[Random-bits] Howie Mirkin on ISPs, Hacking and firewalls

James Love love@cptech.org
Tue, 01 Feb 2000 13:43:22 -0500 

Howie lives in Thailand, and sent this last week, regarding
the always on / Hacking issue.   Jamie

----------
Date: Mon, 24 Jan 2000 11:02:09 +0700
To: random-bits@venice.essential.org
From: Howie Mirkin <howiem@actions.net>
Subject: Re: Random-bits digest, Vol 1 #18 - Always On, hacking,
  forewalls, etc

I'm not going to try and pretend to be all knowledgeable in these matters, 
but my prior navy communications background does make me a bit paranoid 
about having some kind of protection against hackers.
While I agree with the gentleman who said that most "hacking" seems to be 
merely people playing around with scanners.  However, there are hackers out 
there who are malicious, so if we leave ourselves unprotected we are at 
risk.  Realizing that "better safe than sorry" has some budget constraints, 
I would recommend that anyone in doubt get the program Black ice defender 
for their PC or home network.  http://www.networkice.com
This is not a fire-wall because, as I understand fire-walls, they are used 
to filter out unwanted information.  Black ice defender (and there are 
similar programs out there) is a blocker, which prevents unauthorized 
intrusions (some intrusions are necessary as I found out the hard way when 
I blocked out every intrusion Black ice defender recorded and then denied 
myself access to the Internet).  Black ice Defender costs about 
US$40.00.  I get about 6-8 ATTEMPTED intrusions every time I am on line, 
which is about 4-6 hours per day.  Since I do research work it can be very 
distracting and time consuming to have to stop work, do an ISP lookup and 
then report the intruder to their serving ISP.
I believe a good test is to go to the Gibson Research web site 
(http://www.grc.com) , download the small test program and get one's ports 
probed.  I did this before and after I loaded Black ice and there was a 
vast difference in the results.
However, Black Ice does have some inconvenience in the ability to extract 
reporting information, but to solve this I would recommend Clear Ice 
(http://www.clariondeveloper.com/ which expedites the reporting 
procedure.  The latest download version 2.0 costs $20.00.

As for always on, I would always be on line if I could get a flat rate, but 
I live in Thailand (and appreciate the views on compulsory licensing, by 
the way), and instead of about $9.95 per month, it costs more like 
$0.85-$1.35 per hour, quite steep, although the rates should be improving 
in the next few months.

In my view everyone should have the capability to block out potentially 
harmful intrusions, as well as being able to filter out unwanted 
information.  But I think that this may be difficult for computer suppliers 
to do so at this time because keeping up with all the technology changes is 
virtually impossible.  Why?  because the possibility of legal action is 
always present, say, if someone steals credit card information from a 
computer and runs up high bills, can one blame the computer seller?  In the 
USA it would probably end up that way as we have too many Clintonesque 
lawyers.  I think it will be very likely in the future that even when a 
computer sales shop sells anti-virus software with their product they will 
become liable for virus damage if they do not train the user in updating 
the software.  Then we can sue the software makers and the computer 
companies and really have a good time making the lawyers richer.
I believe that it is the individual who must take some actions on their own 
part to protect themselves, and not depend on others to protect them from 
everything.  In a country where one can sue and win because they got burned 
by ironing their clothes while they were wearing them (recent report from 
CNN) , people want someone else to protect them from everything.
So be thankful that you can be online all the time for $9.95/month to 
$19.95 a month and take some time to learn a bit about how to protect 
yourself.

Howie Mirkin
Bangkok



-- 
James Love, Consumer Project on Technology
P.O. Box 19367        | http://www.cptech.org
Washington, DC 20036  | mailto:love@cptech.org
Voice 1.202.387.8030  | fax 1.202.387.8030