodes. The passcodes, however, do not have to be directly used to gain access.
Not all of Bianco's three dozen listeners were persuaded by his anxieties. One, Rick Hauser, a former naval intelligence officer and president of Agent Knowledgebase Associates in Virginia Beach, didn't seem concerned about on-line incursions.
``The security issue is overblown. How many people do you see using secure telephones?'' he said. ``I don't see a need for computer security. Everything I do is public information. There's nothing to protect.''
Agreeing with Hauser was IBM marketing specialist Claude Wilson, who works in Bethesda, Md. Wilson said that ``security is not that big of a deal'' for most Internet users.
Bianco wasn't deterred by such arguments. It is far better, he believes, to expect trouble trekking across the electronic frontier.
``There are more hackers out there than ever,'' Bianco said. ``It's just human nature, to try to exploit weaknesses. If it (a breach) hasn't happened to you yet, it probably will.'' ILLUSTRATION: Color photos by Bill Tiernan, Staff
The band Everything prepares for its Thursday afternoon concert to
be carried on the Internet. The computer concert was part of the
Internet '95 conference held at the Norfolk Marriott Waterside.
Behind the band is a projection of a computer screen.
David Bianco of iTRiBE...
by CNB