Edtec 596: Module 9: Connect

Session #9: Technology Security: Internal and External

In this section..

We're going to first cover the issue of child safety by exploring concepts that will act as a foundation and help you navigate through the details of this issue.

Why Is It an Issue?
Wetware Over Software
The Hacker Mentality
Sources of Trouble
Software
Firewalls
Viruses
Theft

Why Is It an Issue?

First we need to understand what is driving this issue. The simple answer is increased communication. Computers that are not hooked up to a network are not much of a threat to users. However, when you connect a computer to other computers you are now exposed to the people behind those other computers. This point is important -- it's not the computers, it's the people using them that can become a problem. And there have been a few bad people who have done, and continue to attempt to do, bad things to children over the Internet. The numbers are small when compared with threats to children over the phone, mail, and in person, but the media coverage is big.

Reason number two is that we live in a market driven, democratic society with a constitution that protects free speech. One of the prices for this is that we have to let people say, show, and do things that we just flat out think are wrong.

The third reason is that we are living amid a transition from an industrial society to an techno/information society. The previous transition from an agricultural to industrial society was marked by tumultuous decades of confusion and adaptation as gardens were turned into factories and mass production replaced hand crafting. We are living in the middle of a similar transition as large greasy steel machines are replaced with wafer thin chips and wires.

Fourth and last is that because of this transition to a new society, the safeguards we had built up to protect students in the industrial age are gone. It took a long time to make those safeguards, like digging moats around a school house to keep the infidels out, and now we have to dig new moats. What we are facing is quite simply the fact that our formally isolated school houses, places where nothing got into the classroom without being screened, edited, and double checked for content, have now been hooked up to billions of bits of almost completely unedited content from the entire world! While we learn how to live in this new world we have to establish the same safeguards that we did for students in the industrial era. That took time, so will creating safe environments for students in the techno/informational era. It will be a rough ride for at least the next 10 years as we learn how to live in this new world.

Wetware Over Software

Here's the bottom line on child safety. Do not rely on a quick fix from filtering software or any other technical solution. Television is a second rate babysitter, and filtering software is also second best for protecting children.

Filtering software programs are merely tools to help humans do their jobs. The job in this case is for teachers, librarians, and lab monitors to use their wetware (brain) over software.

The best defense against harmful material and situations affecting children is designing structured activities monitored by adults. Just as TVs in classrooms are not there for open channel surfing, computers hooked up to the Net are not there for open Net surfing either. While the Net is more open to exploration and research then TV, these activities need to be monitored.

Examples of structured activities include email exchange programs, like Keypals, with other classrooms across the world, WebQuests which structure research using controlled sites, and social activities within controlled kid sites like KIDLINK.

This is not to say kids should never run free on the Net, just that they shouldn't do it without being monitored in some way, even if that means just turning the screens in a lab so adults can see what is going on.

Use your wetware, after all it's still the most intelligent computer we've got (at least for now).

The Hacker Mentality

The hacker mentality is important to understand. Hackers are people who love to figure out, usually obsessively, how computers work and what they can do with them. Any obstacle (read "security barrier") represents an instant challenge to these kids. We have all seen stories in the news about some 12 year old who got his hands on obscene pictures against all obstacles. What we are not told is that these kids are often hackers. We are also not told that they did it primarily because "it was there," the actual viewing of the pictures was a nice byproduct, but not the point. Kids who ONLY want to see pictures usually don't have skills to get to them.

If you install filtering software be prepared for some kids to render it completely useless within weeks. If you notice this happening, try to work with the kid and have them report to you if they break the software. In a sense you can have the hackers in class be the testers of your filtering software!

As an administrator it is important to keep an eye on hackers, but it's futile to try to stop them..You'll probably lose. Remember, kids have no fear and lots of time, and can learn about computers 10 times faster than you or me. The thing to do with hackers is to RECHANNEL their energy into other challenging pursuits, such as redirecting corporate funds to school accounts.. kidding!

Sources of Trouble

So where is all this trouble lurking?

One of the biggest repositories of truly bad stuff resides in newsgroups with names like alt.sex.bestiality. A newsgroup is a publicly accessible conference originally intended, and still primarily used for, discussion. The major sections of newsgroups are named things like "rec.arts.movies" the Rec. is recreation, "comp" would be for computers. Each group in a major category like this was created by a voting process. Where it gets interesting is in groups with the "Alt." tag. This is a sign that the newsgroup is able to be created by anybody without any voting for ANY kind of group they want, like "alt.sex.bestiality".

The problem with explicit material came about when someone figured out how to translate pictures into text and attach them to newsgroup postings. Then someone else figured out how to have newsgroup reading software decode such attachments. Newsgroups pose an interesting challenge because unlike a Web site, things are posted that do not go through a Webmaster and there is no password or money barriers to most newsgroups.

Filtering software that blocks newgroups with key words in them is fairly effective, but where there's a will, there's always a way.

The Web used to be a lot worse then it is, but now after crackdowns like the CDA (Communications Decency Act, an act put into law by an uninformed Clinton administration that was struck down by an informed Supreme Court) and adoption of ID cards and voluntary registration of sites with security software, it's a lot tamer. Cheesecake, "R+", and some harder stuff is still out there for motivated, but not prevalent. Most adult sites are password protected and often need ID cards and money to get in.

It is important to remember that even though the CDA was struck down, child pornography laws still apply to the Net as they always have.

Chat rooms. There is no reason kids at school should be in public chat rooms, but they sometimes get into them at home. The danger here is when predators attempt to set up face to face meetings with kids. This is extremely rare, but has happened. The simple solution from a school perspective is to not allow ANY unsupervised physical meetings between Net friends.

Software

Most filtering software works on a keyword database principle. By having a catalog of words like "sex" as well as a list of known bad sites and areas, a user is limited to only "safe" sites. No filtering software can, or does, guarantee complete protection. New sites are spawned hourly, and some don't have words.

At about the same rate, companies and other organizations are generating new kinds of filtering software.

GuardiaNet is a proxy server solution for home PC use that only lets kids surf pre-screened sites and prevents hackers (for now) from doing end runs because it is server based and pre-screened. By moving the screening software off a PC that a kid uses, to a server, hacking is a lot tougher.

Another technology on the horizon uses a database of basic shapes and curves to censor pictures before they appear on the screen. So you can get all the smut you want, you'll just see black "tape" over all the censored parts.

But whatever the capabilities of the software, it is only a tool used by humans to help keep kids safe. It's not a solution by itself.

Here's a rundown of some of the popular filtering software programs. Check out this June, 1997 CNET story entitled "Technology no panacea" for more details on software blocking programs' effectiveness.

InterGO Inc.: A made for the classroom application that functions as a way of controlling research on the Net. Each student can have a password and ID and have different levels of access to different sites on the Net.

http://www.teachersoft.com/

SafeSearch: On the fly ratings of sites

http://www.safesearch.com/

Cyber Patrol (Mac/PC) More home based but widely used and popular app. Monitors all activity on your computer and keeps an eye out for access to sites in its "CyberNOT" database.

Microsystems Software
http://www.cyberpatrol.com/

Surfwatch Mac/PC One of the first and most popular filtering software packages. Monthly updated database of sites and school discounts available.

http://www.surfwatch.com/

iscreen NetView communications keeps track of potentially objectionable sites and and provides passwords and IDs for tailored accounts and usage. Overriding is possible for different communities and cultural settings.

http://view.planetweb.com/cust/ss_lvl1.html

Example of Cutting Edge News:

Russian browser that filters.
http://www.wired.com/news/news/technology/story/2787.html

New Proxy server based security software.
http://www.wired.com/news/news/technology/story/5167.html

Firewalls:

Firewalls are computers that are dedicated to acting as a barrier between your network and the Internet. For Macs, firewalls are less important then for WinTel PCs.

Firewalls are used mainly to protect a corporation's network from unauthorized access by the outside world, including corporate hackers. Schools use them for similar purposes.

Viruses

The issue of computer viruses is surrounded by almost as much misinformation as is Internet safety.

Popular perception is that whole armies of evil hackers are out there making viruses to try and destroy your computer. This is simply not true. The vast majority of viruses are created by computer hackers who simply want to get noticed, like kids who spray paint graffiti but are not out to burn the building.

It's highly likely that you have received a frantic warning from a friend about a virus being passed around via email. These have names like "Good Times" and are complete hoaxes. Yes, hoaxes! A clue is often the mention of the FCC, which has nothing to do with virus control.

OK, I sort of lied, these hoax viruses are, in fact, "viruses," but they are just email viruses that thrive and spread on people's compassion for their fellow computer uses. Instead of doing anything to your computer, these email viruses simply annoy you and your friends and make you appear like a panicky computer newbie. Which, if you pass such warnings on without checking their validity, is exactly what you are (see extend area for how to do this on the Web). It is currently not possible to get a virus by opening and reading an email message.

Attachments are a different story. While it is extremely rare to get a truly evil virus from an attachment, it is possible. The most common virus that travels by attachment is the Microsoft Macro virus family that changes Microsoft Word documents into templates. Even this virus does not usually destroy any data.

It's always a good idea to install virus protection software on desktop computers, and it's a must for a LAN. There are free programs (such as Disinfectant) and more potent, feature-rich commercial programs such as Semantic Virex. Once loaded, virus software should be configured to scan floppies and other external drives, downloads, as well as the hard drive, regularly. Updates to the virus software should be downloaded often.

Theft

Last but not least, there is always the danger of simple theft of hardware. We'll deal with software piracy in another session, but as with any expensive machinery in any school, computers are susceptible to theft.

Computers themselves are big enough to make petty theft pretty hard, but smaller external devices, floppy disks, software and such is easier to steal. Solutions here are much simpler then with child safety.

Lock all software, manuals and disks in a cabinet. Require collateral for check out and log it in a book.

Use security cables for all small external devices.

Keep the lab locked up tight when not in use.

Do not allow any food or drink in the lab (one spill can rob your lab of a computer).

Page authors: Caleb Clark and Bob Hoffman
URL: edweb.sdsu.edu/courses/edtec596r/module9/Connect.html
Last updated: February 13, 1998