On Computer Security and Public Trust

William Hugh Murray

• On the Role of the Computer
• On the Role of Cooperation and Collaboration
• On the Necessity for Trust
• Increased Vulnerability to Deviance
• Technology and Crime
• On Rude Behavior
• Effect of Computer Security on Social Trust
• The Cost of Security
• Security of Populations
• The Interesting Questions
• The Alternatives
• Conclusion

Increased Vulnerability to Deviance

All of the revolutions have been marked by an increase in the scale of cooperation, specialization, and harmony. It can be argued that the technologies were successful and widely adopted and applied precisely because they had this effect. Conversely, as the scale of cooperation and interdependence have grown, our vulnerability to the failure of the infrastructure or the deviant behavior of a few individuals has grown. This deviant behavior may result in fear, anxiety, and loss of trust and confidence that is out of all reasonable proportion to the amount of damage done.

Technology and Crime

Every new technology brings with it an opportunity for crime that did not exist before it. Piracy at sea came with the decked caravelle, safe-cracking with the vault, highway robbery with the stage coach, bank robbery with the automobile, and hi-jacking with the truck and airplane.

It would have been a surprise if the computer had been an exception to this rule. The computer is similar to this other technology in that the contribution to crime is a vanishingly small part of its total use. Its net effect on crime, after adjusting for the effect of computer based controls over paper based ones, has been to reduce it significantly over what it might otherwise have been.

We should not be surprised by computer crime, but we seem to be. In “The Great Train Robbery” Michael Crichton suggested that society is often offended by this new technology crime to the point of outrage.

Likewise, it should come as little surprise that, like the railroad, the automobile, and the telephone before it, the computer has been the subject of premature, if not preemptive, legislation. The politicians are certain that, somewhere in any dung heap, there must be a pony.

On Rude Behavior

Of course, the deviant behavior that offends and diminishes trust usually stops short of criminal. It is merely rude. Truly “criminal” behavior is rare and requires a high standard of proof. Rude behavior is much more common, and we know it when we see it.

Unlike most rude behavior, this behavior is not subject to common cultural or political controls. The computer is so novel that we have not arrived at any consensus about what behavior is to be tolerated. We have no songs, stories, or games designed to tell people how to use it.

Depending upon where you stand, you will have different ideas about which behavior is to be encouraged, which tolerated, and which is to be actively discouraged. Likewise, you will differ from others on the appropriate means.

For example, young people tend to see access to the computer network as an “entitlement.” Some of them believe that entitlement to be so fundamental that it should not be subject to control by authority. The administrators of that access believe the access to be contingent upon continued orderly behavior. Since they understand the vulnerability of their systems to disorderly behavior, they generally respond by attempting to isolate any such behavior, i.e., they suspend the user account or disable the terminal or line of origin. Not surprisingly, the young people see this as painful, arbitrary, punitive (rather than remedial), and excessive. While they refuse to amend their behavior, they argue that the only available and effective remedy, i.e., denying access, is simply too Draconian to be contemplated by a civilized society. Continued monitoring of what passes for dialog between these two armed camps gives me little hope for early reconciliation of these opposing views.

Not only are there disagreements between the generations, but also between nations. Recently, student hackers in the Netherlands have been attacking systems in the US, in part by employing resources in neighboring countries. The authorities of the University providing the resources for these “experiments” point out that the activity is “legal” in the Netherlands. They argue that the difficulty is with the security of the target systems. (Where have we heard that argument before?) When one suggests that, if not illegal, the attacks are at least rude, said authorities become defensive and indignant.

Now it should be pointed out that the current level of security in the network has worked reasonably well for more than a decade, is, as we have already noted, not subject to ready change and appropriate, perhaps even necessary, to the intended use.

Back to the top

Go to: Effect of Computer Security on Social Trust

Home > Research Resources > Computing Security > On Computer Security and Public Trust

HOME | IN THE NEWS | RESEARCH RESOURCES
TEACHING RESOURCES | STUDENT RESOURCES
LINKS | THE GALLERY | STAFF

The Research Center on Computing & Society
at Southern Connecticut State University
501 Crescent Street • New Haven, CT 06515
Director: (203) 392-6790 • e-mail: webmaster@computerethics.org

© 2000 – 2007 – Research Center on Computing & Society