The Silicon Jungle - David H. Rothman

1. Burden programmers and others with electronic versions of heavy padlocks.

2. Keep their computer systems easy to use—and vulnerable. (“Then you’re going to get raped.”)

3. Compromise. (“You get half raped.”)

Baird doesn’t blame just the manufacturers for some computers’ sievelike leaks. “Business isn’t willing to pay the price to secure systems,” he says—a complaint echoed in effect by the Computer and Business Equipment Manufacturers Association (CBEMA). It acknowledges the present clash between security and ease of use of computer systems. “If a computer could be designed with various levels of security as options, computer security might well be a marketable commodity,” said a statement from CBEMA to a trade magazine. In recent years there has been much more research in this area, and when 32-bit micros become the norm, it will be much easier to beef up security.

When crimes do happen on existing systems, they’re often covered up by top executives panicky over going to court or jail.

How’d you like to be the chairman of a corporation faced with an ugly data-security scandal—and the possibility of a stockholders suit? You needn’t be in the scandal personally. Your stockholders could charge you with malfeasance, if not misfeasance, for letting it happen. So could the Securities and Exchange Commission and other feds. When companies hush up computer crimes, it’s not necessarily for high-minded reasons such as protecting assets by playing down vulnerability to electronic crime. Consider Baird’s experiences.

Called to a New England firm to do routine theft prevention, Baird merrily put himself on the payroll—not to steal but to demonstrate system weaknesses.

“I also,” he says, “nicked the vice-president for participating in a $400,000-a-year kickback.”

At another company, an accounting firm did the books at year’s end and had to make an adjustment of $1.2 million. “Then,” said Baird, “we went in some more and really did a number on that company. And we came up with $4.5 million in proven losses. And it all had to do with their computer system.”

But, you’re wondering, how about that crook who stole $8 million and got away with it?