Magazine

Can We Make Computers Safe?


Homogeneous computer networks, like homogeneous populations of plants and animals, are at a higher risk of infection than heterogeneous networks ("Epidemic," Cover Story, Sept. 8). Unfortunately for many businesses, their corporate networks were built nearly exclusively from Intel (INTC) Corp.-based PCs and servers running variants of the Windows operating system. This produces an environment receptive to infection and to the nefarious programmers who write "viruses."

Obviously, a network running multiple operating systems upon multiple hardware architectures would not be immune to infection. However, the effects would be mitigated. Cyberdiversity, like biodiversity, produces a more resilient distributed system. It is also one part of a possible total solution that can be implemented immediately. Most businesses probably cannot replace their Windows-over-Intel network, but they can diversify.

Gregory L. Opp

Hudson, Mass.

While spam and e-mail viruses have mostly been a nuisance so far, the potential threat is far more sinister. The next major terrorist act may not be bombs or planes flying into skyscrapers but cyberhacking into the nation's businesses to access funds and information. So much of our nation's business is conducted on the Internet, with relatively little protection against fanatically committed international criminals with the motive and incentive to rob our banks, raid our investments, and divert money from all manner of retirement funds and other accounts.

With all the Administration's rhetoric about homeland security, I don't hear many ideas in regards to protecting our financial resources from this kind of threat.

Linda Umstead

Mililani, Hawaii

Your writers failed to emphasize the most important party responsible for the failures of Microsoft (MSFT) Corp. and other companies to provide adequate security in the products they market: the customer. How many businesses or individuals include security in their selection criteria for computer and network hardware and software? How many companies have fully competent security staffs that report to executives with sufficient authority to control the security architecture and administration of their networks? Why should Microsoft or any other vendor attempt to deliver what the market does not ask for or buy?

In that regard, the market for computer-network security is similar to the market for auto-safety devices and design. It will require federal legislation for needed computer and network accountability and security controls. The technology to make computers and networks more secure exists, but few are willing to pay for it.

Dayle Collins

Warsaw, Va.

Remember, without a "host," a virus cannot reproduce and spread. An analogy in the physical world would be if carmakers put a button on the outside of every vehicle that was not marked but if pressed would prevent the vehicle from starting until another button in the engine compartment was pushed. If these buttons existed, petty pranksters would run around mall parking lots and press them every day, just to be a nuisance. Of course, the federal government would step in and require the auto makers to remove the buttons. Microsoft has buttons in the form of security holes all over its software, and the virus makers just press the "buttons."

Steve Kohler

Suwanee, Ga.

Your story states that Linux and Mac OS X are not inherently more secure than Windows. But they are, indeed -- because they have not been designed to maximize convenience at the expense of security. My last security breach on a Linux box was around 1998, and I'm not particularly aggressive about applying patches.

Trying to secure Windows is an almost daily battle. The fact that Linux costs a lot less is just icing on the cake.

Robert Weiler

Mill Valley, Calif. "Viruses and spam: Time to fight back" (Editorials, Sept. 8) was off base in calling the battle against spam "the easy part." A do-not-e-mail registry is not the magic solution to the spam problem -- and marketers aren't the only ones who are saying this. While your editorial calls on the Federal Trade Commission to create such a registry, the FTC is in fact on record as one of the staunchest opponents of the concept. This is because spammers, who already violate many existing laws, show no signs that they would suddenly comply with a do-not-spam list.

Taming the onslaught will require a multipronged approach, including tough new laws, stepped-up law enforcement, anti-spam technology, and tough industry self-regulation.

H. Robert Wientzen

President & CEO

Direct Marketing Assn.

New York

"Viruses and spam: Time to fight back" suggests that Washington replicate its popular donotcall.gov registry with a donotspam.gov site, allowing consumers to receive e-mail only from chosen retailers and marketers. This shows a lack of understanding of how spam works. This idea would be extremely popular with spammers, since it gives them the opportunity to harvest e-mail addresses from this site and spam them from outside U.S. jurisdiction.

Ralph Birnbaum

Modi'in, Israel These technophobic oligopolists, as you call them, will undoubtedly win the legal battle ("Music pirates, you're sunk," News: Analysis & Commentary, Sept. 8). But then, their enraged customers will turn on them and put them out of business. Or at least make them pay, big time. Can you imagine what will happen if the college campuses of this country decide to attack these companies using the very technology from which they cower? Any average college campus has enough local talent to organize an instant worldwide boycott. And that's even without doing anything illegal. Imagine if hackers decide to take on the music companies.

Neal M. Grolnic

Driftwood, Tex. I am a pension actuary with 27 years' experience working with traditional defined-benefit pension plans. In "The great American pension-fund robbery" (Economic Viewpoint, Sept. 8), Robert Kuttner, though not exaggerating the underfunding problem of these plans, clearly implies that pension plans are being "looted" by their sponsors. This is simply not possible, as plan assets are held in trust and cannot be diverted to the company's "bottom line."

Converting from a traditional defined-benefit plan to a cash-balance plan has nothing to do with "raiding" plan assets. First of all, there is no "tax penalty" from terminating a pension plan, so this has nothing to do with a company's reason for converting to a cash-balance plan. Remember, any pension plan is voluntary from the beginning. And while a new cash-balance plan may provide less in projected benefits than employees' former plan, it is always better than no plan at all. Also, benefits that are already accrued can never be taken away.

Changing the status of a group of employees to independent contractors is an Internal Revenue Service matter. If it happens, the employees keep any benefits accrued; no "looting" of pension assets results.

Allen Green

Oregon House, Calif. In "This California wildfire is sure to singe the White House" (Washington Outlook, Sept. 8), Richard S. Dunham states that, if elected, Cruz Bustamante would be the first Latino governor of California. In fact, California has had many Latino governors, the last being Governor Romualdo Pacheco, who served from February to December, 1875.

Susan J. Lacey

Coral Gables, Fla. Re "Jobs are scarce. B-schools should get used to it" (Management, Sept. 1): The trend of recruiting students in October and November for start dates the following August was created by the business world, not business schools. Why? Competition for the best candidates. The hiring frenzy of the late '90s drove these recruiting dates earlier each year. Competition got so fierce that students were being hired before graduation and offered signing bonuses.

We all know the economy will turn around soon and that the need for qualified candidates will once again rise. We in career-services offices know that organizations that reach out and maintain a solid on-campus presence will attract the top candidates. Nothing will replace face-to-face relationship-building.

Michael C. Deragisch

Employer Relations Coordinator

University of Colorado

Boulder, Colo.


Ebola Rising
LIMITED-TIME OFFER SUBSCRIBE NOW
 
blog comments powered by Disqus