I am a staunch defender of what I call the average computer user, but I wonder whether it's time to change my tune.
Take this report from the New York Times: Law enforcement authorities are noticing a rise in the counterfeiting of U.S. postal money orders, with the victims getting hooked through e-mail. "In the last six months, the F.B.I. and postal inspectors say, international forgers -- mostly in Nigeria, but also in Ghana and Eastern Europe -- appear to have turned new attention to the United States postal money order," the Times reported. "More than 3,700 counterfeit postal money orders were intercepted from October to December, exceeding the total for the previous 12 months, according to postal inspectors."
The paper cites the case of 56-year-old Manhattan business consultant Kevin McCrary, who sent a $1,500 laptop to someone he met at an online dating service who claimed to be a Nigerian woman named Ogisi Douglas. He received two postal money orders for $950 each and sent the computer to Nigeria. He deposited the orders at a J.P. Morgan Chase branch. Later, when the process began again, he tried to cash them at a post office, where officials told him they were faked.
I've written lots about how the average computer user doesn't care much about how many gigs of memory his computer has. He just wants to know whether it works fast enough to surf the Internet. The average user probably isn't too sure what "defragging" is all about, and I've always said that he shouldn't have to. There are a million other terms that form the basic computer lexicon, but what most computer users want to know is how to turn a machine on and off and how to do the things they bought a computer for in the first place.
But average users need to do something else -- get familiar with protecting their computers against outside threats and do it now. I don't mean burglars coming in through their windows, I mean online thieves coming in through their Windows. For several years now, the rate of identity theft, virus and worms attacks and straight-up online theft of credit cards and other financial data has risen exponentially. The Times piece reminds us that online crime is hot because most computer users still don't realize that they're sitting ducks.
Back to poor Kevin McCrary, who told the Times: "I felt, obviously, a bit foolish for not listening to those little voices that say: 'Something's not quite right here. You don't have all the information on this person.' "
McCrary lost in the end -- he had to eat the cost of the money orders. That's bad enough, but for other people it gets even hairier. Among them, the Times reported, is Phil Barone, who sells hand-made saxophone mouthpieces online. He tried to cash three fake $1,000 money orders sent by a customer in Nigeria. The authorities searched his car and his home, suspecting that he might be part of a scheme to make a profit off the counterfeit orders. Authorities have already put a stop to similar schemes. Christopher R. Zeblisky, for example, was arrested in Wisconsin for trying to cash in on $8,000 in fake orders.
McCrary's words to the Times were eloquent in their simplicity: "I couldn't reach around far enough to kick myself." That kind of chagrin only happens to those who realize they were taken by tricks they should have seen coming. What is astounding, however, is that you can't call McCrary stupid or naive unless you're willing to paint a lot of other people you otherwise respect with that brush.
This is the root of the argument I often get into with techies. Many harbor contempt for the saps who fall prey to the spam e-mails promising preternatural sexual prowess, weight loss without working out and all manner of other come-ons that have beguiled and disappointed the unwary since the first snake-oil salesman set up his tent thousands of years ago. I have always maintained that we need to give Internet users more of a break. People have flocked online in the past 10 years precisely because they discovered that they don't need a computer science degree to have fun and do great work on the Internet. It makes sense that the Internet service providers and other stewards of our online experience should do their part to protect people from online danger.
But I need to modify that point of view. Everyone should know by now that we should never trust e-mail, mobile phone messages or instant messages from strangers who want to deal with our money. If you don't know the source, delete immediately. Some of you will be yawning by now because you know this already, but the Times piece points out a tragic reality that criminals know well already -- a sucker signs on to the 'Net every minute.
Bovine Security
Lots of Internet security experts have unloaded heavy artillery on the technology industry for taking too lax an approach toward computer security, with Microsoft Corp. often taking the most fire. The company's newest version of Windows, code-named "Longhorn," will contain enhanced Internet security features, according to Microsoft's Bill Gates.
Gates, who appeared at the Windows Hardware Engineering Conference in Seattle yesterday, said that the new Windows version will "make use of cryptographic keys stored in chips built into a PC for the first time," the BBC reported. "Such encryption features are usually kept as data on a hard drive. Having encryption keys actually on a chip makes it harder for data to be compromised through hack attacks."
