Computer security experts have long known that a few ill-placed lines of computer code could bring the country to its knees. Since 9/11, protecting against this threat has gained additional urgency.
A panel of government and industry experts met at the Annenberg Center Oct. 3 to discuss the White House’s plans to strengthen computer security. Alfred Fitler Moore Professor of Telecommunications Systems David Farber moderated the discussion, which drew an audience of about 200 information-technology professionals and was simulcast over the Internet.
President Judith Rodin, in her remarks opening the meeting, fondly referred to Farber as “one of the most influential nerds in the United States.”
Howard A. Schmidt, vice chair of the President’s Critical Infrastructure Protection Board, outlined the government’s information security strategy. For the average home computer user, he said, the government’s main goal was providing education on how to protect computers from malicious attack.
Schmidt stated that there were a number of sites that offered free tools to check for and fix vulnerabilities.
Federal Trade Commissioner Orson Swindle said only individuals could “create a culture of security in this country” much as they now routinely fasten car seat belts.
Audience member Vasilis Prevelakis, assistant professor of mathematics and computer science at Drexel, challenged this notion, pointing out that laws had to be passed and enforced before seat belt use became widespread. He also criticized efforts to quash laws to hold software companies responsible for problems arising from sloppy coding, saying, “A ‘let the market decide’ approach doesn’t work when you have one company that has a de facto monopoly”—a veiled swipe at Microsoft, which actually led Farber to defend the company’s efforts to make its software more attack-proof. Farber had testified on the side of the U.S. government in its antitrust suit against Microsoft.
For information and resources for personal computer security, visit www.ftc.gov/bcp/conline/edcams/infosecurity on the Web.
Originally published on October 17, 2002