Download PDF

I was once forwarded "Harmless Strategies", a newsletter filled with tips and tricks that dealt with security and privacy in the internet age. Not only was the newsletter well written and full of info that proved invaluable, it had a raw, human touch to it.

I was also surprised by it's frankness and honesty. Here is someone original and using the internet for what it should be used for: spreading the word and keeping people informed. I asked Tom a couple of questions.

Your Mailing list, Harmless Strategies was originally forwarded to me by a friend and since then became required reading. What was the origins of the list?
My newsletter started out in August of 1998 as a way to keep in touch with all my members from the Harmless Strategies and the UnderNet. I reasoned that if I had to write a weekly letter, then I may as well make it public and invite subscribers from the general internet publication who could not afford to pay for membership but still needed the information.

Obviously you've been meddling and tinkering for some years. When and on which platform did you have your beginnings?
I started out in computers in college (1975) when we would write basic programs on "punch cards' and have them converted to magnetic tape by a company in Boston. When Tommy, my son was about eight years old, they came out with the Timex sinclair. It had 2 kilobytes of memory and used a tape recorder to keep our programs on. That was the beginning of writing software. We carried on through Radio Shacks "TRS80" and the subsequent generations leading up to the first 8080 processor. I use the windows OS now for my members and subscribers, and my son Tommy, is keeping with Linux and Unix. Hacking and cracking began as a way to afford software. Then it built up to becoming the director of an international group called the Undernet. I stayed with it for several years till the duties of running and contributing outweighed my time.

Is the internet still in its infancy or approaching its teenage years?
The internet is still in it's infancy. We have come a long way, but the road is very long. We are suffering from slow connections and massive commercialism. These things will begin to mature over the next few years. The commercial sector has fueled the growth but technology still has a long way to go before we see it's benefits.

Should one be increasingly paranoid beyond 2000?
I don't think it is a matter of being paranoid. It is becoming important to be aware and informed of what companies and governments are doing. Then it will be up to us to make sure we can stifle the flow of personal information. The decision to stop them is not going to become a legislative matter. Anyone who is informed, can stop them. There are lots of little tricks and "reversing" techniques. I call this type of consumer strategy "security by obscurity". It's a term used by some virus writers and security people to hide files by naming them obscure terms. The real saying the military used was "security through obscurity".

Allegedly (and I only say this so I don't get my ass sued), companies such as Aureate are beginning to add components to their products that do things with our internet connection that are not explained in their readme.txt. Aureate's ad software was embedded in programs such as Getright, Cute FTP and other highly downloaded free and shareware. Tom was the first to inform me of this.

Will the Aureate scandal put off other attempted privacy invaders or is it simply the beginning?
It is simply the beginning if the consumer uses their products anyway. I have seen several new companies already implementing their spyware in commercial packages. They will have to create a new category for these "advertiser supported products". if the consumer decides that they are not willing to trade off their privacy for crappy software, then that will be the end of it!

While its true Microsoft have a great deal to answer for, had Gates and co. been beneficial to the acceptance of computer technology to the average consumer?
Of course they have! I don't hate Microsoft. I hate their predatory business practices but they have done a lot to bring computers to the general public and they are doing a good job of that. Now, however, it's time to have other vendors providing operating systems. There will always be a place for them in teaching the beginner. Then you learn about freebsd and Linux and Unix.

Can Linux topple the win-beast?
No. Each has it's place and it's market.

What is the last book you didn't finish and why?
"Security by obscurity" is something I have been working on and off on for several years and it has been through several names. I'm hoping to finish it up this summer sometime. I have had a hard time trying to get it into a format that will make the average person interested enough to go on in the reversing field, yet not bore the hell out of the advanced programmers and system administrators which are a large portion of my members.

Should the internet be regulated?
Yes. By parents for their young children. No one else and no other situation is excusable for censorship. Censorship is wrong. No one should tell you what to learn!

What would you recommend to the intermediate user that wants to secure their machine against invasion?
I recommend a good firewall and an open source file encryption program. The answer to this question also depends on invasion from who or what as well. If you are invaded from within, then a good boot up protector like Jlock is necessary. Your selection of passwords is also an important factor in being secure. Also reading my newsletter and becoming am member of my site will go a great way toward preparing yourself against intruders!

Once again, thanks Tom!

For more information on the insights and interests of Canadian Tom, follow these URLs:

http://www.canadiantom.com

http://canadiantom.com/bruteforce/index.html

http://canadiantom.com/bruteforce/default.htm