April 2004 - Posts
Today's teenagers and preteens grew up with computers around them, and consequently many of them are far more skilled than their parents in making the machines do their bidding. The teen hacker is legend, and we often take it for granted that the kids are masters of the Internet.
When it comes to security, though, youthful illusions of invulnerability, impatience and recklessness frequently take over. Just as many members of their parents' generation put themselves at risk in the 60s and 70s with their “if it feels good, do it” attitude, many of today's young people put their computers (and the LANs to which they're attached) at risk with their “if it looks good, download it” philosophy.
Now someone has come along and written a book on computer security directed specifically at teens. My own children were teenagers not so long ago (my youngest turns 21 this summer), so I was glad to see that Dan Appleman and Apress Publishing were addressing this relatively neglected topic. The name of the book, Always Use Protection: A Teen's Guide to Safe Computing, might make us fortysomethings cringe a little, but it's just the sort of double meaning that will get the attention of those in the target audience. I haven't had a chance to read the book yet, but the easy, conversational tone of the Introduction (online at http://www.alwaysuseprotection.com/book/intro/Intro.htm) shows promise. I have a copy on the way, and hope to review it here soon.
The Senate has spoken, voting by a huge majority for the McCain bill that only extends the Internet tax moratorium for 4 years, rather than permanently as proposed by Senators Allen and Wyden. Another difference between the two is that the McCain bill allows states that were already taxing Internet access to continue to do so, while Allen/Wyden's would have changed that.
The bill passed by the House of Representatives last September imposed a permanent ban on such taxes and ended the grandfather clause. Now we'll see what happens as the two branches of Congress attempt to come to a compromise.
The U.S. tax moratorium on Internet access services that expired last November is back in the news again, as Congress prepares to vote this week on whether and how to reinstate the moratorium. What does that mean to the average Internet user? The original moratorium prohibited states and localities from taxing ISP fees - well, at least some states were prohibited.
What? You say you've been paying taxes on your ISP bills all along? Maybe you live in a state that was “grandfathered in.“ Those states that were already taxing Internet access before the moratorium was passed were exempt from the law; the exempt states include Texas, Colorado, South Dakota, Ohio, Washington and Wisconsin.
The purpose of that original Internet Tax Freedom Act, which was enacted in 1998, was to encourage the growth of the Internet. Apparently it did its job! :) Of course, that law only applied to dialup services, since broadband was only a glint in the telcos' and cable companies' eyes back then.
One of the new bills that Congress is considering, sponsored by Senator George Allen (R-VA) and Senator Ron Wyden (D-OR), makes the moratorium permanent. It prohibits taxation on DSL and “future telecommunications” services, and requires that states with Internet taxes already in place have to phase them out.
As you can imagine, state governments are not in favor of the moratorium, as they see a nice chunk of potential revenue slipping out of their grasp. A “compromise” bill is also under consideration, which only extends the moratorium for two years and allows states that are already taxing Internet access to continue doing so. The new bill also allows taxes that would be paid by the ISP rather than the consumer -- although of course the consumer will indirectly pay when the ISPs raise their rates in order to pay the taxes.
What does all this have to do with security? Not a lot, at least directly. On the other hand, the security of the “Home LAN” - as well as the business LAN - becomes a bit of a moot point if we can't afford to connect our networks to the Internet in the first place. Granted, we would see far fewer intrusions, attacks and viruses that way.
As always when lawmakers decide to try to take the Internet into their own hands, we'll be watching this one with interest, from deep in the heart of Taxes - er, Texas.
Although I've been involved with computers since the 70s and have been “living online” (where I met my husband, Tom Shinder, in 1994) for well over a decade, until recently I resisted the blogging trend. Too much to do, too little time. I wasn't convinced it was the best format for disseminating professional information, and the last thing I needed was another addictive time-waster, a la Internet chat and some mailing lists with which I've carried on love-hate relationships over the years.
Obviously (based on the fact that you're reading this), I've changed - or at least opened - my mind. In part, that's because of the many professional blogs on the msmvps.com site.
I intend to post here at least weekly. Although I'll address all sorts of issues related to Microsoft networking, networking in general, and technology as a whole, I expect to focus on Windows security issues and especially the growing subcategory of “home LAN security.” More and more users are setting up sophisticated home networks that rival those of many businesses, going way beyond the typical two or three computer peer-to-peer network to implement Windows domains, edge (rather than host-based) firewalls, their own Web and FTP servers, and server products such as SQL, SPS and the like usually thought of only in connection with business networks. Many of those users are not sure what they need in terms of security.
The blog will consist of personal experiences, links to articles, reviews of security-related books, articles and events and random thoughts about the evolution of network security.
Who am I? Setting the philosophical implications of the question aside, it's always good to know a little bit about the person who's writing what you're reading. I'm a former police officer and college criminal justice instructor/computer hobbyist turned professional IT consultant, author and speaker. I'm married to a former neurologist/computer hobbyist turned (you guessed it) professional IT consultant, author and speaker. We did the mid-life career change shuffle together in the mid-90s, earned our MCSEs, started our business, and created a new, technology-centric life. I've written two books on my own, Scene of the Cybercrime (published by Syngress Publishing) and Computer Networking Essentials (published by Cisco Press). I've co-authored, contributed to and/or edited over twenty more books, published hundreds of articles and whitepapers, done contract product documentation and marketing material for Microsoft and other software companies, spoken at conferences such as BlackHat U.S.A., and edited several technology newsletters. I currently edit WinXPNews at www.winxpnews.com. If you want to know even more about me, see my Web sites at www.shinder.net and www.debshinder.com.
I look forward to sharing a few insights and, I hope, helping a few readers make their networks more secure in these high-risk times. Thanks for reading!